6

I would like to have more insight about when a server should install ssl, in particular when it is worth the money to pay for a valid certificate. As my clients often have little understanding of why they need ssl, and since a certificate is quite costly compared to renting a vps, I would like to know some statistical numbers or other descriptive information.

Suppose a user forum, which has thousands of users, and all their usernames and passwords are sent unencrypted over the internets. There are no credit card informations, or other sensitive data, except the passwords. What would be the arguments for acquiring ssl in this situation, and what would be the arguments not to?

I hope this question is intelligible. I wouldn't know really how to ask more directly.

Thanks for your time and advice!

Robin Manoli
  • 171
  • 1
  • 5
  • have you thought of performing a risk-analysis for that client? Because i read in your description you asked something related to statistical numbers ; this is close to what we call as qualitative risk analysis or you can go for quality risk analysis if you just need opinion? I just believe your are looking more of a management viewpoint answer then a technical one? Correct me If I'm wrong. – Saladin Mar 07 '13 at 18:48
  • As a general rule of thumb where user / public data is concerned ; there is reasonable expectation of privacy from the company who owns the service. SSL is one way of protecting user privacy. – Saladin Mar 07 '13 at 18:52
  • @lynks free and secure? right. – Saladin Mar 07 '13 at 19:36
  • @asadz I've yet to see a major breach from a free certificate authority, but there have been several on major certificate authorities. If you're *really* worried about free certs, go for a cheap cert from a reseller. You can get them for as little as $15/yr. – Polynomial Mar 08 '13 at 00:29
  • 1
    @asadz feel free to break into their facility and steal their private signing keys. – lynks Mar 08 '13 at 00:31
  • @lynks frankly i just check in from google [link](http://www.informationweek.com/security/attacks/how-startcom-foiled-comodohacker-4-lesso/231601037) just survived from a major breach;however ironic to counter risk-analysis argument seen in the form; it seems the guys at startcom saved the day by following a well executed risk management methodology. – Saladin Mar 08 '13 at 05:57
  • @asadz I haven't thought of a risk-analysis, how would I do that? – Robin Manoli Mar 10 '13 at 15:03
  • @lynks i have looked into startssl before and it seems that their certificates only work for one domain, however in my case it should be easy to use over multiple domains and subdomains...besides, do they even provide a green padlock? – Robin Manoli Mar 10 '13 at 15:05
  • @ribot See this question for an idea on how to start the risk analysis process: http://security.stackexchange.com/questions/21268/how-does-one-properly-assess-risk –  Mar 10 '13 at 15:29
  • @ribot did you got any help with risk analysis? If not please let me know I'm more then happy to help you on risk part. – Saladin Mar 19 '13 at 08:15
  • **update 2017** free [StartSSL/StartCom](https://security.stackexchange.com/questions/1167/where-to-get-an-ssl-certificate-for-personal-website) is [no longer trusted](https://security.stackexchange.com/questions/18919/are-there-technical-disadvantages-in-using-free-ssl-certificates) but free https://www.letsencrypt.org is – dave_thompson_085 Aug 17 '17 at 12:18

5 Answers5

8

Without SSL, all that is sent over the wires can potentially be spied upon or altered by indelicate routers. "Altered" includes hostile hijacking of connections and Man-in-the-Middle attacks. These are relatively easy to setup by attackers in the context of WiFi hotspots -- which means that if a user is accessing your Web site from a restaurant or a public park (using his laptop or tablet) then his data (in particular passwords and cookies) can be silently eavesdropped by ill-intentioned people equipped with a readily available 100$ gadget.

Moreover, not only are non-SSL connections easily commandeered by hostile outsiders, but people begin to know it. When your users see that you use passwords without SSL, some of them will think that "you do not care about their security". That alone is not a good thing. You want your users to feel safe, otherwise they'll be tempted not to be your users anymore.

SSL costs are routinely exaggerated, for reasons which are not completely clear (there is some theory on the subject):

  • On the server: the extra CPU and network overhead implied by SSL is in the 2% range, i.e. not a lot. Biggest indirect cost is that SSL prevents some transparent proxies (run by some ISP) from doing their optimization; it might have some impact if your server hosts big static files. The cost of the certificate can be zero -- or, more accurately, no buying fee, and some administrative task once a year. Even in commercial contexts, the cost of the certificate is negligible with regards to the hosting costs and sysadmin time.

  • On the client: the main effect is increased latency for the very first connection. When opening the first connection, client and server run the full TLS handshake. But the connection will be kept open for subsequent HTTP requests (the normal "keep alive" mechanism), and if the connection is closed due to prolonged inactivity, new connections will use the abbreviated handshake which reuses the cryptographic elements from the previous connection. the abbreviated handshake is much faster, especially since it implies one less network round-trip.

Nothing beats actual measure, so you are encouraged to experiment, if only with a homemade certificate (aka "self-signed"); but, on the whole, SSL cannot be considered as really expensive (it used to be expensive, 15 years ago, but computers have grown a bit in computational power since these times).

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
4

Without SSL, it will be trivial to takeover user accounts through a MITM attack. All the usernames and passwords are sent over in cleartext, making it really easy to sniff. This has a rather severe indirect consequences if users reuse the same username/password combination across multiple sites.

There are plenty of other attacks if SSL is not activated, but I feel this is simple and severe enough to illustrate the point.

A more indirect effect of SSL (or a valid SSL certificate rather), is that the padlock on the browser inspires confidence in users. It is rather difficult to explain to non-technical users the reasons for SSL. It is slightly easier to train them to associate the green padlock with a secure site. Not have the same padlock might lead to users questioning(rightly), the security of your site.

If cost is an issue, there are quite a few free SSL cert providers, such as StartSSL. Do note that I have never tried their services before so I am unable to vouch for their reliability.

  • actually I would like to have a more clear understanding of the risks, so what would the other kind of attacks include? – Robin Manoli Mar 10 '13 at 15:07
3

Without SSL, users' data is transmitted over the wire unencrypted. Is that an acceptable risk?

Everyone here is using a discussion forum that does not use SSL (and SE is not unique in this regard; e.g., reddit doesn't use SSL)1.2017 EDIT: stackexchange and reddit now both use SSL unlike when this answer was written in 2013

A network eavesdropper between my computer and stackexchange's servers (e.g., other users of the same wifi access point, or at my ISP, or network administrators at my work) could steal my authentication cookies or alter my messages and get full access to my stackexchange account. I'd rather that not happen, so I don't use stackexchange on public wifi and trust my ISP to not steal and misuse users' secret information.

Granted, this is a risk I'm willing to take. While someone capturing my stackexchange account (temporarily until my session cookies expire), they wouldn't capture much information and most of their actions could be later undone (e.g., any edits can be reverted).

Also, don't equate SSL on VPS with full privacy. You still must inherently trust your VPS host, which can easily grab your private SSL certificate from your VM (its on a file on their disk) and then decrypt all your incoming traffic. I doubt most reputable VPS providers would do that, but they definitely could.

1Well stackexchange let's you authenticate through an OpenID provider like google/facebook/yahoo/etc, and those providers will use an https connection (at least everyone I checked) so the password is sent encrypted. They do have a "login with stackexchange" option which directs you to a http page that uses javascript, so the form submission with the password should be transmitted encrypted (using SSL). Granted, it would be trivial to launch a MitM attack on this, as the https connection is not readily apparent to the user. And again, while the attacker cannot grab your password, they can later grab the session cookie so they will appear as an authenticated version of you.

Similarly for reddit.com, they (secretly) use SSL for the form action, but as the form is hosted on a non-ssl page it is easy for an attacker to launch a MitM attack and capture your password. Granted reddit.com does have an SSL version with a properly signed CA, but this site is not on their CDN and is only meant to be used by advertisers/people making credit card transactions at the moment.

dr jimbob
  • 38,768
  • 8
  • 92
  • 161
  • so you are saying that basically that ssl would only protect users who are on the same insecure wifi access point? i thought the data would be accessible all the way the data travels if it's not encrypted. – Robin Manoli Mar 10 '13 at 15:09
  • Just a remark, since May,2017 'this forum' [does use SSL](https://nickcraver.com/blog/2017/05/22/https-on-stack-overflow/). ;) – carla Aug 16 '17 at 19:06
1

is quite costly compared to renting a vps

This surprised me - a quick check on the internet and a basic certificate (single site, no EV, but recongised chain) can be had for less then a tenth of the price of low end VPS hosting.

What would be the arguments for acquiring ssl in this situation

You have a duty of care to to your customers - even if they don't understand the relevance / technical merit. Most people use the same password (and username) across multiple services. Hence not using SSL you are potentially exposing this information.

Yes, SSL hurts performance (a lot).

While just running the authentication over HTTPS would avoid the performance problem, there's still a risk of session takeover - an imposter might post a defamatory comment which appears to come from someone else. Although there are other risk mitigation approaches for this (terms and conditions, publishing takedown policies etc).

symcbean
  • 18,278
  • 39
  • 73
  • 1
    If you want to support IE on older versions of windows, you need a dedicated IP for the machine which increases the cost of hosting. – CodesInChaos Mar 07 '13 at 12:22
  • 5
    I also think "hurts performance a lot" is a bit of an overstatement. – CodesInChaos Mar 07 '13 at 12:23
  • I agree with @CodesInChaos, the performance hit isn't that great, especially for a small to medium sized site. –  Mar 07 '13 at 12:27
  • Serverside the impact is minimal - the difference is at the browser - I'd say page response times doubling or even tripling is hurting performance. Mainly due to increased latency but also by disabling intermediate caching. OTOH using TLS opens the door to SPDY (without having to wait for HTTP/2.0 to roll around). – symcbean Mar 07 '13 at 12:42
  • @symcbean Ahh browser side performance. Yeah that does make somewhat of a difference. –  Mar 07 '13 at 12:44
  • I'm not sure if the prices on the site you suggested are yearly or montly, but I'm not looking for a single site certificate, and you can get a vps for less than $20 per month. If the certificate costs $10 per month it is a costly service in my opinion. – Robin Manoli Mar 10 '13 at 15:15
  • It'll take you 2 clicks to find out if it's years or months. Which should be kless effort/time than it took to post a comment :) – symcbean Mar 11 '13 at 09:31
0

The reason that you would want to use SSL to encrypt traffic to your site is to protect the users data and integrity and in return will give the site more validity by having a better reputation.

It's obvious what's wrong with users getting data such as bank or credit card info but there are some less obvious things which are transmitted as well which you would want to keep secure. Getting someones email address not only allows someone to send you spam, it allows an attacker to trace accounts across multiple unaffiliated websites and makes the user susceptible to targeted APT attacks. Getting someones phone number or address can lead to identity fraud and the risk of falling for it is even greater because you now know some of the targets interests (i almost fell victim to it a couple weeks ago because someone had my phone number, a mismatch of my current address and old address, and knew that I wanted FIOS in my city).

Then there's the username and password. Like an email a username can help an attacker trace accounts across multiple sites but could also allow for attackers to pose as their target on other sites (ok so this is a stretch since usernames are usually shown when posting anything on say a forum). Passwords are of course the worst part, possibly even worse than the credit cards themselves. Many people reuse their password across multiple sites, even the important ones. Someone may get a users password from your site, get access to their email because of that password and then charge up tens of thousands of dollars across multiple credit cards, debit cards and checking accounts at amazon because they now have access to the users email account. All this because you (your clients) didn't want to spend an extra few dollars for an ssl certificate (or even get it free of cost).

Then there's the integrity part. If attackers (spammers mainly) can get access to your users accounts, they can post spam (or even launch identity attacks against other users) all across your site causing it to lose any reputation among visitors and drop in any google rankings. You wouldn't simply be able to ban these users/comments because they're coming from existing accounts so you would be banning real users because you couldn't create a secure site.

Eric
  • 451
  • 2
  • 4