[tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL

rysiek rysiek at hackerspace.pl
Fri Apr 11 07:43:03 PDT 2014 

Dnia piÄ…tek, 11 kwietnia 2014 16:32:44 Georgi Guninski pisze:
> On Fri, Apr 11, 2014 at 03:07:09PM +0200, tpb-crypto at laposte.net wrote:
> > > Message du 11/04/14 05:44
> > > De : dan at geer.org
> > > 
> > > > It makes me wonder if the NSA was involved in inserting this bug into
> > > > OpenSSL clients and servers.
> > > 
> > > If they did it, someone got a promotion. If they are as surprised
> > > as you are, someone got fired.
> > > 
> > > In the meantime, tell me that gcc is so compact and well vetted that
> > > there is no room in it for insertions...
> > 
> > This article makes an interesting point, we got to dig a bit more from our
> > pockets:
> > 
> > http://www.wired.com/2014/04/heartbleedslesson/
> > 
> > The second point I wish to make is the surprise by which the original
> > developer took the issue. Maybe, just maybe, he did not create that flaw
> > at all.
> > 
> > It could have been inserted into the OpenSSL repository through a backdoor
> > ... or why would the spies by so interested in hacking professors that
> > deal with crypto and whose word is trusted by the masses? Like they did
> > to a Belgian cryptographer? Was that fellow nerd a turrist of sorts?
> > 
> > It may be possible that Segelmann did his job correctly, that the reviewer
> > did his job correctly, but someone unknown may have changed it just a
> > little bit before delivery.
> > 
> > 
> > Besides funding projects like OpenSSL better, we should start considering
> > the security of the repositories themselves.
> > 
> > What ya fellow coders think?
> 
> I certainly don't trust repositories ;)
> 
> btw, I think this heartbleed story is
> exaggerated. If it were code execution
> it would have been much worse.
> 
> browser vendors fix _a lot_ of
> "unspecified memory hazards" every few
> months.
> 
> IMO getting owned by a browser bug is
> much more likely than by heartbleed.

How do you get owned by a browser bug on a server? I mean, HB is huge, 
because:
 - it affects servers;
 - potentially allows access to private keys and passwords;
 - this, in case of forward-secrecy-less setups allows the bad guys to
   decrypt all saved traffic.

It's as bad as any root-level remote exploit on a server. And because, you 
know, "everybody uses OpenSSL", and because it was unknown but in the code for 
2+ years, the attack surface was (and is) huge.

> Is there a significant rise of revoked certs caused
> by HB paranoia?

No idea, but we're considering revoking ours.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140411/fd87c321/attachment-0002.sig>

More information about the cypherpunks mailing list