Test your machine for Superfish style SSL interceptions


Recommended Posts

A while ago GRC (Steve Gibson) created a page which lets you type in a web address and compare the SHA1 Fingerprint you get via the Official SHA1 Fingerprint he lists on his page, to that which your browser provides. If your browsers SHA1 hash and his don't match, then there is an interception going on. Either your AV is system scanning SSL connections, an employer is monitoring your activity or something of like likes of Superfish is up to no good.

 

This is just a good way to check to make sure nothing on your machine is intercepting your SSL connections.

 

*Disclaimer* Just because your certificates pass the test, still doesn't mean you aren't being targeted by the NSA! *Disclaimer* :)

 

16048228873_6e92e08ccc_c.jpg

 

https://www.grc.com/fingerprints.htm'

 

 

Firefox

 

Step 1

 

16489611989_f9609c7679_o.jpg

 

 

 

Step 2

 

16488182428_1ee6593c8d_o.jpg

 

Step 3

Easiest way to compare, is to highlight the SHA1 hash and copy it.

Then go to GRC's page were he lists the SHA1 hash and do a CTRL+F and paste in the hash. If they match, his will become highlighted
 

 

16674739682_9c334a994c_b.jpg

 

Chrome

 

Step 1

 

16675053692_fb1ba71252_o.jpg

 

Step 2

 

Easiest way to compare, is to highlight the SHA1 hash and copy it.

Then go to GRC's page were he lists the SHA1 hash and do a CTRL+F and paste in the hash. If they match, his will become highlighted

 

 

16489928629_06ec387f07_o.jpg

 

Internet Explorer

 

Step 1

 

16489997999_449e3ace02_o.jpg

 

Step 2

 

Easiest way to compare, is to highlight the SHA1 hash and copy it.

Then go to GRC's page were he lists the SHA1 hash and do a CTRL+F and paste in the hash. If they match, his will become highlighted

 

16489928629_06ec387f07_o.jpg

  On 28/02/2015 at 04:13, warwagon said:

A while ago GRC (Steve Gibson) created a page which lets you type in a web address and compare the SHA1 Fingerprint you get via the Official SHA1 Fingerprint he lists on his page, to that which your browser provides. If your browsers SHA1 hash and his don't match, then there is an interception going on. Either your AV is system scanning SSL connections, an employer is monitoring your activity or something of like likes of Superfish is up to no good.

 

This is just a good way to check to make sure nothing on your machine is intercepting your SSL connections.

 

While this may be somewhat useful to confirm whether or not you have something like superfish installed, i.e. something which is doing a MITM/interception of https connections, but which hasn't been built/deployed to maliciously and covertly intercept your communications taking care to avoid detection; it is not going to necessarily help you detect interception by an authority who is trying to intercept your communications covertly, which as well as intercepting your https connection to grc.com could also easily replace the fingerprints listed on the copy of that page you are seeing with the fake ones, or could be directly intercepting grc.com retrieving it's view of those fingerprints.

 

In the latter case you could compare results across multiple different internet connections, but that won't help against mass interception by a powerful authority. The only way to be certain that you're getting the right certificate is to go (in person) directly to the right person at that company, and do a fingerprint check with them (or rely on a WOT model where one or more individuals in that trust chain have done so). Even then though there is the possibility that an authority could have demanded a copy of that company's private key, and so could be listening in actually using the genuine certificate.

 

That grc.com page and this post could potentially give a misleading sense of security.

  On 28/02/2015 at 23:23, theblazingangel said:
That grc.com page and this post could potentially give a misleading sense of security.

 

All I really wanted people to test for is Superfish style interceptions.

  On 01/03/2015 at 04:03, cork1958 said:

Dude,

You must be the most paranoid person on the planet!!   :s

 

At least on the internet anyway.

 

I was on one of the affected Lenovo models earlier today. Everything was good, as expected! ;)

 

Except had the word not got out about superfish, Everything wouldn't be good, as expected  :)

  On 01/03/2015 at 00:46, Enron said:

I tried https://www.nsa.gov

 

It was ok, but I think the NSA was intercepting it anyway.

 

Edward says you work there..........   :shifty:

  • Like 2
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • One of the worst Linux distros out there, it's so locked down you can't customize the desktop environment and they limit your choices of apps. It's like you play in their sandbox only. The revolving door never stops spinning with Elementary OS because users install it only to find out how restricted it is compared to to Windows so they end up leaving Linux altogether or switch to Mint or Ubuntu.
    • Precisely. Once this current generation of milquetoast pseudo-AI achieves 100% accuracy on the things we already know as a baseline, then perhaps it has a chance of advancing our knowledge on things we're still finding solutions for.
    • Nvidia App gets light theme, bug fixes, and support for more games by Taras Buria Nvidia has released a new update for the Nvidia App on Windows. Version 11.0.4 is now available with a few changes, such as automatic theme switching with light mode support, Windows Narrator support, fixed bugs, and optimal settings for 12 new games. With today's update, Nvidia App now supports light mode. You can switch between modes in settings or let the app follow the system settings (Windows still does not support automatic theme switching). To change the mode, go to Settings > Features > Theme. In addition, Nvidia App now supports Windows Narrator. The system's native screen reader can now properly read aloud on-screen content to improve accessibility for those relying on assistive technologies. Next, the list of games that Nvidia App can tune for optimal performance has been extended with 12 new titles: Assassin's Creed: Shadows Clair Obscur: Expedition 33 Deadlock ELDEN RING NIGHTREIGN Grand Theft Auto V Enhanced Half-Life 2 with RTX Indiana Jones And The Great Circle inZOI Monster Hunter Wilds Split Fiction The Last of Us Part II Remastered The Elder Scrolls IV: Oblivion Remastered Finally, Nvidia App 11.0.4 fixes the following bugs: Fixed an issue where DLSS-FG defaults to 2x irrespective of in-game setting when DLSS override model is set to "Latest” and Frame generation is set to “Use the 3D application setting". Fixed an issue where the driver download could not be completed. Fixed an issue where the recording bitrate setting was not saved. Fixed an issue where HDR video colors were not encoded properly for HEVC and AV1 playback. Fixed a bug where the in-game overlay was not accessible on the GeForce RTX 5070. Fixed an issue where a PC reboot would reset microphone boost to an incorrect value. Fixed an issue where Highlights summary window could not be disabled. Various stability fixes. You can download the Nvidia App from the official website. Full release notes are available here.
  • Recent Achievements

    • Conversation Starter
      lilyandrew11 earned a badge
      Conversation Starter
    • Contributor
      Ed B went up a rank
      Contributor
    • One Month Later
      moporcho earned a badge
      One Month Later
    • One Month Later
      Parotel earned a badge
      One Month Later
    • Reacting Well
      Cryptecks earned a badge
      Reacting Well
  • Popular Contributors

    1. 1
      +primortal
      188
    2. 2
      snowy owl
      135
    3. 3
      ATLien_0
      131
    4. 4
      Xenon
      119
    5. 5
      +FloatingFatMan
      101
  • Tell a friend

    Love Neowin? Tell a friend!