8

Given everything that is suspected about NSA (and GCHQ, DGSE, etc.) access to user data:

Avoiding speculation, can and do we know whether Google's recent action to make all searches use SSL encryption will actually prevent said spying?

If not, what more (in addition to what we've seen) would we need to know, to know that?

Baumr
  • 271
  • 1
  • 8
  • 8
    Not if Google has given their private keys to the NSA. – Stephen Touset Sep 30 '13 at 17:48
  • 2
    well you can always try by searching - "how to make a bomb" and find out.. – RicoRicochet Oct 27 '15 at 08:17
  • 1
    Google searches are protected from your computer to theirs. Internally, their indexes are distributed worldwide. When they discovered that someone was monitoring their inter-site communications they put extra encryption on those links. And as always, Google (like all other such services) are subject to court orders and must release information that is requested through legal means. HTTPS is mainly to prevent other third parties from snooping on you, like at an airport, or Starbucks, or McDonalds. It is quite sufficient for that. – SDsolar Mar 30 '17 at 18:21

3 Answers3

8

HTTPS, aka SSL, only protects data in transit. Google switching automatically from HTTP to HTTPS means that the search query from your browser to Google's server gets encrypted. But on Google's server, the SSL tunnel ends, and it gets decrypted. This will prevent spying only under the two following conditions:

  • The spies were indeed looking at traffic between the client machine and Google's server (as opposed to simply requesting from Google themselves a copy of the data).
  • The user actually notices that Google redirects to the HTTPS URL, and "takes offence" if the redirect does not happen.

The second case is against active spies who would do a Man-in-the-Middle attack, which is highly doable on HTTP (no SSL). Since the redirect-to-HTTPS occurs at the HTTP level, before (of course) any SSL actually occurs, then the MitM can certainly block it and maintain the illusion of a non-SSL Google server.

In any case, for a big US governmental agency like the NSA, enlisting the help of some people at Google's, to get a copy of the query data, would probably be vastly easier and more efficient than the grudging work of spying on network lines. Google, being a US-based company, would comply or be made to comply for a (small) fraction of the cost implied by generalized spying. Retrieving query data from Google themselves would also work for queries which are inconvenient to spy upon, e.g. for a connection from a non-US country to a non-US-based Google server.

Therefore, I find it implausible that enabling HTTPS would really be relevant to purported spying from NSA. "HTTPS for everybody" is more a marketing / public relations move than an actual security improvement, in the context of Google and assuming that the "enemy" is the NSA.

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
  • Yes, there are some techniques to bypass HTTPS encryptions while doing MITM. – Jet Sep 30 '13 at 15:45
  • Interesting that you mention man-in-the-middle attacks, since [that's exactly what the NSA is doing](http://news.cnet.com/8301-13578_3-57602701-38/nsa-disguised-itself-as-google-to-spy-say-reports/) (not surprisingly) – Baumr Sep 30 '13 at 16:05
  • 1
    You're missing a third condition: Google *hasn't* given the NSA their private keys. – Iszi Sep 30 '13 at 16:29
  • 1
    Regarding your redirect-to-HTTPS comment, it's worth noting to the OP that Google uses [HSTS](http://security.stackexchange.com/a/43135/13146), which eliminates the redirect entirely, after the first visit. (Of course, the first visit is still vulnerable in the way described here.) – apsillers Sep 30 '13 at 16:39
2

Assuming you want to talk to Bob, any one of the following assumptions would nullify (or substantially weaken) any protection granted by HTTPS against some eavesdropping adversary:

  • The adversary has access to Bob's server records (either through cooperation, coercion, or compromise), so they can see your communications with Bob after the fact.

  • The adversary can successfully impersonate Bob, either by possession of Bob's secret key or by failure of the PKI system (e.g., they obtain a cert/keypair that claims they are Bob, signed by a CA that your computer trusts).

  • The adversary has somehow broken SSL.

None of these possibilities seem terribly far-fetched for a major national intelligence program.

One weaker concern is that a man-in-the-middle attacker could perform an SSL-stripping attack. You try to visit Bob's site over HTTP, and Bob's site promotes all incoming connections to HTTPS. However, an attacker blocks you from reaching Bob's site at all. Instead, the attacker serves you the contents of Bob's site over plain HTTP, while you are none the wiser that your connection should have been done over SSL.

This problem is mitigated by sites that use HTTP Strict Transport Security (HSTS), which tells your browser to request resources from that domain only over HTTPS. Your initial visit to the site is open to a MITM SSL-stripping attack, but future visits are not, because HTTP requests automatically turn into HTTPS requests before they leave your browser. Some browsers have HSTS instructions pre-loaded for particular sites, further eliminating the first-visit problem for those sites.

Taking into account everything I've said above, the switch to HTTPS does protect you from a casual snoop running a packet sniffer on your coffee shop's wireless network.

apsillers
  • 5,780
  • 27
  • 33
-3

Let me tell you that special agencies like NSA have direct protocols to Google, Facebook, Yahoo, and to most of big and famous companies (especially the companies which can collect data about you).
They don't need your password or encryption to enter your account.
And even some of the encryption standarts were modified by agencies, including SHA and even some (old) GSM encryption standarts (which were wide-spread in the world and a lot of providers all around the world used them).

So, these encryptions don't make you safer from spying.
But they protect you from individual hackers (unless they are well-prepared).

Here are some sources:
NSA designed SHA-2, the family of SHA-256 and SHA-512
NSA interference in standarts, NIST and ISO

Jet
  • 103
  • 3
  • 2
    Do you have any **reputable** and **reliable** sources that support your claims? – Rob W Sep 30 '13 at 16:03
  • 1
    @RobW, OK I've put some sources. Also you can find a lot just by googling. – Jet Sep 30 '13 at 16:37
  • 2
    I'm referring to your very first claim. That screams "speculation" to me. (everyone can edit Wikipedia, by the way, so that alone isn't a good source, unless the Wikipedia article cites *another*, trustworthy source). – Rob W Sep 30 '13 at 16:43