EFF Calls Out ISPs Modifying STARTTLS Encryption Commands

The Electronic Frontier Foundation has backed VPN provider Golden Frog’s FCC filing that accuses ISPs of stripping out STARTTLS instructions from email messages.

As Net Neutrality debates swirl, privacy advocates at the Electronic Frontier Foundation and VPN provider Golden Frog have gone public with a Federal Communications Commission filing that got more attention for accusations that Verizon FIOS customers were having their Netflix streaming service throttled back.

Tucked into that July filing was another charge that ISPs are also intercepting and removing STARTTLS flags from email traffic and stripping the request from headers. As a result, users who wish to send encrypted email are not able to do so.

STARTTLS is an extension to email protocols such as SMTP that enables email servers to upgrade plain-text communication to SSL or TLS. STARTTLS protects email messages so that only the sending and receiving server can read the message; it also ensures that metadata is encrypted, something that other encryption protocols do not. Email servers that support STARTTLS are also compatible with Perfect Forward Secrecy, another encryption protocol that is quickly being considered a standard practice for email services and new applications.

Golden Frog, in its FCC filing, claims that a wireless broadband Internet access provider blocks STARTTLS encryption by essentially conducting a man-in the-middle attack that strips out the STARTTLS flag. The filing was made during a public Net Neutrality comment period.

“The Commission must establish effective rules that prevent this type of behavior. Unless wireless and wireline broadband access providers receive a strong message that they can no longer throttle and block their users’ Internet traffic, these actions will continue, expand, and become the norm,” the company said in its filing.

In a blog post on Nov. 4, Golden Frog explained that one of its engineers, a Cricket Wireless customer (Cricket and AIO Wireless merged in May and the engineer was a legacy AIO customer), could no longer send encrypted email after previously being able to do so over STARTTLS as an AIO customer. An investigation determined that Cricket was “intercepting and blocking STARTTLS on port 25”. The STARTTLS command was masked out in server responses and an error message returned, the company said.

The company said it tested the provider’s service by manually typing SMTP commands and requests and monitoring server responses. The server’s banner message is modified in transit, Golden Frog said, modifying the server’s STARTTLS response from 250-STARTTLS to 250-XXXXXXXA.

“Since the client does not receive the proper acknowledgement that STARTTLS is supported by the server, it does not attempt to turn on encryption. If the client nonetheless attempts to use the STARTTLS command, the mobile wireless provider intercepts the client’s commands to the server and changes it too,” Golden Frog said in its filing. “When it detects the STARTTLS command being sent from the client to the server, the mobile wireless provider modifies the command to ‘XXXXXXXX.’ The server does not understand this command and therefore sends an error message to the client.”

Golden Frog also expressed its overall concern that the blocking of encryption not only puts user privacy, but opens customers up to government surveillance and enables hackers to have a free shot at traffic.

“The practice in issue and in use by this provider is conceptually similar to the way that Comcast used packet reset headers to block the use of BitTorrent in 2007. The result is that wireless Internet users that wish to protect their email communications with basic encryption protocols cannot do so when on this particular wireless provider’s network,” Golden Frog said in its filing.

The EFF has been tracking service providers’ and technology companies’ encryption habits for some time, maintaining a number of scorecards that provide some trending data indicating things are improving. Nearly all web-based email providers, for example, have encrypted their services by default and have gone beyond in some cases to enable Forward Secrecy and STARTTLS where applicable. The actions of the ISPs in question get in the way of that progress, the EFF said.

“It is important that ISPs immediately stop this unauthorized removal of their customers’ security measures. ISPs act as trusted gateways to the global Internet and it is a violation of that trust to intercept or modify client traffic, regardless of what protocol their customers are using,” said EFF senior staff technologies Jacob Hoffman-Andrews. “It is a double violation when such modification disables security measures their customers use to protect themselves.”

Suggested articles