Fingerprinting users with cached intermediate certificates

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Fingerprinting users with cached intermediate certificates

Kyle Hamilton
Hi, this is not mine, but I just ran across it on Reddit and as it's
novel on this group I think it's appropriate to discuss?

https://shiftordie.de/blog/2017/02/21/fingerprinting-firefox-users-with-cached-intermediate-ca-certificates-fiprinca/

-Kyle H
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Fingerprinting users with cached intermediate certificates

Martin Thomson
On Wed, Feb 22, 2017 at 4:12 PM, Kyle Hamilton <[hidden email]> wrote:
> https://shiftordie.de/blog/2017/02/21/fingerprinting-firefox-users-with-cached-intermediate-ca-certificates-fiprinca/

HSTS can be used to do the same without relying on being able to
identify a large set of intermediates that the user hasn't already
seen.  Also, Firefox isn't alone in caching intermediates.  I think
that you will find that other browsers all do the same thing.
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Fingerprinting users with cached intermediate certificates

Gervase Markham
In reply to this post by Kyle Hamilton
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Fingerprinting users with cached intermediate certificates

Daniel Veditz-2
In reply to this post by Martin Thomson
On Tue, Feb 21, 2017 at 9:33 PM, Martin Thomson <[hidden email]> wrote:

> Also, Firefox isn't alone in caching intermediates.  I think
> that you will find that other browsers all do the same thing.
>

​The difference isn't that Firefox caches intermediates, it's that it
doesn't fetch non-cached ones​. This paper describes taking advantage of
this fact to determine which intermediates have been cached in Firefox. You
might be able to use timing attacks to determine whether particular
intermediates have been cached in other browsers, but you'd only get one
sample per intermediate because it would be a destructive test. And then it
would be useless as an identifier to track the same person on a future
visit.

It's an interesting bit of information leakage. Less useful as a
"super-cookie" than HSTS, but probably equally bad news to Tor Browser
users.

-Dan Veditz
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Fingerprinting users with cached intermediate certificates

Martin Thomson
On Sat, Feb 25, 2017 at 6:45 AM, Daniel Veditz <[hidden email]> wrote:
> The difference isn't that Firefox caches intermediates, it's that it doesn't
> fetch non-cached ones.

As the bug that Gerv cited shows, the act of fetching also leaks the
same information.  But there are plans to segment the intermediates
cache to avoid cross domain tracking, which should help.  Tor disables
the intermediates cache so doesn't suffer the fingerprinting risk
(only the risk that the site can't be reached).
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Fingerprinting users with cached intermediate certificates

tritter
In reply to this post by Daniel Veditz-2
On Friday, February 24, 2017 at 5:44:12 PM UTC-6, Martin Thomson wrote:
> On Sat, Feb 25, 2017 at 6:45 AM, Daniel Veditz <[hidden email]> wrote:
> > The difference isn't that Firefox caches intermediates, it's that it doesn't
> > fetch non-cached ones.
>
> As the bug that Gerv cited shows, the act of fetching also leaks the
> same information.  

I'm confused - I don't believe that's the case. To Dan's point: the test isn't destructive - because we don't fetch missing. Running the test a second time doesn't show you that you're caching all of them. So while it's not perfectly reliable (since you can always start caching something new) the act of observing does not affect the observation.

> But there are plans to segment the intermediates
> cache to avoid cross domain tracking, which should help.  Tor disables
> the intermediates cache so doesn't suffer the fingerprinting risk
> (only the risk that the site can't be reached).

Tor keeps it memory-only and clears it on New Identity but doesn't disable it at this time: https://trac.torproject.org/projects/tor/ticket/21559
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security
Loading...