1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google's Search Engine SSL Connections

Discussion in 'BlackHat Lounge' started by Debian, Dec 7, 2014.

  1. Debian

    Debian Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 17, 2009
    Messages:
    714
    Likes Received:
    282
    Occupation:
    Residential Proxies & VPN's
    Home Page:
    As most everyone knows, Google now uses https (SSL) when connecting to the search engine. What I find funny about this situation is 2 key factors: the use of 128-bit encryption, which is not considered really secure, and the fact that they use Eliptical Curve which we all know was developed by the NSA.

    The Google encryption string: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 128-bit keys.

    Why, if you are hell bent on re-gaining the public's trust after you were accused of aiding the NSA on a massive scale, would you choose to use an encryption cypher that was developed by the same folks you *say* your trying to protect your users from now?

    I did perform a wiki lookup and did verify the NSA Suite B cryptography (http://en.wikipedia.org/wiki/Comparison_of_TLS_implementations) used in this string.

    Unless I'm looking at this the wrong way, I do not understand why Google would use a cypher deliberately known to be backdoored by the same spy agency that reated and released it. Seems hypocritical to me.
     
  2. hatemachine

    hatemachine Regular Member

    Joined:
    Jan 14, 2011
    Messages:
    271
    Likes Received:
    1,138
    Last edited by a moderator: May 18, 2016
  3. infoasian

    infoasian Supreme Member

    Joined:
    May 12, 2011
    Messages:
    1,335
    Likes Received:
    421
    Occupation:
    retired
    Location:
    Singapore
    Home Page:
    Well, why do they encrypt if search terms are part of url? Does not make sense either way. All just smoke and mirrors marketing.
     
  4. Debian

    Debian Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 17, 2009
    Messages:
    714
    Likes Received:
    282
    Occupation:
    Residential Proxies & VPN's
    Home Page:
    Indeed, all smoke and mirrors. Even after your caught and you again assure all your users that your working on keeping spies out, you make it sooo convenient to let them back in. I just find it very hypocritical.
     
  5. JustUs

    JustUs Power Member

    Joined:
    May 6, 2012
    Messages:
    609
    Likes Received:
    452
    Down to cases:
    The Patriot Act, extensions to the Patriot Act, and extensions to National Defense Authorization Acts mandate that search engine allow various government agencies to access their data, including search metadata. Some ISP employees actually work inside government alphabet letter agency offices to provide information to that agency (Comcast, AT&T & several others). The Patriot Act and some other Acts require that ISP's provide backroom access to information passing through the ISP. This includes information going to and coming from Yandex and Baidu. It also includes information from VPN's, etc.

    All European search engines contract with Google or Microsoft for their results (IXQuick, Startpage, DuckDuckGo, ect). Yandex and Baidu must provide metadata, and sometimes full search data that originates or terminates in the US and Treaty nations.

    All this means that the US has access to data whether you use SSL or not because the US and treaty nations have, by law, Man in the Middle access through your ISP. Even a VPN is not secure, except that the actual data is traveling through an encrypted tunnel. However, all forms of web encryption are irretrievably broken at a fundamental level - bar none.\

    As Debian put it: it is all smoke and mirrors.