Possible false alarm: MtGox break in

[mrb]

Forging a SSL cert only enables the possibility of a man-in-the-middle attack from being transparently obvious when it's no longer signed properly.  However, you still have to accept the change in certificate for the forged-SSL MIM attack to work.  Did you log in to MtGox from strange internet connections in shady places?  Or did MtGox get their DNS forged as well?

No, a forged cert from DigiNotar would allow to transparently execute a MiTM attack against an end-user, without her seeing any security warning whatsoever. Except in 1 scenario, see below...

Is there actually a browser that will remember a certificate and complain if that cert is replaced with a different valid CA-signed cert?

...only 1 browser would warn you: Chrome, because Google hard-coded hashes of the public keys for a small number of high-profile websites certificates keys. This is called public key pinning.

[makomk]

Tux has replaced the missing BTC.

That's unusual. He didn't even do that for people whose accounts were compromised in circumstances suggesting it was due to the password database being extracted by hackers...

[DiabloD3]

I also do not think it is likely the recent DigiNotar or Globalsign break ins have produced SSL certs to attack mtgox with (which WOULD explain this) because mtgox uses EV certs and as far as I know none of the fake certs were for EV, but DigiNotar and Globalsign both DO issue EV certs. Although I am not ruling this out.

Forging a SSL cert only enables the possibility of a man-in-the-middle attack from being transparently obvious when it's no longer signed properly.  However, you still have to accept the change in certificate for the forged-SSL MIM attack to work.  Did you log in to MtGox from strange internet connections in shady places?  Or did MtGox get their DNS forged as well?

The problem is you DONT need to accept the cert since its signed by a CA. Thats why this was so dangerous. All you need is someone at Tux's ISP juping the traffic and bam MITM attack and no one is the wiser.

[DiabloD3]

Forging a SSL cert only enables the possibility of a man-in-the-middle attack from being transparently obvious when it's no longer signed properly.  However, you still have to accept the change in certificate for the forged-SSL MIM attack to work.  Did you log in to MtGox from strange internet connections in shady places?  Or did MtGox get their DNS forged as well?

No, a forged cert from DigiNotar would allow to transparently execute a MiTM attack against an end-user, without her seeing any security warning whatsoever. Except in 1 scenario, see below...

Is there actually a browser that will remember a certificate and complain if that cert is replaced with a different valid CA-signed cert?

...only 1 browser would warn you: Chrome, because Google hard-coded hashes of the public keys for a small number of high-profile websites certificates keys. This is called public key pinning.

Mozilla is considering pinning keys on first site access. So the only way to MITM false certs is during the first access (which makes it same to ssh's flaw on server fingerprint (aka ~/.ssh/known_hosts)).

DigiNotar is a clusterfuck, regardless.

[mrb]

Mozilla is considering pinning keys on first site access. So the only way to MITM false certs is during the first access (which makes it same to ssh's flaw on server fingerprint (aka ~/.ssh/known_hosts)).

I would love it  The only way to provide this sort of pinning with any browser is to delete all trusted CAs before browsing any HTTPS site.

[nhodges]

It's possible with the recent security lapses at certificate authorities (a la comodohacker) that someone, for some period of time, was able to do a csrf / mitm attack, no?

[Edit: Should have read 3 posts further, I guess I'll leave my original reply, lol.]

[DiabloD3]

It's possible with the recent security lapses at certificate authorities (a la comodohacker) that someone, for some period of time, was able to do a csrf / mitm attack, no?

This is what I implied earlier. It is, in fact, possible. Just very unlikely.

[hugolp]

Sorry if this is a bit offtopic, but does anyone has a propper explanation of what happen at MtGox on Sunday with the ghost trades? The technical explanations Ive heard until now dont seem to make much sense.

[Bitcoin Oz]

http://www.youtube.com/watch?v=MK6TXMsvgQg

[Otoh]

Sorry if this is a bit offtopic, but does anyone has a propper explanation of what happen at MtGox on Sunday with the ghost trades? The technical explanations Ive heard until now dont seem to make much sense.

It seems MtGox blocked about 2,000 accounts so that their trades still showed up but were not actually executed, opperating with alededly stolen funds & Bitcoins with the intent to seriously disrupt the market, why wasn't there a MtGox warning that their data was going to be completely off - people make trading decisions based on this

What now happens to the funds & Btc now locked down at MtGox, how much is this worth, if they were stolen from MyBitCoin will they be expropriated & returned for additional refund to clients there

Far too little information comes out of MtGox about these constant shenanigans - I guess that the OP also gets a free MtGox Yubi key as well as his Btc back

[hugolp]

It seems MtGox blocked about 2,000 accounts so that their trades still showed up but were not actually executed,

Yes, I read MagicalTux chat explanations. But I think the explanation is lacking. How does a user manage to create an order that does not get executed but still shows in the data? Is this normal at MtGox?

Without more information Im guessing it might be a bug more than a hack, but the explanation he has given is lacking (as you already said).

opperating with alededly stolen funds & Bitcoins with the intent to seriously disrupt the market, why wasn't there a MtGox warning that their data was going to be completely off - people make trading decisions based on this

What now happens to the funds & Btc now locked down at MtGox, how much is this worth, if they were stolen from MyBitCoin will they be expropriated & returned for additional refund to clients there

Far too little information comes out of MtGox about these constant shenanigans - I guess that the OP also gets a free MtGox Yubi key as well as his Btc back

[EhVedadoOAnonimato]

The problem is you DONT need to accept the cert since its signed by a CA. Thats why this was so dangerous. All you need is someone at Tux's ISP juping the traffic and bam

It shouldn't be that easy to be in the middle of the traffic like that. Unless you were using Tor or any similar kind of proxy. Were you?

[Sukrim]

repeat with me, mtgox is not bitcoin

Not yet, they are trying to register it as a trademark though - have fun paying them license fees just to use the name!
Proof:
http://esearch.oami.europa.eu/copla/trademark/data/010103646

[kripz]

Probably radiation (Fukishima? Cosmic?) effected the ram, flipped a bit and the account ID that was being liquidated happen to be Diablo's (and others in the past since the Fukishima incident).

[ElectricMucus]

Probably radiation (Fukishima? Cosmic?) effected the ram, flipped a bit and the account ID that was being liquidated happen to be Diablo's (and others in the past since the Fukishima incident).

Possibly

http://xkcd.com/378/

[BlockHash]

repeat with me, mtgox is not bitcoin

Not yet, they are trying to register it as a trademark though - have fun paying them license fees just to use the name!
Proof:
http://esearch.oami.europa.eu/copla/trademark/data/010103646

This is exactly what reputable and forthright companies would do.

[Littleshop]

-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.

After a lengthy conversation with MagicTux, unless it does turn up that mtgox has been hacked, neither of us can figure out what happened. Its obviously not me and I didn't fall for a phishing expedition, and Im pretty sure its not on his end. His description of security on the new post-hack mtgox is pretty decent. Its not perfect, but he has gone to great lengths to prevent a repeat.

Even if they dumped the password database, the passwords are sufficiently salted and hashed that it is extremely unlikely they grabbed my password first.

I also do not think it is likely the recent DigiNotar or Globalsign break ins have produced SSL certs to attack mtgox with (which WOULD explain this) because mtgox uses EV certs and as far as I know none of the fake certs were for EV, but DigiNotar and Globalsign both DO issue EV certs. Although I am not ruling this out.

DigiNotar knew about the break in for months, and I obviously have logged in since then.

Tux has replaced the missing BTC.

Asking once again. Do you use a Yubikey on Mt.Gox?

As Ive said in the past, I do not believe that they improve security.

They do not prevent every kind of attack but they stop entire categories of attacks.  You are wrong on this one and should think about it a bit more. 

[phillipsjk]

Is there actually a browser that will remember a certificate and complain if that cert is replaced with a different valid CA-signed cert?

There is a browser plug-in that will do that: Certificate Patrol.

[rotrott]

Was this a mtgox session hijack from the forum hack?  Were you logged into mtgox when the forum hack occurred?

[tvbcof]

Asking once again. Do you use a Yubikey on Mt.Gox?

As Ive said in the past, I do not believe that they improve security.

They do not prevent every kind of attack but they stop entire categories of attacks.  You are wrong on this one and should think about it a bit more. 

They stop entire categories of attacks which not everyone is especially prone to.  SSO is a nice to have and very worthwhile in a lot of cases, but it introduce yet another layer of expense and complexity.  I don't use one at my exchange but I am quite careful about my username, password, access methods, etc.

Most importantly, I do consider the funds I have at my exchange to be disposable.  I consider the risk from incompetence, dishonesty, and government intervention to put the assets I have at my exchange at risk more than my authentication being compromised.  A good number of people would be well advised to NOT follow suite here.