Chicken Little says you can't rely on open sores.
OpenSSL's TLS and DTLS implementations are badly broken -- testing our faith in open source. Last month it was GnuTLS that fell victim to an old crypto flaw, now it's OpenSSL's turn to give the lie to the "all bugs are shallow in the bazar" bizarre mantra.
The snappily-named CVE-2014-0160 bug, aka Heartbleed, is a truly epic vulnerability, which has been silently widespread on the net for two years. Naturally, there's much speculation that the NSA and GCHQ have been exploiting the bug for some time.
In IT Blogwatch, bloggers duck and cover from falling skies (and small poultry).
Your humble blogwatcher curated these bloggy bits for your entertainment.
Steve Ragan reports:
Since news of the OpenSSL bug started to spread...administrators and vendors have made a mad scramble to patch the Heartbleed bug...the flawed implementation of the [TLS] heartbeat option.
…In short, the flaw allows anyone...to read the memory of systems implementing...OpenSSL in 64kb chunks. Doing so allows them to access...secret keys, usernames and passwords [even] in some cases, content itself.
...[It's] existed for two years [but] there are a number of mitigating factors that would leave a website immune. MORE
Timothy B. Lee tries to explain, with a friendly FAQ:
The majority of SSL-encrypted websites are based on an open-source software package called OpenSSL. ... If an attacker obtains a server's private keys, it can read any information sent. ... It may even be able to use the secret key to impersonate the server. ... The problem...was discovered independently by researchers at Codenomicon and Google Security.
…Of course, the bug is likely to be most valuable to intelligence agencies, which have the infrastructure to intercept user traffic on a mass scale. ... Users might have thought that the SSL encryption on websites such as Gmail and Facebook protected them...but the Heartbleed bug could allow the NSA to obtain the private keys. ... It wouldn't be surprising. MORE
The outrageously fortunate Sandro Süffert suffers slings and arrows: [You're fired -Ed.]
Important: if your servers are vulnerable, patch them now and also generate new private key + certificate AND revoke the old certificate (and replace any other important info that might have been leaked before you patch - even reset user passwords if you are not sure).
…Upgrade to OpenSSL 1.0.1g or recompile with -DOPENSSL_NO_HEARTBEATS. ... All session keys and session cookies must be expired/invalidated. ... Consider implementing perfect forward secrecy to protect against current and future attack.
…Aim for completeness – vulnerable OpenSSL distributions run on at least eight operating systems. MORE
Prof. Matthew Green says "something terrible" has happened, but goes on to make a constructive suggestion:
It's the result of a relatively mundane coding error [which] makes it more devastating than all of those fancy attacks [BEAST, CRIME, Lucky13, etc.] put together.
…Heartbleed is a surprisingly small bug...in OpenSSL versions 1.0.1 through 1.0.1f. [It's] a simple missing bounds check. ... You should care about this because...a hell of a lot of the security infrastructure you rely on is dependent in some way on OpenSSL. ... Unfortunately it's pretty nasty.
…The OpenSSL team...is surprisingly small. [It] maintain[s] the world's most popular TLS library -- a hard job with essentially no pay. ... The OpenSSL developers have a pretty amazing record. ... Maybe in the midst of patching their servers, some of the big companies that use OpenSSL will think of tossing them some real no-strings-attached funding. MORE
BTW, there's a rumor going 'round that Cloudflare disclosed the vuln irresponsibly. John Graham-Cumming twages against the machine:
Not true. ... Makes me mad. ... Such BS.
…It's simply incorrect that [we] announced #heartbleed before others. ... I personally observed the OpenSSL announcement having [first] been made and posted. MORE
Subscribe now to the Blogs Newsletter for a daily summary of the most recent and relevant blog posts at Computerworld.