Posts Tagged ‘openssl’

What is Freak? Security bug affects hundreds of millions of iPhone, iPad and Android users

Wednesday, March 4th, 2015

Researchers have uncovered the latest vulnerability in the way our data is protected online, with the Freak bug potentially putting hundreds of millions of smartphone and tablet users at risk.

The bug, which affects HTTPS encrypted communication online, has been around for decades, but was only uncovered on 3 March, 2015. If exploited the bug could give hackers access to your personal data including login details and evening banking information.

Here, we break down just what Freak is, how it works, and who is vulnerable:

What is Freak?

Freak is the latest security flaw to be discovered in the cryptographic protocols which are used to encrypt your online communications – known as SSL and TLS.

The vulnerability is in particular found in OpenSSL, the same protocol which was at the centre of the Heartbleed controversy last year.

Who discovered it?

The vulnerability, which has been around since the 1990s, was only discovered on Tuesday, 3 March by researchers at the French Institute for Research in Computer Science and Automation, Microsoft Research and IMDEA.

Why has Freak been around for so long?

The problem dates back to the early 1990s when the US government decided that it wanted to weaken the encryption standards on products being shipped overseas by US companies.

It required the companies to downgrade the encryption being used from strong RSA grade encryption to “export-grade” encryption. At the time this “export-grade” encryption was still relatively strong, requiring a supercomputer to be able to crack the 512-bit encryption key, meaning only the US government were likely to be able to exploit the vulnerability.

However with the rapid advance in computing, this is no longer the case, and with access to huge computing power through the likes of Amazon’s cloud computing service AWS, anyone could potentially exploit the Freak bug.

As renowned cryptographer Matthew Green says:

The export-grade RSA ciphers are the remains of a 1980s-vintage effort to weaken cryptography so that intelligence agencies would be able to monitor. This was done badly. So badly, that while the policies were ultimately scrapped, they’re still hurting us today. Encryption backdoors will always turn around and bite you in the ass. They are never worth it.

Who is vulnerable to a Freak attack?

iPhone 6 Review
The Safari browser on Apple’s iPhones and iPads is vulnerable to attack(IBTimes UK)

According to the researchers on the user side, Apple’s Safari web browser on its iPhone, iPad and Mac devices is vulnerable as well as almost all versions of Android as Google uses the OpenSSL protocol in its mobile operating system. That means that potentially hundreds of millions of people are at risk.

The Chrome desktop browser, Microsoft’s Internet Explorer or Mozilla’s Firefox are not vulnerable.

On the server side, according to researchers, just shy of 10% of the internet’s top million websites are vulnerable. This is down from 12.2% on Tuesday, meaning that website administrators seem to be fixing the problem.

There are however still many major websites including banking, media and government sites which are affected. These include the websites of American Express, Business Insider, Bloomberg, the Marriot hotel group and indeed IBTimes UK.

The list previously included the FBI’s website for anonymous informants, but this is no longer vulnerable it would seem. However the whitehouse.gov website remains vulnerable.

The full list can be found here.

 

via What is Freak? Security bug affects hundreds of millions of iPhone, iPad and Android users.

300,000+ Servers Still Vulnerable to Heartbleed | PCMag.com

Monday, June 23rd, 2014

Almost three months, and thousands of fixes later, more than 300,000 systems are still vulnerable to the Heartbleed bug.Robert Graham of Errata Security revealed on Saturday that a recent scan found that 309,197 servers are still exposed."This indicated people have stopped even trying to patch," Graham wrote in a blog post.Following the April discovery of the OpenSSL bug—which leaves encrypted data open to scammers—panic ensued as websites around the world patched their systems to avoid a breach.At the time of the Heartbleed announcement, Errata found 600,000 vulnerable systems, which dwindled to half that number within the first month. But now, almost three months after the announcement, at least 300,000 sites are still at risk."We should see a slow decrease over the next decade as older systems are slowly replaced," according to Graham, though he’s not confident that all 309,000 will be patched."Even a decade from now, I still expect to find thousands of systems, including critical ones, still vulnerable," he said.

via 300K Servers Still Vulnerable to Heartbleed | News & Opinion | PCMag.com.

Critical OpenSSL Patch Available. Patch Now!

Monday, June 9th, 2014

[Webcast Correction] Important correction to the webcast. The MITM attack does not just affect DTLS. It does affect TLS (TCP) as well.

Quick Q&A Summary from the webcast:

– The MITM vulnerablity only affects servers that run OpenSSL 1.0.1 but all clients. Both have to be vulnerable to exploit this problem.

– The MITM vulnerability is not just DTLS (sorry, had that wrong during the webcast)

– Common DTLS applications: Video/Voice over IP, LDAP, SNMPv3, WebRTC

​- Web servers (https) can not use DTLS.

– OpenVPN’s "auth-tls" feature will likely mitigate all these vulnerabilities

– Even if you use "commercial software", it may still use OpenSSL.

———

The OpenSSL team released a critical security update today. The update patches 6 flaws. 1 of the flaws (CVE-2014-0195) may lead to arbitrary code execution. [1]

All versions of OpenSSL are vulnerable to CVE-2014-0195, but this vulnerability only affects DTLS clients or servers (look for SSL VPNs… not so much HTTPS).

I also rated CVE-2014-0224 critical, since it does allow for MiTM attacks, one of the reasons you use SSL. But in order to exploit this issue, both client and server have to be vulnerable, and only openssl 1.0.1 is vulnerable on servers (which is why I stuck with "important" for servers). The discoverer of this vulnerability released details here: http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html .

via InfoSec Handlers Diary Blog – Critical OpenSSL Patch Available. Patch Now!.

Internet security researchers use Heartbleed bug to target hackers | Fox News

Wednesday, April 30th, 2014

Anti-malware researchers have turned the tables on cyber criminals by using the Heartbleed bug to gain access to online forums where hackers congregate.

The bug is a flaw in a key piece of security technology used by more than 500,000 websites had been exposing online passwords and other sensitive data to potential theft for more than two years.

Among the websites affected by the bug were private, password-protected hacker forums, Steven K, a French anti-malware researcher, told the BBC. The researcher said he was able to gain access to the sites by using specially-written tools to target them.

“Not many people have the ability to monitor this forum, but Heartbleed exposed everything,” Steven K added, referring to one such website.

Researchers can use the bug to grab conversations from chatrooms where hackers share data, but run the risk of facing criminal charges for malicious hacking, the BBC reports.

“This work just goes to show how serious Heartbleed is,” said Charlie Svensson, a computer security researcher at Sentor. “You can get the keys to the kingdom, all thanks to a nice little heartbeat query.”

Meanwhile, a new poll released Wednesday by the Pew Research Center said most Americans have been trying to protect themselves from the bug, but a group nearly as large is unaware of the threat.

via Internet security researchers use Heartbleed bug to target hackers | Fox News.

App and Browser Plugin – Runs Check for Heartbleed –

Saturday, April 19th, 2014

Most major websites have patched the gaping security hole called the Heartbleed bug, which at one point affected up to two thirds of the Internet. However, there are still some stragglers. A new free browser plugin and Android app from cloud security company Trend Micro can help check that the sites you visit and Android apps you download are Heartbleed-free.

The Heartbleed bug exists in a version of OpenSSL, a type of software used to encrypt data in transit, such as between your computer and the server of a webpage you’re visiting, or between your smartphone and the server of an app you have installed. Trend Micro’s browser plugin and app can help users feel a bit more secure on the Internet.

via App and Browser Plugin Check for Heartbleed.

Heartbleed OpenSSL – Leaked Exploit POC

Saturday, April 19th, 2014

/*

* CVE-2014-0160 heartbleed OpenSSL information leak exploit

* =========================================================
* This exploit uses OpenSSL to create an encrypted connection
* and trigger the heartbleed leak. The leaked information is
* returned within encrypted SSL packets and is then decrypted
* and wrote to a file to annoy IDS/forensics. The exploit can
* set heartbeat payload length arbitrarily or use two preset
* values for NULL and MAX length. The vulnerability occurs due
* to bounds checking not being performed on a heap value which
* is user supplied and returned to the user as part of DTLS/TLS
* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to
* 1.0.1f are known affected. You must run this against a target
* which is linked to a vulnerable OpenSSL library using DTLS/TLS.
* This exploit leaks upto 65532 bytes of remote heap each request
* and can be run in a loop until the connected peer ends connection.
* The data leaked contains 16 bytes of random padding at the end.
* The exploit can be used against a connecting client or server,
* it can also send pre_cmd’s to plain-text services to establish
* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients
* will often forcefully close the connection during large leak
* requests so try to lower your payload request size.
*
* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g
*
* E.g.
* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed
* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1
* [ heartbleed – CVE-2014-0160 – OpenSSL information leak exploit
* [ =============================================================

via Heartbleed OpenSSL – Information Leak Exploit.

Tor anonymity network to shrink due to Heartbleed flaw | [PCWorld]

Friday, April 18th, 2014

The Tor Project has flagged 380 Tor relays vulnerable to the critical Heartbleed flaw to be rejected from the Tor anonymity network, reducing the network’s entry and exit capacity.

 

The decision has already been implemented on a Tor directory authority—a server that maintains a list of Tor relays—controlled by Roger Dingledine, the Tor Project leader, and is likely to be followed by other directory authority operators.

The 380 relays flagged for rejection are trusted entry relays, also known as guards, and exit relays. As a result, the immediate impact of this decision would be a 12 percent reduction in the network’s guard and exit capacity, Dingledine said Wednesday in an email sent to the tor-relays mailing list.

Traffic from clients typically flows through the Tor network in three hops. The first hop is through a guard relay and the final hop, before the traffic is returned on the Internet to reach its intended destination, is through an exit relay.

Twelve percent might not sound like much, but guard and exit relays play an important role on the network and are not easy to replace. Many relays are run by volunteers, but they need to be trusted and need to have enough bandwidth at their disposal to handle traffic from multiple clients.

“I thought for a while about taking away their Valid flag rather than rejecting them outright, but this way they’ll get notices in their logs,” Dingledine said.

Tardy patches seem to be the reason

It seems that the ban might be permanent. Dingledine said that he wouldn’t want those relays back on the Tor network even if they upgraded their versions of OpenSSL because their operators didn’t patch the flaw in a timely manner.

The Heartbleed vulnerability was announced on Apr. 7 and affects versions 1.0.1 through 1.0.1f of OpenSSL, a library that implements the TLS (Transport Layer Security) encrypted communication protocol and which is used by many operating systems, web servers, browsers and other desktop and mobile applications.

via Tor anonymity network to shrink as a result of Heartbleed flaw | PCWorld.

Billions of Smartphone Users affected by Heartbleed Vulnerability – The Hacker News

Monday, April 14th, 2014

Billions of Smartphone Users affected by Heartbleed Vulnerability

Heartbleed has left a worst impression worldwide affecting millions of websites and is also supposed to put millions of Smartphones and tablets users at a great risk.

Android blackberry apple iphone heartbleed

Heartbleed is a critical bug (CVE-2014-0160) in the popular OpenSSL cryptographic software library, that actually resides in the OpenSSL’s implementation of the TLS/DTLS heartbeat extension, which allows attackers to read portions of the affected server’s memory, potentially revealing users data such as usernames, passwords, and credit card numbers, that the server did not intend to reveal.

via Billions of Smartphone Users affected by Heartbleed Vulnerability – The Hacker News.

Millions of Android Devices Vulnerable to Heartbleed Bug – Bloomberg

Friday, April 11th, 2014

Security researchers said that version of Android is still used in millions of smartphones and tablets, including popular models made by Samsung Electronics Co., HTC Corp. and other manufacturers. Google statistics show that 34 percent of Android devices use variations of the 4.1 software and the company has said more than 900 million Android devices have been activated worldwide.

via Millions of Android Devices Vulnerable to Heartbleed Bug – Bloomberg.