Did you hear about superfish this year? [Sean] Yes. This is the Lenovo laptop scandal, isn’t it? Yeah this is the bit of software that was installed on pretty much every consumer Lenovo laptop. It was so bad that the US department of homeland security issued an advisory saying that this needs to be uninstalled. And to understand why it’s so bad we need to understand Man In The Middle attacks. There have been a lot of techniques for intercepting traffic for a long long time. One of the earliest ones I remember was called ARP spoofing or ARP poisoning. You’ve got your router sitting in the middle. Cause all routers have a little aerial and some lights on them. And you’ve got computers connected to this. And what you do is you bring your computer onto an open Wi-Fi network, something like that, connect your computer, and your computer just announces, “Hello! I’m now the router.” I’m simplifying massively here but basically the network is built on trust. And so the computers just kind of believe it. And so the computers and the router and sending all their packets to you first and then you’re forwarding them on to the right locations. So everything’s going through you. 10 or 15 years ago this was terrible because pretty much everything was sent in plain text. Email passwords, websites, everything was going through plain text. So you could just sit there and provided your computer was fast enough, your network card was good enough, you could see every bit of traffic on this network and just kind of slurp all the password out. Obviously massively illegal without the consent of everyone on the network so Don’t do that! Umm, but the solution to that is SSL. Your computer sitting here, and the server out here. As all servers look like computers from the 1990s. Your computer sends requests saying “Hello, I would like to talk securely.” “These are the protocols I can support. These are my details.” And the server comes back, “Yeah, okay. Here’s my public key.” I know Computerphile has done, you’ve done public and private key before.
-Yeah, he’s sat behind me. So yeah, go watch his video about public and private key cryptography if you want to know the details about that. Basically the server sends back a long series of numbers. Your computer can sign messages with these and encrypt messages with these. And they can only be unlocked by that server because maths. I’m not going to try to explain more than that. You can lock messages, only they can unlock them. Which is great because your attacker, who is sitting in the middle here, and reading everything will just see noise. Except all we’ve really done is just moved the problem back a stage because that first bit, that “Hello, I would like to talk securely.” “Yeah okay. Here’s my private (sic. meant “public”) key.” That has to go in plain text. And someone in the middle can change that. They can take that public key that was sent by the server and just go, “Um, no. I’m going to have that! Here’s my public key instead.” You’re actually going here, and then here. Your computer here doesn’t know the difference. It then encrypts the message with the attacker’s public key. Sends it back here. Attacker opens it. Decrypts it. Reads it. Goes “okay.” and then sends the message that should have been sent from your computer all properly encrypted. Server goes, “All right, we’ve got an encrypted connection going on here.” Sends the encrypted packet. The attacker, who can do this now, unlocks it, goes “yeah, all right,” and then re-encrypts it with their key, sends it on to you and now every single communication is going through the attacker. No one knows anything is wrong. That is your classic Man In The Middle attack. The solution to this is something called signed certificates. This is why setting up a secure server on the web costs a little bit of money right now. I mean it may not in the future. The Electronic Frontier Foundation and Mozilla and trying to set up a thing to make this free. Hopefully by the end of the year it will be. But the idea is that there’s a third party vouching for the set of the public keys you’re exchanging. I’ve had to do this. I set up a secure server about a year ago now. What I had to do when I was setting it up I had to write “It’s going to run this website, it’s going to be on this address, it’s going to use these protocols” and they would generate this set of public and private keys. And then over an existing secure connection, one that I knew to be good, I send that private key off to something that is called a certifi- How do I draw a certificate authority? [Sean] I think it’s going to be a faceless office. Or why don’t we do a factory then we know that’s kind of indus… Haha, we’re going to the Internet factory, there we go. Factory of the Internet, all right, there we go, we got a padlock factory there. No no, it’s not a padlock. I’ve drawn a padlock here, it’s not. It’s a set of keys. It’s what we call public and private keys. I generate my keys. I make them. And I send them over a connection I know to be secure to this company. There’s like half a dozen big ones in the world. Maybe 50 or 100 or so small regional ones. And what they do is they check, all right these keys we’ve got. Are they definitely from this server? Yes. And if you want one of the green padlocks with your company name on it they ask you to, I don’t know, fax something on headed paper, something like that. It’s probably still a fax machine actually, which is why it’s so expensive, know you, to keep the fax machine running. They get this. They check it’s coming from the right server. They check it’s the right keys. And then they do maths to them. And now those keys are now signed by that company with their own private key, which no one else has. So now, when I do that initial back and worth, so person comes along, they talk to my server, and they say “Hello. I would like to talk securely.” And my server says, “All right. Here is my public key. It’s been signed by those folks over there.” And the company says, “Ah! Oh yeah, okay! That’s great.” And if the attacker changes one bit of those keys, – in the computer sense -, one 1 or 0 in there, the maths doesn’t add up any more. And more than that, not only does the maths not add up, they can’t generate any new keys and sign them because they don’t have the private key for any of these big companies. So the attacker’s completely out of luck. If they change it, it’d be like when you try logging into a public wi-fi network, it pops up “Hey! You need to log in. We need your details.” Sometimes that’s a man in the middle attack and they are taking stuff you are trying to send to the server. And they’re getting in the way and sending, “no we’re going to send back our page instead.” This warning will pop up and say “we’re meant to be on a secure connection to Gmail but we’re not! YWAA!