Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New OpenSSL Man-in-the-Middle Flaw Affects All Clients

timothy posted about a month and a half ago | from the disclosure-of-diclosure dept.

Security 217

Trailrunner7 (1100399) writes 'There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers. The flaw affects all versions of the OpenSSL client and versions 1.0.1 and 1.0.2-beta1 of the server software. The new vulnerability could only be exploited to decrypt traffic between a vulnerable client and a vulnerable server, and the attacker would need to have a man-in-the-middle position on a network in order to do so. That's not an insignificant set of conditions that must be present for a successful attack, but in the current environment, where open wireless networks are everywhere and many users connect to them without a second thought, gaining a MITM position is not an insurmountable hurdle. Researchers who have looked at the vulnerable piece of code say that it appears to have existed, nearly unchanged, in the OpenSSL source since 1998.'

cancel ×

217 comments

Key phrase of vulnerability : (2, Informative)

Anonymous Coward | about a month and a half ago | (#47171785)

"but in the current environment, where open wireless networks are everywhere and many users connect to them without a second thought"

Re:Key phrase of vulnerability : (5, Insightful)

ColdWetDog (752185) | about a month and a half ago | (#47171913)

"but in the current environment, where open wireless networks are everywhere and many users connect to them without a second thought"

As will always be. Any attempt at security by involving the end user is a recipe for failure.

We're doomed.

Re: Key phrase of vulnerability : (2, Interesting)

Anonymous Coward | about a month and a half ago | (#47172127)

No, we just need software that isn't a pile of accreted crap.

Cue LibreSSL. Not a moment too soon. Those guys should be paid to do ALL critical security software, because when they do something, they do it RIGHT.

Re: Key phrase of vulnerability : (3, Insightful)

AndroSyn (89960) | about a month and a half ago | (#47172463)

How does LibreSSL fix users who do stupid things? This I'd like to know...

Re: Key phrase of vulnerability : (5, Funny)

Anonymous Coward | about a month and a half ago | (#47173119)

LibreSSL does not yet have any users.

Re:Key phrase of vulnerability : (1)

davester666 (731373) | about a month and a half ago | (#47172679)

Gives new meaning to the NSA denial "We did know about/exploit the heartbeat vulnerability"

Man in the middle (-1)

Anonymous Coward | about a month and a half ago | (#47171787)

Is that like when three slashfags are running a butt fuck train with each other?

Btw, I'm writing from the toilet and my shit smells most rancid. Would someone please come shove their fetid cock up my freshly shit-lubed asshole?

Neat (4, Insightful)

Anrego (830717) | about a month and a half ago | (#47171819)

But if you have a man in the middle position, most of those same users would have just clicked "ignore" or typed yes to the "connect anyway" prompt.

Re:Neat (0)

Anonymous Coward | about a month and a half ago | (#47171877)

That's like arguing that faulty brakes aren't a safety hazard because people will speed. The tool should be built properly, so that the injuries are entirely the result of user error.

Re:Neat (3, Insightful)

bluefoxlucid (723572) | about a month and a half ago | (#47172963)

Speed limits are overly conservative, and it is entirely possible to drive fast and drive safely. Risk increases, but driver ability modifies the risk. Good brakes are even more important in such situations.

I don't pay much attention to speed limits. The signs are posted miles apart and easy to miss; I drive with the flow of traffic, slowing down when there is additional risk. Additional risk includes traffic calming zones (whether zoned properly or not), e.g., residential areas with street parking and children, where risk is incredibly high--the proper way to drive these is slow, with your foot off the accelerator, prepared to brake. Other risks include commercial areas with lots of pedestrian traffic and street parking in general, where driving at-speed is fine; in these situations, you must search for hazards and prepare to steer or brake as needed to avoid them.

Driving analogies always show how terrible we are at driving. People care so much about the folks driving 40mph in a 30mph zone, but they don't care about the people cruising mindlessly while staring straight ahead and taking no notice of kids playing by the street, people preparing to exit parked cars, or other cars about to turn in front of them without looking for cross traffic. These are people who will be utterly surprised and incapable of reacting when someone's kid pops out from behind a car, or when a driver exits his vehicle 10 feet in front of them.

Re:Neat (0)

Anonymous Coward | about a month and a half ago | (#47173199)

Driving analogies always show how terrible we are at driving. People care so much about the folks driving 40mph in a 30mph zone, but they don't care about the people cruising mindlessly while staring straight ahead and taking no notice of kids playing by the street, people preparing to exit parked cars, or other cars about to turn in front of them without looking for cross traffic. These are people who will be utterly surprised and incapable of reacting when someone's kid pops out from behind a car, or when a driver exits his vehicle 10 feet in front of them.

Or those people who barely understand the right of way rules and never signal adding elements of unpredictable randomness to the drive.

Re:Neat (0)

Anonymous Coward | about a month and a half ago | (#47173209)

The speed limits are there for a reason, and are not for you to interpret. You need to observe them whether you agree with them or not. You WILL be ticketed. That's like saying you don't really follow laws unless you personally think they are good laws. Society is asking you to follow the law, not to interpret or judge its validity. It probably happens that the way you think things should be and the way the law says they must be align most of the time, goody for you then. Not everyone would be able to say the same though and implying that it's OK to break the law if you think you should be allowed to is a bad idea to propagate.

Re:Neat (3, Informative)

bluefoxlucid (723572) | about a month and a half ago | (#47172857)

The summary is actually ridiculous.

The summary suggests SSL is useful without a man-in-the-middle. SSL protects against eaves droppers on your network; but any eaves dropper can become a MITM. ARP cache poisoning is a common technique; on switched networks, you cannot eaves drop without ARP cache poisoning or ARP flooding. Hubbed networks are similarly easy: packet the target with IP=DEFAUTGATEWAY MAC=YOU and it will start addressing default gateway packets to you (routing works by putting the destination IP on a packet, but the default gateway's MAC on the frame; you enter the IP address of the router, and the OS runs an ARP request to find its MAC).

It's entirely unlikely that SSL does anything if there isn't a man in the middle.

MITM needs to be designed around (0)

Anonymous Coward | about a month and a half ago | (#47171843)

Ultimately you still need to get the encryption information across securely. The next big thing will be making encryption connection-agnostic.

Re:MITM needs to be designed around (2)

SuricouRaven (1897204) | about a month and a half ago | (#47171891)

"Ultimately you still need to get the encryption information across securely"

This is provably impossible with an active MITM attacker (Though a solution to passive listeners does exist and is in common use). If it could be done, we wouldn't be messing around with complicated certificate signing systems.

Re:MITM needs to be designed around (3, Informative)

sexconker (1179573) | about a month and a half ago | (#47173195)

"Ultimately you still need to get the encryption information across securely"

This is provably impossible with an active MITM attacker (Though a solution to passive listeners does exist and is in common use). If it could be done, we wouldn't be messing around with complicated certificate signing systems.

Correct. A MITM beats everything done over the wire. You need to secure your shit before you use the wire. You need a pre-shared key to encrypt the initial communication. A certificate sort of does this, but not really because we still trust them blindly and we initially accept them over the same wire. The proper way to do shit would be for you to go to your bank in person, for example, and generate 2 keys - one for you to use to talk to your bank and one for the bank to use to talk to you. You then use that key when establishing your first communication with the bank, and they use theirs. You can use whatever encryption you want, you can deploy a key-changing scheme, or a certificate scheme like we have now, whatever.

Your initial key exchange must be done securely. Doing it in person is the most secure way possible, but it's also the least convenient. Doing it over the wire is NEVER secure against a MITM.

NSA feature request done - NT (0)

Anonymous Coward | about a month and a half ago | (#47171909)

No Text

Versions (3, Insightful)

Anonymous Coward | about a month and a half ago | (#47171915)

Just to be clear, versions 1.01 and 1.02(beta) is the same as saying "Any OpenSSL version released since early 2012", right? It sounds like the summary is trying to downplay the threat a little bit.

Re:Versions (4, Informative)

GameboyRMH (1153867) | about a month and a half ago | (#47171977)

That's right, it affects all versions that are anywhere close to current.

Re:Versions (2, Interesting)

Anonymous Coward | about a month and a half ago | (#47172483)

especially after everyone panic-upgraded after heartbleed.

Re: Versions (3, Informative)

Anonymous Coward | about a month and a half ago | (#47171981)

There are also stable releases of 0.9.8 and 1.0.0 which are still maintained for security updates. Many long-term-stable distros and even some recent network appliances don't use 1.0.1 because of the possibility that code churn and feature dev has made it less secure than 1.0.0. In this case they would be right.

Re: Versions (1)

afidel (530433) | about a month and a half ago | (#47172531)

Yup, our Linux based application firewall uses a security maintained 0.9.8 based build so we weren't affected by heartbleed. It looks like we'll need to make sure it's patched to 0.9.8za level to avoid the possibility of this being an issue.

Re:Versions (0)

Anonymous Coward | about a month and a half ago | (#47172043)

Any version affected by Heartbleed, or those you patched to fix Heartbleed.

This is awesome (4, Insightful)

Jody Bruchon (3404363) | about a month and a half ago | (#47171921)

The more of these we find, the more secure OpenSSL will be. I hope we continue to find these kinds of problems and see them fixed. If open source has one strength, it's that when many skilled eyes DO converge on the code it can be tested and fixed far more quickly than a corporation with limited resources and only paid developers can do the same sort of debugging work. The trick is getting the eyes there in the first place.

Re:This is awesome (2)

Bengie (1121981) | about a month and a half ago | (#47171967)

OpenSSL design is fundamentally flawed. Bug fixes will probably introduce more bugs in many cases. I mean, OpenSSL will use your actual private key as a source of entropy. How messed up is that?

Re:This is awesome (5, Informative)

Anonymous Coward | about a month and a half ago | (#47172111)

OpenSSL design is fundamentally flawed. Bug fixes will probably introduce more bugs in many cases.

Well, the LibreSSL project is ripping out much of the code and rebuilding it: http://www.libressl.org/

I mean, OpenSSL will use your actual private key as a source of entropy. How messed up is that?

Ummm, your private key should be randomly generated, otherwise public key encryption doesn't work too well.

But your private key doesn't change, so that isn't a good thing to do. Fixing the entropy is one of the many things LibreSSL is doing: http://www.openbsd.org/papers/bsdcan14-libressl/mgp00016.html

LibReSSL (1)

Archwyrm (670653) | about a month and a half ago | (#47172535)

The project name is written as LibReSSL. Clever, clever..

Re:This is awesome (1, Interesting)

smooth wombat (796938) | about a month and a half ago | (#47171971)

If open source has one strength, it's that when many skilled eyes DO converge on the code

Keep making excuses for why open source should get a pass on something like this. The code has been around for 16 years. How many eyes have looked at the code since it was put out?

Open source is no better or worse than closed source. People just like to think it is because of situations like this when someone shouts, "I found a flaw!" but completely ignore the time the problem has existed.

If open source is so great, this flaw wouldn't have been around this long, would it?

Re:This is awesome (3, Interesting)

mean pun (717227) | about a month and a half ago | (#47172069)

I agree that 16 years for a fundamental flaw like this is bad, but how can you possibly know that closed source is no worse (or no better) than this? Closed-source software vendors are usually not very open about these problems.

Re:This is awesome (5, Insightful)

Dcnjoe60 (682885) | about a month and a half ago | (#47172213)

I agree that 16 years for a fundamental flaw like this is bad, but how can you possibly know that closed source is no worse (or no better) than this? Closed-source software vendors are usually not very open about these problems.

I agree 100%. The only reason this flaw is known is because the source code was available to review. Obviously, it would have been better if this were reviewed and caught sooner, but that ignores the fact that it was only caught because the source code was available. That seems to be a big plus.

Also what is interesting is that even though the flaw has been there for 16 years, there are no known exploits of it. That would seem to dismiss the notion that open source security software is problematic because bad people can find exploits.

Of course another explanation is that the flaw isn't any such thing and was intentional and because it was open source, certain government agencies will now lose the ability to exploit it.

Regardless of how you look at it, it seems to be an advantage to open source.

Re:This is awesome (2)

Bite The Pillow (3087109) | about a month and a half ago | (#47173089)

This required knowing how SSL is supposed to work, not just being able to read code.

It was found when someone decided to check whether implementations correctly checked the order of messages. This could have been found by testing against a binary, regardless of the code being available.

Open source is a win here because I can fix it without waiting for a vendor patch. Not that I would, but I can. Code availability for finding the bug is nearly irrelevant.

No known exploits means nothing. Exclusive zero days are expensive, and I would not share it with anyone if I bought it. Use it in extraordinary circumstances only, and it can be undetected for a while.

Re:This is awesome (2, Insightful)

Anonymous Coward | about a month and a half ago | (#47172547)

There are STILL open issues in Windows 8.1 that have existed since Win2000, that are actively being exploited today with no fix in sight. Major flaws that have survived supposed "complete rewrites" even though the steps to exploit are the exact same. There is only a large amount of shrill denial and burying heads in the sand. At least that aspect doesn't exist in open source.

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47172715)

http://lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/
The last paragraph: "... whether existing implementations correctly verify these conditions. Most implementations except OpenSSL verify them, more or less. OpenSSL seems not doing at all. Later I confirmed that OpenSSL is actually exploitable."

Re:This is awesome (1)

Anonymous Coward | about a month and a half ago | (#47172103)

When the code is hidden nobody except the insiders can see how good/bad the code is that leaves FUD. How much do you trust a huge corporation? Especially one that treats users with disdain and tries to lock users out of their own system to keep support costs down and appease agendas from orgs like big media companies?

Even if the bug rate is no better in open source, the fact that it's open and not potentially hiding things removes some questions and doubt. The security bits that are developed in secrecy might have an NSA back door, or might have a hard coded simple support password, or might have some terrible vulnerability that even if reported is unfixed for months to years because the company can't or won't dedicate resources to fix it. Neither method is perfect but open is open. Anyone who wants to scrutinize it can. I've read previously that openssl is convoluted in many places of the code. There them be dragons and nobody is willing to touch it. I think the same attitude prevails in commercial software (at least the projects I've been involved with). I've seen numerous times a developer could fix something properly but instead does a minimal change or hack and we go back to them 3 times because it wasn't fixed right and more issues crop up.

I like free software because there's a common area without restrictions that any human can get into and use/tinker. There should be an open/free platform with some minimal level of functionality in the commons so that anyone can have access to tech/OS without having to pay some corporate gate keeper like Microsoft or Apple. Those corps will still do fine as they are monetized, professional, and their software (at least Apple's) has more spit and polish and it's more likely to JFW.

Re:This is awesome (0)

Githaron (2462596) | about a month and a half ago | (#47172105)

The point is that if a flaw exists, when found, it can be quickly fixed in open source. You can also do your own security audit on open source software if you are really security conscious. With closed source, you have to wait for the vendor to both find and fix it (if they ever do). That said, assuming the vendor is trustworthy and would rather shut down than backdoor their software, heavily auditted close source software could easily be more secure than lightly audited open source software. If the audit levels are the same, open source wins. Part of the problem is that until recently a lot of open source security software/libraries like OpenSSL have not gone though enough auditting and vunerabilities are overlooked.

Re:This is awesome (1)

jones_supa (887896) | about a month and a half ago | (#47172887)

The point is that if a flaw exists, when found, it can be quickly fixed in open source.

In theory it can be fixed quickly, but even in the recent OpenSSL quality assurance effort, there was fixed a 4 year old publicly reported bug [eweek.com] . So it's not guaranteed that anyone fixes the bugs quickly, even if they are already found and described accurately.

It's just like the "given enough eyeballs, all bugs are shallow" law: the bugs can be found if enough professional people are rigorously going through the code. But there is no guarantee that every open source project (even mission critical projects) have enough of eyeballs in practice.

Re:This is awesome (4, Insightful)

evilviper (135110) | about a month and a half ago | (#47172135)

If open source is so great, this flaw wouldn't have been around this long, would it?

Closed source software is far worse, you just don't hear about it.

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47172433)

If open source is so great, this flaw couldn't have been around this long, would it?

Are you just trolling, or have you never worked on a large closed source codebase? Believe me, there's a lot worse than this out there, in both open and closed source. Read the daily wtf [thedailywtf.com] to learn what it's like in the real world of corporate IT.

Regardless of the "openness" of the sources, the real differences in software quality rest in the organizations that build code; the typical US corporation is pretty much guaranteed to produce far worse software than the typical hobbyist group. Unmotivated wage slaves ruled by a technologically incompetent hereditary elite .vs. geeky people who are doing something purely for the love of it? Pfft. Not much of a contest! The biggest change successful tech companies like 3com and Apple brought was a new generation of leaders, who came from outside the traditional boardroom social class. Jobs was a phreak, Metcalfe was a hacker. Today the communities that exist outside the corporate closed-source programming culture have created all the most powerful software tools we have - including Microsoft Windows, which uses tons of Berkeley code, and the NSA's tools, which are often based on linux or openBSD, and all your communications technologies like smart phones and wireless mesh networks etc.

Anyway, let me paraphrase your own complaint: If closed source is so great, why doesn't it come with a free pony? Ponies are cool.

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47172611)

There are some inconsistencies in the /. summary, or at least some wordings that make it sound worse than it is:

16 years. Nearly unchanged... nearly. What does that mean? Is that tidbit even worth mentioning? If the vulnerability had been there for sixteen years, then we wouldn't be seeing problems in versions from only the past two years. Misleading? Just ignorance? Sensationalist so used? Something doesn't add up there. Either it's a sixteen-year-old bug, or it's not. Versions 1.0.1 and 1.0.2-beta tell us this is not a teenage bug.

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47172691)

SSL is NOT a failure of open source, it is a pure conflict of interest. The group of programmers that maintain OpenSSL primarily make their living from doing consulting about OpenSSL. They even advertise their consulting services on their web site: http://www.openssl.org/support/consulting.html .

The more obfuscated, convoluted, and un-maintainable the code, the more money they make, because if corporate programmers could understand and modify the code themselves, the openssl consulting business would dry up.

It is a direct conflict of interest for the present developers to make their living from consulting while maintaining the openssl code.

Conflict of interest is the cause of this, not open source.

Re:This is awesome (3, Insightful)

rabtech (223758) | about a month and a half ago | (#47173171)

It's actually a false dichotomy...

The vast majority of software is poorly written, hacked-together junk written by dicks and idiots.

Open Source *can* be slightly less terrible, but it's all still terrible.

Re:This is awesome (2)

westlake (615356) | about a month and a half ago | (#47172057)

it can be tested and fixed far more quickly than a corporation with limited resources and only paid developers can do the same sort of debugging work.

Open Source does not guarantee unlimited resources. Case in point: TrueCrypt.

Paid developers can work full time on debugging and may have a much deeper understanding of the code and how it is used.

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47172229)

it can be tested and fixed far more quickly than a corporation with limited resources and only paid developers can do the same sort of debugging work.

Open Source does not guarantee unlimited resources. Case in point: TrueCrypt.

Paid developers can work full time on debugging and may have a much deeper understanding of the code and how it is used.

But there's no guarantee paid developers will actually be better so this is actually something to be judged on a case by case basis.

Re:This is awesome (1)

Dcnjoe60 (682885) | about a month and a half ago | (#47172263)

it can be tested and fixed far more quickly than a corporation with limited resources and only paid developers can do the same sort of debugging work.

Open Source does not guarantee unlimited resources. Case in point: TrueCrypt.

Paid developers can work full time on debugging and may have a much deeper understanding of the code and how it is used.

Wasn't the TrueCrypt announcement a form of warrant canary?

Re:This is awesome (2)

Jody Bruchon (3404363) | about a month and a half ago | (#47172313)

The same problems that OSS has with code not being reviewed is present in closed-source models as well, such as the recent Apple security hole that managed to make it past review and stick around for quite a while. They pay developers to work on this stuff. The devs missed it. Software development is done by humans and humans commit mistakes. No source availability model can ever fully mitigate that.

Re:This is awesome (1)

Number42 (3443229) | about a month and a half ago | (#47173109)

Apple's SSL implementation is open source too.

Re:This is awesome (5, Insightful)

iamgnat (1015755) | about a month and a half ago | (#47172133)

open source has one strength, it's that when many skilled eyes DO converge on the code it can be tested and fixed far more quickly

Did you even read the summary? They believe that this flaw has existed since 1998. You have a very strange definition of "quickly" if 16 years falls into that category.

I'm all for OSS, but people like you that continue to trot out this tripe aren't helping it. The benefit isn't that there all these mythical "skilled eyes" looking at the code, it's that you can look at the code.

Re:This is awesome (5, Insightful)

Jody Bruchon (3404363) | about a month and a half ago | (#47172257)

If you've been following OpenSSL Heartbleed coverage, you know that the project has only had one full-time developer working on it. [slashdot.org] Since Heartbleed (a recent discovery, you'll recall) they've discovered more holes to close such as this one. I'd call less than two months since more eyes started staring at OpenSSL "quickly."

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47172639)

A trivial flaw has existed in Windows for the same amount of time, and it is actively being exploited. It's trivial to fix, but since disclosing it gets a gag from MS thrown down on you, there is no publicizing it. It is estimated that ~60% of all MS systems are thoroughly owned (although that shouldn't really surprise anyone).

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47173129)

He said "when many skilled eyes... ". How you got a +5 insightful is beyond me, because wasn't that exactly how this bug was found? Wouldn't the flurry of attention after heartbleed imply more skilled eyes were looking at it because the source was available and the bug was found and fixed for the first time since 1998? You can choke on your "people like you" line too, telling people they're wrong when it's really you who can't read worth shit.

I'm all for OSS, but ...

No you're not, you're trying to condition people to shut up about a key proven benefit of OSS. When many skilled eyes look at code because that code is available it does speed bug finding and other improvements.

Re:This is awesome (1)

Bite The Pillow (3087109) | about a month and a half ago | (#47173145)

Gp's point is once it has been found things move quickly. Tested and fixed is in the part you bolded, not found.

You objected to a point gp did not raise.

Re:This is awesome (-1)

Anonymous Coward | about a month and a half ago | (#47172237)

Yeah... 16 years late.
 
Keep telling us how Open Sewers is more secure because of the number of eyes that are on the code. We'll keep laughing.

Re:This is awesome (0)

Anonymous Coward | about a month and a half ago | (#47172883)

Yeah... 16 years late.

Keep telling us how Open Sewers is more secure because of the number of eyes that are on the code. We'll keep laughing.

Steve Ballmer, is that you? Go home...you're drunk.

Re:This is awesome (3, Insightful)

js3 (319268) | about a month and a half ago | (#47172239)

The more of these we find, the more secure OpenSSL will be. I hope we continue to find these kinds of problems and see them fixed. If open source has one strength, it's that when many skilled eyes DO converge on the code it can be tested and fixed far more quickly than a corporation with limited resources and only paid developers can do the same sort of debugging work. The trick is getting the eyes there in the first place.

10 years ago someone said...

"Opensource will eliminate all bugs, because the world can see the source". Doesn't matter if no one reads the source.

Re:This is awesome (4, Funny)

g1zmo (315166) | about a month and a half ago | (#47173189)

Literally no one has ever said that.

Bet the NSA knew about this... (1, Interesting)

GameboyRMH (1153867) | about a month and a half ago | (#47171989)

...and it was like ten Christmases to them. They're probably really down that they just lost one of their best toys.

Not as bad as it seems... (0)

Anonymous Coward | about a month and a half ago | (#47172011)

This flaw can only be exploited if both the client and server are running a vulnerable version of OpenSSL.

While OpenSSL is very common on the server side, it is much less common on the client side.

For example, most web browsers don't use OpenSSL.

Re:Not as bad as it seems... (-1)

Anonymous Coward | about a month and a half ago | (#47172073)

OpenSSL is used on every Linux distro and Android device. This has nothing to do with web browsers, retardo.

Re:Not as bad as it seems... (-1)

Anonymous Coward | about a month and a half ago | (#47172315)

OpenSSL is used on every Linux distro and Android device. This has nothing to do with web browsers, retardo.

Numbnuts, the fact that OpenSSL is present on linux doesn't mean it is used by every bit of software on linux.

Yes, this flaw affect non-browser SSL clients that use OpenSSL, but that is much less common. It's still an attack vector, and should be fixed.

And this flaw doesn't affect the vast majority of users (who are using SSL clients on windows or mac), which is the point of my post.

Chrome on android is vulnerable though.

Re:Not as bad as it seems... (1)

Anonymous Coward | about a month and a half ago | (#47172347)

Plenty of client applications make SSL connections and OpenSSLis used for that.

Re:Not as bad as it seems... (0)

Anonymous Coward | about a month and a half ago | (#47172153)

Chrome on Android uses it and tons of apps on Android that open SSL connections also use it. So to claim OpenSSL is not used on clients is a total joke.

Re:Not as bad as it seems... (-1)

Anonymous Coward | about a month and a half ago | (#47172503)

Chrome on Android uses it and tons of apps on Android that open SSL connections also use it. So to claim OpenSSL is not used on clients is a total joke.

Learn to read, will you?

I wrote "While OpenSSL is very common on the server side, it is much less common on the client side."

The words "much less common" have a very different meaning than "not used on clients".

The vast majority of SSL connections are not affected by this flaw, because the majority of SSL clients don't use OpenSSL. So even if the server is running a vulnerable version, it can't be exploited because the client isn't vulnerable.

This OpenSSL flaw requires BOTH the client & server to be running OpenSSL to be vulnerable.

Unlike heartbleed, which required only ONE of the client & server to be running a vulnerable version of OpenSSL to be affected. (and OpenSSL is very common on web servers, so this was a BIG problem).

But I will agree with you that android is a POS platform and easy to exploit :)

How are people affected in their day to day lives? (3, Insightful)

tlhIngan (30335) | about a month and a half ago | (#47172025)

This is a flaw, but it requires both ends use vulnerable OpenSSL versions. Which means your day-to-day life may or may not be affected that much.

I mean, if you use iOS, OS X, or Windows, you're more than likely NOT using OpenSSL on the client side (except say, if you use Firefox on Windows) - since Apple and Microsoft have their own SSL implementations. If you have an Android phone or tablet, then yes, it's quite likely an issue, and while both are popular, people generally don't use them that much for data (iOS traffic, after 7 years, has finally dropped to below 50% of all mobile traffic out there, despite Android outselling iOS by a huge margin). And nevermind the oddball Linux user.

So the real question is, how many people really ARE affected?

Heartbleed affects everyone because it exposes server secrets irrespective of the client side. But this vulnerability is only really present if both ends use OpenSSL.

REST APIs, Datacenter-to-datacenter transfers (0)

Anonymous Coward | about a month and a half ago | (#47172093)

If you use HTTPS from, say, your Node.js app to connect to someone's PHP-based REST service, you're vulnerable and so are your users. Wouldn't surprise me a bit if this is being used in the wild by state actors to attack entire web applications/services, in order to target just a few of their users. They don't care about collateral damage.

Re:REST APIs, Datacenter-to-datacenter transfers (-1)

Anonymous Coward | about a month and a half ago | (#47173067)

node.js - well there's your problem.

Re:How are people affected in their day to day liv (2, Informative)

Anonymous Coward | about a month and a half ago | (#47172165)

I mean, if you use iOS, OS X, or Windows, you're more than likely NOT using OpenSSL on the client side (except say, if you use Firefox on Windows)

Ummm, firefox uses NSS, not OpenSSL: http://en.wikipedia.org/wiki/Network_Security_Services

Re:How are people affected in their day to day liv (1)

Anrego (830717) | about a month and a half ago | (#47172167)

The real limiter for your average user is the requirement for man in the middle position.

Even without this flaw, most users will just click through any warning that comes up during a man in the middle attack.

It's still a bad thing that the mechanism designed to protect us from man in the middle is broken, but for the average user, the mechanism is already broken via apathy.

Re:How are people affected in their day to day liv (1)

CaptainDork (3678879) | about a month and a half ago | (#47172477)

I agree with your assessment and conclusion, and while I can't refute that apathetic users are a problem, I submit that apathetic users should NOT be a problem. In our current state of the art, users take a lot of blame for not implementing best practices regarding credential quality, changing passwords frequently, failing to read warnings, privacy statements and terms of conditions, etc. Users are also held accountable for not updating their operating systems and the programs that ride on the (Flash, Java, Other). The real burden, in my opinion, rests solely with the experts in the field. Users are reading about Heartbleed, OpenSSL, Man In The Middle, client, server, encryption, ... Users want to level up on Candy Crush Saga and they want to leave all that mumbo-jumbo to people like we here on this board. I think that's fair.

Re:How are people affected in their day to day liv (1)

Anrego (830717) | about a month and a half ago | (#47172875)

Oh I totally agree with this. Relying on the user to "make the decision" is (or should be) the last resort when a programmer can't figure out how to deal with a situation.

In the specific area of certificate verification on web browsers, the problem has been too many false positives. Lots of people are sloppy with their certificates, and users have gotten used to the idea that any error mentioning a certificate is probably no big deal (because the other 100 times they clicked the ok button the world didn't end). This then served only to encourage people to be even more sloppy (the user will just click the warning that comes up, no big deal).

Things are moving in a good direction now, with most of the major browsers making the dialog more menacing and (in the case of firefox at least) requiring several not-so-intuitive steps, and this having the effect of making letting your certificates expire/using incorrect certificates more of a big deal because you will lose traffic. I think we are at least at a point where most users will stop when they get one of these more complicated warnings and they are doing something like banking or buying something online.

Re:How are people affected in their day to day liv (2)

Argilo (602972) | about a month and a half ago | (#47172193)

Firefox uses NSS, not OpenSSL.

Re:How are people affected in their day to day liv (-1)

Anonymous Coward | about a month and a half ago | (#47172225)

Firefox uses their own SSL library (NSS), and not OpenSSL.

Re:How are people affected in their day to day liv (1)

Dcnjoe60 (682885) | about a month and a half ago | (#47172303)

So the real question is, how many people really ARE affected?

That would depend on how much, if any, of OpenSSL code was incorporated into Microsoft and Apple products regardless of the GPL. After all, 1998, was a long time ago.

Re:How are people affected in their day to day liv (2)

Blue Stone (582566) | about a month and a half ago | (#47172367)

you're more than likely NOT using OpenSSL on the client side (except say, if you use Firefox on Windows)

That's quite the parabolic sentence there. I hope you didn't give yourself whiplash.

How are people affected in their day to day lives? (0)

Anonymous Coward | about a month and a half ago | (#47172443)

Firefox has its own SSL stack across all OSes (libnss), so it shouldn't be vulnerable. AFAIK, chrome/chromium uses OpenSSL across all platforms.

Re:How are people affected in their day to day liv (1)

Iarwain Ben-adar (2393286) | about a month and a half ago | (#47172695)

WRONG. If the server is vulnerable, your session can be hijacked. http://ccsinjection.lepidum.co... [lepidum.co.jp]

Closed source software (2)

93 Escort Wagon (326346) | about a month and a half ago | (#47172141)

Given all the open-source SSL/TLS security flaws (OpenSSL, gnutls, Apple SSL) that have come out these past few months - mostly thanks to renewed interest in hunting flaws, thanks to the Snowden revelations, I suspect - I hope that companies like Microsoft are also seeing this as a wake-up call driving them to do code reviews on their closed-source SSL/TLS code.

Re:Closed source software (0)

js3 (319268) | about a month and a half ago | (#47172223)

Given all the open-source SSL/TLS security flaws (OpenSSL, gnutls, Apple SSL) that have come out these past few months - mostly thanks to renewed interest in hunting flaws, thanks to the Snowden revelations, I suspect - I hope that companies like Microsoft are also seeing this as a wake-up call driving them to do code reviews on their closed-source SSL/TLS code.

Not quite sure what you mean there. Closed source gets more code review than opensource apparently.

Re:Closed source software (2)

93 Escort Wagon (326346) | about a month and a half ago | (#47172283)

Not quite sure what you mean there. Closed source gets more code review than opensource apparently.

Speaking as someone who, in a past job, reported a number of brain-dead flaws in their products to Microsoft - I'm curious what experience has led you to draw that conclusion.

Re:Closed source software (-1)

Anonymous Coward | about a month and a half ago | (#47172559)

Not quite sure what you mean there. Closed source gets more code review than opensource apparently.

Speaking as someone who, in a past job, reported a number of brain-dead flaws in their products to Microsoft - I'm curious what experience has led you to draw that conclusion.

The fact that its a 16 year old flaw sitting in the open the entire time? Perhaps that? Perhaps you need to experience logic...

Re:Closed source software (1)

BadDreamer (196188) | about a month and a half ago | (#47172605)

And how long have the bugs in the Windows networking code been sitting there? Oh, right, you can't know, because they're not telling us.

Perhaps you should use some of that logic which you wish others to experience.

Re:Closed source software (2)

swillden (191260) | about a month and a half ago | (#47172423)

Closed source gets more code review than opensource apparently.

Clearly you've never worked in the software industry.

Re:Closed source software (-1)

Anonymous Coward | about a month and a half ago | (#47172599)

Closed source gets more code review than opensource apparently.

Clearly you've never worked in the software industry.

Clearly neither did any of the code inspectors that reviewed the code for 16 years...

Re:Closed source software (2)

93 Escort Wagon (326346) | about a month and a half ago | (#47172965)

Most of the bugs I reported to Microsoft were flaws in their Fortran and MASM (assembly language) offerings, back in olden days of yore (otherwise known as the 1990s).

With the added complexity of modern Microsoft dev tools, though, I'm sure bugs never make it into production nowadays.

Re:Closed source software (1)

BadDreamer (196188) | about a month and a half ago | (#47172587)

And you base this on what comparative statistics? How many security related bugs have the closed source developers found and fixed while these bugs were closed by a community scouring over the code?

Re:Closed source software (1)

Number42 (3443229) | about a month and a half ago | (#47173149)

Apple's SSL implementation is actually open source, but true, the only upstream contributor to that repository is Apple.

Closed source software (0)

Anonymous Coward | about a month and a half ago | (#47173079)

SInce most EULA prohibit you from filing al lawsuit about your use of the software there is absolutely ZERO business motivation for any corporation to even look for security vulnerabilities - let alone devote money toward fixing them when they are the only ones who know if they have a vulnerability.

LibreSSL (1)

Anonymous Coward | about a month and a half ago | (#47172185)

does this affect LibreSSL?

So my old OpenSSL library is fine then? (1)

Jezisheck (2558157) | about a month and a half ago | (#47172197)

The flaw affects all versions of the OpenSSL client and versions 1.0.1 and 1.0.2-beta1 of the server software.

If I understood it correctly, my older OpenSSL package (openssl 0.9.8o-1ubuntu4.6) should be fine, right?

Re:So my old OpenSSL library is fine then? (1)

Elessar (8997) | about a month and a half ago | (#47172431)

If you are using OpenSSL as a client then you are vulnerable. On the server side the bug is till there but there is no known way of exploiting it prior to 1.0.1. You are still recommended to upgrade - but ubuntu will provide the relevant fixes.

Opensource is great innit? (-1, Troll)

js3 (319268) | about a month and a half ago | (#47172211)

The POS library permeates everything.

Stupid summary (1)

cryptizard (2629853) | about a month and a half ago | (#47172343)

That's not an insignificant set of conditions that must be present for a successful attack

But it is exactly the point of TLS, to protect against such an attacker. If you know you don't have a man-in-the-middle then you don't even need it in the first place.

True that the server might not be running that version, but a non-trivial number of them are.

1998? 16 Years? (0)

Anonymous Coward | about a month and a half ago | (#47172467)

A flaw just sitting in the open for 16 years? Man, surely that's impossible what with it being open source and all those fervent well-trained altruistic supposed eyes constantly scanning the code.

Clearly, this demonstrates the strength of open source software.

Advisory is a bit unclear (2)

Doug Papenthien (3683553) | about a month and a half ago | (#47172487)

After reading the advisory from OpenSSL, I'm still confused by what is vulnerable and what isn't. The flaw requires both the client and server to be vulnerable. If the client is using OpenSSL, they're vulnerable for 0.9.8/1.0.0/1.0.1. But if the server is using OpenSSL, they're only vulnerable if using 1.0.1/1.0.2(beta). Yet the bullet list of recommendations points out that servers should upgrade even if they're using 0.9.8: * OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. Let's say I have a server using 0.9.8 and client using 1.0.0. If I understand their explanation correctly, then this scenario is *not* vulnerable. Is that the same conclusion others would draw from their explanation?

Sensationalist inconsistencies (0)

Anonymous Coward | about a month and a half ago | (#47172623)

There are some inconsistencies in the /. summary, or at least some wordings that make it sound worse than it is:

16 years. Nearly unchanged... nearly. What does that mean? Is that tidbit even worth mentioning? If the vulnerability had been there for sixteen years, then we wouldn't be seeing problems in versions from only the past two years. Misleading? Just ignorance? Sensationalist so used? Something doesn't add up there. Either it's a sixteen-year-old bug, or it's not. Versions 1.0.1 and 1.0.2-beta tell us this is not a teenage bug.

Perhaps it is notable that the only place this sensational "fact" comes to light is from "researchers", and even there it has no mention of the relevance for this bug and only mentions this code is "nearly unchanged", meaning it was changed.

You silly silly fools (0)

Anonymous Coward | about a month and a half ago | (#47172689)

Still believe you can secure data.

sounds pretty insignificant to me (0)

Anonymous Coward | about a month and a half ago | (#47173093)

any ISP would be in a middle man position and able to decrypt your SSL traffic.

Grrr... (0)

Anonymous Coward | about a month and a half ago | (#47173143)

Time to change ALL my passwords again.

Would it be a sin? (1)

jones_supa (887896) | about a month and a half ago | (#47173197)

I see a lot of comments that try to convince that "closed source isn't any better". So my actual question is: would it be some kind of sin if closed source was actually better?

only DTLS is affected. (0)

Anonymous Coward | about a month and a half ago | (#47173267)

...which nobody in their right mind would use anyway. Granted though, openssl is still a piece of shit.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...