What does browser encryption protect me from?
January 9, 2008 11:57 PM
When my browsing and downloading is "encrypted," who or what am I protecting myself from?
Who or what exactly would or could intercept unencrypted browsing, downloads, or submitted form information? Is it my ISP? Is it a trojan on my computer? Is it a port-scanning hacker? Is it someone on my LAN monitoring traffic? What exactly does browser encryption protect me from?
Who or what exactly would or could intercept unencrypted browsing, downloads, or submitted form information? Is it my ISP? Is it a trojan on my computer? Is it a port-scanning hacker? Is it someone on my LAN monitoring traffic? What exactly does browser encryption protect me from?
From fastpcnet.com after googling "why ssl"
"#1 Provides visible authentication:
Before an SSL session is established, the server it connects with needs to have a digital certificate – a kind of unique digital identification to establish its authenticity. Digital certificates are issued by a Certification Authority, after performing several checks to confirm the identity of the organization to which it is issuing the certificate.
An SSL digital certificate generates a public key for your customers and a private key on your server that works as a kind of official, online stamp for your enterprise. This private key needs to be kept secure, along with a back-up. A user can check to see if a secure session has been established by looking at the web address: in a secure session, the ‘http:' portion of the web address changes to ‘https:'.
#2 Assures data integrity:
This basically ensures that nobody can tamper with the data or information that is already online. Your customers will know that the contents of your website – or any information they have transmitted to it online – cannot be tampered with. It assures them that they are doing business in a safe environment.
#3 Ensures data privacy:
This means that online collection of sensitive information is secure and cannot be intercepted or read by anyone except the computer it was intended for.
Data integrity and data privacy are integral to the functioning and success of any website handling or facilitating online financial transactions – and that's what e-commerce is all about.
Once a secure session has been established, the public key is used by customers, to encrypt the information being sent online. This information is then decoded instantaneously through your server's private key. "
posted by pwally at 12:14 AM on January 10, 2008
"#1 Provides visible authentication:
Before an SSL session is established, the server it connects with needs to have a digital certificate – a kind of unique digital identification to establish its authenticity. Digital certificates are issued by a Certification Authority, after performing several checks to confirm the identity of the organization to which it is issuing the certificate.
An SSL digital certificate generates a public key for your customers and a private key on your server that works as a kind of official, online stamp for your enterprise. This private key needs to be kept secure, along with a back-up. A user can check to see if a secure session has been established by looking at the web address: in a secure session, the ‘http:' portion of the web address changes to ‘https:'.
#2 Assures data integrity:
This basically ensures that nobody can tamper with the data or information that is already online. Your customers will know that the contents of your website – or any information they have transmitted to it online – cannot be tampered with. It assures them that they are doing business in a safe environment.
#3 Ensures data privacy:
This means that online collection of sensitive information is secure and cannot be intercepted or read by anyone except the computer it was intended for.
Data integrity and data privacy are integral to the functioning and success of any website handling or facilitating online financial transactions – and that's what e-commerce is all about.
Once a secure session has been established, the public key is used by customers, to encrypt the information being sent online. This information is then decoded instantaneously through your server's private key. "
posted by pwally at 12:14 AM on January 10, 2008
The data you send over the network does not go directly to the party on the other end. It hits various points in between called routers where the data is send onwards or "routed" closer to the destination.
Any point where there is a copy of your data, let's say it is unencrypted, someone can look at that and filter it for information of interest (social security numbers, driver's license, bank account codes, terrorist plans, etc.).
That "someone" can be your ISP (like Comcast, filtering based on what type of network traffic you use), a hacker looking for financial or identity information, the NSA looking out for the next 911 — whomever.
So when you visit SSL sites, your browser scrambles ("encrypts") data before sending it out to these routers. On the other end, the recipient unscrambles what you've sent. The math that makes this happen is called public-key encryption.
Since the data is scrambled, the parties in between you and the recipient can't read the sensitive data. With the mathematics we have now, public-key encryption makes unscrambling by a malicious third-party unfeasible within the lifetime of the universe.
By and large, SSL has been pretty solid. Even so, you're still vulnerable.
If you run Windows or Linux you could get hit with a trojan or rootkit. Through those, someone could surreptitiously install a key- or browser-logger, a program running on your computer that takes snapshots of any browsing you do and data you enter on SSL-protected sites.
Or, your ISP or home router gets hacked, and your computer is pointed to use bad DNS settings. So that SSL-protected site you're visiting looks normal, but could be a fake site run by the bad guy.
posted by Blazecock Pileon at 12:15 AM on January 10, 2008
Any point where there is a copy of your data, let's say it is unencrypted, someone can look at that and filter it for information of interest (social security numbers, driver's license, bank account codes, terrorist plans, etc.).
That "someone" can be your ISP (like Comcast, filtering based on what type of network traffic you use), a hacker looking for financial or identity information, the NSA looking out for the next 911 — whomever.
So when you visit SSL sites, your browser scrambles ("encrypts") data before sending it out to these routers. On the other end, the recipient unscrambles what you've sent. The math that makes this happen is called public-key encryption.
Since the data is scrambled, the parties in between you and the recipient can't read the sensitive data. With the mathematics we have now, public-key encryption makes unscrambling by a malicious third-party unfeasible within the lifetime of the universe.
By and large, SSL has been pretty solid. Even so, you're still vulnerable.
If you run Windows or Linux you could get hit with a trojan or rootkit. Through those, someone could surreptitiously install a key- or browser-logger, a program running on your computer that takes snapshots of any browsing you do and data you enter on SSL-protected sites.
Or, your ISP or home router gets hacked, and your computer is pointed to use bad DNS settings. So that SSL-protected site you're visiting looks normal, but could be a fake site run by the bad guy.
posted by Blazecock Pileon at 12:15 AM on January 10, 2008
If you're running on Windows, open a command prompt and type something like
tracert google.com
This will show you a list of all the different servers that your traffic goes through before it gets to google.com (or wherever). There will probably be a few between the ones belonging to your ISP and the one at the end belonging to Google. The admins of any of those servers, or people who acquire admin privileges on those servers by nefarious means, can see all your traffic if they want.
posted by emilyw at 12:21 AM on January 10, 2008
tracert google.com
This will show you a list of all the different servers that your traffic goes through before it gets to google.com (or wherever). There will probably be a few between the ones belonging to your ISP and the one at the end belonging to Google. The admins of any of those servers, or people who acquire admin privileges on those servers by nefarious means, can see all your traffic if they want.
posted by emilyw at 12:21 AM on January 10, 2008
If you are using wifi, anyone within range may be able to listen in on any of your traffic. Wifi encryption helps some, but it's possible to break it. If you're using a cable modem, you're sharing a wire with a number of people in your neighborhood. The cable modem that Comcast or whoever gives you won't give you access to everybody else's traffic but in theory it may be possible to see your neighbors' network traffic. In practice this fear may be unfounded but "I couldn't get it to work" is hardly a guarantee.
It's certainly possible that an employee of your ISP is abusing their responsibility, but it's more likely that someone else will hack a server that happens to be at a midpoint.
On the server end, depending on who you're transacting with, a hacker may be able to hack a different box on the same network, though I imagine a lot of the colo places switch things to make this impossible. In some cases servers are running whole operating systems on virtual machines, many to one physical piece of hardware. If one of the other clients is hacked, or even just rented normally, that could provide access to your network data.
posted by aubilenon at 12:46 AM on January 10, 2008
It's certainly possible that an employee of your ISP is abusing their responsibility, but it's more likely that someone else will hack a server that happens to be at a midpoint.
On the server end, depending on who you're transacting with, a hacker may be able to hack a different box on the same network, though I imagine a lot of the colo places switch things to make this impossible. In some cases servers are running whole operating systems on virtual machines, many to one physical piece of hardware. If one of the other clients is hacked, or even just rented normally, that could provide access to your network data.
posted by aubilenon at 12:46 AM on January 10, 2008
It protects you against everyone between you and the source. The data is copied repeatedly and can be intercepted at any number of different points. Using encryption, as long as it's well-implemented, means that it can't be intercepted on the wire; every person on earth could be given a copy of the data, but without the keys, it's useless. And only you and the source hold the keys.
posted by Malor at 2:08 AM on January 10, 2008
posted by Malor at 2:08 AM on January 10, 2008
Just for completeness, basically nothing can protect you against an already-installed trojan short of uninstalling it.
And SSL/browser encryption has been described (accurately) as using an armored car to transport your laundry from a park bench to a cardboard box.
Note that there are various and sundry ways to pervert the security of websites without breaking the encryption, XSS, XSRF (the reason we don't have IMG tags anymore here), DNS spoofing/double-binding, et-fscking-cetera.
So the answer to your last question really is: Not a whole heck of a lot.
posted by Skorgu at 3:02 AM on January 10, 2008
And SSL/browser encryption has been described (accurately) as using an armored car to transport your laundry from a park bench to a cardboard box.
Note that there are various and sundry ways to pervert the security of websites without breaking the encryption, XSS, XSRF (the reason we don't have IMG tags anymore here), DNS spoofing/double-binding, et-fscking-cetera.
So the answer to your last question really is: Not a whole heck of a lot.
posted by Skorgu at 3:02 AM on January 10, 2008
Wifi encryption actually helps plenty, as long as it isn't WEP.
When people claim to be able to crack WPA PSK (pre-shared key), they're actually relying on the fact that your pre-shared key is usually the result of hashing (electronically scrambling) a user-generated password, and that most users generate crappy passwords.
The hashing algorithm is standard. Given a password, it's trivial to generate the corresponding WPA pre-shared key. Given a dictionary full of words and some time, it's easy to try out hundreds of thousands of candidate passwords and test their corresponding pre-shared keys against captured WPA traffic. As far as I know, this kind of dictionary attack is currently the only way to crack WPA.
But since a WPA pre-shared key is typically something you paste into a dialog box and let your computer and router remember, and since most WPA-capable equipment allows you to paste the key in directly as a 64-character hexadecimal string as an alternative to pasting in a password and generating a key off that, there is nothing to stop you from using a totally random 64-character string of numbers from 0 to 9 and letters from A to F for your pre-shared key. Keep it in a file on your USB stick and paste it when you need it.
Keys you generate at random in this way are extremely unlikely to correspond to the hash of any reasonable password, let alone a dictionary word, and will therefore leave a dictionary attack with nothing to get its teeth into.
This kind of encryption only protects the first hop, though, between your wireless computer and the local router. Browser (SSL) encryption is, as stated above, end-to-end. Even on a totally unsecured wireless network, SSL encryption will prevent snoopers making any use of network data they capture from you.
On the other hand, most porn sites are not SSL encrypted. So if you don't want your neigbours looking over your shoulder, use WPA encryption with a strong pre-shared key.
posted by flabdablet at 3:11 AM on January 10, 2008
When people claim to be able to crack WPA PSK (pre-shared key), they're actually relying on the fact that your pre-shared key is usually the result of hashing (electronically scrambling) a user-generated password, and that most users generate crappy passwords.
The hashing algorithm is standard. Given a password, it's trivial to generate the corresponding WPA pre-shared key. Given a dictionary full of words and some time, it's easy to try out hundreds of thousands of candidate passwords and test their corresponding pre-shared keys against captured WPA traffic. As far as I know, this kind of dictionary attack is currently the only way to crack WPA.
But since a WPA pre-shared key is typically something you paste into a dialog box and let your computer and router remember, and since most WPA-capable equipment allows you to paste the key in directly as a 64-character hexadecimal string as an alternative to pasting in a password and generating a key off that, there is nothing to stop you from using a totally random 64-character string of numbers from 0 to 9 and letters from A to F for your pre-shared key. Keep it in a file on your USB stick and paste it when you need it.
Keys you generate at random in this way are extremely unlikely to correspond to the hash of any reasonable password, let alone a dictionary word, and will therefore leave a dictionary attack with nothing to get its teeth into.
This kind of encryption only protects the first hop, though, between your wireless computer and the local router. Browser (SSL) encryption is, as stated above, end-to-end. Even on a totally unsecured wireless network, SSL encryption will prevent snoopers making any use of network data they capture from you.
On the other hand, most porn sites are not SSL encrypted. So if you don't want your neigbours looking over your shoulder, use WPA encryption with a strong pre-shared key.
posted by flabdablet at 3:11 AM on January 10, 2008
using an armored car to transport your laundry from a park bench to a cardboard box
This is true only if you're running Windows. If not, it's more like using an armored car to transport your laundry from a cardboard box to another cardboard box.
posted by flabdablet at 3:13 AM on January 10, 2008
This is true only if you're running Windows. If not, it's more like using an armored car to transport your laundry from a cardboard box to another cardboard box.
posted by flabdablet at 3:13 AM on January 10, 2008
oxford blue is entirely right about who you're protecting yourself from, it really is "them", every paranoid's favorite faceless bogeyman. The chances of anyone watching are probably small*, but it's easy to take reasonable care, so you should anyway. (Reasonable care includes making sure you haven't been compromised by any malware, which is probably the most likely way anyone will fuck you over, IMHO.)
Whether you should really worry about SSL depends on context. If you're using public WIFI, I would urge you not to log into any sites that require a password - and if you have an email client, make sure it's not using POP (which transmits your username and password in the clear) or unencrypted SMTP which sends all of your outgoing mail in the clear.
Allow me to emphasise this: You should be really, really careful of your email password - probably every other site you visit has an 'email me my password' function, so what do you think will happen if one of the "them" folk can read your email? That's right, utter pwnage for you.
If you're at home, I'd be less worried - the chances of anyone at your ISP watching your traffic are pretty small, and all of the other routers between you and google are probably run by big telecommunication companies (who really don't give a fuck).
The office network is another matter, probably safer than public wifi, but also more likely that someone in network ops could be running a man in the middle attack - which effectively renders your SSL irrelevent (though you can see this if you look at your certificate) - but even this marginally increased chance is probably very small indeed.
Oh, and if you're using TOR, I'd be even more careful than when using public WIFI. That's a scary-ass network. (It is run by "them" from start to finish, the nodes that aren't operated by government entities are run by scary internet criminals & deranged kooks. This sounds tinfoil hat, but evidence points to US, Russian, & Chinese government operated TOR nodes.)
* Unlike using an internet cafe's computers, in which case you're almost certainly being keylogged.
posted by The Monkey at 4:18 AM on January 10, 2008
Whether you should really worry about SSL depends on context. If you're using public WIFI, I would urge you not to log into any sites that require a password - and if you have an email client, make sure it's not using POP (which transmits your username and password in the clear) or unencrypted SMTP which sends all of your outgoing mail in the clear.
Allow me to emphasise this: You should be really, really careful of your email password - probably every other site you visit has an 'email me my password' function, so what do you think will happen if one of the "them" folk can read your email? That's right, utter pwnage for you.
If you're at home, I'd be less worried - the chances of anyone at your ISP watching your traffic are pretty small, and all of the other routers between you and google are probably run by big telecommunication companies (who really don't give a fuck).
The office network is another matter, probably safer than public wifi, but also more likely that someone in network ops could be running a man in the middle attack - which effectively renders your SSL irrelevent (though you can see this if you look at your certificate) - but even this marginally increased chance is probably very small indeed.
Oh, and if you're using TOR, I'd be even more careful than when using public WIFI. That's a scary-ass network. (It is run by "them" from start to finish, the nodes that aren't operated by government entities are run by scary internet criminals & deranged kooks. This sounds tinfoil hat, but evidence points to US, Russian, & Chinese government operated TOR nodes.)
* Unlike using an internet cafe's computers, in which case you're almost certainly being keylogged.
posted by The Monkey at 4:18 AM on January 10, 2008
The chances of anyone watching are probably small*
The government is, apparently, snooping all Internet traffic it can get its hands on, with the active assistance of the carriers.
"Anyone", to me, most emphatically includes government entities.
posted by Malor at 5:17 AM on January 10, 2008
The government is, apparently, snooping all Internet traffic it can get its hands on, with the active assistance of the carriers.
"Anyone", to me, most emphatically includes government entities.
posted by Malor at 5:17 AM on January 10, 2008
Not being an American in America I didn't consider that, but I'm sure you're right Malor.
(Of course, being part of Echelon, my country might well be playing its part by monitoring me closely. I hope they like redtube.)
posted by The Monkey at 5:41 AM on January 10, 2008
(Of course, being part of Echelon, my country might well be playing its part by monitoring me closely. I hope they like redtube.)
posted by The Monkey at 5:41 AM on January 10, 2008
Is it a trojan on my computer?
No. Malware would take information from the stream after it's been decrypted. The order,
Is not: your brain - encrypter - malware - intarweb
Is: your brain - malware - encrypter - intarweb.
Locking your door doesn't help if they bad guy is already in your house.
Encryption works only to keep people from sniffing the stream between two computers. If one of the end computers is compromised, then all bets are off.
posted by cmiller at 6:05 AM on January 10, 2008
No. Malware would take information from the stream after it's been decrypted. The order,
Is not: your brain - encrypter - malware - intarweb
Is: your brain - malware - encrypter - intarweb.
Locking your door doesn't help if they bad guy is already in your house.
Encryption works only to keep people from sniffing the stream between two computers. If one of the end computers is compromised, then all bets are off.
posted by cmiller at 6:05 AM on January 10, 2008
Consider also that if you have been using the same credit card number, address, password, etc on the internet for any significant amount of time there is a significant chance that "they" already have your details I would not particularly recommend running a google search for your credit card number but you could have a look at this article by somebody who does. The fact that your hacked details are only one of a huge number available to ner-do-wells may be acting in your favour.
posted by rongorongo at 6:09 AM on January 10, 2008
posted by rongorongo at 6:09 AM on January 10, 2008
The examples given of email are the most important places where I would be sure to use SSL. If you ever check your email from outside your home (take your computer to a friend's house, use public Wifi, whatever), make sure you're using SSL on both the incoming (IMAP or POP) and outgoing (SMTP) connections. If your ISP doesn't support SSL on its email servers ... get a new ISP, because they're obviously incompetent and have no business running a mailserver.
For most other purposes you can be reasonably OK by letting the site specify whether it wants SSL or not, and going with its default...but email is the big one that most people have the option of enabling it for, but many do not. This is a Bad Thing, IMO, particularly considering how many people have laptops, how many servers use plaintext auth, and how often your email program may connect to that server to check for email.
posted by Kadin2048 at 7:39 AM on January 10, 2008
For most other purposes you can be reasonably OK by letting the site specify whether it wants SSL or not, and going with its default...but email is the big one that most people have the option of enabling it for, but many do not. This is a Bad Thing, IMO, particularly considering how many people have laptops, how many servers use plaintext auth, and how often your email program may connect to that server to check for email.
posted by Kadin2048 at 7:39 AM on January 10, 2008
Very simply put. The traffic you generate over your network is viewable by everyone that is in the same subnet. Encryption protects you the most on your LAN, but that's not to say that there are other points of interception once it's being routed on the internet (just less likely).
posted by samsara at 8:12 AM on January 10, 2008
posted by samsara at 8:12 AM on January 10, 2008
Also its worth mentioning that encrypting the data is only part of the solution. SSL also examines the key of the website you are visiting. This makes it difficult for a man-in-middle to say 'Yes, I'm chase.com.' So now only are you encrypting traffic to stop sniffers you are also verifying that the site you are connecting to is actually the site you want to go to. If this wasnt true then someone could just make some DNS changes and have their way with your passwords.
posted by damn dirty ape at 8:34 AM on January 10, 2008
posted by damn dirty ape at 8:34 AM on January 10, 2008
This thread is closed to new comments.
The IP protocol isn't very secure. In fact, it isn't secure at all. Anyone at any of the "hops" between your computer and the remote server can easily intercept your traffic, skim it for possibly compromising information (like a credit card number, f'rinstance), and then pass it along as if nothing had happened.
That's why Internet encryption standards like HTTPS exist. They're designed to be used over an "open" channel where everything sent could be compromised. Of course, someone can always pretend to be the remote server and get your information that way, but there are some safeguards against that as well.
Internet security is a huge can of worms. I'm sure someone will come along and post more specific information in a minute...
posted by neckro23 at 12:10 AM on January 10, 2008