Slashdot Mirror

← Back to Stories (view on slashdot.org)

Private Keys Stolen Within Hours From Heartbleed OpenSSL Site

Posted by samzenpus on from the that-didn't-take-long dept.

Billly Gates (198444) writes "It was reported when heartbleed was discovered that only passwords would be at risk and private keys were still safe. Not anymore. Cloudfare launched the heartbleed challenge on a new server with the openSSL vulnerability and offered a prize to whoever could gain the private keys. Within hours several researchers and a hacker got in and got the private signing keys. Expect many forged certificates and other login attempts to banks and other popular websites in the coming weeks unless the browser makers and CA's revoke all the old keys and certificates."

7 of 151 comments (clear)

  1. Re:Even root CA certificates may be at risk. by mlts · · Score: 4, Informative

    Depends. A website's SSL key may be slurped up. However, a root CA key should be either kept on an offline machine or kept in a hardware security module where the key won't be divulged, ever... the module will sign a key, and that's it.

    I'm sure some places will have their root CA on an externally connected machine, then try to place blame, likely saying how insecure UNIX is (when it isn't any particular flavor of UNIX that is at fault.)

  2. Re:There are people that tust SSL-certificates??? by fuzzyfuzzyfungus · · Score: 3, Informative

    The bigger issue is that even people who don't trust the (braindead; but too convenient to die) "Hey! Let's just trust about 150 zillion different 'secure' Certificate Authorities and if they signed the cert and it matches the domain everything must be OK!" are still pretty screwed if whatever specific certificate or certificates they are using are now also in the hands of some unknown and probably malicious 3rd party...

    There's a pretty big difference between 'because the system is pretty stupid, you can generate a valid certificate for any domain by knocking over any one of an alarming number of shoddy and/or institutionally captured CAs' and 'your private key, yours specifically, can be remotely slurped out of your system and used to impersonate it exactly'.

  3. Re:I can't use cloudflare, connection is insecure by _Shad0w_ · · Score: 4, Informative

    Chrome turns the "check for revocation" option off by default, it seems.

    --

    Yeah, I had a sig once; I got bored of it.

  4. Re:Oh, man, what a mess by mysidia · · Score: 5, Informative

    pretty much every current web server cert in existence also needs to be revoked. Are the CAs even willing/able to do something on that scale in a short amount of time?

    Calm down. A majority of web servers are not vulnerable and never were. All in all... less than 30% of SSL sites need to revoke any keys.

    Some websites are running with SSL crypto operations performed by a FIPS140-2 hardware security module; these are not vulnerable, since OpenSSL doesn't have access to the private key stored in the server's hardware crypto token.

    Many web sites are running on Windows IIS. None of these servers are vulnerable.

    Plenty of web sites are running under Apache with mod_nss, instead of mod_ssl. None of the websites using the LibNSS implementation of SSL are vulnerable.

    Many web sites are running on CentOS5 servers with Redhat's openssl 0.9.x packages. None of these servers were ever vulnerable.

    Many web sites are running on CentOS6 servers, that had not updated OpenSSL above 1.0.0. These websites weren't vulnerable.

    Many websites are running behind a SSL offload load-balancer; instead of using OpenSSL. Many of these sites were not vulnerable.

  5. Tools for checking by bobstreo · · Score: 3, Informative

    There are a couple tools available at:

    https://github.com/Lekensteyn/...

    It's python based so YMMV

    They will tell you if you are vulnerable (See the README.md file)

  6. Re:The CA should not revoke the certificates, by mellon · · Score: 5, Informative

    It doesn't matter who revokes the keys. Right now only Firefox and Chrome ever check for revoked certs, and Chrome at least has this disabled by default. If you are running iOS or Android, your browser doesn't check the CRL before trusting the cert. So it's great if web sites revoke certs, but it doesn't actually change anything on the end user side, for the most part. I'm not saying anything about Windows platforms because I don't have access to any; it's possible that they do support CRLs. You can check whether your browser supports CRLs by going to this test URL. If you don't get a warning from your browser, your browser isn't checking CRLs.

  7. Re:The CA should not revoke the certificates, by mhotchin · · Score: 4, Informative

    IE 11 (at least) works properly, right out of the box:

    There is a problem with this website’s security certificate.

    This organization's certificate has been revoked.
    Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
    We recommend that you close this webpage and do not continue to this website.
    Click here to close this webpage.