Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Finds Vulnerability In SSL 3.0 Web Encryption

Posted by Soulskill on from the another-day-another-vuln dept.

AlbanX sends word that security researchers from Google have published details on a vulnerability in SSL 3.0 that can allow an attacker to calculate the plaintext of encrypted communications. Google's Bodo Moller writes, SSL 3.0 is nearly 15 years old, but support for it remains widespread. Most importantly, nearly all browsers support it and, in order to work around bugs in HTTPS servers, browsers will retry failed connections with older protocol versions, including SSL 3.0. Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue. Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today. Therefore our recommended response (PDF) is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0. It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks.

4 of 68 comments (clear)

  1. Fuck It by sexconker · · Score: 3, Informative

    I have a million other things to deal with.
    I'll just run my shit against https://www.ssllabs.com/ssltes... in a month and do what it tells me to.

  2. Re:Chrome Dumbed Down by XXeR · · Score: 3, Informative

    Too bad Google removed the options to enable or disable SSL versions from Chrome some time ago, in an effort to further dumb down the browser. The options used to be under "advanced, but they aren't anymore. Not even available under about:flags.

    Add --ssl-version-min=tls1 as a command line flag. Check here for the way to do that, depending on your OS:

    http://www.chromium.org/for-te...

  3. Chrome and disabling SSLv3 by Anonymous Coward · · Score: 4, Informative

    Too bad Google removed the options to enable or disable SSL versions from Chrome some time ago, in an effort to further dumb down the browser. The options used to be under "advanced, but they aren't anymore. Not even available under about:flags.

    Still available, but more hidden:

    Chrome users that just want to get rid of SSLv3 can use the command line flag --ssl-version-min=tls1 to do so. (We used to have an entry in the preferences for that but people thought that “SSL 3.0” was a higher version than “TLS 1.0” and would mistakenly disable the latter.)

    https://www.imperialviolet.org/2014/10/14/poodle.html

  4. Re:Stuck between a rock and noplace by pathological+liar · · Score: 4, Informative

    The paper explains it.

    It is to support old servers (ancient Cisco gear comes to mind) that can't properly negotiate newer TLS versions. Unfortunately those failed negotations don't fail, er, gracefully -- it just kills the connection. Browsers (Chrome, Firefox, probably others) retry using SSLv3. Why? There's a lot of old gear out there.