Heartbleed

[CaptnYellowShirt]

Does anyone have an idea where the opps'd code came from?

[ve7xen]

Does anyone have an idea where the opps'd code came from?

This is the commit: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4817504d069b4c5082161b02a22116ad75f822b1

[CaptnYellowShirt]

I'd hate to be that guy now.

Makes me wonder if this was an honest mistake. I've been there before with some of my coding -- what memory leak?

But I can't help to think of the NIST/NSA Elliptic Curve "backdoor": http://en.wikipedia.org/wiki/Dual_EC_DRBG

[ve7xen]

There's a brief article about the guy here, if you're curious. Not much of substance in there though.

Yeah, with the current US surveillance state environment, it's hard not to draw parallels. It'd be interesting to see how they managed it though, considering the committer is a Brit and the author (including of the RFC being implemented) is German. Both security experts with long histories in the open source community who I wouldn't suspect to go willingly with an NSA conspiracy. So for now I'm going with just an accident...pending more Snowden papers, of course .

[CaptnYellowShirt]

He does say that not enough people get in and get their hands dirty with developing and reviewing open source software. I hope the conspiracy theorists, who I also don't think tend to make much of an effort to contribute, don't discourage people from being willing to help.

I agree with the sentiment. But how can you? Especially on topics like this? I mean this guy has a PhD in mathematics.

reCaptcha for Code?

[Bored@Work]

Who hasn't made a simple mistake like this? The guy has given an interview and comes across to me as an academic who plays with a straight bat.

Guy has a PhD, and later on went on to work for a company with some ties to the German government. Auditor of the commit was another guy with a PhD from the UK.

As many coming from the practical side of things know, you should not let someone with a PhD near a compiler or near code at all. It does not end well.

What let people scratch their head a bit is that the error is not only simple, but an obvious violation of one of the fundamental principles of writing good code: Never trust input.

It is also a bit strange that the RFC 6520 with the heartbeat extension was so quickly rubber-stamped, was authored with the help of the same guy who committed the code, and has at least two fundamental errors . Errors one would have expected would have to be caught by the master experts and guardians of the Internet protocols in the IETF who sanctioned it.

It is actually a fine study that bugs often don't start in the code, but in the specification.

Error 1 in the RFC: Not using TCP's keep-alive on TCP, and just defining something similar and simple for UDP.

Error 2 in the RFC: Having a payload part.

Especially that a payload part was added is strange. And that the same guy then messed up the implementation.

[tjaeger]

Especially that a payload part was added is strange. And that the same guy then messed up the implementation.

It's really not that strange.  Even the venerable ICMP ping message has a payload.

[ve7xen]

Especially that a payload part was added is strange. And that the same guy then messed up the implementation.

It's really not that strange.  Even the venerable ICMP ping message has a payload.

RTFRFC. The purpose of the payload is pretty clear. It is intended to facilitate PMTUD over DTLS. You can argue that it's better to implement such a feature only in DTLS and not TLS, but it is equally arguable that the same code and logic paths should be used for both protocols where possible (ironically, to minimize the attack surface and thus likelihood of bugs just like this one).

Anyway even if you excluded this functionality from TLS entirely and implemented it differently there, DTLS would still be vulnerable, so this doesn't really have anything to do with the RFC. It was a stupid coding error that could happen when implementing any RFC, not just this one.

The feature creep argument is perhaps a good one, but that is a much tougher nut to crack, and it's not so easy to place the blame, there's plenty to go around.

The code was sloppily written, sloppily reviewed, committed and forgotten. Seems to be pretty much it.

[EEVblog]

Ok, so what's the real deal with this thing, is it such a big deal?
How many people or sites have been hacked so far?
How does changing your password help if a site hasn't patched it?

[Crazy Ape]

Ok, so what's the real deal with this thing, is it such a big deal?
How many people or sites have been hacked so far?
How does changing your password help if a site hasn't patched it?

There is the potential that any private data stored on a secure server (running OpenSSL) over the last two years is compromised.
No one knows who may have discovered and been using the flaw prior to it being 'found' and publicly announced.
Web Security companies are taking the 'Assume the worst' road to be safe.

The tech side (in short):
The flaw allows an attacker to grab copies of server memory 64Kb at a time, this could contain anything from user credit data, to the servers own SSL certificate.

There is little point in changing your password until the server is fixed.

[GeoffS]

The problem,  easily   explained by xkcd.
http://xkcd.com/1354

[linux-works]

Ok, so what's the real deal with this thing, is it such a big deal?
How many people or sites have been hacked so far?
How does changing your password help if a site hasn't patched it?

according to bruce schneier, out of a 1-10 range, 10 being bad, he rates this an eleven.  no, this is not a spinal tap reference

he's not usually alarmist, either.

fwiw

[CaptnYellowShirt]

Ok, so what's the real deal with this thing, is it such a big deal?
How many people or sites have been hacked so far?
How does changing your password help if a site hasn't patched it?

according to bruce schneier, out of a 1-10 range, 10 being bad, he rates this an eleven.  no, this is not a spinal tap reference

he's not usually alarmist, either.

fwiw

The OpenSSL group even produced a logo for the problem. Honest graphic design. I mean... have you seen this group's website? That's big.

[firewalker]

Tech giants, chastened by Heartbleed, finally agree to fund OpenSSL, create three-year initiative with at least $3.6 million to help under-funded open source projects.

http://www.linuxfoundation.org/programs/core-infrastructure-initiative

Alexander.

[zapta]

[Do you somehow have affiliation with NSA's branch in Germany ? The one who did Merkel's phone ? 

Apparently the German government has similar capabilities

http://www.reuters.com/article/2014/08/15/us-germany-usa-spying-idUSKBN0GF1RV20140815?irpc=932