Firewalls: Re: Signed applets and the Firewall

Firewalls
(August 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Signed applets and the Firewall
From:	Geoff Mulligan <geoff @ mulligan . com>
Date:	Thu, 28 Aug 1997 11:56:45 -0600
To:	Jerry Huyghe <jerry @ eliashim . com>
Cc:	rachel . rosencrantz @ predictive . com, Firewalls @ GreatCircle . COM
In-reply-to:	Your message of "Thu, 28 Aug 1997 10:24:10 EDT." <3 . 0 . 32 . 19970828102409 . 00b032c0 @ 10 . 0 . 0 . 13>

Jerry Huyghe wrote:
> This is generally a good idea, but is far from foolproof. Hackers have
> found ways to forge signatures on applets. For example, someone can create
> an applet and use a signature from a widely-trusted source. See Princeton's
> discovery of this at http://www.cs.princeton.edu/sip/news/april29.html

Putting JAR signature verification is not susceptible to this attack.  It is not
possible for someone to create an applet and use a signature from another
"widely-trusted" source - the JAR format will not allow this.  It is very 
possible to build into an http proxy the code to validate a JAR and the 
signatures that sign this JAR.

This attack is on the JVM and how it handles the trust model based on 
signatures (as can be seen from your quote), not on the basic (though poorly 
designed) JAR format.

> Quote
> "As a result, an unprivileged, but signed, applet can act as if it were
> signed by anybody. In particular, our applet will scan through your list of
> trusted signatures and impersonate one of them."

	geoff

References:

re: Signed applets and the Firewall
From: Jerry Huyghe <jerry @ eliashim . com>

Indexed By Date	Previous:	Re: "S. Korea develops world's first anti-hacking program" ! From: Bill Stout <stoutb @ pios . com>
Indexed By Date	Next:	(no subject) From: Dario Forte <dario . forte @ mbox . tech . it>
Indexed By Thread	Previous:	re: Signed applets and the Firewall From: Jerry Huyghe <jerry @ eliashim . com>
Indexed By Thread	Next:	AltaVista V3.0 Problems From: Marc Musse <ms @ seicom . net>