If you thought that FREAK SSL/TLS security hole was only in programs using Apple’s SSL (old OpenSSL) – you’re wrong, and vulnerable. MS’s Secure Channel (SChannel) stack has it too. Great.
FREAK allows mitm (man-in-the-middle) attacks thanks to mistakes made decades ago. “As new technologies emerge, and cryptography hardens, many simply add on new solutions without removing out-dated and vulnerable technologies. This effectively undermines the security model you are trying to build.”, said As Andrew Avanessian, Avecto's EVP of consultancy and technology services.
We’re also days away from a patch, so there’s a good “How To” here: http://www.zdnet.com/article/how-to-protect-yourself-against-freak/
Who’s Vulnerable:
the following SSL/TLS client libraries, are vulnerable.
- OpenSSL (CVE-2015-0204): versions before 1.0.1k.
- BoringSSL: versions before Nov 10, 2014.
- LibReSSL: versions before 2.1.2.
- SecureTransport: is vulnerable. A fix is being tested.
- SChannel: is vulnerable. A fix is being tested.
Web browsers that use these TLS libraries are open to attack. These include:
- Chrome versions before 41 on various platforms are vulnerable.
- Internet Explorer. Wait for a patch, switch to Firefox or Chrome 41, or disable RSA key exchange as detailed below using the Group Policy Object Editor
- Safari is vulnerable. Wait for a patch, switch to Firefox or Chrome 41.
- Android Browser is vulnerable. Switch to Chrome 41.
- Blackberry Browser is vulnerable. Wait for a patch.
- Opera on Mac and Android is vulnerable. Update to Opera 28 (when stable), switch to Chrome 41.
Your browser might even be safe, but:
“Chrome for Windows and all versions of Firefox are known to be safe. However, even if your browser is safe, certain third-party software, including some anti-virus products and adware programs, can expose you to the attack by intercepting TLS connections from the browser. If you are using a safe browser but our client test says you’re vulnerable, this is a likely cause.”
To see if your specific client system is vulnerable, run the FREAK Attack Client Check
Apple and Google will be releasing fixes this coming week.
So…if you want to blame someone for this vulnerability, blame the NSA. Yup:
“It seemed like such a good idea in the early 90s. Secure-Socket Layer (SSL) encryption was brand new and the National Security Agency (NSA) wanted to make sure that they could read "secured" web traffic by foreign nationals. So, the NSA got Netscape to agree to deploy 40-bit cryptography in its International Edition while saving the more secure 128-bit version for the US version. By 2000, the rules changed and any browser could use higher security SSL. But that old insecure code was still being used and, fifteen years later, it's come back to bite us.” – ZDNet
You see, the NSA made sure that the early SSL protocol itself was made to be broken.
So…all this reminds me of Mad Magazine’s Spy vs. Spy: Setting out to screw the enemy, you end up screwing yourself because if there’s one thing you can count on it’s if things can go wrong, they will and one other thing: People are lazy, and fix things in the laziest way possible.
Sources:
http://www.zdnet.com/article/how-to-protect-yourself-against-freak/
http://www.zdnet.com/article/freak-another-day-another-serious-ssl-security-hole/
http://www.zdnet.com/article/microsoft-reveals-windows-vulnerable-to-freak-ssl-flaw/
http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html