14 DAY TRIAL // The Carnegie-Mellon University (CMU) made available a Firefox extension developed at their School of Computer Science and College of Engineering that improves security in Firefox by protecting against man-in-the-middle attacks. The extension, named Perspectives, is available only for Firefox 3 and works on Windows, Linux (32-bit) and OS X (Intel), with support for Linux (64-bit) and Open Solaris being in the experimental stage of development.
A man-in-the-middle attack is performed by intercepting the traffic between a user and a resource that he is trying to access. This can be achieved by exploiting several vulnerabilities, like the latest DNS cache poisoning or GMail accounts hacking incidents show.
When accessing a server resource using secure protocols like SSL or SSH, a correct identification of the server is required. This is achieved through digitally signed certificates. Due to the fact that certificates issued by trusted authorities like VeriSign are expensive, it became common practice for small businesses and websites to use self-signed certificates.
When the browser encounters such a certificate for the first time, it prompts a warning saying it cannot verify the certificate and leaves the final decision to the user. Because of this, users developed a habit of accepting such certificates without paying too much attention. However, this also makes it possible for an attacker intercepting the requests to trick the users into sending sensitive information by serving them fake self-signed certificates. The Perspectives Firefox extension overrides the default browser warning, which is often ignored by the users, and implements its own additional verification methods to determine the validity of a certificate.
It achieves this by querying "network notary servers". These are servers that automatically contact websites and record changes in their certificate keys over longer periods of times. When encountering a self-signed certificate, the Perspectives extension downloads a list of recorded certificate key changes from the notary servers and uses this information to determine if the certificate belongs to the server the user is trying to access. A preference allows the user to increase or decrease the security level of the extension, thus affecting the way validity of the certificates is established.
Based on the information it receives from the notary servers, like the last recorded key, the presence of that key in multiple notary servers or previous key changes, the extension either automatically accepts the certificate or it provides the user with more pertinent information regarding a possible man-in-the-middle attack. The user can then make informed decisions based on this additional information gathered from the notaries.
The extension protects users' privacy by allowing them to opt for being asked each time a notary server needs to be contacted. In addition, the notary servers do not keep any IP record of the queries. The code is open source and people are encouraged to contribute with ideas, patches, bug submissions, GUI designs or by offering to host notary servers. More technically-oriented users can also read the paper published by the authors which describes the extension and its concepts in greater detail.