|
to AsherN
Re: Heartbleed - zero day critical bug in OpenSSLHeartbeat are only useful in the context of DTLS where the variable sized payloads can be used to support MTU path probing. |
|
|
to Zoder
Here's a good write up: » www.tedunangst.com/flak/ ··· st-reuseanalysis This bug would have been utterly trivial to detect when introduced had the OpenSSL developers bothered testing with a normal malloc (not even a security focused malloc, just one that frees memory every now and again). Instead, it lay dormant for years until I went looking for a way to disable their Heartbleed accelerating custom allocator. Building exploit mitigations isnt easy. Its difficult because the attackers are relentlessly clever. And its aggravating because theres so much shitty software that doesnt run properly even when its not under attack, meaning that many mitigations cannot be fully enabled. But its absolutely infuriating when developers of security sensitive software are actively thwarting those efforts by using the worlds most exploitable allocation policy and then not even testing that one can disable it. Update: Turns out Im not the first person to run into this. Heres a four year old bug report. And another. Thanks Piotr! » rt.openssl.org/Ticket/Di ··· ss=guest» rt.openssl.org/Ticket/Di ··· ss=guest |
|
1 recommendation |
to 19579823
Re: A good way to become poor is to bet against Hanlon's razor. |
|
dslcreature |
to Steve
Re: Heartbleed - zero day critical bug in OpenSSLThe really sad part about all of this is that heartbeat feature is completely unused and completely useless. |
|
dave Premium Member join:2000-05-04 not in ohio |
to DarkSithPro
He's not apparently talking about heartbleed there; he's talking about a different use-after-free bug, which he ran into while looking for heartbleed mitigation. |
|
|
|
to DarkSithPro
quote: Got a question for you LL, Steve and the other programmers in here. This site: »mashable.com/2014/04/09/ ··· ffected/ shows the affected websites. Notice not one of the banks and financial institutions use OpenSSL? Is there a reason for that?
I see that Vanguard is on that list. Here is their response:quote: Heartbleed was discovered in OpenSSL, the data encryption standard used by a majority of websites around the worldincluding Vanguard'sto transmit information securely. It lets attackers steal confidential data without being noticed, including passwords, bank account information, stored files, and Social Security numbers. Since the bug was discovered, many websites have taken steps to address the flaw.
So I guess you are some banks do use openssl. |
|
intok (banned) join:2012-03-15
1 recommendation |
to planet
said by planet:Trying to understand this vulnerability. So a hacker steals SSL keys that allow them to log into a secure server and steal some (ram??) memory. The memory that is stolen would need to have secure data stored in real time the hacker is accessing? So, hypothetically, how many passwords, credit card data, etc could be stored in that amount of memory? This is the best explanation I've seen. » xkcd.com/1354/ |
|
AsherN Premium Member join:2010-08-23 Thornhill, ON |
to planet
said by planet:Trying to understand this vulnerability. So a hacker steals SSL keys that allow them to log into a secure server and steal some (ram??) memory. The memory that is stolen would need to have secure data stored in real time the hacker is accessing? So, hypothetically, how many passwords, credit card data, etc could be stored in that amount of memory? No. Client sends a packet to the server to keep a session alive. The packet contains a data payload, and the size of the payload. Server returns the payload. Problem is, the client can send 1K and say I sent 64K. The server returns 64K, the 1K of the payload, and the next 63K. That 63K contains data. What is in there is unknown. It may contain garbage, or a hashed user ID and password, or maybe an encryption key. There is a risk. It's up to you to try to figure out what the odds are. |
|
intok (banned) join:2012-03-15 |
to LanDroid2
Re: Alex Jonessaid by LanDroid2:Alex "My gut says it, it's never been wrong" Jones. Where do you think Colbert got the idea for the "Your Gut Has more nerve Endings Then Your Brain, Thus Your Gut Is Smarter Then Your Brain"? |
actions · 2014-Apr-12 12:05 am · (locked) |
dib22 join:2002-01-27 Kansas City, MO |
to GuruGuy
Re: Heartbleed - zero day critical bug in OpenSSLsaid by GuruGuy:That's interesting. The article mentions that Google and Facebook had fixed the issue. From testing both, their certs have NOT been updated, so the issue is not "fixed". Just noticed this... wonder if this means they knew and patched on the 2nd or if they just had a cert update scheduled for some other reason... someday they will say I suspect. |
|
GuruGuy Premium Member join:2002-12-16 Atlanta, GA 1 edit |
GuruGuy
Premium Member
2014-Apr-12 4:54 am
said by dib22:said by GuruGuy:That's interesting. The article mentions that Google and Facebook had fixed the issue. From testing both, their certs have NOT been updated, so the issue is not "fixed". Just noticed this... wonder if this means they knew and patched on the 2nd or if they just had a cert update scheduled for some other reason... someday they will say I suspect. Those certs are only valid for 60 days strangely enough. I looked at my Yahoo certs and they too are short. 4/7 to 4/25. |
|
norwegian Premium Member join:2005-02-15 Outback |
to dslcreature
So TLS1.0 has been belted around and still alive from other exploits before this event.
I'm still wondering why justification for TLS1.0 is still about. 2 years ago it was lost, ineffective and redundant. What changed? |
|
|
to Zoder
Given that versions of Linux are used in things like routers, it might be a good idea to check with your router firmware vendor, for example DD-WRT comments: quote: Fri, 04/11/2014 - 08:17 admin
The Heartbleed vulnerability in discovered in OpenSSL 1.0.1 - 1.0.1f is one of the most serious matters in encrypted data communication during the last years. First of all we can ensure you that the encrypted web services like the DD-WRT Online Shop and the Activation center never have been affected because the OpenSSL version we are using does not contain the vulnerability.
Currently the main focus of the Heartbleed discussion lies on web servers using SSL/TLS but other services on Linux systems are also using OpenSSL. By default none of these services is enabled in DD-WRT - nevertheless it is important that you check your router settings to find out if you might be affected by Heartbleed.
The Heartbleed vulnerability allows an attacker to read random 64k blocks of memory of the service using OpenSSL (with TLS). Since every request delivers another 64k memory block an attacker could retrieve sensitive data from the service i.e. private keys. More detailed information about Heartbleed can be found in the security advisory:
»www.kb.cert.org/vuls/id/720951
and here:
English: »www.infoq.com/news/2014/ ··· leed-ssl German: »www.golem.de/news/openss ··· 740.html
In DD-WRT itself the following services are using OpenSSL with TLS: openvpn squid freeradius asterisk curl pound tor transmission
OpenSSL was updated immediately in the DD-WRT SVN repository. It can take a view days until we can provide updated versions for all routers. User running critical applications can contact us via the info mail form - but please check first if your setup is really affected by Heartbleed.
We will update this information when new information becomes available.
» dd-wrt.com/site/content/ ··· servicesBlake |
|
Link Logger |
to Zoder
|
|
dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2014-Apr-12 2:22 pm
Instant global celebrity!
(Possibly not in a way he'd have wished for, though) |
|
1 edit |
to Link Logger
said by Link Logger:The next person who uses the phrase "many eyes make for shallow bugs" gets to buy drinks for everyone affected by the #OpenSSL bug. OpenSSL is crypto software, which is notoriously difficult to audit. Your average C programmer wouldn't have a clue how to do so (see the Debian SSL bug where one programmer thought he was cleaning up the code. Instead he broke it because he didn't understand crypto). Not to mention that it is poorly written and the codebase is a mess. A lot of people have wanted to do a complete overhaul and rewrite of it from the ground up, even before this bug was found. One problem with OpenSSL is that it is not well funded. A lot of big companies rely on it yet do not give anything back for its development and maintenance. This needs to change. Since OpenSSL is THE default encryption suite used by 2/3's of the webservers on the Internet, it is a shame and a disgrace that it is not taken more seriously or funded more than it is. Being open-source is not the problem. If it were NOT open-source, this bug probably would persist for a number of more years. What we need is a rewrite of it in a safer language like Ada or Haskell. This notion that it is C or nothing has got to change. C is responsible for most of the security vulnerabilities we have seen for the past 20 years. People just can't (or won't) learn how to safely program in C. We see it time and time again with coders making the same stupid mistakes. Hopefully this bug will be a wake-up call. We need more resources (and more eyes by experts in the field) on important code like this that is responsible for literally securing the global online economy. One last point: we need better vetting of the programmers working on such code. Who are they? Who pays them? What's their credentials? Are they NSA plants (a very real possibility). The vulnerability has existed since December 31, 2011, how long its been exploited, Microsoft has had severe security bugs in Windows that persisted for 17 years. Some of them they have said "can't be fixed." |
|
dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2014-Apr-12 4:38 pm
If programmers "can't" learn to write safe C code, good luck in teaching them to use a functional language like Haskell! |
|
|
to MaynardKrebs
said by MaynardKrebs The 5 Eyes intelligence community is probably laughing their collective asses off right now - about how long it took the vaunted open source "the more eyes the better" to find this bug, and how SLOPPY the coding/testing is in open source security products.
At the same time they are probably mourning the passing of this bug.
But then again, the intelligence community will still keep the code that exploits this bug around - because it's bound to resurface in another iteration of the open source code ..... around the time the current crop of greybeards who knew how to code all retire, and all the new kids take over.
{beer for everyone} The 5 eyes intelligence community is probably laughing even harder at those who continue to use Microsoft products (of which backdoors have been planted and will likely never be discovered). Remember, NSA has access to all of Microsoft's source code and routinely works with them on "securing Windows." Just as they worked with NIST on creating a "secure RNG" which the Snowden documents proved was a trojan horse with a backdoor (as some researchers had long suspected anyway). And let's not forget that an NSA spokesman said recently that "these companies knew all about these intelligence programs we were running and were fully complicit in them." So Google, Yahoo, Level3, Facebook, Microsoft (skype), Apple were all lying when they said "we had no knowledge." They are just as responsible as NSA in this whole debacle. They are just trying to spin it now so they don't lose revenue (too late). Bottom line, nothing is safe from the intelligence community and we are fooling ourselves if we ever think anything electronic will be safe from state actors with billions to spend. They have rigged the game and have backdoors and trojans planted God knows where, most of the time with the vendor's full approval. This is why it's futile to even discuss it. NSA will always be able to spy on anyone or anything they want. It's just a fact of life we will always have to deal with. It won't ever change. Ever. The powers that be (Congress, President, Military) covet knowing everything about everyone. All we can do is try and secure our networks against script kiddies and identity thieves. |
|
dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2014-Apr-12 4:46 pm
Your use of 'quote' seems a bit off. |
|
|
said by dave:Your use of 'quote' seems a bit off. Fixed. You see, even posting on forums results in misstypes and bugs. Imagine trying to write crypto software in C. And my point about other languages is that many of them would have prevented this bug without the programmer having to do anything. Ada for instance. |
|
19579823 (banned)An Awesome Dude join:2003-08-04 1 edit |
to norwegian
quote: I'm still wondering why justification for TLS1.0 is still about.
Maybe cause 1.0 is default and most recognised?? (If you cut 1.0 off,you may affect alot of people) Thats not why sites updated thier certs the other day (TO BLOCK PEOPLE) so they should allow the same TLS,etc they did before.... |
|
gnome84 join:2014-04-12 Saint Paul, MN |
to KodiacZiller
Re: Heartbleed - zero day critical bug in OpenSSLsaid by KodiacZiller:What we need is a rewrite of it in a safer language like Ada or Haskell. This notion that it is C or nothing has got to change. C is responsible for most of the security vulnerabilities we have seen for the past 20 years. People just can't (or won't) learn how to safely program in C. We see it time and time again with coders making the same stupid mistakes. Can a proprietary C compiler be written that strictly enforces safe programing? Essentially a drop in replacement for GCC on Linux. Might make portage distro's a unique alternative. |
|
|
said by gnome84:said by KodiacZiller:What we need is a rewrite of it in a safer language like Ada or Haskell. This notion that it is C or nothing has got to change. C is responsible for most of the security vulnerabilities we have seen for the past 20 years. People just can't (or won't) learn how to safely program in C. We see it time and time again with coders making the same stupid mistakes. Can a proprietary C compiler be written that strictly enforces safe programing? Essentially a drop in replacement for GCC on Linux. Might make portage distro's a unique alternative. Here's a post from Hacker news that I think sums it all up nicely. Emphasis is mine. quote: yaakov34 4 days ago | link
There was a discussion here a few years ago about memory vulnerabilities in C. Some people tried to argue back then that various protections offered by modern OSs and runtimes, such as address space randomization, and the availability of tools like Valgrind for finding memory access bugs, mitigates this. I really recommend re-reading that discussion.
My opinion, then and now, is that C and other languages without memory checks are unsuitable for writing secure code. Plainly unsuitable. They need to be restricted to writing a small core system, preferably small enough that it can be checked using formal (proof-based) methods, and all the rest, including all application logic, should be written using managed code (such as C#, Java, or whatever - I have no preference).
This vulnerability is the result of yet another missing bound check. It wasn't discovered by Valgrind or some such tool, since it is not normally triggered - it needs to be triggered maliciously or by a testing protocol which is smart enough to look for it (a very difficult thing to do, as I explained on the original thread).
The fact is that no programmer is good enough to write code which is free from such vulnerabilities. Programmers are, after all, trained and skilled in following the logic of their program. But in languages without bounds checks, that logic can fall away as the computer starts reading or executing raw memory, which is no longer connected to specific variables or lines of code in your program. All non-bounds-checked languages expose multiple levels of the computer to the program, and you are kidding yourself if you think you can handle this better than the OpenSSL team.
We can't end all bugs in software, but we can plug this seemingly endless source of bugs which has been affecting the Internet since the Morris worm. It has now cost us a two-year window in which 70% of our internet traffic was potentially exposed. It will cost us more before we manage to end it.
Full thread where programming nerds debate the merits of C: » news.ycombinator.com/ite ··· =7548991 |
|
dave Premium Member join:2000-05-04 not in ohio |
to gnome84
I doubt it. You're forced to deal with the protocol as it is defined, not as you'd like it to be. I suppose if one treated the whole message as an array, and did not use pointers, then you'd get an out-of-bounds exception with a compiler than provided such a thing.
But if you had to write code to work with such a compiler, it would no longer look like idiomatic C code. That's just not the C way; it would be C with a funny accent.
Fundamentally, C has free-roaming pointers as its only mechanism for dealing with certain programming issues, and you can't not use it. You can't bolt on safety features without radically changing the language. Changing the language is fine, but it is no longer C.
Microsoft C compilers do have a mode where they encourage so-called safer programming, but they achieve that by draconian restrictions on what functions can be used. It's irritating to those of us that think we can in fact program safely in C.
(These days I do not write C, so don't harangue me about being hung up on Ye Olde Langyagges) |
|
|
to KodiacZiller
said by KodiacZiller:The 5 eyes intelligence community is probably laughing even harder at those who continue to use Microsoft products (of which backdoors have been planted and will likely never be discovered). Just like all the backdoors the 5 eyes intelligence community planted in Linux?? Blake |
|
your moderator at work
hidden : Personal attacks
|
gnome84 join:2014-04-12 Saint Paul, MN |
to KodiacZiller
Re: Heartbleed - zero day critical bug in OpenSSLThanks for the link. IMHO a very strict compiler might catch that a pointer is utilized for the request packet and then again for the payload. |
|
|
cme01 to Zoder
Anon
2014-Apr-12 8:00 pm
to Zoder
i use google and youtube....what does this mean for me.
i saw the heartbleed thing in the news. |
|
|
to Zoder
I think we have a good mixture here at the dslr security forum, where some of us n00bs with no programming, or professional security knowledge talk with veteran, hardcore programmers and security professionals and industry white hats. I bet it's quite entertaining for some of you who code daily that post stuff beyond our comprehension, that would make us scratch our heads in confusion. We look up you guys for knowledge, so bear with us so we can learn from the pro's and lets keep it entertaining |
|
|
to Link Logger
said by Link Logger:said by KodiacZiller:The 5 eyes intelligence community is probably laughing even harder at those who continue to use Microsoft products (of which backdoors have been planted and will likely never be discovered). Just like all the backdoors the 5 eyes intelligence community planted in Linux?? Blake Perhaps they have, and after the Snowden revelations I would not be surprised at all. But we don't know whether they have or not and it is doubtful that any kernel devs would willingly go along with it. On the other hand, I can almost bet that Microsoft has allowed such shenanigans, which is worse because everything is done behind a closed door and no one can see the code. We do know that Microsoft made changes to Skype which allowed NSA the ability to eavesdrop on all "encrypted" calls. |
|