ios-mail icon indicating copy to clipboard operation
ios-mail copied to clipboard

Published 20 hours ago verified publisher icon ProtonMail

Disable TLS Validation Bypass

Open ozbargainq opened this issue 6 years ago • 7 comments

Describe the bug: While using Protonmail this screen can occur https://mobile.twitter.com/flowinho/status/1184832592337612803

Dispite the wording I've seen many that consider themselves "cybersecurity experts" click through such messages on places like airport wifi without a thought.

Protonmail app should not prompt the user to disable TLS Validation.

in addition it should use certificate pinning, pinned to the CA you use and another.

Device + OS version iPhone ... iOS 11.

ozbargainq avatar Nov 16 '19 14:11 ozbargainq

This prompt is popping when current certificate differs from the pinned one. Certificate pinning is done using TrustKit, you can see the configuration in TrustKitWrapper.swift.

From a UX standpoint, do not want to leave user without an option to disable this validation because there are cases when user trusts the person in the middle - in corporate networks, for example. The prompt actually switches the TrustKit from hardfail to softfail and falls back to hardball on next app launch.

abjurato avatar Nov 17 '19 07:11 abjurato

Glad to hear cert pinning is used.

However the user experience here leads most people to click through without reading, This has been shown in numerous studies.

https://www.usenix.org/system/files/soups2019-das.pdf https://www.usenix.org/sites/default/files/conference/protected-files/enigma17_slides_roesner.pdf https://www.usenix.org/conference/enigma2016/conference-program/presentation/porter-felt

I bypass can exist but there needs to be enough friction that the user understands what they are doing.

I implore you, please put the user first and create a speedbump for tls validation failures.

ozbargainq avatar Nov 17 '19 08:11 ozbargainq

This does not seem safe. How is a regular user with no technical knowledge supposed to know the risk of clicking this button?

Please tell me I'm wrong and that this button isn't going to enable MITM attacks. Because if I'm not this is terrible.

Devices registered on corporate networks should have the company root CA added to iOS Trusted Certificates. The solution is NOT to disable certificate validation.

cedws avatar Aug 10 '21 16:08 cedws

Also, as a reminder, captive portal networks essentially MITM devices before they authenticate. That means the PM app will be making requests visible and completely in the clear to the network provider. Again, this is assuming I'm not missing something crucial here.

cedws avatar Aug 10 '21 16:08 cedws

I just tried to intercept traffic and wasn't able to. The app says the request timed out if trying to MITM the TLS connection. So I'm not sure what Disable Validation does.

cedws avatar Aug 10 '21 20:08 cedws

The way this was designed was to allow you to MITM the connection with a device-trusted certificate if you need to (i.e. a corporate network where your device does trust the root cert). The validation it turns off is just the public key pinning of our certificate public key, which we use to prevent some trusted CA from issuing a fake certificate for us and MITMing user traffic. Alternative routing, which is used to get around censorship, relies only on the public key pinning. However there should be no situation where both CA validation and public key pinning can both be off at the same time.

bartbutler avatar Aug 10 '21 20:08 bartbutler

I see, thanks for the explanation. Sorry for the noise.

In this case it's no biggie if someone presses the button which was my concern.

cedws avatar Aug 10 '21 21:08 cedws