The "secure" BB10 OS is not great at establishing secure connections because it uses dated protocols
- You are really right, ofutur ! Thank you !
And one more time we have to wait that TLS 1.2 is integrated
and all unsecure/dated protocols would be removed. ( Or left at the end of the row )
I really hope BlackBerry would do this IN TIME, NOW ! With the next Official OS Update or whatever.
I was wondering about that old TLS a long time, but many BlackBerry "Lovers" here are very disappointed if one awakes them of their "Super transparent HiSec Dream".
This thread is full of blanket statements about vulnerability based on versions that straight up ignore possible mitigation that has been implemented by BlackBerry.
Posted via CB1009-28-14 06:41 PMLike 0 - So after wading through this 9 page thread, here are my conclusions as a lay person...feel free to correct any misconceptions I may have.
1. The most secure browsing platform i have is Abrowser on the Trisquel/BSD 6 LTS release i am running on my desktop. I should do all my online shopping, online banking, and online trading on this.
2. The least secure browsing platform I have is the blackberry playbook which offers no OpenVPN, no TLS beyond 1.0, no certificate revocation checking.
3. Our Z10 and ipad2 running iOS 8 fall somewhere in between offering no certificate revocation checking but do offer TLS 1.2 compatibility.
4. I should just cancel my data plans and put our sims back in motorola krazrs.
I am kidding about that last one. Kind of.09-28-14 10:27 PMLike 0 - Little more digging around: I tested the PlayBook native browser, origami, dolphin, and maxthon as well as the Z10's native browser and evolution on the revoked.grc.com website. All loaded the page (which is to say that they failed the test).
Opera mobile (android version running on the z10) actually correctly rejected the website and would not load it. This is the only mobile browser that I found in my short testing tonight that passed.
On the ipad (iOs 8) the native browser, mercury and Opera *Mini* all loaded the page and failed the test. I could not find opera mobile in the iOs app store.
Posted via CB1009-28-14 11:13 PMLike 0 - Certificate revocation checking is a difficult problem for mobile devices because downloading the revocation lists consumes a lot of data. I'm surprised some Opera installations didn't catch the rejected certificate. The mobile version has the ability to request the page through their server which will compress the data, and is in a better position to check the certificate. Of course this comes with its own security and privacy issues and may be turned off in some of your installations.
Google Chrome doesn't check revocation at all except for a small list that Google considers important. Their reasoning is that it takes too much time and is useless anyway. The real solution is OCSP Stapling : http://en.m.wikipedia.org/wiki/OCSP_stapling The server is responsible for getting a signed affidavit from the CA and including it with the response. This way the client doesn't have to fetch revocation data for the whole certificate chain.
In order to take advantage of a revoked certificate a malicious actor has to first get the certificate and the associated private key. Then they must some how redirect browsers to the server where they have set up the certificate. This is possible through DNS attacks, but such attacks have been tried and we are better defended against them now, especially if you use a well run DNS server.
The thing with this thread is that it is an argument about mostly theoretical but unused attack vectors. This leads to people worrying about which version of TLS their browser and server use when malicious actors are using Heart Bleed, Shellshock or a policy of not patching point of sale equipment. It's a bit like arguing that a car company A should be installing more air bags like company B when B has been selling cars with detective parts that kill people even with the extra air bags.
Posted via CB10Last edited by Richard Buckley; 09-29-14 at 09:12 AM.
09-29-14 08:56 AMLike 0 -
-
In order to take advantage of a revoked certificate a malicious actor has to first get the certificate and the associated private key. Then they must some how redirect browsers to the server where they have set up the certificate. This is possible through DNS attacks, but such attacks have been tried and we are better ....
Posted via CB10
How about this attack:
Setting up a rouge access point with the same SSID like your home wifi, but a stronger signal.
Normally the smartphone should connect to the rouge network and then the attacker can try variations of MITM.
For this scenario certificate pinning and OSCP stapling of the browsers are probably the best defense strategy, but TLS1.2 would be a nice bonus.
...just my 2 cents to demonstrate that the government is not the only player for MITM attacks.09-29-14 11:38 AMLike 0 -
- How about this attack:
Setting up a rouge access point with the same SSID like your home wifi, but a stronger signal.
Normally the smartphone should connect to the rouge network and then the attacker can try variations of MITM.
For this scenario certificate pinning and OSCP stapling of the browsers are probably the best defense strategy, but TLS1.2 would be a nice bonus.
...just my 2 cents to demonstrate that the government is not the only player for MITM attacks.
But the most telling point in all of this is what the rogues are doing. If attacking SSL 3.0 or using stolen certificates is such a great risk why doesn't it happen? The most likely attack based on inappropriate certificates you are likely to see are those issued by rogues via actual CAs they have hacked. And no version of TLS is going to protect you. As Alex Manea said "mobile security is like a street fight. You don't have to be perfect, you just have to be a hard target. You are only as strong as your weakest link. You need to know who to trust."
In this example having your Wi-Fi connection is the weakest link. Depending on the level of trust you have in that connection cryptography may not help you. Especially if establishing a secure link depends on trusing the DNS the connection provides. Ubiquitous SSL/TLS or VPNs protect you from rogues camped out on the same hotspot. Only the very best will protect you from a rogue hotspot. But nothing will protect you from a server that has been compromised because of Shellshock and installs maleware on your device (except a device which has no viable maleware). In fact the ecnryption on that site will ensure that the maleware is delivered without modification and that no one watching the connection could possibly know you've been taken over.
Look back at all the security issues so far this year. Total up the ones that happened through the use of less that cutting edge crypto, and the ones that happened because of the use of cutting edge crypto (Heart Bleed), and the ones that happend because of poor implementation, or leaving know security vulnerabilites un-patched (Shellshock, Home Depot, Target, iCloud photos).
We see from other posts that 10.3 supports TLS 1.2. It is only too late if BlackBerry customers have been compromised because they could not use TLS 1.2 before now. No one has yet provided any indication of that.09-29-14 12:22 PMLike 0 - Eat this:
BlackBerry Playbook – New Challenges
by Yury Chemerkin
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS.
Think more:
- TapLogger Trojan for BlackBerry never fixed
- DMTF signalling as possible covert channel BBOS10
- Address book spam-attack vector
- Remote wipe service on BBOS
PS:
You wanted to read, but i never ever give YOU or somebody else a
How2Hack TLS, sometimes you couldn't find it at Wikipedia...lol.
This is why BB does not make their SecHoles public and why we
get many updates.
hackin9!org09-29-14 02:51 PMLike 0 - Eat this:
BlackBerry Playbook – New Challenges
by Yury Chemerkin
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS.
Think more:
- TapLogger Trojan for BlackBerry never fixed
- DMTF signalling as possible covert channel BBOS10
- Address book spam-attack vector
- Remote wipe service on BBOS
PS:
You wanted to read, but i never ever give YOU or somebody else a
How2Hack TLS, sometimes you couldn't find it at Wikipedia...lol.
This is why BB does not make their SecHoles public and why we
get many updates.
hackin9!org09-29-14 04:32 PMLike 0 - Eat this:
BlackBerry Playbook – New Challenges
by Yury Chemerkin
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS.
Think more:
- TapLogger Trojan for BlackBerry never fixed
- DMTF signalling as possible covert channel BBOS10
- Address book spam-attack vector
- Remote wipe service on BBOS
PS:
You wanted to read, but i never ever give YOU or somebody else a
How2Hack TLS, sometimes you couldn't find it at Wikipedia...lol.
This is why BB does not make their SecHoles public and why we
get many updates.
hackin9!org09-29-14 04:37 PMLike 0 -
-
- Eat this:
BlackBerry Playbook – New Challenges
by Yury Chemerkin
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS.
Think more:
- TapLogger Trojan for BlackBerry never fixed
- DMTF signalling as possible covert channel BBOS10
- Address book spam-attack vector
- Remote wipe service on BBOS
PS:
You wanted to read, but i never ever give YOU or somebody else a
How2Hack TLS, sometimes you couldn't find it at Wikipedia...lol.
This is why BB does not make their SecHoles public and why we
get many updates.
hackin9!org
Yuri Chemerkin is a security researcher. His article titled BlackBerry Playbook – New Challenges primarily focuses on the ability, provided you can install and execute appropriate software on a desktop machine, to capture the password entered into BlackBerry desktop software. Once captured the password can then, of course, be used to access data from the device. The article is written in the context of forensic analysis of the device. Outside of that context there is a certain difficulty in applying these techniques. All of this should be stunningly obvious to anyone who has gotten this far in this thread.
I believe TapLogger Trojan for BlackBerry is referring to TapLogger: Inferring User Inputs On Smartphone Touchscreens Using On-board Motion Sensors by Zhi Xu, Kun Bai and Sencun Zhu. It is an interesting concept with a concept demonstration Android application. It was all the rage for a week or two when the paper was first published, and has more or less faded. You can read the paper and decide for yourself how immediate the threat is.
And so forth.
TapLogger is an interesting example of researchers doing good work, publishing a paper and the press stridently reporting on it. In some cases the stridency is justified (Heart Bleed, Shellshock). Some times it turns out that existing protections are sufficient to protect against the presented vulnerability. In the case to TapLogger the researchers, or at least the press, did not factor in the static analysis applied to applications in well curated app stores. Nor did they consider the detectability of an application that collects all the sensor data a full speed and attempts to process it. At the time the BlackBerry system monitor was fairly primitive, but in 10.2.1 such an application would stand out as a CPU and battery hog.
Finally I find it interesting that 0x0000 has no problem giving me non SSL/TLS exploits, at least old ones, but "but i never ever give YOU or somebody else a How2Hack TLS". I suspect it is because he doesn't have any.09-30-14 08:06 AMLike 0 - New SSL vulnerability
BlackBerry needs to upgrade their OpenSSL component in BB10 and drop support for SSLv3 ASAP, just like Google is doing.
Google Online Security Blog: This POODLE bites: exploiting the SSL 3.0 fallback
TL;DR
- SSLv3 can be used by an attacker on the network (MitM) to hijack a session
- Browsers can be forced to use SSLv3
Mitigation
Use Firefox and disable SSLv3
Last edited by ofutur; 10-16-14 at 07:42 AM.
10-16-14 06:04 AMLike 0 -
-
I'm sure Qualys will provide updates if their test is not good enough.10-16-14 10:06 AMLike 0 -
"So in short: Firefox is less likely to downgrade to SSLv3 if the server follows best practices on cipher selection, even if SSLv3 is still supported."
The whole point is to be a bad server and force the client to downgrade.
Proper tests
https://www.ssllabs.com/ssltest/viewMyClient.html
https://zmap.io/sslv3/
And Firefox is not vulnerable if you disable SSLv3, same for Chrome.
The list on zmap is interesting. It's showing how some bad apples such as Citibank are holding back web browsers from removing dating protocols.10-16-14 02:08 PMLike 0 - For those who want to disable the SSL 3.0 protocol globally in their Windows systems (not only in IE)
https://technet.microsoft.com/en-us/...y/3009008.aspx
Quote:
“Disable SSL 3.0 in Windows
You can disable support for the SSL 3.0 protocol on Windows by following these steps:
Click Start, click Run, type regedt32 or type regedit, and then click OK.
In Registry Editor, locate the following registry key:
HKey_Local_Machine\System\CurrentControlSet\Contro l\SecurityProviders \SCHANNEL\Protocols\SSL 3.0\Server
Note If the complete registry key path does not exist, you can create it by expanding the available keys and using the New -> Key option from the Edit menu.
On the Edit menu, click Add Value.
In the Data Type list, click DWORD.
In the Value Name box, type Enabled, and then click OK.
Note If this value is present, double-click the value to edit its current value.
Type 00000000 in Binary Editor to set the value of the new key equal to "0".
Click OK. Restart the computer.”
Since I am no server admin and administrate only my pc (“client”), I am disappointed that there is no manual for users.
But luckily the same procedure worked on a windows pc.
On my pc I found only a “SSL 2.0”-key in the “Protocols”, but here you see how one can add a “SSL 3.0”-key with a few clicks. However, after creating the “Client” under “SSL 3.0”, I followed the Microsoft advisory again and named the DWORD (32-bit) value “Enabled” (do not name it “DisabledByDefault” as digicert is suggesting!), the value was already “0” by default. Since I am no server admin, I did not create a server key and just restarted my computer.
Is there guide about how to disable SSL3 globally in Linux distributions?Last edited by Superdupont 2_0; 10-17-14 at 07:18 AM.
10-17-14 07:07 AMLike 0 -
You can recompile OpenSSL yourself and disable SSLv3, but then some apps will stop working because they don't check if SSLv3 has been compiled or not.
The best thing to do is wait for the distros to sort it out for you.
In the meantime, you can configure your web servers to not use it. afaik, only HTTP is affected, for now.10-17-14 07:27 AMLike 0 - ... the Poodle for Example
https://www.openssl.org/~bodo/ssl-poodle.pdf
The References at the End of this PDF are known as intresting.10-17-14 01:20 PMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
The "secure" BB10 OS is not great at establishing secure connections because it uses dated protocols
« It's probably already too late to worry about FREAK vulnerability
|
Update for BlackBerry 10 devices »
Similar Threads
-
Not Taking a Step Back
By JAS0NB0URNE in forum BlackBerry ClassicReplies: 11Last Post: 02-28-14, 02:05 PM -
BlackBerry ahead of Android 2 years back , hope we had the same thing now.
By rave1090 in forum General BlackBerry News, Discussion & RumorsReplies: 4Last Post: 02-25-14, 11:43 AM -
It's business as usual with app development on the BlackBerry Q20
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 1Last Post: 02-25-14, 11:12 AM
LINK TO POST COPIED TO CLIPBOARD