Jump to content
sunrat

Massive Security Bug In OpenSSL

Recommended Posts

I have a problem with the Bloomberg article -- "two people familiar with the matter said." Are those "two people" NSA employees/contractors? Bloomberg writers? People off the street? It is just too open-ended.

 

Found the two Tweets from yesterday that contradict the Bloomberg article:

 

https://twitter.com/NSA_PAO/status/454720059156754434:

Statement: NSA was not aware of the recently identified Heartbleed vulnerability until it was made public.

 

Also see

Share this post


Link to post
Share on other sites

You are correct, the NSA connection is highly speculative and is not corroborated nor is any real evidence presented. This is much like iPhone rumors, all heresy until Apple announces something.

 

There's a lot of speculation about wether this was previously known before being announced and wether it was being exploited in any way. Sadly, there is no way to tell, since it does not leave a trace.

 

My gut, however, has an opinion. I think this is something new that was not previously known. It is my gut, though, and worth about as much as you paid for it.

 

Adam

  • Like 1

Share this post


Link to post
Share on other sites

A government that has lied so many times is really hard to believe about anything, whether it is true or not.

  • Like 1

Share this post


Link to post
Share on other sites

We will never know if this remains a he said/she said situation. There needs to be evidence of some sort that proves it.

 

Let's talk about the steps needed to exploit this hole, despite it not being discussed very much in the "news."

 

This heartbeat is a UDP/IP protocol addition to the TLS suite.

 

I presume for the server to respond to the heartbeat that it would need to have a UDP TLS session active. This would not be difficult to set up. Once the session was created on UDP, I presume a malformed heartbeat could them be sent and get the 64K of data.

 

This is my limited understanding of how this works. Am I way off base here?

 

EDIT: Of COURSE the NSA denies it. Did we expect anything else? Their response is meaningless.

 

Adam

  • Like 1

Share this post


Link to post
Share on other sites

Heartbleed bug: Check which sites have been patched - CNET

 

We compiled a list of the top 100 sites across the Web, and checked to see if the Heartbleed bug was patched.

 

The Heartbleed Hit List: The Passwords You Need to Change Right Now - Mashable

 

Although changing your password regularly is always good practice, if a site or service hasn't yet patched the problem, your information will still be vulnerable.

 

Also, if you reused the same password on multiple sites, and one of those sites was vulnerable, you'll need to change the password everywhere. It's not a good idea to use the same password across multiple sites, anyway.

 

We'll keep updating the list as new information comes in.

Share this post


Link to post
Share on other sites

We will never know if this remains a he said/she said situation. There needs to be evidence of some sort that proves it.

 

Let's talk about the steps needed to exploit this hole, despite it not being discussed very much in the "news."

 

This heartbeat is a UDP/IP protocol addition to the TLS suite.

 

I presume for the server to respond to the heartbeat that it would need to have a UDP TLS session active. This would not be difficult to set up. Once the session was created on UDP, I presume a malformed heartbeat could them be sent and get the 64K of data.

 

This is my limited understanding of how this works. Am I way off base here?

 

EDIT: Of COURSE the NSA denies it. Did we expect anything else? Their response is meaningless.

 

Adam

to get the exploited data, a legit user needs to log in and then your 'empty' has to be next login processed. If the 'empty' is being processed at same time as other login- if there is any overlap - then the exploit will not return enough usefull data. It is not clear if the memory range is not able to be overwritten by other processes nor is it clear how to guarantee the block of data the 'empty' gets back is all related to the login keyexchange process. in addition, if DDOS prevention is in place this will be much harder to pull off as the repeated attempts to get a clean 'empty' process would take some repetition.

 

Question: why are sites reporting what version of OpenSSL are being used to begin with? ie: why is such query allowed? how many other things are being queried about my company servers that I don't know about?

Share this post


Link to post
Share on other sites

One of the key points about this exploit is that you have no idea what you will get. It will be up to 64KB of memory. In the original discovery and test attacks, SSL/TLS keys were recovered from outside a production server.

 

Adam

Share this post


Link to post
Share on other sites

For administration pages. They always encourage people to use https for configuration administration pages.

Of course, makes sense now that someone told me. Can't seem to access my router that way, though, but it's pretty old and not one of the ones DLink said were affected, so probably doesn't have the libs. Edited by ebrke
  • Like 1

Share this post


Link to post
Share on other sites

Bruce Schneier discusses Heartbleed on TWiT:

 

 

(~17 min)

 

I did have a moment to think on the toilet this morning.... Assuming the NSA wanted to exploit SSL (duh), and they have the smart people to find these kinds of bugs (duh), they would have exploited it if they had found it. This would have popped up in the Snowden leaks, right? This would have been a prominent effort to decrypt the bulk encrypted data they have presumably collected. It would have been a huge revelation to expose, but since it was not disclosed, perhaps the NSA were not doing it.

 

Just a thought.

 

Adam

Share this post


Link to post
Share on other sites

Have all the Snowden leaks been made public as yet? I think not. Would be good to see if there was any discussion about that in what was obtained. Of course he didn't get everything.

 

With the lies and lies upon lies, I find it very hard to trust anything from the government any more, sadly. And I would certainly not be defending them without any true knowledge. Their word is not enough IMHO.

Share this post


Link to post
Share on other sites

Bruce Schneier has always done some great work on Security over the years. Will have to try to watch it when I can.

Share this post


Link to post
Share on other sites

http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed

 

the link has graphics and description. i am no so sure about the server's ssl cert private key not being leakable.

 

in case you wonder why the private key is important, it is because, owning that, you can authoritatively state, i am indeed that website. (read, successful fishing attack on your browser.)

  • Like 1

Share this post


Link to post
Share on other sites

Bruce Schneier discusses Heartbleed on TWiT:

 

http://www.youtube.com/watch?v=Yokzan4k0Qw

 

(~17 min)

 

I did have a moment to think on the toilet this morning.... Assuming the NSA wanted to exploit SSL (duh), and they have the smart people to find these kinds of bugs (duh), they would have exploited it if they had found it. This would have popped up in the Snowden leaks, right? This would have been a prominent effort to decrypt the bulk encrypted data they have presumably collected. It would have been a huge revelation to expose, but since it was not disclosed, perhaps the NSA were not doing it.

 

Just a thought.

 

Adam

 

Here's the page for this TWiT show; there is also audio available for those of us who have issues with streaming video bandwidth wise and all the links to the stories they talk about:

 

This Week in Tech 453

Share this post


Link to post
Share on other sites

in case you wonder why the private key is important, it is because, owning that, you can authoritatively state, i am indeed that website. (read, successful fishing attack on your browser.)

 

Exactly. This is why revoking certificates (and making sure your browser follows suit- see other thread) is so important. There's no way to know if the cert is valid or not.

 

Here's another trick. You can look at the certificate date for the sites you visit. If the cert was issued after last Monday the 7th, it is likely the website was vulnerable and patched themselves. TIme to change your password!

 

Adam

Share this post


Link to post
Share on other sites

 

I did have a moment to think on the toilet this morning...

 

Be careful what you think in there. The NSA has your iToilet under surveillance, iAdam.

Share this post


Link to post
Share on other sites

Yes... and it doesn't surprise me one bit...

 

My toilet is Ethernet-only.

 

Adam

 

:hysterical:

 

I would have thought you would use a VPN for that. ;)

Share this post


Link to post
Share on other sites

Yeah, I suppose I don't want the big utility company to know what I had for dinner. Data breaches are a HUGE problem.

 

Adam

  • Like 1

Share this post


Link to post
Share on other sites

OK, now that Eric has dragged this :offtopic:, time to get back on topic. :D

 

Vicious Heartbleed bug bites millions of Android phones, other devices

 

 

Something to consider. It's not just the servers that are vulnerable, but also end users who use openssl in their browser. Admittedly, the number is small, but those running Android 4.1.1 or 4.2.2 may be vulnerable.

 

Also, Blackberry Messenger is vulnerable. Update your apps!

 

Adam

  • Like 1

Share this post


Link to post
Share on other sites

From the article,

 

Because Android is frequently customized for specific devices or manufacturers, it's possible some versions besides 4.1.1 and 4.2.2 are vulnerable. For that reason, Android users should download Heartbleed Detector, a free app developed by Lookout. In the vast majority of the tests Ars carried out, it found various Android versions contained a vulnerable version of OpenSSL, but that the Heartbeat extension that hosts the coding bug wasn't enabled, making the devices immune to attack. The sole exception was when Ars executed the app on a handset running version 4.1.1, which returned the screenshot below.

 

BOLD emphasis mine.

Share this post


Link to post
Share on other sites

If you are concerned about Heartbleed vulnerabilities, there are two things you can do to make sure you are safe.

 

1. Go to http://ssllabs.com and check the site you are interested in. They have a Heartbleed checking tool built in.

2. Examine the security certificate for the site you are interested in. If it was issued after Monday of last week Monday, April 7, it is likely the site was vulnerable and fixed the issue.

 

Note: The SSL Labs report on a site's SSL security will also give you the certificate issue date.

 

Adam

  • Like 1

Share this post


Link to post
Share on other sites

Fran, are you sure the app is safe?

 

I looked at this for FF

https://addons.mozil...tbleed-checker/

but since it has not been reviewed by Mozilla, I backed away from installing it.

There are just too many bogus apps and addons that either do nothing or do harm to a device.

 

Hi Liz,

 

Yes, Lookout is a good company and has a very good reputation in the Google Play Store.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...