There was big news in the computer security world yesterday when researchers announced a massive vulnerability in popular web encryption software called OpenSSL. Major online service providers are scrambling to address the problem. What happened? And how does it affect you? Read on to find out.
SSL is a popular encryption technology that allows web users to protect the privacy of information they transmit over the internet. When you visit a secure website such as Gmail.com, you'll see a lock next to the URL, indicating that your communications with the site are encrypted. Here's what that looks like in Google's Chrome browser:
That lock is supposed to signal that third parties won't be able to read any information you send or receive. Under the hood, SSL accomplishes that by transforming your data into a coded message that only the recipient knows how to decipher. If a malicious party is listening to the conversation, it will only see a seemingly random string of characters, not the contents of your emails, Facebook posts, credit card numbers, or other private information.
SSL was first introduced by Netscape in 1994 and has been available for all major browsers since the 1990s. In recent years, there has been a trend toward major online services to using encryption by default. Today, Google, Yahoo, and Facebook all use SSL encryption by default for their websites and online services.
What is the Heartbleed Bug?
The majority of SSL-encrypted websites are based on an open-source software package called OpenSSL. On Monday, researchers announced a serious bug in this software that exposes users' communications to eavesdropping. OpenSSL has had this flaw for about 2 years.
Here's how it works: the SSL standard includes a heartbeat option, which allows a computer at one end of an SSL connection to send a short message to verify that the other computer is still online and get a response back. Researchers found that it's possible to send a cleverly formed, malicious heartbeat message that tricks the computer at the other end into divulging secret information. Specifically, a vulnerable computer can be tricked into transmitting the contents of the server's memory, known as RAM.
Is that bad?
Yes. There's a lot of private information stored in a server's memory. Ed Felten, a computer scientist at Princeton (and, disclosure, my former graduate advisor) says that attackers using the technique can "sort through that information by doing pattern matching to try to find secret keys, passwords, and personal information like credit card numbers."
I don't need to explain why exposing passwords and credit card numbers could be harmful. But exposing secret keys can be even worse. This is the information servers use to unscramble encrypted information it receives. If an attacker obtains a server's private keys, it can read any information sent to it. It may even be able to use the secret key to impersonate the server, tricking users into divulging their password and other sensitive information.
Who discovered the problem?
It was discovered independently by researchers at Codenomicon and Google Security. To minimize the damage from the disclosure, the researchers worked with the OpenSSL team and other key insiders to prepare fixes before the problem was announced publicly.
Who can exploit the Heartbleed Bug?
"This vulnerability is not very difficult to exploit for those who know about it," Felten tells me. Software to exploit the vulnerability is widely available online, and while the software isn't as user-friendly as an iPad app, anyone with basic programming skills can figure out how to use it.
Of course, the bug is likely to be most valuable to intelligence agencies, which have the infrastructure to intercept user traffic on a mass scale. We know that the National Security Agency has secret agreements with American telecommunications providers to tap into the Internet backbone. Users might have thought that the SSL encryption on websites such as Gmail and Facebook protected them from this kind of snooping. But the Heartbleed bug could allow the NSA to obtain the private keys needed to unscramble these private communications.
We don't know for sure, but it wouldn't be surprising if the NSA discovered the Heartbleed vulnerability before the general public did. OpenSSL is among the most widely used encryption software in the world, so it's a safe bet that NSA security experts have gone through its source code with a fine-toothed comb.
How many sites are affected?
There aren't precise statistics available, but the researchers who discovered the vulnerability note that the two most popular web servers, Apache and nginx, use OpenSSL. Together, these vulnerable servers account for about two-thirds of the sites on the web. SSL is also used by other internet software, such as desktop email clients and chat software.
The researchers who discovered the flaw notified the OpenSSL team and other key stakeholders several days ago. That allowed OpenSSL to announce a fixed version of the software at the same time the vulnerability was announced to the public. To address the problem, websites need to change their encryption keys and ensure they're running the latest version of OpenSSL.
A Yahoo spokesperson tells us that "Our team has successfully made the appropriate corrections across the main Yahoo properties (Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr and Tumblr) and we are working to implement the fix across the rest of our sites right now."
Google says that "we have assessed the SSL vulnerability and applied patches to key Google services." Facebook says it had already addressed the issue when it was publicly disclosed.
Finally, a Microsoft spokesman writes that "We are following reports of an OpenSSL library issue. If we determine there is an impact to our devices and services, we’ll take necessary steps to protect our customers."
What can users do to address the problem?
Unfortunately, there's nothing users can do to protect themselves if they visit a vulnerable website. The administrators of vulnerable websites will need to upgrade their software before users will be protected.
However, once an affected website has fixed the problem on their end, users can protect themselves by changing their passwords. Attackers might have intercepted user passwords in the meantime, and Felten says there's probably no way for users to tell whether anyone intercepted their passwords.
Note: This post has been modified to include updated statements from Yahoo, Google, Microsoft, and Facebook. Also, the language was tweaked to make clear websites need run new OpenSSL software after installing it, and that they need to change their encryption keys.