-
-
Notifications
You must be signed in to change notification settings - Fork 350
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Flag to allow user-installed certificates #921
Comments
i agree lasted update broken my adblocker capacity |
You can use phantomsocks, it won't intercept the content of your HTTPS traffic, also it has more anti-censorship methods.
There is already a mobile devices simulator on desktop Chromium, so debugging on real mobile devices is really not that necessary. |
Using phantomsocks on mobile devices adds another requirements (ROOT) It's possible to do it on desktop, but I didn't see why it's necessary for Bromite to disallow custom CA |
Agree. I'm not sure what's dev's intention on this but it just broke my system-wide adblocker function, I can't surf any websites now. On my non-rooted device, phantomsocks is not viable. |
what do you think about it @csagan5? I also think a flag is perfect. |
@uazo it is not possible to have a flag for this, as far as I know; it is an application-level configuration: see https://developer.android.com/training/articles/security-config In the desktop version there is a feature to install certificates from the browser though; that would be the best way to allow this, but we do not have the resources to develop an UI for that.
At the expense of the less literate (and thus weaker) users. Up until now a lot of malicious apps or APTs have abused the user certificates functionality; this patch is intended to protect those users who are not aware of the installed user certificates that they are using. Android 11 will prevent apps from proposing a CA certificate installation, see https://httptoolkit.tech/blog/android-11-trust-ca-certificates/ That will improve the situation quite sensibly; I will consider removing the patch because it goes against an Android feature; note that the users that benefit most from this patch are not here represented: only those that experienced a functionality breakage are. |
Hi @csagan5 , thanks for providing a deeper insight on why this feature is added. Appreciate your good effort and intention. From my understanding, on system level, user should have understood and acknowledged the potential risk of installing a third party CA certificate, before the installation happens. On app level, say Bromite, this patch acts as another layer of security which benefits most users. However, would it be feasible to prompt an one-time notification window stating the risk of third party CA certificate before user proceeds to use the app? (Just thinking out loud, it may/ may not be helpful at all) Edit: That way, the functionality of other apps will not be interfered. |
you don't think this has anything to do with it? see |
Dear csagan5, one positive aspect of user-installed certificates has not yet been discussed here: when you run some own infrastructure, including your own (small) PKI. Essentially this patch prevents me from using this kind of security functionality, and this is where I noticed the changed functionality first. To understand a bit better the balance between the security against unsuspecting users getting a malicious certificate installed and the security benefit of actually using you own certificate, could you point to some reports or similar on how large this issue of installing rogue certificates is? A quick search did not yield to much usable results for me. Thanks. p.s.: Thinking about possible indicators, would it be difficult to add functionality showing if (or how many) user-installed certificates are present in the trust store? |
I have added a link to the Android feature that the patch changes in the comment you are replying to. It is an OS feature, not an app feature.
Android 11 will make it more difficult for users to install root CA certificates because apps will not be allowed to initiate the interaction, see the article I posted in my link.
See https://www.eff.org/deeplinks/2020/03/victory-android-11-rolls-out-improved-certificate-warnings
@uazo the feature was added in https://codereview.chromium.org/6793041 but it is currently unused in Chromium; yes, I think this could be instrumented for a flag, nice finding. |
The patch has been removed in I will keep this issue open until that is implemented. |
I'm still seeing untrusted certificate errors with 4324.185. |
Just tested 88.0.4324.185 , There are still certificate errors. |
I see that the patch is still there by mistake; will be dropped in next release. |
The patch is dropped in |
note to me: TrafficAnnotation: NOTE: ExpectCTReporting is FEATURE_ENABLED_BY_DEFAULT |
Related: #995 |
Fixed in |
@uazo did you add this to the project issue tracker? |
there is no need, the cookies are disabled I have already checked |
Is your feature request related to privacy?
I'm not sure...
Is there a patch available for this feature somewhere?
Errr...
Describe the solution you would like
Censorship-circumvention tool like Accesser using domain fronting need a MITM to intercept HTTPS traffic for removing SNI
#431 A user-installed CA is required sometimes for debugging purpose
Describe alternatives you have considered
Fennec F-Droid respect Android's certificate storage, as well as user-trusted CAs
Related #918
The text was updated successfully, but these errors were encountered: