Wow, an iPhone exploit with no user interaction, and thanks NSA for all the fish? DarkMatter applied for inclusion in Mozilla, too..
I See What You Did There
SSLv3 is older than my daughter, but is still supported by all major browsers. The latest crypto bug is a MITM (man in the middle) attack that could allow anyone with a network device (WiFi router) sitting between browser users and the destination SSLv3 server (https “secure” bank site, for instance) to snoop on the connection in plain text.
Links:
SSLv3 server stats and steps to fix your browser
POODLE attack details
#POODLE on twitter
I Can See Your Heart
Nothing to See Here
Following Apple’s SSL patch (in which they said to switch to TLS), GNUTLS patched a similar bypass of certificate checking..
via: Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping
Everything is Good Here
static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams,
uint8_t *signature, UInt16 signatureLen)
{
OSStatus err;
...
if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
goto fail;
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
goto fail;
goto fail;
if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
goto fail;
...
fail:
SSLFreeBuffer(&signedHashes);
SSLFreeBuffer(&hashCtx);
return err;
}
The duplicate ‘goto fail;’ line above will always pass the SHA1 signature check as valid, no matter what. Nice little programming error, there, Apple. Affects iOS since at least 7.0.4, and a fix was just released. MITM anyone? o_O
via: Apple’s SSL/TLS bug