Re: Recovery of compromised WebID from Martynas Jusevičius on 2019-03-03 (public-webid@w3.org from March 2019)

From: Martynas Jusevičius <martynas@atomgraph.com>
Date: Sun, 3 Mar 2019 19:35:00 +0100
To: Sebastian Hellmann <hellmann@informatik.uni-leipzig.de>
Cc: Jonas Smedegaard <jonas@jones.dk>, Kingsley Idehen <kidehen@openlinksw.com>, public-webid@w3.org
Message-ID: <CAE35Vmx8EX3YNWu9BasRtSw5M2bGqROSLsLpFzerRUzoDZyxAw@mail.gmail.com>
Sebastian,

WebID-TLS relies on you having authority over your WebID profile. If that
authority is compromised, your WebID identity is compromised as well.

Isn’t there a pretty easy safeguard for this though? I think it would be
sufficient for the Verification Agent [1] to store a copy of the RDF
profile first time it sees a WebID, so it can notice when the public key
from the client certificate does not match it anymore.

I think this is like storing public keys on GitHub. SSH is considered a
secure protocol, but connecting with any key is not enough - an extra step
is required for security.

Martynas

[1]
https://www.w3.org/2005/Incubator/webid/spec/tls/#verifying-the-webids

On Sun, 3 Mar 2019 at 17.45, Sebastian Hellmann <
hellmann@informatik.uni-leipzig.de> wrote:

> Hi Jonas,
>
> what you write confirms my fears.
> On 03.03.19 10:47, Jonas Smedegaard wrote:
>
> Quoting Sebastian Hellmann (2019-03-03 09:41:40)
>
> Hi Kingsley,
>
> you are writing a lot of text without answering my simple question:
>
> If I find a way to change your public key in your WebID to match my
> private key, can I log into your accounts with my private key?
>
> Your associated accounts for your WebID seem quite valuable already, I
> could target your employees with root access and make them an offer they
> can't refuse.
>
> What security measures against identity theft are in place and where can
> I read about them? This here is minimal: https://www.w3.org/2005/Incubator/webid/wiki/Identity_Security
>
> This is a WebID: https://dr.jones.dk/me/#me
>
> And here is a list of other domains pointing to it:
>
> anniqa.dkbassballs.dkbirgitmaanestraale.dkbyvandring.nucityseeing.dkcouchdesign.dkdns.jones.dkelectrohype.dkevent.jones.dkfeliciaweb.dkjones.dkkassandra-production.dklejlighederinc.orgmail.jones.dkmajasguf.dkmejeriet.oroe.dkparl.debian.netperilin.jones.dkpublic-e.dkressourceoptimering.dksolidbox.orgstadsvandring.dkwww.xpositionreverse.orgxayide.jones.dkxn--abcdefghijklmnopqrstuvxyz-0fc0a81c.dkxpositionreverse.org
>
> This takes three minutes here: https://hackertarget.com/reverse-ip-lookup/
>
> I am sure some of them are on the same server as your WebID and maybe I
> find a hole in them for accessing your webid  document directly or more
> subtle add a .htaccess rule .
>
>
> That is an identity. Just like "Jonas Smedegaard" is an identity.
>
> It is not secure against identity theft. It is just a URI.
>
> In itself this is cool and secure, but it is also a beacon for personal
> attacks. This is also worth the effort. If I hack into Kingsleys WebID and
> post some of his most silliest private pictures in social media with the
> note that he has been hacked, OpenLink will loose a lot of customers. The
> competitor who hacked him can pick them up. It can bring down whole
> companies, if you target the right persons. Also it is much more attractive
> to hack into TimBL's WebID than into the W3C site or his personal website.
>
>
> ***
>
> An RDF document is served at the URL of my WebID.
>
> That is an identifier.  Just like my birth certificate and my passport
> are identifiers.
>
> It is not secure against identity theft.  It is just a document.
>
> I see this differently. Birth certificate and passport are issued by
> trusted third parties and your passport contains hundreds of security
> measures, while the RDF document contains exactly 0.
>
> ***
>
> A public TLS key is contained within my WebID RDF document.
>
> That can be used for (the public part of) WebID+TLS authentication.
> Just as contacting the church where I was baptised to verify that
> they got a matching copy of my birth certificate, or call up the
> danish authorities to verify if they got matching credentials for
> my passport can authenticate identifiers for my other identities.
>
> The problem I have is that the unprotected RDF document Identity claim
> determines the way how this claim is verified. Personally, I see the
> private key as most secure thing and there are many better systems that
> point from the private key to the identifier, Bitcoin addresses for example
> and this is the level of security I would like to have for my WebID. In the
> most paranoid case, wearing it in an USB stick with only me knowing the
> password around my neck.
>
> There are also very good systems that provide excellent protection for
> individuals:
>
> * my credit card: basically my pin code can be compromised by the person
> behind me looking over my shoulder at the ice cream shop, but the contract
> I have limits my risk to 50€ in case of any fraud. Sometimes they even call
> me to verify suspicions.
>
> * The certificate authorities are quite an established system. So they
> could certify the link between my public/private key and my WebID. I would
> have an extra channel in case of private key loss and I think it is also
> possible to extend this trust to my agents acting as a CA and issuing lower
> level certificates.
>
> We tried to implement WebID: https://github.com/dbpedia/webid
>
> I also implemented a client that does requests every hour via the WebID
> system, basically curl with the private key and a self-signed certificate
> with the WebID as SAN . It is nothing critical, but it is a cronjob and in
> order for it to work I put the password for the webid in a plaintext config
> file. I only use the Webid and private key for this and everything is on
> the same server, but then 4 other people have root access there, which I
> trust completely.
>
> I knew that this compromises security a lot, but it is ok at the moment,
> since damage would be minimal. Now I feel, that I have to make a new
> public/private key for everything I implement and if one gets compromised
> somebody can create new accounts with my webid.
>
> Maybe there is a better way to do this, please tell me.
>
> All the best,
>
> Sebastian
>
>
> ***
>
> If you find a way to break into and manipulate my web server, or if you
> bribe the clerk at the church or the police department, then you can
> steal my identities.
>
> For WebID+TLS you would want to find flaws in TLS to break into the
> protocol of authenticating WebIDs _that_ way.  And similarly for other
> authentication protocols of WebID.
>
> There might be ways _specifically_ to how TLS to tied to WebID, and
> those might be flawed.  Which is what you found a document about.  But
> that document does not cover all the *other* ways you can gain control
> over my WebID, including simply showing up at my doorstep and kick me in
> the face with a bat until I hand over the private TLS key, or burn down
> my house (it is made of wood) to stop my server from running.
>
> What was your "simple question" again?
>
>
>  - Jonas
>
>
> --
> All the best,
> Sebastian Hellmann
>
> Director of Knowledge Integration and Linked Data Technologies (KILT)
> Competence Center
> at the Institute for Applied Informatics (InfAI) at Leipzig University
> Executive Director of the DBpedia Association
> Projects: http://dbpedia.org, http://nlp2rdf.org,
> http://linguistics.okfn.org, https://www.w3.org/community/ld4lt
> <http://www.w3.org/community/ld4lt>
> Homepage: http://aksw.org/SebastianHellmann
> Research Group: http://aksw.org
>
Received on Sunday, 3 March 2019 18:35:38 UTC