[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Tue, Apr 08, 2014 at 02:27:42PM +0100, bad apple wrote: > And you know what? I'm not that worried actually. Whilst it is obviously > a catastrophic flaw in OpenSSL I've been using PFS (Perfect Forward > Security) everywhere, with no exceptions, for a while now after the > CRIME/BEAST attacks and this heavily mitigates the impact. This renders > any recorded traffic flows useless even with a compromised cert and > forces an attacker back to computationally expensive active MITM > attacks - definitely possible, but back to manageable levels of worry, > not "the sky is falling" levels. Obviously, PFS is a particularly good idea, but isn't that only necessary against powerful adversaries? This vulnerability means that anyone can potentially steal any information stored in memory on your server running OpenSSL. > Obviously, the researchers want to talk up their finding as much as > possible but I want to see a PoC of this 'easy' recovery of openssh > certs/keys, user+pass details, etc, and I'm not the only one. I don't > think it follows that it's anywhere near as easy as they're stating that > it is - I mean, *any* data? From a vulnerability that can 'only' read up > to 64k in the process that does the TLS heartbeat without a choosable > offset and a rapidly growing heap? Sure, this is bad, but is it that > bad? I want to see code. Yahoo login details? http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ (Ah, you've found that blog post too.) > I had a good look at the various honeypots we run during the chaos which > quite intentionally obviously catch a lot of bad behaviour and run > intentionally weak security - if this was really as bad as the > researchers were saying then I would expect to see them utterly > compromised at this point yet none of the planted canaries have been > triggered at all other than the usual boring daily crap. I'd expect them > all fully and comprehensively root compromised with most of the usual > logging conspicuously absent yet despite their routine daily torrent of > abuse they're just functioning as usual. I don't think the flaw has been widely known for long enough for attacks to have been automated. And there are many millions of vulnerable servers. So I think it's normal that a few honeypots haven't been compromised. And it might take a while. And perhaps they've only obtained the private keys and haven't done anything to them. > This again makes me think that > while it's entirely possible, if not probable, that our friends at the > NSA/GCHQ/etc are entirely skilful enough to have detected and started > exploiting this bug it's either not as bad as stated, harder to reliably > exploit than stated (you're going to notice in the logs when your SSL > linked services start crashing a lot), less well spread than expected, > or all of the above. I don't think anyone has suggested that attacks are widespread. > There are already several online tools to scan a site for vulnerability: > > http://filippo.io/Heartbleed/ This one gives false positives. > http://s3.jspenguin.org/ssltest.py Doesn't work for me. (Gives empty file.) > One of my friends emailed earlier from the depths of his server room: > "Thank god I don't run Linux on any of my machines any more: I'm so glad > I switched them all to Windows XP today!" :-) Anyway, sorry to hear about your lack of sleep over this. Just think of all those people at the three/four letter agencies who have spent the night reading as much server data as possible. Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq