iTWire spoke to several security experts and firms to find out what Heartbleed is, what's being compromised and what users and server operators need to do to protect themselves.
First we chatted with Comodo’s Chief Technical Officer, Robin Alden. Over the last few days Comodo has been advising their customers and partners to patch the systems to run the latest version of OpenSSL, the affected cryptographic software library.
"SSL stands for Secure Sockets Layer and is a way of enabling encryption and is widely supported between the server and the client, so the browser that people are using," Alden said.
"An SSL certificate is a way of tying the cryptographic public pass to the cryptographic key, which is held by the server. Comodo is in the business of issuing these certificates, and we're enabling people to secure these servers. The Heartbleed vulnerability means that people have a means of attacking web servers - and the attack is on the server, not directly on the client - and allows them to steal information that would normally be secured on the server itself.
"This might enable the attacker to set up his own site, which might look like the site he's stolen the key from. And if the attacker can get himself in between a home user, so someone with a browser, and the real secure site, he can put himself in the middle and capture some of the information that's going between them.
Alden said while his company "can't fix the servers", they're undergoing a process of alerting customers to the problem in a move that will see them identify if they're vulnerable through a testing system and update their server to their latest OpenSSL version. Step two sees them have a new certificate issued (a free service for Comodo customers), while step three sees Comodo ask their customers to revoke the certificate.
"In years gone by you went into a shop and used your credit card, and they'd look up the number of your credit card to see if it was on a blacklist, which they kept by the till to see if your card had been lost or stolen. Well we do the same with certificates - which is more sophisticated of course - but we publish a blacklist of certificates every day or more if necessary and we call it a revocation list, or CRL. So that's our three step process - upgrade the server, get a new certificate which is free, and revoke the old certificate."
Next we received some information from long-time security experts McAfee, who explained the technical details of what potential attacks involve.
"Taking advantage of the vulnerability, attackers can dump up to 64KB of memory near the memory allocated for the SSL heartbeat packet on an infected machine," McAfee said.
"The attackers won’t know what information they might gather but because the attack can be repeated many times, they can retrieve many 64KB chunks. The memory chunks could contain sensitive information such as passwords, session IDs, private keys, or any other type of data left in memory on the affected server.
"One of the factors that makes this such a critical vulnerability is there are no files to detect. It’s completely network borne, and leaves no trace that a system has been attacked. For this reason, network tools are the primary means for mitigating this type of attack."
Security expert Roland Dobbins, senior analyst with the Arbor Networks Security Engineering & Response Team (ASERT), made a comparison between the Venona project, which saw Russian intelligence intercepted and decrypted by Australian and US intelligence agencies between 1943 and 1980.
"The Venona project was a cryptanalysis program that was aimed at deciphering Soviet traffic," Dobbins told iTWire.
"The NKVD, which was the precursor to the KGB, and the GRU, which is Soviet Military Intelligence, utilized a system for encryption using something called a one-time pad. The idea of the one-time pad is that you create random mappings between numbers, letters, phrases and so forth, and originally they were pads of paper. And so if you and I want to exchange encrypted information, I'd give you a physical copy of the one-time pad, and I'd have the same one-time pad. Then when you want to encrypt a message you'd use the one-time pad mapping to encrypt the message and send it to me, and then I'd use the equivalent page in the pad to decrypt it. And it's called a one-time pad because it's only supposed to be used once.
"But during the German offensive, during the second World War, the operations of the company in the Soviet Union that created the one-time pads was disrupted, and so the NKVD and GRU agents out in the field couldn't get new one-time pads, and so they made the mistake of re-using old ones. And the US Army cryptanalysts captured it in cyphered radio and cable traffic, and were able to go back and start doing comparative cryptanalysis. And they were able to decode some fraction of this traffic, and it ran all the way through 1980, still decoding these World War 2 communications. And it's one of the reasons ASIO was founded - to help decode this information. And so basically what we have potential for, with Heartbeat, is a 21st century Internet-scale criminal driven Venona project, and the people who are being targeted are all the Internet population who had the misfortune to use SSL to translate, or receive, confidential information during the time that the service or application they were using was vulnerable. And there are huge implications for that."
We also received information from BAE System Applied Intelligence, who said it "expects a significant increase in the number of threat groups that will attempt to exploit the Heartbleed bug. In effect this vulnerability has the potential to become an easily-automated attack vector"
Craig Searle, Head of Cyber APAC, BAE Systems Applied Intelligence said, “It’s important to note that this isn’t just a server-side issue. The vulnerability can also be established as a client-side attack, particularly for ‘watering hole’ style attacks, using either a rogue server or a server that has been previously compromised. Either of these would be highly effective attack vectors against end users.
“Client-side fixes tend to take much longer to propagate, compared to server fixes, so that aspect of the vulnerability is likely to persist for much longer .
“Watering hole attacks also tend to be popular vectors for Advanced Persistent Threats (APT) so we could expect activity there. APTs are often a precursor to other attacks, due to the information provided in the memory leak.
“There is a significantly increased risk if your organisation operates websites or other services which rely upon the vulnerable encryption software. Signatures for network security appliances have been developed to detect attempted attacks. BAE Systems Applied Intelligence recommends that anyone who could be affected determine quickly if they are using the vulnerable version of OpenSSL and take immediate action to implement vendor fixes and detection signatures."
The code that contains the bug was written by programmer Robin Seggelmann, who admits he "missed the necessary validation by an oversight."
"In this case, it was a simple programming error in a new feature, which unfortunately occurred in a security relevant area," he told the Sydney Morning Herald. "It was not intended at all, especially since I have previously fixed OpenSSL bugs myself, and was trying to contribute to the project."
The message is, if you run a server check its security using a checking tool like https://heartbleed.criticalwatch.com/. If you're a user, head over to Mashable to check out a list of passwords you need to change right now.