SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog
Superfish sequel: I'm looking at the man in the middle
Updated The US Department of Homeland Security's cyber-cops have slapped down PrivDog, an SSL tampering tool backed by, er, SSL certificate flogger Comodo.
Comodo, a global SSL authority, boasts a third of the HTTPS cert market, and is already in hot water for shipping PrivDog.
What is PrivDog? Let's allow the US Computer Emergency Readiness Team (US-CERT) to describe it in this security advisory:
Adtrustmedia PrivDog is a Windows application that advertises "... safer, faster and more private web browsing." Privdog installs a Man-in-the-Middle (MITM) proxy as well as a new trusted root CA certificate. The MITM capabilities are provided by NetFilterSDK.com. Although the root CA certificate is generated at install time, resulting in a different certificate for each installation, Privdog does not use the SSL certificate validation capabilities that the NetFilter SDK provides. This means that web browsers will not display any warnings when a spoofed or MITM-proxied HTTPS website is visited. We have confirmed that PrivDog version 220.127.116.11 is affected.
Adtrustmedia PrivDog is promoted by the Comodo Group, which is an organization that offers SSL certificates and authentication solutions.
Essentially, Comodo's firewall and antivirus package Internet Security 2014, installs a tool called PrivDog by default. Some versions of this tool intercept encrypted HTTPS traffic to force ads into webpages.
PrivDog, like the Lenovo-embarrassing Superfish, does this using a man-in-the-middle attack: it installs a custom root CA certificate on the Windows PC, and then intercepts connections to websites. Web browsers are fooled into thinking they are talking to legit websites, such as online banks and secure webmail, when in fact they are being tampered with by PrivDog so it can inject adverts.
If that's not bad enough, PrivDog turns invalid HTTPS certificates on the web into valid ones: an attacker on your network can point your computer at an evil password-stealing website dressed up as your online bank, and you'd be none the wiser thanks to PrivDog.
The US CERT adds:
An attacker can spoof HTTPS sites and intercept HTTPS traffic without triggering browser certificate warnings in affected systems.
Your best bet is to uninstall PrivDog.
PrivDog published a security advisory, characterizing the whole issue as low in severity and promising an update on Monday afternoon. Comodo downplayed the issue as "minor" in a statement to El Reg, and claimed it never shipped the SSL-meddling build of the code:
The PrivDog version being questioned has never been distributed by Comodo. This potential issue is only present in PrivDog versions 18.104.22.168 and 22.214.171.124. This potential issue is not present in the PrivDog plug-in that is distributed with Comodo Browsers. There are potentially a maximum of 6,294 users in the USA and 57,568 users globally that this could potentially impact. The PrivDog team has released an advisory with more information, available here.
Comodo itself is a certificate authority whose job ought to be to protect HTTPS, something critics argue PrivDog undermines. It’s all a bit of a puzzler.
Wag the dog
PrivDog stopped being a browser extension back in December with the release of version 3 of the technology. Several antivirus firms have flagged it as malicious since then. That’s in sharp contrast with Comodo chief exec Melih Abdulhayoglu's praise for the technology as a superior advert blocker and boon for privacy.
The software is designed to guard against malicious adverting. Third-party security firms remain unimpressed.
Amichai Shulman, CTO at Imperva, commented: “As long as people use this practice of 'breaking the chain of trust' there are bound to be some who implement it utterly wrong. PrivDog’s mistake is not validating certificates at all. This practice is going to face practical implementation challenges going forward because of certificate pinning.”
Mark James, a security specialist at ESET, added: “The standalone version of PrivDog, when installed, creates [a root SSL] certificate, and it will intercept every certificate it finds and then replace it with one signed by its root key. This enables it to replace adverts in web pages with its own ads from ‘trusted sources’.”
“The implications are massive. One of the biggest problems here is the fact that it will replace certificates with a valid certificate even if the original cert was not valid for any reason. This means it essentially makes your browser accept every HTTPS certificate regardless if it’s been signed by a certificate authority or not,” he added. ®
Updated to Add
German system administrator Hanno Böck, whose revelations initially kicked off the PrivDog story, now has this to say:
The dangerous TLS interception behaviour is part of the latest version of PrivDog 126.96.36.199, which can be downloaded from the PrivDog webpage. Comodo Internet Security bundles an earlier version of PrivDog that works with a browser extension, so it is not directly vulnerable to this threat.