Updated: May 25, 2009
The cornerstones of information security revolve around three concepts: C-I-A - Confidentiality, Integrity and Availability. These are the basic principles by which security is done - or undone.
When you're browsing the web casually, you will probably not really care that much whether the website you're currently visiting is really what it claims to be. However, if you have to interact with the website and provide confidential information, C-I-A becomes critical.
To make our confidential transactions private, encryption was born. We use SSL/TLS to connect to "secure" websites and conduct business, whether it's buying books on Amazon, managing the stock portfolio (the funny money) on your bank website or checking that last DNA test that was supposed to put you in the clear, so you would not have to pay the alimony ...
But this does not answer the Integrity part. How can we really be sure the websites we're visiting are truly what they claim to be? How can we be 100% sure that we're not trying to submit personal data to a rogue (phishing) server?
This is what Certificate Authorities (CA) do. They are neutral, third-party bodies, providing identification for secure (HTTPS) websites worldwide. The consensus holds that if a website has been authorized by one of the CAs and provides the right certificate, it is what it claims to be.
So we're ok, aren't we?
Still, this may not be enough for some of you. Recently, there has been talk of successful MD5 collision attacks.
For non-geeks, here's the gist of it: Hashes are irreversible, injective functions that uniquely map cleartext to ciphertext. This means that no two different values should ever have the same hash. Most popular hash algorithms are MD5 and SHA-1.
Therefore, if a website is provided with a certificate, this certificate has a certain hash. In theory, no other website should be able to have the same hash, regardless of its content.
MD5 collision is exactly that - a case where two different values are translated into the same hash. This means that two different certificates could have the same signature. Thus, in theory, a rogue website could present a false certificate with an MD5 matching that of a legitimate site it is trying to impersonate and web browsers worldwide would gladly accept it, because the hash check would pass.
This means that we cannot trust any single source of verification for websites. We require a more robust approach. Enter Perspectives.
Perspectives is a Firefox security extension that contacts a number of network notaries whenever your browser connects to HTTPS websites. Notaries are a sort of a jury that checks whether the certificate has changed and whether it matches their own database. Valid certificates should show the same information for all notaries. Rogue certificates will most likely show as suddenly or recently changed compared to some of the notaries.
This should help you decide whether you want to connect to potentially unsafe sites and avoid a data integrity breach.
Perspectives does more than that. If you stumble upon a security warning from your browser, warning you that a site is using an expired, self-signed or sites with domain mismatch, Perspectives will run a quick check to see whether the information held by the notaries is consistent.
Again, rogue sites trying to pretend to be legitimate will quite often throw errors like these, but so will quite a few genuine sites, unfortunately. Perspectives come as a handy solution to personal doubt.
When you restart Firefox the first time after the installation, you won't see anything spectacular. Perspectives status icon is located in the right bottom corner of the browser window.
Clicking on the icon will open the Preferences window.
You can decide whether to contact the notaries for all sites or just those that cause security errors. Furthermore, you can set Perspectives to permanently trust validated sites. And you may also have it ask you for confirmation every time before it contacts the notaries.
If you decide on having the Perspective ask you, you'll get yellow warning popups in your browser window for relevant HTTPS sites (all or just those with errors).
Now let's see how Perspective works. We are connected to a secure site. It has been verified and checks out just fine. Still, let's double-check.
Perspectives will work for a few moments and then display the result in the status bar:
This means the site is valid. You can click on the icon for more results:
In this particular case, all four notaries have the same key for the particular websites. This gives you a pretty good indication the site certificate has not been tampered with. If you were about to conduct private, confidential transactions with the particular website, you're ok. Just what we wanted to know.
Perspectives is still a young project. Currently, only a small number of notaries is used. In the future, their number will increase. Some other Firefox extensions are incompatible with Perspectives. Lastly, proxy issues may cause site verification to fail - for all sites.
Perspectives is an interesting and important project. It creates a sort of a web of trust, where you use cumulative community experience, so to speak, to double check the security of websites and their certificates. For security conscious people, this is a nice addition.
For more about Web security, you may want to read my Safe Web practices article. You may also be interested to read an article on Firefox and security certificates on h-online. I'd like to thank tlu for recommending this one.
Perspectives is available on all operating systems.