Taiwan Bank SSL Continuous Monitoring

My previous post, titled SSL status of Taiwanese banks: a sad affair sparked a lot of visits and lot of discussion, clearly touching on something important. It was great to bring to light how well (or badly, in this case) these organizations are doing, as internet security should be one of their key focus.

Many of the organizations improved their setup since then, and it became quite troublesome to manually check each bank and each change, update the table and so on. It’s also good to have not just a snapshot in time, but a continuous record of how they were doing.

Thus I’ve hacked together some monitoring scripts, put the results online, and here’s the Taiwan Financial Institute SSL Status page.

TaiwanBankSSL
Click to check the current results

Page features include:

This is quite a bit more than “minimal features”, but wanted to make something that is actually useful.

Notes on the tech

In a nutshell:

  • to run the SSL Test queries, I’m using ssllabs-scan, a official program written in Go to do just that.
  • scrapting is parallelized and managed by a Python script.
  • the results are parsed and output JSON, RSS, tweets are generated by another Python script.
  • the site displays the results as a single-page app, pulling in the results through the generated JSON file.
  • the grade sparklines are using an external library.

All the code is open source on Github. Tried to make it reusable for people wanting to monitor any other sets of sites (eg. other countries’ banks, government institutions, own sites), though I did not completely succeed. There are hard-wired parts that could use a rewrite, but can be a starting point for any other project for sure. By the way, patches / pull requests are welcome if you see something could be improved!

Future

I hope to leave the scripts and page running for a while to see whether it actually works autonomously, whether it’s useful for anyone, and as a tool to push for change for these financial institutions. Will also try to connect to people here in Taiwan who can make that change happen faster.

Some code rewrite and expanding the documentation is also inevitable – once my current coffee high has been metabolized. :)

What do you think? How would you use this data, or how you’d improve on the service?

Published by Gergely Imreh

Physicist, hacker. Enjoys avant-guarde literature probably a bit too much. Open source advocate and contributor, both for software and hardware.

Join the conversation

1 Comment

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.