Responding to SSL/TLS vulnerabilities
Published: 27 September 2011
No immediate cause for alarm, but internet users and website operators should be aware of this new vulnerability and take steps to reduce any risk.
Last updated: 1355BST 27 September 2011
On Friday a vulnerability in SSL and TLS was demonstrated at the Ekoparty security conference. (News reports here, here and here, for example - or if you are feeling technical you can watch a video of the hack here.)
The vulnerability exposes a weakness in TLS 1.0 and SSL 3.0 which are the technologies which underpin the https protocol, which is the technology that ensures that web browsers can communicate securely with web servers and is used by millions of internet users every day while conducting card transactions, online banking, and many more secure online applications.
The bad news: this issue has been around for a while and there's no practical "quick" solution
- This weakness has been known about for many years but was previously considered a "theoretical" weakness that couldn't be exploited - it now can.
- Fixes (TLS 1.1 and TLS 1.2) have been available for several years but for a variety of technical reasons have not been implemented.
- The weakness does mean that there is a proven approach to making "secure" sites insecure - the conference demonstration was, apparently, to hack a PayPal account being accessed via a Firefox browser session.
The "good" news: the vulnerability has a number of dependencies and is difficult to implement "in the wild".
- There are a number of technical prerequisites before this vulnerability can be exploited, including the fact that it's a "Man In The Middle" attach (it does not work on "observed" traffic - ie. the attack software needs to sit between the user and the server) - an attacker would need to establish this capability first.
- Malicious code needs to be inserted into the attacked browser session and requires the attacker to exploit other vulnerabilities
Our assessment is that there is no current cause for panic or alarm but internet users and website operators should be aware of this new vulnerability and take appropriate steps to reduce any risk.
For our website operators and hosting clients with secured traffic (e.g. SSL certificates implemented):
- We will contact you separately to dicuss the options, which include altering security settings on your server to give a higher priority to unaffected security suites. This can however cause compatibility issues in some scenarios, e.g. some browsers may be unable to use your website.
Our advice for internet users:
- Ensure your antivirus and other anti-malware software is up-to date and working effectively.
- Ensure you update your web browser software to the latest available version to take advantage of any patches or updates being released by browser developers to address this or any other vulnerability. Microsoft has released a security advisory with Suggested Actions, pending any patch that they might release. Opera 11.51 is reported to contain a fix for this issue. The developer teams for Google Chrome, Firefox and Safari are reported to be working on patches for this issue. The situation for mobile browsers is not currently clear.
- Consider enabling TLS 1.1 or later in your browser. Internet Explorer supports TLS 1.1 and 1.2 in Windows 7 and Windows Server 2008 R2 (see here for instructions). Opera supports TLS 1.1 and 1.2 as well, (but will always try to use TLS 1.0 first unless you specifically disable it). Be aware that these changes may cause compatibility problems with some websites - TLS 1.1 and 1.2 are not commonly supported by secure servers. At the moment, Firefox, Chrome and Safari all support TLS 1.0 only.
- Pay attention to the availability of operating system updates and apply them promptly.
- Ensure you use strong passwords with all your online accounts and change them regularly. We recommend KeyPass as one of several technologies that can help you generate strong passwords and keep track of them.