The ‘FREAK’ security flaw: How to protect yourself now.

Published on March 7, 2015 By DrJBHL In Personal Computing

If you thought that FREAK SSL/TLS security hole was only in programs using Apple’s SSL (old OpenSSL) – you’re wrong, and vulnerable. MS’s Secure Channel (SChannel) stack has it too. Great.

FREAK allows mitm (man-in-the-middle) attacks thanks to mistakes made decades ago. “As new technologies emerge, and cryptography hardens, many simply add on new solutions without removing out-dated and vulnerable technologies. This effectively undermines the security model you are trying to build.”, said As Andrew Avanessian, Avecto's EVP of consultancy and technology services.

We’re also days away from a patch, so there’s a good “How To” here: http://www.zdnet.com/article/how-to-protect-yourself-against-freak/

Who’s Vulnerable:

the following SSL/TLS client libraries, are vulnerable.

OpenSSL (CVE-2015-0204): versions before 1.0.1k.

BoringSSL: versions before Nov 10, 2014.

LibReSSL: versions before 2.1.2.

SecureTransport: is vulnerable. A fix is being tested.

SChannel: is vulnerable. A fix is being tested.

Web browsers that use these TLS libraries are open to attack. These include:

Chrome versions before 41 on various platforms are vulnerable.

Internet Explorer. Wait for a patch, switch to Firefox or Chrome 41, or disable RSA key exchange as detailed below using the Group Policy Object Editor

Safari is vulnerable. Wait for a patch, switch to Firefox or Chrome 41.

Android Browser is vulnerable. Switch to Chrome 41.

Blackberry Browser is vulnerable. Wait for a patch.

Opera on Mac and Android is vulnerable. Update to Opera 28 (when stable), switch to Chrome 41.

Your browser might even be safe, but:

“Chrome for Windows and all versions of Firefox are known to be safe. However, even if your browser is safe, certain third-party software, including some anti-virus products and adware programs, can expose you to the attack by intercepting TLS connections from the browser. If you are using a safe browser but our client test says you’re vulnerable, this is a likely cause.”

To see if your specific client system is vulnerable, run the FREAK Attack Client Check

Apple and Google will be releasing fixes this coming week.

So…if you want to blame someone for this vulnerability, blame the NSA. Yup:

“It seemed like such a good idea in the early 90s. Secure-Socket Layer (SSL) encryption was brand new and the National Security Agency (NSA) wanted to make sure that they could read "secured" web traffic by foreign nationals. So, the NSA got Netscape to agree to deploy 40-bit cryptography in its International Edition while saving the more secure 128-bit version for the US version. By 2000, the rules changed and any browser could use higher security SSL. But that old insecure code was still being used and, fifteen years later, it's come back to bite us.” – ZDNet

You see, the NSA made sure that the early SSL protocol itself was made to be broken.

So…all this reminds me of Mad Magazine’s Spy vs. Spy: Setting out to screw the enemy, you end up screwing yourself because if there’s one thing you can count on it’s if things can go wrong, they will and one other thing: People are lazy, and fix things in the laziest way possible.

Sources:

http://www.zdnet.com/article/how-to-protect-yourself-against-freak/

http://www.zdnet.com/article/freak-another-day-another-serious-ssl-security-hole/

http://www.zdnet.com/article/microsoft-reveals-windows-vulnerable-to-freak-ssl-flaw/

http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html

Comments (Page 1)

teddybearcholla

on Mar 07, 2015

<--- just so you know I read it...not that that is important...sometimes I think the only people who know about this stuff are about a fraction of 1 percent. The rest of the average pc users around the world know nothing and go on like normal. Oh well...thanks for the news, Doc!

WOM

on Mar 07, 2015

Ditto

Daiwa

on Mar 07, 2015

Chrome 41.0.2272.76 m fails the test here. Palemoon passes.

Daiwa

on Mar 07, 2015

I looked at modifying the Group Policy as described in the ZDNet article. He provides a list of outdated vulnerable ciphers that he says should be added to the SSL Cipher Suite Order list and further says that adding them will prevent these ciphers from being used.

As it happens, my SSL Cipher Suite Order is currently Not Configured, which from the description in the Group Policy Editor means the OS default list is being used, which presumably is the problem. The instructions for modifying the list (which the ZDNet article says to follow) suggest that adding a list means that user-provided (added) list will be used instead of the default list and that you should not include ciphers you don't want to use. This seems to be the opposite of what the ZDNet author says would be the case - he's advising adding the outdated ciphers to this list.

Is this just a case of typical Microsoft doublespeak where "to be used" means "not to be used" or did the author get it wrong? Is the SSL Cipher Suite Order list supposed to be a Black List as the author's instructions would imply or a White List as the GP editor instructions would imply?

DrJBHL

on Mar 07, 2015

Daiwa

reply 3

Chrome 41.0.2272.76 m fails the test here. Palemoon passes.

Mine as well.

http://www.ghacks.net/2015/03/06/check-if-windows-is-affected-by-the-freak-attack-vulnerability/?_m=3n.0038.1540.hj0ao01hy5.1lgf

Daiwa

on Mar 07, 2015

Thanks for the additional link, Doc.

It is a white list so a shame the ZDNet author muddied the water.

I followed the instructions from ghacks (& MS's security bulletin, using the cipher list there) and rebooted.

Interestingly, Chrome 41 is still vulnerable after applying the policy according to the freak check tool. Hopefully, the OS cipher list filter protects it.

DrJBHL

on Mar 07, 2015

Daiwa

reply 6

It is a white list so a shame the ZDNet author muddied the water.

I got to the gHacks article only after the email arrived from Germany (lol).

When I saw your question and the contents I added it hoping it would make things clearer, Daiwa. I have switched to Pale Moon x 64 as a result of this craziness.

Daiwa

on Mar 07, 2015

Can't expect you to vet everything, Doc.

Well... we could. But that wouldn't be fair. The disclaimer you always provide should always be heeded.

DaveRI

on Mar 07, 2015

fwiw current version of Whitehat Aviator (a Chrome derivative) passes the test. I'll let you guys figure that one out, I've no idea why it would pass while Chrome fails.

DrJBHL

on Mar 07, 2015

Dave, it must have to do with how the SSL is configured...

teddybearcholla

on Mar 07, 2015

^ ^

DaveRI

on Mar 07, 2015

DrJBHL

reply 10

Dave, it must have to do with how the SSL is configured...

Then I'll have to say "Good job Whitehat" - I certainly haven't fiddled with it

Daiwa

on Mar 07, 2015

Yeah, Aviator 37 passes here, too, despite Chrome 41 failing. Weirdness.

neone6

on Mar 07, 2015

Changed to Palemoon and found a great browser I hadn't tried before...and passed

Thx Doc.

DrJBHL

on Mar 07, 2015

You're all very welcome. A pleasure.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!