HTTPS Improvements

indolering · 2018-03-14 21:47:59 UTC

Your HTTPS situation leaves much to be desired.

You appear to be using CloudFlare’s shared TLS certificate option, as there are a few dozen sites listed in the alternate names section:

*.03622.info *.1d9p.club *.aafilmcompany.com *.ae-ksscm.ga *.ae-r1lqy.ml *.alexjamesuk.com *.ax-8l2kv.ml *.ax-f87qz.ml *.ax-oe8wb.cf *.ax-t1k4b.gq *.ax-t342l.gq *.bajarlibros.xyz *.bibliotecadeespana.info *.bitwarden.com *.blogformyparents.com *.clgt.wtf *.elgratislibro.info *.elgratispdf.xyz *.ellibroes.xyz *.ellibrospain.info *.elpdfespana.info *.elpdfspain.info *.epubdownloadfree.info *.eslibrogratis.xyz *.espanapdf.xyz *.factorysoup.ml *.fakepdf.info *.frbestlivre.info *.frbestpdf.club *.freedownloadbooks.info *.genialpdf.club *.hg808.website *.hg860.website *.ilibri.info *.illibri.com *.jiowish.com *.kylespearrin.com *.libromundial.info *.modularofficedirectory.com *.molyfra.uk *.molyneux.me *.newsandjokes.com *.prizevirtual.gq *.rofibrcpj.ga *.theroyalfansub.altervista.org *.travellingkermit.com *.xiredirect.com *.xtremeidiots.net 03622.info 1d9p.club aafilmcompany.com ae-ksscm.ga ae-r1lqy.ml alexjamesuk.com ax-8l2kv.ml ax-f87qz.ml ax-oe8wb.cf ax-t1k4b.gq ax-t342l.gq bajarlibros.xyz bibliotecadeespana.info bitwarden.com blogformyparents.com clgt.wtf elgratislibro.info elgratispdf.xyz ellibroes.xyz ellibrospain.info elpdfespana.info elpdfspain.info epubdownloadfree.info eslibrogratis.xyz espanapdf.xyz factorysoup.ml fakepdf.info frbestlivre.info frbestpdf.club freedownloadbooks.info genialpdf.club hg808.website hg860.website ilibri.info illibri.com jiowish.com kylespearrin.com libromundial.info modularofficedirectory.com molyfra.uk molyneux.me newsandjokes.com prizevirtual.gq rofibrcpj.ga theroyalfansub.altervista.org travellingkermit.com xiredirect.com xtremeidiots.net

Pay the $5 and get a dedicated certificate.
Enable TLS 1.3.
Enable HSTS preloading.
HTTPS enforcement for all subdomains.

Eventually, you should get your own certificate and enable key pinning and SNI error alerts.

Aymendje · 2018-03-15 05:06:17 UTC

Or use https://letsencrypt.org/
its is free and well known.
And they recently added wildcard certificates too !
(https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579)

eskela · 2018-03-15 14:02:00 UTC

@indolering What’s the risk of having alternative names on certificate? I understand basics (maybe) but I find it quite interesting, so I’d appreciate if you could share few more details.

Would some of those domains effectively be able to spoof/fake to be bitwarden? Or hijack wildcard domain and try to be batman.bitwarden.com for example?

Sheogorath · 2018-03-15 16:55:21 UTC

This could only be risky if they make it to steal the certificate or they are able to tell Cloudflare to route the traffic to their server, which probably not happening.

But the basic idea to pipe your entire passwordsafe traffic through Cloudflare doesn’t make me happy. I mean Bitwarden is not the first passwordsafe doing this, but it doesn’t feel very perfect.

On the other hand, the way Bitwarden is built, prevents Cloudflare from getting any secret and this way everyone’s vault is safe.

But yes, HSTS preloading would be nice.

eskela · 2018-03-15 20:08:26 UTC

Cloudflare has ‘okay’ stamp from some nice guys, like Troy Hunt, and it didn’t feel like there’s any sort of paid promotion going on. Not educated/qualified enough, but it’s not making my skin crawl (from user point of view). Thanks for explanation, makes more sense from the exploit point of view.

Even if there’s no immediate risk, or risk is extremely small, it’s probably ‘simply’ professional to have own cert. HSTS is slowly getting boring, I’m pretty sure in few years time it will be bad to not HSTS, just like it’s bad to not HTTPS in 2018 (and good).

kspearrin · 2018-12-03 15:35:31 UTC

We use Cloudflare, but we use Full/Strict SSL options, which involves our own SSL certs. See https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-

anon · 2018-03-20 22:48:13 UTC

I disagree. The important site is vault.bitwarden.com and not bitwarden.com and there the score is great. Many helpful headers have been set and even a CSP is enforced.

It’s still a draft. But it shouldn’t take much longer since there was already the “Last Call” with version 24 in February.

HPKP is basically considered dead and many people advise against implementing it.

indolering · 2018-11-28 10:20:44 UTC

You have to have the whole domain protected:

User types in bitwarden.com.
Browser attempts to load http://bitwarden.com
MITM attacker … wins.

anon · 2018-12-02 22:12:27 UTC

Wrong. This won’t happen since bitwarden.com has HTTP Redirections enabled, the HSTS header is set and it even is in the HSTS preload list.
So even the very first visit to bitwarden.com with all current browsers will always be over HTTPS.

indolering · 2018-12-30 01:49:51 UTC

Okay, so HSTS has been enabled since I first posted? The score appears to have improved 6 days after the original post and has gotten better since then.

EnriqCG · 2019-01-01 13:06:55 UTC

Yet, shared certificates provided by Cloudflare continue to be used. I don’t think it’s the best idea given the nature of Bitwarden as a secure service.

indolering · 2019-02-06 17:35:26 UTC

It’s pretty meh: an attacker would need to get you to connect to one of those domains AND spoof the DNS of the host machine. Not enabling strict HTTPS enforcement is the only thing they really needed to worry about and that was fixed.