And so we have another cool vulnerability name and yet again, SSL is broken. As if Heartbleed and POODLE last year weren’t bad enough, now we’re dealing with FREAK and the headlines say that our private things may no longer be private and we may not even know which website we’re actually talking to. This is right on the back of Superfish where Lenovo kindly demonstrated that users of their otherwise fine PCs may be served rogue certificates that browsers would simply accept as the machines were “compromised”.
With so much going wrong with SSL, it begs the question – is there still any point? I mean should we still even bother with attempting to secure our things with certificates? Let’s face it, there’s a bit of messing around at the best of times to get it all configured right and apps actually using it correctly, is it all just too broken to justify the effort? I say there’s still enormous value – let me explain.
Let’s start with Superfish and what strikes me most about that whole episode is the massive backlash Lenovo copped and how quickly they backpedalled on the whole thing once it became public. This is not dissimilar to Trustwave getting hammered a few years back for a similar shenanigan with a root cert. When the very fabric of the certificate implementation that supports SSL is compromised in this way, the ramifications are very serious.
Before that was POODLE and what essentially boiled down to clients and servers that both supported SSL 3 and not the newer TLS implementation (c’mon, it’s only been around since the 90s!) being at risk of a downgrade attack that then exploited weaknesses in the old v3. This wasn’t a trivial attack, at least not in the way that say, SQL injection is trivial against a vulnerable web site but more importantly, it was plugged very quickly. Within a day, CloudFlare had simply disabled SSL 3 altogether. Others quickly followed.
Heartbleed probably isn’t an entirely fair example as the vulnerability was in the OpenSSL library rather than within SSL itself. However, like POODLE a fix was forthcoming very quickly and for those who genuinely cared about their security position, the window between disclosure and remediation could be very short indeed. I put the emphasis on “cared” simply because even months after disclosure, many sites remained at risk as they’d simply not patched their things.
Which brings us to FREAK. The impact is the same as a successful POODLE exploit or a dodgy Trustwave or Superfish cert but this time, we’re talking about many hours of factoring 512 bit keys (which is arguably worth it for the right target) and that target still supporting the old “export” keys. As with the SSL bugs from last year, there’s a bunch of very rapid patching presently going on and by the time you read this, certainly the high-profile targets will be well and truly locked down. It’s nasty, but if you’re on top of your game then the exposure window will be small.
99.x% of the time, well-configured SSL on properly patched environments does exactly what it’s meant to: gives us assurances as to the authenticity of the site we’re talking to, maintains the integrity of the traffic and keeps it confidential. Very, very occasionally a subset of the traffic is put at risk if a man in the middle attack is successfully mounted and done so in that window of opportunity between vulnerability discovery and rectification. So yes – emphatically yes – SSL is still enormously valuable, the real key is in doing all the stuff we should be anyway: hardening, patching and never assuming we’re beyond the reach of a determined attacker.