6

This has been bothering me for a while, but I have noticed that some websites (the first one that comes to mind is XKCD) use HTTPS for no apparent reason. I mean, XKCD is free and accessible to anyone. Why on earth would they encrypt your session when all you're doing is looking at comics? It seems like the cryptography would just consume resources unnecessarily. I'm not asking about XKCD specifically, but have noticed a few websites that do this and am wondering why they would.

KnightOfNi
  • 2,247
  • 3
  • 18
  • 23
  • 8
    In my opinion, *all* websites should be using TLS, for all traffic. The default assumption should be that an HTTP request is transmitting sensitive information, rather than the situation we have now where developers of varying competence and security mindset have to make judgment calls they're poorly equipped to understand the ramifications of. – Stephen Touset Mar 06 '14 at 23:44
  • @StephenTouset Well, as I implied in my question, SSL can cost some resources - not just money, but computing power too. It's slower than plain old HTTP, and, as may or may not be the case with certain sites, doesn't serve too much of a purpose. I think there are questions on here on "why ssl can be bad" if you look – KnightOfNi Mar 07 '14 at 00:38
  • 4
    The resources involved are absolutely inconsequential, *particularly* now that AES is accelerated in most modern CPUs. Even more-so when compared to the cost to users when sensitive information is inadvertently leaked over plain HTTP. – Stephen Touset Mar 07 '14 at 01:30
  • 1
    related: https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html and https://www.imperialviolet.org/2011/02/06/stillinexpensive.html. – strugee Mar 07 '14 at 03:57
  • 6
    When your boss says "We don't need https because our users privacy isn't worth the effort" you can respond "Heck, even *a stupid webcomic* can afford the effort" – Philipp Mar 07 '14 at 09:10
  • @Adnan No, that question is about a more different case. The questions are related, but not duplicates. – Gilles 'SO- stop being evil' Mar 07 '14 at 13:19
  • @Gilles When a question is closed as a dupe, the message appended to the top of the question is "This question already has answers in...". Indeed, this question is already answered in the question to which I linked. Just because the questions aren't identical, that doesn't mean we need to have dupe answers that are otherwise helpful to the OP and to future visitors. – Adi Mar 07 '14 at 13:23
  • @Adnan These two questions do not have the same answers. – Gilles 'SO- stop being evil' Mar 07 '14 at 13:24
  • @Gilles Sounds great, and that's your opinion. Your, nevertheless, unfounded opinion. Here's my opinion, and here's how I support it: CtrlDot's answer is 95% covered by Scott's answer and mine (for these cases we have edits). user1801810's answer is fully covered by Casey's answer and parts of mine. The remaining one-vote answer could easily be posted under that question. – Adi Mar 07 '14 at 13:32
  • @Adnan Sorry that this was not more clear, but my question is meant almost to be an extension of that one. As you said in your answer: "It's all about what you're trying to achieve and/or mitigate with the use of SSL." My question is: what are these sites, where nothing of consequence to the user is transferred, trying to achieve and/or mitigate? – KnightOfNi Mar 07 '14 at 20:14

3 Answers3

10

One answer is that SSL also prevents/deters MITM (Man-In-The-Middle) attacks. In theory, SSL ensures that the message originated from XKCD and arrived to you without being tampered. A bad actor who can intercept traffic between you and XKCD cannot inject code to run on your machine.

Just based on the comments, being able to inject code to run client side is quite powerful. You can glean a lot of information from this. Furthermore, you can force a client browser to talk to pages/sites that it normally wouldn't.

I do want to note, however, that SSL is not 100% in this case and there attacks such as sslstrip that can work around the fact that SSL is being used.

CtrlDot
  • 472
  • 2
  • 6
  • Yes, but unless they exploit a new HTML/Java/Flash vulnerability they can't really do much can they? My point being that if they're that good I doubt they'll be injecting it into my XKCD traffic... – KnightOfNi Mar 06 '14 at 22:27
  • @KnightOfNi Not really. Javascript is quite powerful and I can use it to gain a lot of information from a victim. You don't always have to "exploit" a machine in order to get what you need off of it. – CtrlDot Mar 06 '14 at 22:30
  • So you **might** be able to get some unprotected files off of an inexperienced user. Everything else can be gathered without going to the trouble of an active attack. – KnightOfNi Mar 06 '14 at 22:33
  • 2
    Well, in theory I can't gather your cookies for whatever site you are accessing. However, if I can inject javascript I could have the JS post the cookie details to my site. Not relevant to XKCD, but maybe for other sites.... – CtrlDot Mar 06 '14 at 22:37
  • The cookie details or contents? Because I don't see you doing much with the metadata of my cookies... – KnightOfNi Mar 06 '14 at 22:42
  • @KnightOfNi Contents – CtrlDot Mar 06 '14 at 22:53
  • Then I'm gonna go out on a limb and say that it's pretty difficult to inject JS if someone's computer is up to date, otherwise we'd have another firesheep going around... – KnightOfNi Mar 06 '14 at 22:57
  • 4
    Not sure what an "up to date" computer has to do with it. If I am in the middle, I can inject whatever I want into the HTTP Response from the server. Your browser will process it. Sites can employ things like Content Security Policy to defend against it, but ultimately, it is that easy. – CtrlDot Mar 06 '14 at 23:02
  • OK then, thanks. If you could update your answer with this info I will upvote & mark as correct. – KnightOfNi Mar 06 '14 at 23:16
  • Hold off for the day tho, see if there are any other answers. – CtrlDot Mar 06 '14 at 23:23
4

As CtrlDot said, using TLS (SSL is the older term, no one uses SSL anymore but the name has stuck) is good not only to prevent snooping, but also to prevent MITM attacks which can inject malicious code. Now, some people might be saying that's difficult, but it's in fact not. You can buy off black markets "exploit kits" which are subscription payed self-updating toolkits which you can put in a compromised (or MITMed) or malicious website which will automatically scan a target that connects, assess if they are vulnerable and to what exploits they are vulnerable, then automatically roll out the most effective exploit to take over your computer (cheaper exploit kits just try running every exploit they have in hopes that one will work). The more expensive the exploit kit, the newer and higher quality the exploits they have. The most expensive ones can have 0days which your browser or anti-virus cannot defend against. So do not assume that someone would have to find some rare exploit, because it's already done regularly. To respond to comments from another post saying "So you might be able to get some unprotected files off of an inexperienced user. Everything else can be gathered without going to the trouble of an active attack", the answer is it's easy to get files off an inexperienced user, or even an experienced user (hint hint, experienced users are more likely to use TLS whenever they can). You don't need to be an expert and create your own 0days, you just have to have some money, and lots of people do. And, as has been said already as well, you don't always even need to fully exploit your victim's computer to get what you're looking for...

Also, although he says that sslstrip can bypass TLS, in reality this is not very easy to pull off, all it really does is redirect you to the non-https version (i.e. it's like a remote "HTTPS Nowhere" extension). If you are vigilant and the website uses TLS properly (doesn't use a self-signed certificate, etc.), it should not be an issue.

NotTheNSA
  • 41
  • 1
  • Thanks for the added explanation. I feel like this question should have a wiki answer (multiple contributors) or something. – CtrlDot Mar 07 '14 at 15:44
  • Thanks, this is a great extension of @CtrlDot 's answer. I feel like the better AV companies probably own subscriptions to most of the toolkits just to mitigate 0day's but since my computer's vulnerability isn't the question here I'm not going to get into that... +1 – KnightOfNi Mar 07 '14 at 20:20
  • @KnightOfNi Lookup the concept of "packers". AV companies stand no chance of defending against this. – CtrlDot Mar 07 '14 at 20:56
  • @CtrlDot that's really interesting. It still looks like strong AV actually does stand a chance (looking at stats found here: http://www.av-test.org/fileadmin/pdf/publications/blackhat_2006_avtest_presentation_runtime_packers-the_hidden_problem.pdf ) but significantly less thereof than one might expect. I appreciate your drawing my attention to this, I assumed from an Offensive Security article I read a while pack that most packing techniques were ineffective. – KnightOfNi Mar 07 '14 at 21:17
  • Would there be any technical problems with having a protocol provide authentication but not encryption, so as to enable caching of large data files? If a browser could use https: to get the SHA2 hash of a big file, ask a caching proxy for the hash of its file, and fetch (and reverify) the file from the proxy if they match, that would seem like it would offer the bandwidth benefits of a caching proxy while remaining just as secure as https:// [for files which are supposed to be publicly readable]. – supercat Aug 24 '14 at 16:52
  • "no one uses SSL anymore" I wish that were true... – Andrew Lott Oct 30 '14 at 11:45
1

I don't want anybody looking at any of my traffic... doesn't matter what it is. I'm sure some will say my response doesn't answer your question but to me it does.

user1801810
  • 379
  • 1
  • 9
  • But realistically you can't achieve that. Anyone listening will still know you're connecting to XKCD, so the only thing they wouldn't know is what particular resource you're accessing. And I seriously doubt they care. – KnightOfNi Mar 06 '14 at 22:26
  • Correct, realistically that can't be achieved but that doesn't mean I should give up. Futhermore, you said "And I seriously doubt they care". Well it's not "they" that I care about - it's me. And I want as much privacy as possible regardless of want you [don't] want. – user1801810 Mar 06 '14 at 22:32
  • You want privacy... from someone you're assuming is on a local network with you? Give up. – KnightOfNi Mar 06 '14 at 22:34
  • You're missing the point. I want as much privacy as possible. Maybe you don't care but that's your decision. Additionally, I made no assumption that somebody is on the same network as me and/which has nothing to do with it. – user1801810 Mar 06 '14 at 22:48
  • 1
    If they're not on your network, how are they going to sniff your traffic? Trust me, if they have malware on your computer they're going to violate your privacy in a very different way. Exactly what violation of your privacy are you trying to mitigate with SSL if not MiTM/sniffing? – KnightOfNi Mar 06 '14 at 22:51
  • 1
    Have you thought about people on the other end? No. There is lots of opportunity to have info leaked/stolen/whatev. That's why I prefer security... the more the better. Again, you may not care but *I* do. – user1801810 Mar 06 '14 at 23:00
  • If you think that someone on the server side is going to steal your data, establishing an encrypted session with them won't help. Because by definition, they have the private key. Because you're establishing the session *with them*. – KnightOfNi Mar 06 '14 at 23:02
  • 1
    I didn't say on the server so your argument still doesn't hold a lot of water (suppose a rogue Network Engineer who doesn't have server access). The other end can also include whoever provides connectivity. At this point though you've clearly demonstrated you have all the answers (but you were the one that came asking for help). Good luck to you. – user1801810 Mar 06 '14 at 23:08
  • OK, thanks. Sorry if I offended you, but from my point of view it looked as though you had no idea what you were talking about right up until your last comment... – KnightOfNi Mar 06 '14 at 23:18
  • 1
    No problem, just trying to provide a response to a question that is left to ambiguous answers. Ask 100 sites that do what you asked about and you'll probably get 90 different answers and each may or may not be valid from your viewpoint. It could be something so silly as the site has "private" content as well as public and they don't want to manage an ACL with an additional [and in their eyes] unnecessary rule... so they drop the 80/tcp rule... which has a positive impact on firewall performance. In this case, go straight to the source and ask XKCD or Google or anybody else that does this. – user1801810 Mar 06 '14 at 23:33
  • I kinda figured... I asked this mainly to determine if there was some sort of hole in NOT using SSL and most other sites didn't have the resources (monetary or otherwise) for the cert or cryptography. – KnightOfNi Mar 06 '14 at 23:35