Archive for the internet-trouble Category

Updated: SSL-trouble

Posted in everyday madness, internet-trouble with tags , , , , , , , , , , , , , , , , , , , , , , , , on 10/01/2012 by Abbadon1701

Listen, listen! There’s a problem! Ha! What it is? – SSL has been long since cracked! – Woohoo ^^, so what? – Well, can’t do a thing about it, right? AT LAST, YOU CAN!
It’s about which web-browser you’re using. Now, there’s the usual and the unusual ones – so it’s a lot more fun to take a closer look at those usual ones and cracking them. So if you’re using IE, Firefox, Safari or alike you might have some trouble viewing your ssl-secured internetpages.
I hope you’ve found what you’re looking for:

If you go to http://www.thoughtcrime.com and download „ssl-sniff“ to your Linux-pc you can simply become a ligitimate OCSP-server (viewed by the Winows-user’s browser) and give him back a „try later“, so they can’t reach their desired ssl-secured internetpage(s).

The Windows-user will probably react in the following way: at first, there’ll be the question, what would be really wrong and with time and durance there’ll quite probably be some rising anger. At least, that’s what you might hope.

So if you’re rather someone who is having ssl-trouble than a ssl-toublemaker you might wish to download a more vigilant and prepared web-browser that doesn’t force you to do as you don’t wish.

Well, here’s what it needs: the right browser. In Linux there’s countless programs for indeed any purpose so there’s, of course, a real lot of web-browsers too. Just try’em, choosing from the endlessness or write your own one if you desire :)

This is, what you might have stumbled upon:

sec_error_ocsp_future_response

It may be some kind of bad_database_error too, but that’s something, which doesn’t happen too often. But I’ve witnessed such myself. It is indeed mere fake and just the same trouble as with the future_response (this is only as far as I can tell!)

I myself had this trouble while using: Mozilla Firefox 9.0.1 in Windows 7; from end of 2011 to the very beginning of 2012; German versions as far as there are ‚German‘ versions of the software.

On the wikipedia you can check out, where I got my information from. You’ll find „thoughtcrime.com“ by looking at the additional information part of the page, at least, I found it there once ago at the end of 2011 and beginning of 2012. Page is 3. ↑ Moxie Marlinspike: Defeating OCSP. Checked out on January the 27th 2011..

The page is this one here (http://www.thoughtcrime.org/papers/ocsp-attack.pdf).

I hope you found the answeres you’ve been seeking in case you’ve had such trouble. And I hope it is the right thing to do to post this information to all the world.
For solving the problem you should find another browser, where you can choose if to ignore the OCSP-error or not so that you can get to your SSL-secured page again. At least for me this works. I wish you good luck