TrustBar: Re-establishing Trust in the Web
Last updated: Sunday, January 22, 2006
Associate Professor, Dept. of Computer Science, Bar Ilan University
Forums, feedback, bugs, etc.
This box intentionally left blank
(This page is still under construction. Visit again soon. )
Currently, browsers have very limited security indicators, consisting mainly of a padlock icon displayed in the status bar of protected sites. Most users are not aware of this indicator, and certainly not on how to use it. Security experts know: the padlock indicates that the connection between the browser and the server is protected under the SSL (or TSL) security protocol, which encrypts the traffic and authenticate the identity of the server. The authentication part is tricky (yet critical); how can the browser authenticate a site? Technically, the solution is based on complex mechanisms – public key cryptography, digital certificates, etc. – but we do not need to discuss these, to understand the implications. Namely: with SSL, the site essentially presents to the browser an `affidavit' (called certificate) from an entity (called certificate authority) that has identified the site; the affidavit contains the identity of the site and keys that allow the browser to validate the site is the right one.
TrustBar displays this information in a simple, concise way, e.g.: `Gmail identified by VeriSign`. The first identifier (e.g. Gmail) is the name, logo or domain-name of the site; the second identifier is of the entity that actually authenticated it (e.g. VeriSign, which is currently the largest Certificate Authority – the technical term for companies providing these identification services). The user can assign her own favorite name or logo/icon to each site (even unprotected sites – although, this does not protect them…). This makes it much easier for users to detect spoofed (fake) sites, which will usually be unprotected, and even if protected, will not be able to display the fake identity (identified by any credible authority).
TrustBar also helps improve security in few other ways:
· TrustBar includes a button labeled `Hey!` which users should click when they reach a page which they suspect as fraud. TrustBar team will confirm these reports and block such fraud sites automatically.
· TrustBar will also, by default, sometimes present your real sites _as_if_ they were cloned by an attacker. The sites are not changed in any way, so there is no real loss in security; but every user-visible indicator of security is removed, so that a fake site could have looked exactly like this `simulated attack` site. Users should detect such attacks, by noting that their login site is suddenly unprotected, does not have the logo or name they assigned to it, or uses a different address (URL/location). As mentioned above, if a user detects such fake site, she should press `Hey!' ; in emulated attacks, users are informed that they indeed detected an `emulated fake` site (if they press Hey!), or are warned that they should have detected it (if they do not press Hey!).
· Users can also use `Hey!` to report on sensitive sites, e.g. login, which are not protected using SSL/TLS. We use these indications to warn the site, add them to out Hall of Shame, and also inform all TrustBar installations. In particular, for many of the unprotected login sites, there is an equivalent login site which _is_ protected. As of version 0.4.9.93, TrustBar will, by default, automatically redirect to the protected site, users accessing the unprotected site. TrustBar also tests unprotected sites for which the user assigned name/logo for changes; sites which do not change for a while are marked with `same since <date>`, and users are warned when they change.
Unprotected site, identified by logo. Use right mouse click over image in page to pick logo.
Protected site; see padlock and `Identified by:' VeriSign.
To download and install the latest TrustBar release (currently: 0.4.9.97), follow the following steps:
1) You must use the FireFox browser. If you don't, please install from http://mozilla.com.
2) Click on the following link to save the latest TrustBar release (using FireFox on Windows, files are saved by default on the desktop)
3) If you have a prior version of TrustBar, please uninstall it.
4) Open the saved file from FireFox, by the File->Open file menu command, selecting the downloaded file.
5) A dialog opens, with a warning, saying that the extension is not signed…. Thawte kindly gave us a code signing certificate but are still trying to get FireFox's signing software to accept it – so currently, TrustBar is indeed not signed. To complete installation, click `Install Now`.
6) Finally, close and re-open FireFox… and you are done – TrustBar installed!!
7) You may want to use FireFox's menu `View à Toolbars à Customize` which will allow you to place the TrustBar elements on other bars, e.g. the location or menu bar, and then you can deselect the TrustBar bar to save the space. We plan to make this by default in later version as it seems almost all users prefer to use TrustBar on the location (or menu) bar.
8) See more details and screen shots in the TrustBar user guide.
See also log of changes.
Note: TrustBar is also available from the Mozilla Update site, but there is a problem preventing us from updating the version there…
Uninstalling TrustBar: If you find TrustBar is not helpful, you can easily remove it as follows. We also welcome your feedback, so we can try to improve TrustBar. To uninstall, use FireFox menu command Tools -> Extensions; you will see a list of extensions installed on your browser. Select TrustBar and click the `uninstall' button. Now, close and open FireFox… and you are done – TrustBar removed!
BUGS… See or report in TrustBar bug-list in Bugzilla. We are working on a reported bug in Mac OS X and FreeBSD, please do not install on these platforms at this time.
Source code, UI design document, etc. – to be added here or at http://TrustBar.MozDev.org soon (if you want it already – drop me a note)