Another month, another ancient OpenSSL vuln. with a silly name. This time, it's FREAK -- Factoring RSA Export Keys (which doesn't even match the acronym).
The bug stems from crypto Export controls negotiated in the G.H.W.Bush era.
In IT Blogwatch, bloggers love to blame NSA interference.
Your humble blogwatcher curated these bloggy bits for your entertainment.
Craig "tip of the" Timberg sinks security hopes: [You're fired -Ed.]
For more than a decade [it] left users of Apple and Google devices vulnerable [because of] a former U.S. government policy that forbade the export of strong encryption.
The problem illuminates the danger of unintended security consequences at a time when top U.S. officials...have called for technology companies to provide “[back] doors”.
Nadia Heninger, a University of Pennsylvania cryptographer...found that she could crack the export-grade encryption...in about seven hours, using [AWS]. ... More than one third of encrypted Web sites...proved vulnerable to attack. ... FBI.gov and Whitehouse.gov have been fixed, though NSA.gov remains vulnerable. MORE
Jeremy Kirk out:
An Apple spokesman said Tuesday that software updates for iOS and OS X will be released next week. Google said it has distributed a patch to its partners that will protect Android's connection to vulnerable websites.
Today's protocols use longer encryption keys, and the standard is 2,048-bit RSA. The 512-bit keys were considered secure two decades ago, but an attacker could recover the key...today. MORE
Johns Hopkins University Prof. Matthew Green blogs about zombies and political stupidity:
[It's] a nasty bug in some TLS/SSL servers and clients. ... Serious vulnerabilities...that allow a 'man in the middle attacker' to downgrade connections from 'strong' RSA to 'export-grade' RSA.
SSL and TLS [are] like a work in progress. In part this is because they were developed during an era when modern cryptographic best practices weren't nailed down [so] many software implementations still get things wrong. ... The U.S eventually lifted the most onerous of its export policies. Unfortunately, the EXPORT ciphersuites didn't go away...they live on like zombies.
Some modern TLS clients -- including Apple's SecureTransport and OpenSSL -- have a bug [that] causes them to accept RSA export-grade keys even when the client didn't ask for export-grade. ... No matter how bad you think the Internet is, it can always surprise you.
The export-grade RSA ciphers are the remains of a 1980s-vintage effort to weaken cryptography. ... This might be an academic point if it was only a history lesson. However...politicians have been publicly mooting the notion of a new set of cryptographic backdoors. ... To be blunt...backdoors will always turn around and bite you in the ass. MORE
And Ed Felton agrees, using this fowl analogy:
The chickens...come home to roost. [It's] a good example of what can go wrong when government asks to build weaknesses into security systems.
Crack[ing] 512-bit RSA keys...back in the ‘90s...would have required a heavy-duty computation, but today it takes about 7 hours...and costs about $100. ... Popular sites appear to be vulnerable, including americanexpress.com, groupon.com, bloomberg.com, kohls.com, marriott.com, and usajobs.gov.
Next time you hear a government official ask...to protect their own access to data, ask yourself:..How do we know we won’t regret this later? MORE
But Thomas Fox-Brewster walks away from the hen-house echo-chamber:
Don’t let it completely freak you out. ... Carrying out FREAK attacks isn’t trivial.
This all sounds scary, but in reality, there are easier ways for snoops and criminals to spy on your online lives. MORE
You have been reading IT Blogwatch by Richi Jennings, who curates the best bloggy bits, finest forums, and weirdest websites… so you don't have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or email@example.com. Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.