+Warwagon MVC Posted February 28, 2015 MVC Share Posted February 28, 2015 A while ago GRC (Steve Gibson) created a page which lets you type in a web address and compare the SHA1 Fingerprint you get via the Official SHA1 Fingerprint he lists on his page, to that which your browser provides. If your browsers SHA1 hash and his don't match, then there is an interception going on. Either your AV is system scanning SSL connections, an employer is monitoring your activity or something of like likes of Superfish is up to no good. This is just a good way to check to make sure nothing on your machine is intercepting your SSL connections. *Disclaimer* Just because your certificates pass the test, still doesn't mean you aren't being targeted by the NSA! *Disclaimer* https://www.grc.com/fingerprints.htm' Firefox Step 1 Step 2 Step 3 Easiest way to compare, is to highlight the SHA1 hash and copy it. Then go to GRC's page were he lists the SHA1 hash and do a CTRL+F and paste in the hash. If they match, his will become highlighted Chrome Step 1 Step 2 Easiest way to compare, is to highlight the SHA1 hash and copy it. Then go to GRC's page were he lists the SHA1 hash and do a CTRL+F and paste in the hash. If they match, his will become highlighted Internet Explorer Step 1 Step 2 Easiest way to compare, is to highlight the SHA1 hash and copy it. Then go to GRC's page were he lists the SHA1 hash and do a CTRL+F and paste in the hash. If they match, his will become highlighted Aergan 1 Share Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/ Share on other sites More sharing options...
zhangm Supervisor Posted February 28, 2015 Supervisor Share Posted February 28, 2015 Thread moved from Introduce Yourself to Internet, Network & Security. Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596766680 Share on other sites More sharing options...
+Warwagon MVC Posted February 28, 2015 Author MVC Share Posted February 28, 2015 Is anyone finding any interceptions? Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767258 Share on other sites More sharing options...
+theblazingangel MVC Posted February 28, 2015 MVC Share Posted February 28, 2015 A while ago GRC (Steve Gibson) created a page which lets you type in a web address and compare the SHA1 Fingerprint you get via the Official SHA1 Fingerprint he lists on his page, to that which your browser provides. If your browsers SHA1 hash and his don't match, then there is an interception going on. Either your AV is system scanning SSL connections, an employer is monitoring your activity or something of like likes of Superfish is up to no good. This is just a good way to check to make sure nothing on your machine is intercepting your SSL connections. While this may be somewhat useful to confirm whether or not you have something like superfish installed, i.e. something which is doing a MITM/interception of https connections, but which hasn't been built/deployed to maliciously and covertly intercept your communications taking care to avoid detection; it is not going to necessarily help you detect interception by an authority who is trying to intercept your communications covertly, which as well as intercepting your https connection to grc.com could also easily replace the fingerprints listed on the copy of that page you are seeing with the fake ones, or could be directly intercepting grc.com retrieving it's view of those fingerprints. In the latter case you could compare results across multiple different internet connections, but that won't help against mass interception by a powerful authority. The only way to be certain that you're getting the right certificate is to go (in person) directly to the right person at that company, and do a fingerprint check with them (or rely on a WOT model where one or more individuals in that trust chain have done so). Even then though there is the possibility that an authority could have demanded a copy of that company's private key, and so could be listening in actually using the genuine certificate. That grc.com page and this post could potentially give a misleading sense of security. Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767312 Share on other sites More sharing options...
+Warwagon MVC Posted February 28, 2015 Author MVC Share Posted February 28, 2015 That grc.com page and this post could potentially give a misleading sense of security. All I really wanted people to test for is Superfish style interceptions. Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767320 Share on other sites More sharing options...
+theblazingangel MVC Posted February 28, 2015 MVC Share Posted February 28, 2015 All I really wanted people to test for is Superfish style interceptions. I know, just best to be clear about the limitations. Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767324 Share on other sites More sharing options...
+Warwagon MVC Posted February 28, 2015 Author MVC Share Posted February 28, 2015 I know, just best to be clear about the limitations. Correct. Thanks! I added a disclaimer to the first post! Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767326 Share on other sites More sharing options...
xendrome Posted February 28, 2015 Share Posted February 28, 2015 <<Moved to General so more people see it>> Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767332 Share on other sites More sharing options...
Krome Posted February 28, 2015 Share Posted February 28, 2015 No interception here Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767346 Share on other sites More sharing options...
+Raze Subscriber² Posted March 1, 2015 Subscriber² Share Posted March 1, 2015 None here. Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767386 Share on other sites More sharing options...
123456789A Posted March 1, 2015 Share Posted March 1, 2015 I tried https://www.nsa.gov It was ok, but I think the NSA was intercepting it anyway. +Raze, Krome and T3X4S 3 Share Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767402 Share on other sites More sharing options...
cork1958 Posted March 1, 2015 Share Posted March 1, 2015 Dude, You must be the most paranoid person on the planet!! At least on the internet anyway. I was on one of the affected Lenovo models earlier today. Everything was good, as expected! Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767520 Share on other sites More sharing options...
+Warwagon MVC Posted March 1, 2015 Author MVC Share Posted March 1, 2015 Dude, You must be the most paranoid person on the planet!! At least on the internet anyway. I was on one of the affected Lenovo models earlier today. Everything was good, as expected! Except had the word not got out about superfish, Everything wouldn't be good, as expected Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767528 Share on other sites More sharing options...
+Raze Subscriber² Posted March 1, 2015 Subscriber² Share Posted March 1, 2015 I tried https://www.nsa.gov It was ok, but I think the NSA was intercepting it anyway. Edward says you work there.......... T3X4S and 123456789A 2 Share Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767544 Share on other sites More sharing options...
T3X4S Posted March 1, 2015 Share Posted March 1, 2015 Pfft - who is this Steve Gibson character... like he knows anything Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767554 Share on other sites More sharing options...
+John Teacake MVC Posted March 1, 2015 MVC Share Posted March 1, 2015 None Here. Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596767944 Share on other sites More sharing options...
Steven P. Administrators Posted March 6, 2015 Administrators Share Posted March 6, 2015 added https://www.neowin.net/news/from-the-forums-test-your-machine-for-superfish-style-ssl-interceptions Link to comment https://www.neowin.net/forum/topic/1248344-test-your-machine-for-superfish-style-ssl-interceptions/#findComment-596773606 Share on other sites More sharing options...
Recommended Posts