Firefox extension protects against man-in-the-middle attacks

August 26, 2008 – 8:24 PM

Researchers at Carnegie Mellon University have released an extension for Firefox 3 that can protect wireless network users from so-called “man-in-the-middle” attacks.

The software, dubbed “Perspectives,” is available for download for free.

Perspectives also protects against attacks that exploit a recently exposed flaw in the DNS system, which translates Web addresses into numerical IP addresses, said Dave Andersen, a computer science professor at Carnegie Mellon who was an adviser on the Perspectives project.

In an attack on the DNS system, someone typing in a legitimate Web address could be redirected to a malicious site without knowing it. Perspectives would pop up a warning to the Web surfer that the site they are going to is suspicious.

In general, Perspectives is designed to guide Web surfers away from malicious sites. It also is designed to assure surfers when they visit sites that are safe but which Firefox warns about because the sites are not paying a third-party Certificate Authority, such as VeriSign, to authenticate the sites and instead are using “self-signed” digital certificates, also known as keys.

Signing up with a Certificate Authority can be expensive and time-consuming, so some sites prefer to do it themselves, Andersen said. If they do, Firefox penalizes them by displaying an error message that says the browser is unable to verify that the site can be trusted.

The messages leave Web surfers confused and they may either avoid a legitimately safe site or get used to automatically accepting certificates with the warning and inadvertently trust a malicious site at some point.

Source:
http://news.cnet.com/8301-1009_3-10026617-83.html?part=rss&subj=news&tag=2547-1009_3-0-20