Another Nail in the Coffin - SSL/TSL woes PDF Print E-mail
User Rating: / 0
PoorBest 
Written by Michael Felt   

Something we all use, but don't really know - TLS security

IMHO - a lot of SSL discussions are almost understood. I feel I know enough to know when I need to worry versus when I do not need to worry. But, my SSL coffin is still how the major browsers are really the ones who dictate what, when, how re: what elements of SSL is permitted.

Still miss my 40-bit encryption...

Not that I would want to rely on that on the open web - but I had a lot of firmware that was "web-enabled" and "secure" because it could only be accessed using https:// (aka SSL/TLS). Unfortunately, this hardware management interface was old enough that it was built to world standards - when France was still requiring 40-bit encryption as the "highest level permitted". Ultimately, I switched off the systems as they were unmanageable - but there was never a matter of security. These interfaces ran on a seperate VLAN, no router to WLAN area, etc..These systemsare in my SSL/TLS coffin.

A secure brand - that got lazy it seems

I know it is for the better security of "all of us", but I feel it is just one drop in the bucket. Starting next year Google (via Chrome v66)  is withdrawing recongnitation of certificates signed by Symantec CA (subsideriaries). At issue is that Symantec did not monitor all of these subsidaries that CA signed ceritficates - that ultimately had their ROOT CA trust verified by Symantec ROOT CA's.

My move forward

I want to get to where I really understand how this circus called CA trust actually works - or better - how it is suppossed to work. To do so, I am going to become my personal CA. And since Mozilla and Google (rightfully) will not recognize me as a certified CA I am going to run into every problem imagineable (and also those unimageable).

And what about you?

Part A: That's your problem.

Part B: As I learn more - I'll write about it and share my insights. Especially those insights that are changes from what I thought I knew - but learned "is not quite accurate at 100%".

 

 
< Prev   Next >
65 queries executed
1
SET sql_mode = 'MYSQL40'
2 SELECT folder, element, published, params FROM jos_mambots WHERE published >= 1 AND access <= 0 AND folder = 'system' ORDER BY ordering
3 SELECT template FROM jos_templates_menu WHERE client_id = 0 AND ( menuid = 0 OR menuid = 114 ) ORDER BY menuid DESC LIMIT 1
4 DELETE FROM jos_session WHERE ( ( time < '1544942437' ) AND guest = 0 AND gid > 0 ) OR ( ( time < '1544942437' ) AND guest = 1 AND userid = 0 )
5 SELECT COUNT(*) FROM jos_stats_agents WHERE agent = 'Unknown' AND type = 0
6 UPDATE jos_stats_agents SET hits = ( hits + 1 ) WHERE agent = 'Unknown' AND type = 0
7 SELECT COUNT(*) FROM jos_stats_agents WHERE agent = 'Unknown' AND type = 1
8 UPDATE jos_stats_agents SET hits = ( hits + 1 ) WHERE agent = 'Unknown' AND type = 1
9 SELECT COUNT(*) FROM jos_stats_agents WHERE agent = 'com' AND type = 2
10 UPDATE jos_stats_agents SET hits = ( hits + 1 ) WHERE agent = 'com' AND type = 2
11 SELECT * FROM jos_menu WHERE id = 114
12 SELECT a.*, u.name AS author, u.usertype, cc.name AS category, s.name AS section, g.name AS groups, s.published AS sec_pub, cc.published AS cat_pub, s.access AS sec_access, cc.access AS cat_access, s.id AS sec_id, cc.id as cat_id FROM jos_content AS a LEFT JOIN jos_categories AS cc ON cc.id = a.catid LEFT JOIN jos_sections AS s ON s.id = cc.section AND s.scope = 'content' LEFT JOIN jos_users AS u ON u.id = a.created_by LEFT JOIN jos_groups AS g ON a.access = g.id WHERE a.id = 820 AND ( a.state = 1 OR a.state = -1 ) AND ( a.publish_up = '0000-00-00 00:00:00' OR a.publish_up <= '2018-12-16 07:55' ) AND ( a.publish_down = '0000-00-00 00:00:00' OR a.publish_down >= '2018-12-16 07:55' ) AND a.access <= 0
13 SELECT a.id FROM jos_content AS a WHERE a.catid = 48 AND a.state = 1 AND a.access <= 0 AND ( a.state = 1 OR a.state = -1 ) AND ( a.publish_up = '0000-00-00 00:00:00' OR a.publish_up <= '2018-12-16 07:55' ) AND ( a.publish_down = '0000-00-00 00:00:00' OR a.publish_down >= '2018-12-16 07:55' ) ORDER BY a.ordering
14 SELECT ROUND( v.rating_sum / v.rating_count ) AS rating, v.rating_count FROM jos_content AS a LEFT JOIN jos_content_rating AS v ON a.id = v.content_id WHERE a.id = 820
15 UPDATE jos_content SET hits = ( hits + 1 ) WHERE id = '820'
16 SELECT hits FROM jos_core_log_items WHERE time_stamp = '2018-12-16' AND item_table = '#__content' AND item_id = '820'
17 UPDATE jos_core_log_items SET hits = ( hits + 1 ) WHERE time_stamp = '2018-12-16' AND item_table = '#__content' AND item_id = '820'
18 SELECT folder, element, published, params FROM jos_mambots WHERE access <= 0 AND folder = 'content' ORDER BY ordering
19 SELECT value FROM jos_bookmarks_prefs WHERE userid = '-1' AND category = 'params' AND name = 'urlkey'
20 SELECT value FROM jos_bookmarks_prefs WHERE userid = '-1' AND category = 'params' AND name = 'snapshotactiv'
21 SELECT value FROM jos_bookmarks_prefs WHERE userid = '-1' AND category = 'params' AND name = 'snapshotother'
22 SELECT id FROM jos_mambots WHERE element = 'mosbookmarks' AND folder = 'content'
23 SELECT * FROM jos_mambots WHERE id = '32'
24 SELECT name, value FROM jos_bookmarks_prefs WHERE userid = '-1' AND category = 'params' ORDER BY name
25 SELECT c.id, c.parent FROM jos_bookmarks_categories as c WHERE c.id = -1
26 SELECT * FROM jos_bookmarks_columns WHERE category='' AND custom='0'
27 SELECT * FROM jos_bookmarks_columns WHERE category='' ORDER BY ordering
28 SELECT * FROM jos_bookmarks_columns WHERE category='admin'
29 SELECT * FROM jos_bookmarks_columns WHERE category='admin' ORDER BY ordering
30 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
31 SELECT * FROM jos_mambots WHERE id = '27'
32 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
33 SELECT * FROM jos_mambots WHERE id = '27'
34 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
35 SELECT * FROM jos_mambots WHERE id = '27'
36 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
37 SELECT * FROM jos_mambots WHERE id = '27'
38 SELECT a.* FROM jos_components AS a WHERE ( a.admin_menu_link = 'option=com_syndicate' OR a.admin_menu_link = 'option=com_syndicate&hidemainmenu=1' ) AND a.option = 'com_syndicate'
39 SELECT m.id FROM jos_modules AS m WHERE m.module = 'mod_rssfeed' AND m.published = 1
40 SELECT id, title, module, position, content, showtitle, params FROM jos_modules AS m INNER JOIN jos_modules_menu AS mm ON mm.moduleid = m.id WHERE m.published = 1 AND m.access <= 0 AND m.client_id != 1 AND ( mm.menuid = 0 OR mm.menuid = 114 ) ORDER BY ordering
41 SELECT id FROM jos_menu WHERE link = 'index.php?option=com_search' AND published = 1
42 SELECT m.*, sum(case when p.published=1 then 1 else 0 end) as cnt FROM jos_menu AS m LEFT JOIN jos_menu AS p ON p.parent = m.id WHERE m.menutype='rt_splitSuckerFish' AND m.published='1' AND m.access <= '0' GROUP BY m.id ORDER BY m.parent, m.ordering
43 SELECT m.* FROM jos_menu AS m WHERE menutype='rt_splitSuckerFish' AND m.published='1'
44 SELECT * FROM jos_banner WHERE showBanner=1
45 SELECT id FROM jos_mambots WHERE element = 'mosbookmarks' AND folder = 'content'
46 SELECT * FROM jos_mambots WHERE id = '32'
47 SELECT name, value FROM jos_bookmarks_prefs WHERE userid = '-1' AND category = 'params' ORDER BY name
48 SELECT c.id, c.parent FROM jos_bookmarks_categories as c WHERE c.id = -1
49 SELECT * FROM jos_bookmarks_columns WHERE category='' AND custom='0'
50 SELECT * FROM jos_bookmarks_columns WHERE category='' ORDER BY ordering
51 SELECT * FROM jos_bookmarks_columns WHERE category='admin'
52 SELECT * FROM jos_bookmarks_columns WHERE category='admin' ORDER BY ordering
53 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
54 SELECT * FROM jos_mambots WHERE id = '27'
55 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
56 SELECT * FROM jos_mambots WHERE id = '27'
57 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
58 SELECT * FROM jos_mambots WHERE id = '27'
59 SELECT id FROM jos_mambots WHERE element = 'plugin_jw_allvideos' AND folder = 'content'
60 SELECT * FROM jos_mambots WHERE id = '27'
61 SELECT a.id, a.title, a.sectionid, a.catid, a.created, a.hits FROM jos_content AS a LEFT JOIN jos_content_frontpage AS f ON f.content_id = a.id INNER JOIN jos_categories AS cc ON cc.id = a.catid INNER JOIN jos_sections AS s ON s.id = a.sectionid WHERE ( a.state = 1 AND a.sectionid > 0 ) AND ( a.publish_up = '0000-00-00 00:00:00' OR a.publish_up <= '2018-12-16 07:55' ) AND ( a.publish_down = '0000-00-00 00:00:00' OR a.publish_down >= '2018-12-16 07:55' ) AND ((TO_DAYS('2018-12-16') - TO_DAYS(a.created)) <= '60') AND a.access <= 0 AND cc.access <= 0 AND s.access <= 0 AND s.published = 1 AND cc.published = 1 ORDER BY a.hits DESC LIMIT 3
62 SELECT a.id, a.title, a.sectionid, a.catid FROM jos_content AS a LEFT JOIN jos_content_frontpage AS f ON f.content_id = a.id INNER JOIN jos_categories AS cc ON cc.id = a.catid INNER JOIN jos_sections AS s ON s.id = a.sectionid WHERE ( a.state = 1 AND a.sectionid > 0 ) AND ( a.publish_up = '0000-00-00 00:00:00' OR a.publish_up <= '2018-12-16 07:55' ) AND ( a.publish_down = '0000-00-00 00:00:00' OR a.publish_down >= '2018-12-16 07:55' ) AND a.access <= 0 AND cc.access <= 0 AND s.access <= 0 AND s.published = 1 AND cc.published = 1 ORDER BY a.hits DESC LIMIT 3
63 SELECT ms.id AS sid, ms.type AS stype, mc.id AS cid, mc.type AS ctype, i.id as sectionid, i.id As catid, ms.published AS spub, mc.published AS cpub FROM jos_content AS i LEFT JOIN jos_sections AS s ON i.sectionid = s.id LEFT JOIN jos_menu AS ms ON ms.componentid = s.id LEFT JOIN jos_categories AS c ON i.catid = c.id LEFT JOIN jos_menu AS mc ON mc.componentid = c.id WHERE ( ms.type IN ( 'content_section', 'content_blog_section' ) OR mc.type IN ( 'content_blog_category', 'content_category' ) ) AND i.id = 174 ORDER BY ms.type DESC, mc.type DESC, ms.id, mc.id
64 SELECT ms.id AS sid, ms.type AS stype, mc.id AS cid, mc.type AS ctype, i.id as sectionid, i.id As catid, ms.published AS spub, mc.published AS cpub FROM jos_content AS i LEFT JOIN jos_sections AS s ON i.sectionid = s.id LEFT JOIN jos_menu AS ms ON ms.componentid = s.id LEFT JOIN jos_categories AS c ON i.catid = c.id LEFT JOIN jos_menu AS mc ON mc.componentid = c.id WHERE ( ms.type IN ( 'content_section', 'content_blog_section' ) OR mc.type IN ( 'content_blog_category', 'content_category' ) ) AND i.id = 281 ORDER BY ms.type DESC, mc.type DESC, ms.id, mc.id
65 SELECT ms.id AS sid, ms.type AS stype, mc.id AS cid, mc.type AS ctype, i.id as sectionid, i.id As catid, ms.published AS spub, mc.published AS cpub FROM jos_content AS i LEFT JOIN jos_sections AS s ON i.sectionid = s.id LEFT JOIN jos_menu AS ms ON ms.componentid = s.id LEFT JOIN jos_categories AS c ON i.catid = c.id LEFT JOIN jos_menu AS mc ON mc.componentid = c.id WHERE ( ms.type IN ( 'content_section', 'content_blog_section' ) OR mc.type IN ( 'content_blog_category', 'content_category' ) ) AND i.id = 431 ORDER BY ms.type DESC, mc.type DESC, ms.id, mc.id