It seems as though every week or so there’s a new hack or exploit that reveals millions of passwords or important data from a popular web service, and this week is no exception. On Tuesday, IT professionals got word of a serious flaw in OpenSSL — the browser encryption standard used by an estimated two-thirds of the servers on the internet. The flaw, which was dubbed “Heartbleed,” may have exposed the personal data of millions of users and the encryption keys to some of the web’s largest services. Here’s what you need to know:
What is Heartbleed?
It’s a bug in some versions of the OpenSSL software that handles security for a lot of large websites. In a nutshell, a weakness in one feature of the software — the so called “heartbeat” extension, which allows services to keep a secure connection open over an extended period of time — allows hackers to read and capture data that is stored in the memory of the system. It was discovered independently by a security company called Codenomicon and a Google researcher named Neel Mehta, both of whom have helped co-ordinate the response.
As cryptographer and Johns Hopkins professor Matthew Green describes it, the problem is “a tiny vulnerability — a simple missing bounds check — in the code that handles TLS ‘heartbeat’ messages. By abusing this mechanism, an attacker can request that a running TLS server hand over a relatively large slice (up to 64KB) of its private memory space” (if you’re interested, Green has more technical info about the details of the bug and potential hazards at his site).
The Heartbleed site set up by Codenomicon, which also has more technical information on the bug, calls it “a serious vulnerability… that allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content.”
As Tim Lee at Vox points out in his overview, the lock that you see in your browser’s address bar when you visit a website “is supposed to signal that third parties won’t be able to read any information you send or receive. Under the hood, SSL accomplishes that by transforming your data into a coded message that only the recipient knows how to decipher.” But researchers found it was possible to “send a cleverly formed, malicious heartbeat message that tricks the computer at the other end into divulging secret information.”
The Guardian says the vulnerability was introduced in 2011, apparently by accident when the open-source code was updated, and quotes Matthew Bloch of the hosting company Bytemark as saying: “it is not clear at the moment that there is any way to know whether [hacks based on the bug have] already happened, since the vulnerability has been around for two years.”
Why does it matter?
OpenSSL is used by an estimated two-thirds of the servers currently on the internet, and those known to be affected include most of Yahoo’s web properties, the dating site OKCupid and the image-sharing service Imgur, which handles a lot of the image-sharing on sites like Reddit (Yahoo said late Tuesday that it had patched most of the servers for its core websites). The weakness could allow a hacker to pilfer personal information about users of those sites, including login details, passwords and other important data. The Guardian says the bug means “servers vulnerable to Heartbleed are less secure than they would be if they simply had no encryption at all.”
Heartbleed is a rare bug: a failure in a crypto library that leaks data beyond what it's protecting. So worse than no crypto at all.—
matt blaze (@mattblaze) April 08, 2014
Matthew Green says that unlike some of the fancier crypto-related attacks we’ve seen recently, “Heartbleed doesn’t require any interesting crypto. In fact it’s the result of a relatively mundane coding error. And predictably, this makes it more devastating than all of those fancy attacks put together.”
Ars Technica points out that OpenSSL is “by far the Internet’s most popular open-source cryptographic library and TLS implementation. It is the default encryption engine for Apache, nginx, which according to Netcraft runs 66 percent of websites.” The anonymity project Tor said in a note about the bug: “Expect everybody who runs an https webserver to be scrambling today. If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.”
Who is affected by it?
According to a report in the Guardian, “among the systems confirmed to be affected are Imgur, OKCupid, Eventbrite, and the FBI’s website, all of which run affected versions of OpenSSL. Attacks using the vulnerability are already in the wild: one lets a hacker look at the cookies of the last person to visit an affected server, revealing personal information.” Amazon told The Register that it has dealt with some of the parts of its infrastructure that were vulnerable but still has work to do.
There’s a list of affected companies and sites on Github (as of mid-day Tuesday). The Wall Street Journal says that security researcher Ivan Ristic spent much of Monday creating a tool to test whether a website is affected and estimates that the bug affects 30 percent of servers that are using SSL. The Verge points out that one of the worst things about the Heartbleed weakness is that “it’s old — the bug dates back two years, and it’s still unclear how long anyone’s known about it.”
Codenomicon’s Heartbleed site says the company tested some of its own services from outside, as though it was an attacker, and found that “without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.” Google was reportedly unaffected, as were Twitter and Facebook.
Tim Lee at Vox points out that the bug is likely to be most valuable to intelligence agencies, which have the infrastructure to intercept user traffic on a mass scale: “We know that the National Security Agency has secret agreements with American telecommunications providers to tap into the Internet backbone. Users might have thought that the SSL encryption on websites such as Gmail and Facebook protected them from this kind of snooping. But the Heartbleed bug could allow the NSA to obtain the private keys needed to unscramble these private communications.”
What can you do about it?
If you are a web user, the short answer is not much. You can check the list of sites affected on Github, or you could try a tool from developer Filippo Valsorda that checks sites to see if they are still vulnerable (although false positives have been reported), and you should probably change your passwords for those sites if you find any you use regularly.
As mentioned by commenter Philip Tellis below, you could also check this SSL tool from SSL Labs, which will give you a report on each server behind a specific DNS address. And users should make sure that their browser checks to see if a security certificate has been revoked before connecting — Chrome has this disabled by default but it can be turned on in the settings.
If you are a network administrator or website manager, then you should already be applying the patch and/or recompiling your version of OpenSSL to remove the vulnerability — and you should also be reissuing your SSL security certificates and getting users to create new passwords. The problem is that doing all of this on every server and for every user and service is going to take some time.
As the Verge points out, “the most troubling lesson might be how hard vulnerabilities are to discover, and how damaging they can be once fully revealed.” ICSI security researcher Nicholas Weaver tells the site that the Heartbleed bug is the kind of thing that you would only be able to detect if you ran it through a sophisticated memory-checking test. “This is not the kind of thing that just shows up looking at the code.”
Post and photo thumbnails courtesy of Thinkstock / aetb