OS X and Unconditionally Trusted Certificates
Google made headlines in March by revealing that one of the unconditionally trusted root certificate authorities in China (CNNIC) permitted an Egyptian company to forge certificates in Google’s name. A hostile party in possession of such a cert can combine it with various forms of network subterfuge to invisibly intercept all network activity between a victim and Google’s services.
Google announced plans a few weeks later to invalidate the Chinese root cert within all Google products. Most visibly, Google Chrome will no longer trust any connections that are validated by this compromised cert.
Shortly thereafter, Mozilla announced that in addition to completely revoking the Egyptian company’s intermediate cert, it will also no longer trust any cert signed by the Chinese root cert prior to April 1. This is a slightly less drastic measure than Google’s, but has largely the same effect for now.
This isn’t just a browser problem
These same certificates are unconditionally trusted by your operating system. OS X 10.10.2 has 213 different certificates in its System Roots list. Apple marks five of its own certs as trusted for a variety of functions including Software Update and verifying Mac App Store apps. There are also dozens of root certs controlled by companies you might recognize, like VISA, Wells Fargo, Symantec, VeriSign, and Equifax.
There are also unconditionally trusted certs from other places you’ve also heard of, including five that are explicitly owned directly by the US government, with two of those controlled by the military. In addition to the controversial CNNIC Chinese cert, there are three other Chinese certs. There are also four Taiwanese certs and one from Hong Kong, which you may or may not feel similarly about, depending on your views of China’s influence in those places.
Another notable winner in the list is Venezuela. Curiously, there are none explictly under Russian control. All told, roughly half of the certs that Apple trusts on your behalf are controlled outside the US.
You can dump the list yourself by launching Keychain Access from the Utilities folder, selecting System Roots in the upper left and Certificates in the lower left, Selecting All, choosing File-Export Items…, and choosing the Certificate Bundle (.p7b) format. Then run this Terminal command against the resulting output file:
openssl pkcs7 -inform DER -in Certificates.p7b -print_certs | grep issuer
Other apps connect securely to the internet too
If you play games with Steam, organize with Evernote, post with Twitter, chat with Messages or Adium, use Mail, Calendar, Maps, or pretty much any other responsibly written app that authenticates or updates online, you’re using these same root certs every single time. A maliciously compromised root cert plus any number of network exploits can let an attacker slip code onto your system or data off of it.
The Chinese root cert is not the first to be compromised in some fashion, and it will not be the last. Whether the impetus is greed and incompetence, malice, hacking by outside parties, or government interference, the current root certificate authority system makes it far too easy for your own data to be taken against your will.
The OS vendor response
Microsoft has already taken steps to mitigate this particular situation by revoking the Egyptian intermediate cert. According to ArsTechnica, Microsoft continues to investigate whether other steps will also be appropriate.
Apple has not made any public statement yet, and the Chinese root cert is still valid on OS X. Apple security is usually the last to respond to public problems when they haven’t been given ample lead time–unless malware is involved, in which case the response is swift and decisive.
Security or ease of use: pick one
In defense of Microsoft and Apple, if all of these global root certificates weren’t trusted out of the box, millions of users around the world would have to take additional steps to make their software and websites work. This would most likely take the form of confusing dialog boxes, or installing the certs from some third party source and just hoping that source wasn’t compromised or malicious. The end result could easily be more security problems than we face today.
Addressing digital security threats–both real and theoretical–is inherently at odds with making sure that existing functionality is not impacted. Apple has made significant strides in recent years at closing off numerous significant attack vectors, with technologies like ASLR, App Sandboxing, Code Signing, and File Quarantine.
An attacker only needs a single weakness to do harm, but the defender’s paradox is that every possible avenue must be protected. As popular OSes have become more hardened against attack, the vector provided by the sloppy root certificate system is increasingly attractive, especially in today’s environment where the attacks are coming from nation states and other well funded adversaries with the means to simultaneously compromise network infrastructure.
Cert revocation in its myriad forms is vital, but not a complete solution to the problem. Your Mac or iOS device in the US should never be jeopardized by what goes on in China, particularly if you never interact willingly with companies, products, or servers there.
Customers should demand that Apple and other vendors take prompt and decisive steps to protect users from root certificate exploits before anyone knows a particular cert is compromised.
