Overclock.net › Forums › Industry News › Software News › [AT] Critical Crypto Bug in OpenSSL Opens Two-Thirds of the Web to Eavesdropping
New Posts  All Forums:Forum Nav:

[AT] Critical Crypto Bug in OpenSSL Opens Two-Thirds of the Web to Eavesdropping - Page 3

post #21 of 54
Quote:
Originally Posted by un-nefer View Post

Such a beat up - the bug was fixed in 1.0.1g within 2 days of being confirmed - so update and the bug is patched.

Seriously, arstechnica just stopped to a new low.
"Fully recovering from the two-year-long vulnerability..."

It was only confirmed to exist on Sat, 5 Apr 2014, and while it is applicable only to versions 1.0.1 through 1.0.1f (and including 1.0.2beta), by using the words "two-year-long vulnerability", arstechnica pathetically attempts to skew things in an effort to portray the OpenSSL devs as incompetent, subtly suggesting that the OpenSSL devs knew about this bug for 2 years and left OpenSSL vulnerable for that full 2 years, when, in fact, it was patched out within 2 days of being confirmed.


Maybe I just read good.


What I gathered was the vulnerability existed for 2 years and they only found it April 5th and it was patched a few days after that. It's not that they knew it existed two years and didn't do anything. It's that they didn't know it existed and as soon as they did they patched it.


Regardless, you we all were still highly vulnerable for 2 years.
 
4th time
(18 items)
 
3rd time
(11 items)
 
CPUMotherboardGraphicsRAM
5820k ASrock x99 Fatal1ty professional Gigabyte 1080 ti Corsair Vengeance DDR4 CAS 15 32GB 
Hard DriveCoolingOSMonitor
Samsung EVO 850 1TB SSD Corsair 110i GTX Microsoft Windows 10 Professional Acer 24 inch IPS 
MonitorMonitorMonitorKeyboard
Acer 24 inch IPS Acer 24 inch IPS Samsung 40 inch Corsair Strafe RGB MX cherry blue 
PowerCaseMouseMouse Pad
Corsair HX1000i Corsair Air 540 Corsair M65 RGB  Razer Manticor  
CPUMotherboardGraphicsRAM
i7 2600k ASROCK Fatal1ty p67 EVGA GTX 980 SC 16380 MBMBDDR3-SDRAM (Gskill) 1600mhz 
Hard DriveHard DriveCoolingOS
Samsung HD103SJ x 2 Samsung 850 EVO  Corsair H100i Windows 10 Professional 
MonitorMonitorMonitorMonitor
Samsung - LN40D550 - 40" LCD TV - 1080p ACER R240HY ACER R240HY ACER R240HY 
KeyboardPowerCaseMouse
razer black widow Corsair TX850 Coolermaster HAF 932 CM Storm Recon 
CPUMotherboardGraphicsRAM
955 MSI 870S-G54 2 x 6850 HIS IceQ-x 8 Gigabytes Gskill 1600 
Hard DriveCoolingOSMonitor
Samsung F3 1TB zalman 90mm Windows Ultimate x64 LG 47'  
MonitorPowerCase
Vizio 37' E370L  OCZ Modstream 700W Logisys CS888CL 
  hide details  
Reply
 
4th time
(18 items)
 
3rd time
(11 items)
 
CPUMotherboardGraphicsRAM
5820k ASrock x99 Fatal1ty professional Gigabyte 1080 ti Corsair Vengeance DDR4 CAS 15 32GB 
Hard DriveCoolingOSMonitor
Samsung EVO 850 1TB SSD Corsair 110i GTX Microsoft Windows 10 Professional Acer 24 inch IPS 
MonitorMonitorMonitorKeyboard
Acer 24 inch IPS Acer 24 inch IPS Samsung 40 inch Corsair Strafe RGB MX cherry blue 
PowerCaseMouseMouse Pad
Corsair HX1000i Corsair Air 540 Corsair M65 RGB  Razer Manticor  
CPUMotherboardGraphicsRAM
i7 2600k ASROCK Fatal1ty p67 EVGA GTX 980 SC 16380 MBMBDDR3-SDRAM (Gskill) 1600mhz 
Hard DriveHard DriveCoolingOS
Samsung HD103SJ x 2 Samsung 850 EVO  Corsair H100i Windows 10 Professional 
MonitorMonitorMonitorMonitor
Samsung - LN40D550 - 40" LCD TV - 1080p ACER R240HY ACER R240HY ACER R240HY 
KeyboardPowerCaseMouse
razer black widow Corsair TX850 Coolermaster HAF 932 CM Storm Recon 
CPUMotherboardGraphicsRAM
955 MSI 870S-G54 2 x 6850 HIS IceQ-x 8 Gigabytes Gskill 1600 
Hard DriveCoolingOSMonitor
Samsung F3 1TB zalman 90mm Windows Ultimate x64 LG 47'  
MonitorPowerCase
Vizio 37' E370L  OCZ Modstream 700W Logisys CS888CL 
  hide details  
Reply
post #22 of 54
holy smokes.
post #23 of 54
temporary iptables mitigation:
Code:
for i in 443 25 465 587 993; do
# Log rules
iptables -t filter -A INPUT -p tcp --dport $i -m u32 --u32 "52=0x18030000:0x1803FFFF" -j LOG --log-prefix "BLOCKED: HEARTBEAT"
# Block rules
iptables -t filter -A INPUT -p tcp --dport $i -m u32 --u32 "52=0x18030000:0x1803FFFF" -j DROP
done 

Its not perfect but if someone cant patch and are running a linux system theres no reason not to smile.gif

Source
Edited by Ulquiorra - 4/9/14 at 5:54am
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #24 of 54
If STARTTLS is affected, add 587 to that list.

Alternately if using iptables-restore:
Code:
# Log rules
-A INPUT -p tcp -m tcp -m multiport --dports 443,25,465,587,993 -m u32 --u32 "52=0x18030000:0x1803FFFF" -j LOG --log-prefix "BLOCKED: HEARTBEAT"
# Block rules
-A INPUT -p tcp -m tcp -m multiport --dports 443,25,465,587,993 -m u32 --u32 "52=0x18030000:0x1803FFFF" -j DROP
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #25 of 54
Quote:
Originally Posted by Darkpriest667 View Post

Maybe I just read good.


What I gathered was the vulnerability existed for 2 years and they only found it April 5th and it was patched a few days after that. It's not that they knew it existed two years and didn't do anything. It's that they didn't know it existed and as soon as they did they patched it.


Regardless, you we all were still highly vulnerable for 2 years.

Correct.... The real concern is that some organizations or people discovered and have exploited this bug already.

Even if you patch the bug, someone may already have your CAs' private keys. That means your communication is still susceptible to eavesdropping until you regenerate.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #26 of 54
So what can be done from the client side to protect yourself?
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
post #27 of 54
I'm seeing like 7 critical updates for my win 7. Installing immediately.
3770K
(14 items)
 
R7 1700
(8 items)
 
 
CPUMotherboardGraphicsRAM
RYZEN 1700 ASROCK AB350 GAMING K4 ZOTAC 1080TI REFERENCE MODEL G SKILL 8 GIG (2X) 
Hard DriveOSPowerCase
WESTERN DIGITAL 250 M.2 2280 WINDOWS 10 64 CORSAIR SF600 LIAN LI PC-O10 
  hide details  
Reply
3770K
(14 items)
 
R7 1700
(8 items)
 
 
CPUMotherboardGraphicsRAM
RYZEN 1700 ASROCK AB350 GAMING K4 ZOTAC 1080TI REFERENCE MODEL G SKILL 8 GIG (2X) 
Hard DriveOSPowerCase
WESTERN DIGITAL 250 M.2 2280 WINDOWS 10 64 CORSAIR SF600 LIAN LI PC-O10 
  hide details  
Reply
post #28 of 54
Quote:
Originally Posted by keikei View Post

I'm seeing like 7 critical updates for my win 7. Installing immediately.

Windows doesn't utilize OpenSSL....

Quote:
Originally Posted by chemicalfan View Post

So what can be done from the client side to protect yourself?
Nothing until the servers patch. ARS did so already: http://arstechnica.com/security/2014/04/dear-readers-please-change-your-ars-account-passwords-asap/
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #29 of 54
Wait, so we have to change our account passwords left, right and centre? Like, Hotmail, Facebook, Amazon, etc? Or have I underestimated the extent of this security breach?
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
post #30 of 54
Quote:
Originally Posted by chemicalfan View Post

Wait, so we have to change our account passwords left, right and centre? Like, Hotmail, Facebook, Amazon, etc? Or have I underestimated the extent of this security breach?

Basically, any communicated over the Internet utilizing OpenSSL may have been compromised.... so most of secure transmissions in everyday use.


The password reset is because someone could have gotten ARS's keys and performed a man-in-the-middle attack to steal your encrypted password.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [AT] Critical Crypto Bug in OpenSSL Opens Two-Thirds of the Web to Eavesdropping