Guardian SSL Actively Harmful

Earlier this week the Guardian posted a piece about how they’d switched to SSL everywhere, how hard this was, and why it’s a great thing. Using SSL/TLS is generally a good thing, but in this case it’s actually harmful.

The main problem is that they don’t actually terminate SSL themselves. Instead they use Fastly, a CDN that many companies share. This leads to a number of interesting problems.

  1. The SSL certificate is shared amongst a large number of Fastly customers. This leaks a large number of hostnames, including test and development environments, that the companies might not expect. The Guardian and Grindr share the same certificate, along with the UK government and secret API hosts.
  2. The termination of SSL away from the Guardian servers means that we don’t actually know whether the link between Fastly and the Guardian is encrypted. If it isn’t then the Guardian are still opening themselves, and their readers, to a MiTM attack.
  3. The SSL configuration uses HSTS and Pinning, which means that it will be very difficult for the Guardian to move away from Fastly should they be compromised.
  4. Fastly is a UK company that reserves the right to log traffic. This means that the UK government can intercept and view a history of all traffic without the Guardian knowing. Given that Fastly hosts a wide number of companies, it seems like a good target for traffic interception (although given UK government services use it, maybe not?)
  5. The first results on Google for the Guardian are AMP sites that are hosted by Google themselves. Yet another actor that can introduce privacy problems.
  6. The Guardian website loads resources from Facebook and Google Analytics, both of which are great for government tracking across multiple sites. In fact, Google Analytics is the only Google property that China do not block - exactly for this reason.

The Guardian made a throwaway comment that their introduction of SSL protected readers from their government. To claim this of such a broken implementation is dishonest, and even actively harmful.