| Google disables SSL compression in Chrome against new attack So there is a new attack on SSL-encrypted sessions that is due to be presented soon. Google have disabled OpenSSL compression in Chrome (»chromiumcodereview.appspot.com/1···atch/1/2). This is in response to the new attack which was developed by the same guys who published the BEAST tool to hijack cookies from SSL sessions last year.
There is an excellent description of the (proposed) method by which this attack works over on Stackexchange: »security.stackexchange.com/quest···14#19914
Basically, by using the fact that a cookie string repeated twice in a HTTPS body will be compressed to different (known) sizes, the attackers can figure out the cookie value byte by byte. Disabling compression of SSL sessions prevents this.
--
Mischel Internet Security - Developer of TrojanHunter |
|
| The Chromium bug entry for this is at »code.google.com/p/chromium/issue···d=139744 -- however, you will get a 403 forbidden when trying to view this, so this is a sure sign that it's pertaining to a security vulnerability. Normally Chromium bug entries are viewable by anyone.
I tried looking into the Firefox source code. As best I can tell, SSL compression is off in Firefox by default. Specifically, the file sslsock.c contains an array called sslOptions with this setting:
static sslOptions ssl_defaults = {
...
PR_FALSE, /* noLocks */
PR_FALSE, /* enableSessionTickets */
PR_FALSE, /* enableDeflate */
This should mean that SSL compression is not enabled by default in Firefox. I couldn't find any recent changes to this file either when checking the diffs.
--
Mischel Internet Security - Developer of TrojanHunter |
|
|
|
 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to MagnusM
|
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to MagnusM
On the Beast last year....
"That decryption happens slowly, however; BEAST currently needs sessions of at least a half-hour to break cookies using keys over 1,000 characters long."
SSL Server Test
This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet. Please note that the information you submit here is used only to provide you the service. We don't use the domain names or the test results, and we never will.
»www.ssllabs.com/ssltest/index.html
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
| reply to MagnusM
Crack in Internet's foundation of trust allows HTTPS session hijacking:
CRIME works only when both the browser and server support TLS compression or SPDY
Microsoft's Internet Explorer, Google's Chrome and Mozilla's Firefox browsers are all believed to be immune to the attack, but at time of writing smartphone browsers and a myriad of other applications that rely on TLS are believed to remain vulnerable.
Representatives from Google, Mozilla, and Microsoft said their companies' browsers weren't vulnerable to CRIME attacks. Both Google and Mozilla released patches after the weaknesses were privately reported by Juliano Rizzo and Thai Duong, the researchers who devised the CRIME exploits. Internet Explorer was never vulnerable because it never supported SPDY (pronounced "speedy") or the TLS compression scheme known as Deflate.
Even when a browser is vulnerable, an HTTPS session can only be hijacked when one of those browsers is used to connect to a site that supports SPDY or TLS compression. |
|
 DownTheShoreHelp Moore OklahomaPremium
join:2003-12-02
Beautiful NJ
kudos:12 | reply to MagnusM
As a Pale Moon user (a Firefox variant), how can I tell if it is using the SSL compression or not? What do I query? |
|
| When I was looking at this I searched for an about:config setting, but as best I can tell there is no pre-entered setting for this. I'm sure there is a string you can enter to control it manually. There shouldn't be any need to, though, if they're using a recent branch off the Firefox source tree.
--
Mischel Internet Security - Developer of TrojanHunter |
|
 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2
 ·CenturyLink
| In about:config search for SPDY settings. Disable (set to false) all SPDY support.
quote:
network.http.spdy.enabled = false
network.http.spdy.enabledv2 = false (present in FF 15)
Don't forget to restart the browser!
Ref: »isc.sans.edu/diary/More+SSL+trouble/14089
--
Don't feed trolls--it only makes them grow! |
|
DownTheShoreHelp Moore OklahomaPremium
join:2003-12-02
Beautiful NJ
kudos:12 Reviews:
·Verizon Online DSL
| Found the entries in Pale Moon (v.15.0):
|
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| From SPDY
quote:
SPDY is similar to HTTP, with particular goals to reduce web page load latency and improve web security.
...
An independent study shows that, in testing, the page load time with SPDY is not significantly different on most websites from HTTP or HTTPS, because old optimization techniques such as splitting the content between many hosts prevent pipelining from taking place.
--
Don't feed trolls--it only makes them grow! |
|
| reply to DownTheShore
Set as above. |
|
 trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:2 | reply to MagnusM
So basically this issue is a problem for all browsers? |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| said by trparky:So basically this issue is a problem for all browsers?
No.
From the link I posted above.
quote:
Both the Firefox and Chrome browsers [and their variants] also support this protocol. Internet Explorer and Safari does not support SPDY and are not vulnerable.
--
Don't feed trolls--it only makes them grow! |
|
Reviews:
·WestNet Broadband
| reply to MagnusM
I'm having troubles finding anything in Opera for SSL (other than SSLv3 - enabled) and/or SPDY. But as SSL loading has been a concern since ver 12 for me, I'm not getting anything loaded correctly.
But as it mentions a javascript process for it off the links from MagnusM  this image suggests it is off by default in Opera, it is the only https item listed that could be relative. |
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to StuartMW
No, Fx 4.0.1 and Fx 10.0.7 Enterprise do NOT support this protocol.
Sea Monkey, older version 2.6.1, does NOT support this protocol. However, SM current version 2.12.1 does and has a bunch of entries in about:config.
So this protocol was added to Mozilla browsers within the last six months thereabouts. Just another reason to avoid the insanity of the current "race to death" frantic, constant updating of browsers. I don't see limitations in Fx 4, or 10, or the earlier SM, because they don't have this "feature". At least, I only have to disable in SM 2.12.1.
I haven't checked Opera 12 yet.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
Reviews:
·WestNet Broadband
| reply to MagnusM
I did find this link at dev.opera though.
»dev.opera.com/articles/view/oper···y-build/
quote:
SPDY would come in Opera 12.50 (if it's not hit by any major problems)
which isn't too far away? The team may review needs should this all come to head before release I would think? Speculation though. |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| reply to Mele20
said by Mele20:So this protocol was added to Mozilla browsers within the last six months thereabouts.
FF 12.0, which was released in late April 2012, included SPDY v1 support but it was disabled by default. As I recall v13.0 enabled it by default.
FF 15.0 has SPDY v1 and v2 enabled by default but v3 (supported) is disabled.
As I posted above disabling SPDY doesn't have much effect so just turn it off and be happy (or not) 
--
Don't feed trolls--it only makes them grow! |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to MagnusM
Rizzo said that browsers that implement either TLS or SPDY compression are known to be vulnerable. That includes Google Chrome and Mozilla Firefox, as well as Amazon Silk. But the attack also works against several popular Web services, such as Gmail, Twitter, Dropbox and Yahoo Mail. SPDY is an open standard developed by Google to speed up Web-page load times and often uses TLS encryption.
Google and Mozilla have developed patches to defend against the CRIME attack, Rizzo said, and the latest versions of Chrome and Firefox are protected.
»www.youtube.com/watch?feature=&v=gGPhHYyg9r4
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to norwegian
Thanks for the link. That was an interesting article. I knew very little about SPDY and any browser until this thread and that article was informative not just for Opera but in a more general way also.
I don't use secure web browsing except for banking or logging in somewhere. It puzzles me why there is a push for secure browsing when it is just ordinary browsing. I saw the Opera article refer to a Fx extension that shows you when SPDY is being used. I hope it will install on SM since I don't have a Fx version that has SPDY.
I wonder if this is the beginning of the eventual end of Proxo? I don't use Proxo SSL because the only SSL I need is for banking, and logging in sites that require that, and the rare times when I purchase something on the internet (and I am extremely reluctant to do that so only if I absolutely have to as I can't find the item here or a reasonable substitute).
I obviously don't care how fast a browser is since my favorite browser is Fx 4 and it is much slower than Opera 12 but Opera 12 is an awful browser. Why sacrifice a good browser on the speed altar? So, I am not in need of SPDY and will disable it on any browser I see it on.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to MagnusM
Looks to me one would still have to do a MITM for this one.
»blog.whitehatsec.com/crime-mitm-and-xss/ |
|
