Is it true that when I connect to a site over HTTPS , my mobile service provider or the ISP gets to snoop in the communication? Can they play MITM?
Asked
Active
Viewed 1,660 times
2
-
No, its absolutely not true, but it might be in some rare cases. – Steve Jul 22 '14 at 17:20
-
1What research have you done? Click on the [tag:man-in-the-middle] tag, or peruse the "Related" questions sidebar, and you'll find dozens of questions here that talk about MITM attacks and what is possible. Next time, please do more research before asking. – D.W. Jul 22 '14 at 21:45
-
Thanks, @user917279. No problem: we won't lose Thomas's excellent answer (it'll still be here), and we can even ask the moderators to merge it into that question if this gets closed as a dup (just click "flag" underneath his answer to flag it for moderator attention and ask them to merge his answer into the other one). – D.W. Jul 23 '14 at 17:06
4 Answers
11
Not, it is not true...
.. Unless the ISP is good at spying on people, and you are gullible. In that case, things are possible.
Explanations: to "snoop" on your communications, the ISP must either break the SSL crypto (fat luck on that) or impersonate the server to power a Man-in-the-Middle attack. From the client's point of view (your Web browser), the server's public key is obtained through the server's certificate. The certificate is validated relatively to the root CA which are embedded in your computer. The ISP will not be able to obtain a fake certificate mimicking that of the server you are trying to talk to.
Spying on you thus requires at least one of the following:
The ISP is in league with a big commercial CA, and can obtain fake certificates. This is highly improbable because such certificates would be so many proofs that the CA is dishonest, thus making the game highly risky, for the paltry gain of simply spying on your data.
You get a big red flashy warning from your browser about the server certificate being invalid in some way, and you click on "I know what I am doing" (which, in this case, would be a quite bad idea).
The ISP could convince you to install some software of theirs on your computer. E.g. a "connection kit". That software, if malicious, could install an extra root CA certificate under control of the ISP, thus allowing the ISP to generate fake server certificates and thus succeed at MitM. (Similarly, the same software could plant some spying tool such as a key logger.)
I am not aware of any actual case of an ISP spying that way on its customers, in supposedly democratic countries (I have heard stories about institutional MitM with rogue root CA in some countries like Iran, though -- but I don't have any confirmation about it).
Without an actual SSL break or rogue CA, the ISP can still see what servers you are trying to talk to, and may try to infer some clues about the contents of the exchanged data based on its size (encryption hides the values of byte, but leaks the message sizes). For an organization who wants to keep track of a lot of people, such metadata already constitutes a lot and is what they will concentrate first, to identify interesting targets.
Thomas Pornin
- 320,799
- 57
- 780
- 949
-
1I've heard of this done at workplaces, where the employer wants to monitor employees' web usage even over HTTPS, and I've personally seen it done on public WiFi access points. The specific example I remember was on a cruise ferry between Stockholm and Helsinki a few years back, and, for me at least, fell into the "big flashy warning" scenario. (I suppose it might've been intended as the third type, had I been using a more mainstream browser / OS.) I ended up using an SSH tunnel to get around it, since I had no desire to accept their bogus cert, and the proxy wouldn't let me through otherwise. – Ilmari Karonen Jul 23 '14 at 00:09
3
HTTPS is end-to-end encryption and when the connection gets established the browser will verify that the sites certificate is signed by a trusted CA. The browser/OS comes with a predefined set of trusted CA and nobody except the owner of a domain should be able to get a certificate from these CAs.
This means in theory, that if the ISP or mobile provider tries SSL interception (i.e. man-in-the-middle) the browser will complain about certificate validation error, because the intercepted connection is now signed by an unknown CA.
But, in reality this might not happen. If you get the phone from the provider it might come with an additional pre-installed trusted CA issued by the prvider, so that the provider will be able to intercept traffic without warning. Such CA might also be installed for centrally managed phones in companies, so that the company might be able to do SSL interception for security purposes. And finally you might install a browser like Opera Mini, which comes with a pre-installed certificate so that SSL interception and traffic optimization is possible by the browser provider.
Steffen Ullrich
- 184,332
- 29
- 363
- 424
2
Not directly related to your question, but keep in mind that sadly some apps do a very bad job at verifying the certificate or even use HTTP (without any easy way for you to check) and I've personally seen such a app that used TLS but accepted my self signed certificate without any warnings, so while your browser will correctly verify certificates and display a warning if something is wrong, you should be careful with apps.
Also keep in mind that if your phone is provided by your carrier, I'm pretty sure they can install their own certificate in the trusted certificate store of the phone. The only exception to this is Apple which as far as I know doesn't allow carriers to modify the firmware.
0
It's certainly possible. Here are some ways that could happen:
- Your browser trusts certificates from a provider that will provide illegitimate certificates to your ISP
- Your browser is configured to ignore certificate warnings
- Sites that you use have shared their certificates with ISPs
u2702
- 2,086
- 10
- 11