Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[JimH]

This was announced yesterday:
http://www.cnn.com/2014/04/08/tech/web/heartbleed-openssl/index.html

Our servers are now patched, but this probably affects hundreds of thousands of servers all over the Internet.  Make sure your organization is aware of it and fixes it today.

Test your own server here:
http://filippo.io/Heartbleed/

Thanks, filippo.  We donated $50.

[JimH]

A group called Codenomicon found the flaw and put up a dedicated site to answer questions here:
http://heartbleed.com/

[6233638]

https://www.schneier.com/blog/archives/2014/04/heartbleed.html
 
Be prepared to change all your passwords over the next week or so, once it's been confirmed that servers have been updated.

[Awesome Donkey]

Yeah, this is a pretty big deal. For example if you have a Yahoo! account, change the password NOW.

[astromo]

Yeah, this is a pretty big deal. For example if you have a Yahoo! account, change the password NOW.

For info:
https://help.yahoo.com/kb/SLN24021.html?impressions=true

[glynor]

Be prepared to change all your passwords over the next week or so, once it's been confirmed that servers have been updated.

And the way you "be prepared" for that, if you aren't, is to use a Password Manager.  However clever you think you're being, HashCat is clever-er.

If momof3g8kids and qeadzcwrsfxv1331 and even Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1 aren't safe, you can't figure it out and have different ones for different sites and your "scheme" will almost certainly (being not a password-cracking expert) fall into one of the easily identified "patterns" that they simply learn about, and incorporate into the cracking dictionaries.

I use LastPass. I like it a lot.

[marko]

lastpass user here too after ditching roboform a couple of years ago. I like that lastpass has a dolphin browser plugin too... very handy on the mobile.

Even so, changing all my passwords is going to be a serious pain.

Why have none of the services/sites I have passwords for been in touch to advise changing?

-marko

[astromo]

I use LastPass. I like it a lot.

So does this reviewer. Looks like you and Marko are on the money.

[astromo]

Sites like this listing out which sites were affected will be useful to check against:
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

[glynor]

xkcd is brilliant as always.

[coyi1895]

According to Heartbleed, we shouldn't rush out to change our passwords just yet.  Thanks for the links so I can know when to change the passwords.

[6233638]

And the way you "be prepared" for that, if you aren't, is to use a Password Manager.  However clever you think you're being, HashCat is clever-er.

I've been quite happy using 1Password for the last few years - though I can see why you might want another solution if you use Linux.

Why have none of the services/sites I have passwords for been in touch to advise changing?

I think this is possibly the biggest issue here - none of the services I use have been in contact with me about this, or have issued a password reset.
 
I checked my banking site yesterday, and it was not vulnerable to this attack - but were they just quick in updating, or did they not use OpenSSL?

According to Heartbleed, we shouldn't rush out to change our passwords just yet.  Thanks for the links so I can know when to change the passwords.

Yes, there's no point in changing your password if the servers haven't been patched yet.

[InflatableMouse]

So ... enlighten me please. I'm a long time user of lastpass as well but how is that safe? Aren't they vulnerable for this kind of attack?

And even as a lastpass user, you'd still have to change passwords as the servers you're authenticating on could be compromised right?

[Awesome Donkey]

So ... enlighten me please. I'm a long time user of lastpass as well but how is that safe? Aren't they vulnerable for this kind of attack?

http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html

[InflatableMouse]

Thanks, some good info there.

[HTPC4ME]

http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html

our family uses lastpass as well
Thanks!

[glynor]

And even as a lastpass user, you'd still have to change passwords as the servers you're authenticating on could be compromised right?

That's true, but it isn't a big deal to do so if all you have to do is generate a new 30-digit random password that you don't have to remember.  And, yes, as the blog entry above-linked indicates, LastPass doesn't itself rely upon TLS to secure communications between LastPass and their servers.

One thing to remember...

This bug did NOT simply allow malicious actors to retrieve passwords from systems secured by OpenSSL.  It allowed them to dump memory contents from the server, 32K64K at a time, over and over (randomly distributed).  That memory could contain your password, sure.  But it wasn't just passwords.  The idea would be to hit the servers over and over until you get a big dump of their memory contents, and you can look at ANYTHING happening on the server.  But I bet any servers being attacked weren't being attacked by password crackers...

No, if this was being exploited in the wild (and to be clear, there's no evidence one way or the other that anyone knew about this before OpenSSL published the notification), the thing they were most likely after was the private certificate keys.  In particular, those of the root certificate authorities, but really any service's private key would be extremely valuable.

Because then you can masquerade as them completely convincingly, and you don't need to crack/steal anyone's password.  You just have to intercept the traffic, insert yourself as a MITM, and then the users will GIVE YOU their passwords (if you want them).

I think it is:

1. Very likely that NSA, and other similar spy agencies knew about this vulnerability and were actively exploiting it.
2. Possible (though impossible to tell) that they inserted it (NSA or someone like them from some country), but equally possible that it was just a mistake.  That's the problem with old languages... Forget a bounds check and this kind of thing happens.
3. Unlikely that criminal enterprises knew about this and were exploiting it to steal stuff about generic end users.  Possible, certainly, and they sure-as-heck know about it now, so anyone not patched is going to be hit in 4, 3, 2...

Changing your personal passwords for sites you visit is just not a bad idea anyway, and you never know.

The real issue is replacing your certs if you ran an affected server.  If you were using OpenSSL for the past 18 months or so to perform TLS, you have to assume your cert is compromised, and your private key is exposed.

I'm redoing mine.

[Awesome Donkey]

I wouldn't be surprised if the bug was deliberately added for the NSA's benefit. Julian Assange made mention of something like that in regards to Debian lately: http://igurublog.wordpress.com/2014/04/08/julian-assange-debian-is-owned-by-the-nsa/

Potentially scary stuff indeed.

[glynor]

I don't know that I'd take him at his word.  Julian is... Well, Julian.

But, I agree it is entirely possible.  But generally, I'm with Bruce.  Anything's possible, and it wouldn't surprise me, but it is probably just a mistake.  Mistakes like that happen ALL THE TIME.

What this points out more than anything else is, like the Apple GOTO FAIL bug, and the Linux SSL bug, being "open" doesn't magically make you secure.  If no one is bothering to look at the code and do reviews, then it isn't any better than (and might be worse than in some cases) closed source software.

That talking point among the true believers has always grated on me.  Open == Secure because Magic.

Not to say that I don't like and appreciate lots of open software, and I DO strongly feel that open standards are a Very Good Thing.  But until recently it seemed to be an article of faith that things like OpenSSL were more secure because they were open, and therefore could be audited.  If no one is doing it, then it doesn't count, and being open source also means bad actors can insert whatever they want with very limited barriers.

I wouldn't be surprised if NSA and China's version of the same, weren't checking in code in all of the Linux distros and projects all the time.

Yeah... Now they can stop talking.

[Hendrik]

I think Julian Assange is way too paranoid and a tad bit crazy, he doesn't have much credibility in certain circles of security experts.
Of course its a possibility, but I wouldn't blindly assume it is. Bugs happen every day, and sometimes it just has serious ramifications.

But of course we'll never know for sure.

All we can do is try to mitigate fallout from such problems as best as we can, and as developers try remember for the future to try to prevent keeping extremely sensitive data in persistent memory.

[6233638]

When is Media Center being ported to OpenBSD now that nothing else is safe?

[glynor]

When is Media Center being ported to OpenBSD now that nothing else is safe?

Ummm...

OSX is BSD.  

[glynor]

I've been quite happy using 1Password for the last few years - though I can see why you might want another solution if you use Linux.

1Password would be my other top choice.

I, personally, use way too many devices for it to be practical, and I like the fact that even if my house burns down, my iPhone falls in a lake, and my laptop's battery explodes, all on the same day, I can drive to the Library and use a public terminal and still get to all of my passwords with LastPass.

The Ars article I linked (which, note, is three pages long) goes into detail about both 1Password and LastPass.  It is a great read if you are looking to compare the options available.  There's also KeePass if you're really into a DIY setup.  I've got stuff to do so I'm not interested in that.

In any case... If you're creating your passwords yourself, with the typical "I have a junk password I use most places, like Interact, that I don't really care about, and 1-4 other "good passwords" that I use for banking system that most people use...

You're Doing It Wrong.

[kstuart]

Giving your information, in this case passwords, to a third party is never "safe".   It might look safer, but that is just from an April 2014 perspective.

There is no such thing as safety, life is inherently dangerous.  Even going to a health center can be dangerous, eh?

[glynor]

Giving your information, in this case passwords, to a third party is never "safe".

They don't have my passwords, which is why I don't have any threat on this from them.

They have an AES 256-bit encrypted blob for which I have the only key.

You would be well served to learn about how it works before you make assumptions on things you didn't research.

[bob]

I'm sure happy I hadn't updated "certain" servers from squeeze yet :-)

[glynor]

I'm sure happy I hadn't updated "certain" servers from squeeze yet :-)

Hah.  Yep.  Squeeze is still on the 1.0 (or older) branches?

What I don't get is why this code was active anyway. I mean, these webservers aren't using TLS over UDP, which is what the Heartbeat extension was added for...  Who is even using TLS over UDP?  Why does OpenSSL (and you'd assume other TLS implementations) have Heartbeat turned on when it isn't going to conceivably be needed?

[glynor]

Hah.  Yep.  Squeeze is still on the 1.0 (or older) branches?

Yep, it uses 0.9.8.  That's safe.

[bob]

Hah.  Yep.  Squeeze is still on the 1.0 (or older) branches?

What I don't get is why this code was active anyway. I mean, these webservers aren't using TLS over UDP, which is what the Heartbeat extension was added for...  Who is even using TLS over UDP?  Why does OpenSSL (and you'd assume other TLS implementations) have Heartbeat turned on when it isn't going to conceivably be needed?

NSA?
Seems really likely that they knew about this.

[glynor]

Agreed that they almost certainly knew about it.  Not so sure if they actually did it though.  As I said above, it could go either way.

Plus... Assuming someone did do it purposefully, who says it was us?  China, Russia, or even Liberia could just as easily check in bad code.

[crisnee]

Nice job by Lastpass, glad I use them. Here's a link http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html to a blog on the subject.

Chris

[kstuart]

They don't have my passwords, which is why I don't have any threat on this from them.

They have an AES 256-bit encrypted blob for which I have the only key.

You would be well served to learn about how it works before you make assumptions on things you didn't research.

Have you read through all their code ?

Otherwise, you are taking their word for it.

And even so, their code can have "previously undetected exploits" too.  Every security hole is unknown until the day someone finds it.

There is no such thing as safety, it is just an abstraction.

[glynor]

Have you read through all their code ?

I don't need to.  It is a web service, served via HTTPS, so I can see what their servers send to and from my machine, and test the decryption.  Plus, yes, we do have access to all of the code for their browser plugins (which are 100% JavaScript so are completely open for anyone to see).  So that can easily be audited and you can see exactly what it is doing.  (And, I'll note, this has been done by a number of well respected cryptography experts, by the way.)

Do you have any evidence here, or are you just making things up?

[kstuart]

I am not referring to any specific service - just to the concept of becoming safe from cloud software bugs by using cloud software...

[crisnee]

I am not referring to any specific service - just to the concept of becoming safe from cloud software bugs by using cloud software...

There is no "safe" in the world as we understand it. But there is relative safety from internet danger, and Lastpass is on the top of my list particularly as it also works well in the areas of convenience and prevention of user error.

Chris

[kstuart]

Here is another example of why - as a professional software engineer - I am dismayed about increasing automation in society.  I am searching for a hotel room, and here is an exact quote:

Sale! Save 0% on this Stay.

[crisnee]

Quote
Sale! Save 0% on this Stay.

Hey, what's wrong with a little honesty in advertising. It's surely a first.

Chris

[Magic_Randy]

In any case... If you're creating your passwords yourself, with the typical "I have a junk password I use most places, like Interact, that I don't really care about, and 1-4 other "good passwords" that I use for banking system that most people use...

You're Doing It Wrong.

That was my strategy before I started using LastPass. My first security check score after setting it up was ~11%.

[crisnee]

In any case... If you're creating your passwords yourself, with the typical "I have a junk password I use most places, like Interact, that I don't really care about, and 1-4 other "good passwords" that I use for banking system that most people use...

You're Doing It Wrong.

So, please explain. What is wrong with that? Let me modify the above a bit to say the following.

Use simple memorable passwords for places where you'll never divulge any kind of personal critical data. Use "good passwords" for everything else.

How would that be problematic or "wrong" as you say.

Chris

[6233638]

You should never know any of your login passwords, only your master password.
If you're using a password you can easily remember to log into a website, it is not secure.*
 
You should not think "oh it doesn't matter if people get my information from this site", because any amount of information could be helpful in extracting your information from somewhere else. (e.g. you registered on a forum and used your actual birth date)
 
 
*I have memorized my 1Password key through repetition, and almost completely memorized my 64 random character WiFi password at this point, simply due to the number of times I have entered it on devices.

[crisnee]

You should not think "oh it doesn't matter if people get my information from this site", because any amount of information could be helpful in extracting your information from somewhere else. (e.g. you registered on a forum and used your actual birth date)

O.K., That's what I thought was meant. I just wanted to make sure there wasn't some reason I was overlooking or hadn't thought of.

Chris

[glynor]

O.K., That's what I thought was meant. I just wanted to make sure there wasn't some reason I was overlooking or hadn't thought of.

That's 1/2 of what I meant.

The Internet is an amazing web of interconnected services.  The problem is, that it is nearly impossible to predict what "dots" an attacker might connect in order to masquerade as you long enough to get access to your email address that you use to reset passwords (or otherwise convince a customer service rep to add an email address that they do control).  And that's the keys to the kingdom, because you can reset everything else with that.  Look at the Matt Honan hack.  That was "caused" by a combination of poor behavior by a number of services combined (Amazone and Apple, mostly, but it could happen to any one of a million different services).  The goal was the twitter account, and they could get there by going through Amazon to get an Apple ID to get twitter (and while you're there, nuke the dude's devices because lulz).

And that wasn't done by anyone very sophisticated.  It was a script kiddie doing it for the lulz.  A real, financially motivated, attacker wouldn't have let you know anything was wrong until your bank accounts were emptied (or identity stolen, or whatever), and might be able to connect a much more tenuous string of dots.  You can certainly defend against it if you're very wary.  But, it might be more challenging than you think.  You lie about your birthdate or zip code or whatever, sure, but do you use the same (or similar) lies everywhere?  What dots can they connect?  Who in the chain can they call to change things, or socially engineer for more information, that they need to attack another service's lines of defense?

But, that's really only 1/2 of it.

The other, perhaps bigger, problem with that method is that You're Almost Certainly Bad At Your Job as a Password Generator.  Cracking tools have advanced to the point where traditional passwords that are natual for most people to remember are no longer possible.  So, using a "junk" password is effectively using no password, and those passwords you think are "good" are NOT good unless they are truly random-generated passwords 16 characters in length or more.  You're not as clever as you think.

And, if you do that, and you have more than one bank and one email address, and you actually change them every so often, well... Then you're a pretty amazing savant or you have an eidetic memory.

The traditional password security model is broken because dictionary-crackers have exceeded (or will, very soon, exceed) the capacity for most people to effectively use it without a management system.

[glynor]

*I have memorized my 1Password key through repetition, and almost completely memorized my 64 random character WiFi password at this point, simply due to the number of times I have entered it on devices.

Copypasta, my friend. 

[6233638]

Copypasta, my friend.  

I do have a USB key with the WiFi password on it that I'll use when I'm dealing with a computer, but I haven't found any good solutions for other devices.

[glynor]

I do have a USB key with the WiFi password on it that I'll use for that when I'm dealing with a computer, but I haven't found any good solutions for other devices.

LastPass. 

If the thing can get online, I can get my WiFi password, and copypasta it.

All of my devices that we're currently using in my family have cellular data connectivity, so getting them online to get the WiFi password (should I change it or reset the device) isn't an issue.  But, even if I had one that was WiFi only, I have a guest network at my house, so I'd just use that.

I'd have the guest network anyway because there's no way I'm letting other random friends and family use my private WiFi (Internal LAN) network when they come visit.  They can use my public WiFi that goes through the guest network NIC on the firewall that is isolated from my network (and bandwidth capped too so that my nephew can't beat my network up with a bunch of torrent downloads or whatever).  The actual LastPass apps cache the data (like using 1Password with Dropbox, essentially) so I could do it that way too as long as I could get the device online somewhere for a minute, and launch Lastpass, before bringing it to my WiFi network.

But, it is convenient that I don't even need the app or anything, just a web browser and internet connection.

[Hendrik]

I never really trusted those online-storage password managers. I use KeePass as a offline variant, and backup/sync the password database to an online location with an extra layer of encryption on top.

[6233638]

LastPass.  

Most of the devices so far have not used cellular data - and those which do are not my own devices, and I would not be comfortable logging in on them just to recover a WiFi password.

I'd have the guest network anyway because there's no way I'm letting other random friends and family use my private WiFi (Internal LAN) network when they come visit.  They can use my public WiFi that goes through the guest network NIC on the firewall that is isolated from my network (and bandwidth capped too so that my nephew can't beat my network up with a bunch of torrent downloads or whatever)

With the amount of things that are on my network now, it might not be a bad idea for me to re-enable the guest network feature on my router.
However, I would not leave that with open access, and would still want to use a secure password.
 
While I think QR-codes are dumb, I suppose there is the possibility that a guest may have a QR-code scanner installed, so perhaps I'll print something off and stick it to the back of my router just to make things a little easier for them. Probably isn't worth it though.
 

I never really trusted those online-storage password managers. I use KeePass as a offline variant, and backup/sync the password database to an online location with an extra layer of encryption on top.

I don't trust them either, no matter what their claims of security are. I don't put banking or credit card information into 1Password either, and I only use local WiFi sync to occasionally update the keychain manually on my mobile devices - no matter how secure things should be, that encrypted keychain is not going to be on someone else's server.

[crisnee]

That's 1/2 of what I meant.

The other, perhaps bigger, problem with that method is that You're Almost Certainly Bad At Your Job as a Password Generator.  Cracking tools have advanced to the point where traditional passwords that are natual for most people to remember are no longer possible.  So, using a "junk" password is effectively using no password, and those passwords you think are "good" are NOT good unless they are truly random-generated passwords 16 characters in length or more.  You're not as clever as you think.

And, if you do that, and you have more than one bank and one email address, and you actually change them every so often, well... Then you're a pretty amazing savant or you have an eidetic memory.

The traditional password security model is broken because dictionary-crackers have exceeded (or will, very soon, exceed) the capacity for most people to effectively use it without a management system.

So, in essence, you're saying that there is no real defense. I say that because realistically only the smallest percentage of folks are going to be as careful as you suggest. And even then....

So perhaps the best defense is not to have a lot of assets. Or perhaps if you scatter them about in many accounts they won't be worth going after. Be a small fish in a big pond.

Chris

[kstuart]

What this thread seems to indicate is that LastPass has a Giant Target painted on its back.

.....

Some months back, on the BBC Click TV show, they interviewed a software engineer about "glitches", about why things like cellphones and laptops have mysterious intermittent failures.  The answer was that the current level of complexity is so great that it is impossible to keep track of every possible combination of variables....

[glynor]

What this thread seems to indicate is that LastPass has a Giant Target painted on its back.

No more than, and probably far less than, most other cloud services (Google, Apple, Amazon, etc).

And, again, they don't have your data.  They only have an AES-256 encrypted blob.  So, if they get hacked, what is the attacker going to do?  Rijndael in 14-round mode (which is what AES-256 does) has no known cryptographic breaks, and LastPass uses a well-regarded key hashing algorithm with salt to substantially complicate dictionary attacks, even if they do get your encrypted blob (and you use a bad master password).

So, what does it gain them?  The chance to try to socially engineer you out of your password, or get a keyboard logger on your machine to capture your password?  That is about it, but that's a targeted attack.  If they were going after you, it would be much easier to attack YOU (your machine and its security), than attacking LastPass.  Each LastPass user's blob is separately encrypted, so... They're going to brute force each of them?  For trillions of years?  That doesn't make sense.

If you want to sow FUD about an online password storage system, point it at one that deserves the skepticism, which is: Apple's new iCloud Keychain, which uses (for reasons passing understanding, considering how secure the rest of their system is) Asymmetric Elliptic Curve (P256) encryption, which is widely believed now to be compromised.  Why they used ECC when they used log everywhere else on iOS and OSX is anyone's guess, but it smells, for sure.