I remember the days when people were worried about using the Internet for purchases because they weren’t convinced their credit card information would be transmitted securely. It now turns out that a version of Open SSL that has been in production for two years, and on which https and other services like instant messaging, e-mail, and other web applications use has a gaping security hole called the Heartbleed bug.
And before you deem the use of “catastrophic” in the headline to be an exaggeration, let me turn the mike over to security expert Bruce Schneier:
Heartbleed is a catastrophic bug in OpenSSL:
“The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.
Basically, an attacker can grab 64K of memory from a server. The attack leaves no trace, and can be done multiple times to grab a different random 64K of memory. This means that anything in memory — SSL private keys, user keys, anything — is vulnerable. And you have to assume that it is all compromised. All of it.
“Catastrophic” is the right word. On the scale of 1 to 10, this is an 11.
The Verge explains in layperson terms:
If the “Heartbleed” name sounds dramatic, this bug seems to live up to the hype. It’s already far worse than the GoToFail bug that embarrassed Apple earlier this year, both by the scale of computers affected and the depth of the breach. The new bug would let attackers pull the private keys to the server, letting attackers listen in on data traffic and potentially masquerade as the server. Even worse, it’s old: the bug dates back two years, and it’s still unclear how long anyone’s known about it…
Discovered by Google researcher Neel Mehta, the bug allows an attacker to pull 64k at random from a given server’s working memory. It’s a bit like fishing — attackers don’t know what usable data will be in the haul — but since it can be performed over and over again, there’s the potential for a lot of sensitive data to be exposed. The server’s private encryption keys are a particular target, since they’re necessarily kept in working memory and are easily identifiable among the data. That would allow attackers to eavesdrop on traffic to and from the service, and potentially decrypt any past traffic that had been stored in encrypted form.
And the Heartbleed site explains how you can be exposed:
You are likely to be affected either directly or indirectly. OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet. Your popular social site, your company’s site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL. Many of online services use TLS to both to identify themselves to you and to protect your privacy and transactions. You might have networked appliances with logins secured by this buggy implementation of the TLS. Furthermore you might have client side software on your computer that could expose the data from your computer if you connect to compromised services.
The Atlantic warns that the Heartbleed site can deliver false positives, so test a few times to see if you get the same result, but it very rarely delivers false negatives. A more definitive way to test is to use an SSL tracker; check to see whetehr the certificate’s “issued on” date is later than the security patch.
But there’s a bizarre conundrum if a site registers as unsafe:
If a site tests through as Safe, then it makes sense to change your password there. And all of my email and financial sites are now saying Safe, so the changes I am making there will stick.
But even if a site does not say Safe, the people I have asked say that it still makes sense to change — even though you’ll need to change again when the SSL for that site is fully repaired.
Reasoning: If you change it now, it’s possible that a still-active hacker will capture info today. But if you don’t change it now, anything exploited in the past two years is vulnerable. Also, many sites that are not yet fully protected are on higher alert than they would have been before this news, so hackers may have a tougher time in the new environment than when this was an unknown-unknown.
To give an idea of the degree of the damage, the popular Tor “anonymous” browsing service has ‘fessed up that they were vulnerable (hat tip Ricard Smith) and sets out some of the scope of what else might be affected. Their warning: “…if you need strong anonymity or privacy on the internet, you might want to stay away from the internet entirely for the next few days while things settle.” Canada has frozen its online tax filing services so it can assess its exposure. Apple, Microsoft, and Google don’t appear to be affected but Yahoo is. They issued this statement this afternoon:
Our team has successfully made the appropriate corrections across the main Yahoo properties (Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr and Tumblr) and we are working to implement the fix across the rest of our sites right now.”