Slashdot Mirror

← Back to Stories (view on slashdot.org)

POODLE Flaw Returns, This Time Hitting TLS Protocol

Posted by Soulskill on from the its-bite-is-worse-than-its-bark dept.

angry tapir writes: If you patched your sites against a serious SSL flaw discovered in October you will have to check them again. Researchers have discovered that the POODLE vulnerability also affects implementations of the newer TLS protocol. The POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability allows attackers who manage to intercept traffic between a user's browser and an HTTPS website to decrypt sensitive information, like the user's authentication cookies.

27 of 54 comments (clear)

  1. Test your site with this by cyrus0101 · · Score: 5, Informative

    The article references the SSL Labs tool which includes the TLS POODLE test: https://www.ssllabs.com/ssltes...

    1. Re:Test your site with this by Architect_sasyr · · Score: 3, Insightful

      The SSL Labs are a fantastic reference.

      Turns out when I was using their guides and aiming for an A+ rating in October (not long after I took over the current post) I accidentally mitigated TLS POODLE before it even became publicly known. So.. whoops? Better not follow the best practices guides next time, better just patch the vulnerabilities as they come ;)

      --
      Me failed English...
      FreeBSD over Linux. If my comments seem odd, this may explain...
    2. Re:Test your site with this by oobayly · · Score: 1

      If you're using IIS 7.5/8 there's this script for securing* it. Though it may lock out XP users (which probably isn't a bad thing) due to disabling RC4.

      * You there in the back, stop laughing.

    3. Re:Test your site with this by RyoShin · · Score: 2

      Thankfully, this looks to be an implementation issue and not a protocol issue like SSL had. From the blog of the folks who run that SSL test:

      As problems go, this one should be easy to fix. [...] [E]ven though TLS is very strict about how its padding is formatted, it turns out that some TLS implementations omit to check the padding structure after decryption. Such implementations are vulnerable to the POODLE attack even with TLS. [...] According to our most recent SSL Pulse scan (which hasn’t been published yet), about 10% of the servers are vulnerable to the POODLE attack against TLS.

  2. Re:After the jump BULLSHIT by Nyder · · Score: 3, Funny

    Don't you mean Dog shit instead of bullshit? After all, this is a POODLE vulnerability.

    --
    Be seeing you...
  3. Re:After the jump BULLSHIT by wonkey_monkey · · Score: 1

    GP asked for this:

    Can't anybody just post the damn direct link to the fucking advisory or source articles anymore.

    Disabling Javascript isn't going to help with that.

    --
    systemd is Roko's Basilisk.
  4. Re: A question I hope someone can answer by Anonymous Coward · · Score: 5, Insightful

    Have you considered upgrading your browser!

  5. Re:A question I hope someone can answer by Carewolf · · Score: 1

    For those of us who are stuck using older browsers (FireFox v10 or IE6), even with SSL disabled and only TLS 1.0 enabled, will this be a problem?

    As I said, stuck. I won't appreciate replies saying to upgrade my browser.

    Yes, in fact it is ONLY you who are affected. This was discovered in old versions of NSS, which means old Firefox and Chromium versions.

  6. This is the God of Job by grcumb · · Score: 1, Funny

    If there were a just and caring God, he would never let geeks name things.

    POODLE?

    Jesus wept. Literally. He heard the name and wept tears.

    Geeks made baby Jesus cry.

    --
    Crumb's Corollary: Never bring a knife to a bun fight.
    1. Re:This is the God of Job by oldmac31310 · · Score: 1

      It is an acronym. Padding Oracle On Downgraded Legacy Encryption. Convenient, annoying, but not just randomly made up like so much other tech jargon.

      --
      http://www.acetonestudio.com
    2. Re:This is the God of Job by geminidomino · · Score: 1

      And if you don't think that's a backronym, I have some swampland in Florida to sell you.

  7. Re:A question I hope someone can answer by Anonymous Coward · · Score: 1

    You should consider NCSA Mosaic. I can guarantee that it is not vulnerable to any flaws SSL or TLS.

  8. Re:A question I hope someone can answer by tom17 · · Score: 1

    I don't know his exact situation, but it's possible that the company he works at has an app that only works with IE6. There used to be many apps like this.

    If this is such a case, the fuckwad is the company (for not hiring developers to upgrade the app) or the vendor that supplies the app without upgrading it (Maybe the company is still to blame for not moving to a more current product, or maybe there isn't one). Either way, the user that is forced to stick with the crappy browser is not necessarily the problem.

    Though he might be! :) - Rather than assuming and bashing, we should answer the question... Oh wait. Slashdot :)

  9. Re:After the jump BULLSHIT by Anonymous Coward · · Score: 1

    Hi! You must be new here. The most points that were most likely spent on him is 1. You see, it's only AC's like us that read as 0 out the gate. For registered users they normally start out at 1... unless they have an "Excellent" karma rating, which means they've made a significant number of posts that have been modded up, then a registered user will start out of the gate at a 2 before any mods are made. Looking at Mr. Nyder's posting profile, this is not outside of the realm of possibility. So It's very possible that no one wasted any points of Karma...thus, you're the only frickin retard in the bloody room ya frickin Limey!

  10. Re:After the jump BULLSHIT by Columcille · · Score: 1

    You must be new here.

    --
    I love my sig.
  11. Re:A question I hope someone can answer by jafiwam · · Score: 1

    For those of us who are stuck using older browsers (FireFox v10 or IE6), even with SSL disabled and only TLS 1.0 enabled, will this be a problem?

    As I said, stuck. I won't appreciate replies saying to upgrade my browser.

    In IE 6.0, you can enable TLS 1.0. It is not on by default.

    It is deep in the "Internet Settings" in "Security". Scroll down the list and find where it mentions TLS.

    IE 6.0 does not do TLS 1.1 or later, so when TLS 1.0 gets shut off, you are done with it.

    I believe RC4 is only in SSL 3.0 so that being on or off doesn't matter.

    PS, most sites already have 3.0 off, so you may be in the clear already.

  12. Re:A question I hope someone can answer by lgw · · Score: 2

    don't know his exact situation, but it's possible that the company he works at has an app that only works with IE6. There used to be many apps like this.

    That's no excuse! IE6 belongs in a VM used only for internal sites and strictly firewalled off from the outside world. But even if you're stuck with IE6, at least run the latest FF or something beside it.

    --
    Socialism: a lie told by totalitarians and believed by fools.
  13. Re:Nothing to see here by jafiwam · · Score: 1

    The CVE for this has already been rejected. There was an implementation problem on a specific piece of network equipment and not a general TLS implementation issue

    Link?

  14. Re:A question I hope someone can answer by tom17 · · Score: 1

    Unless your company/vendor forces you to use it externally, or will not provide said VM for internal sites.

    I'm not agreeing that it's OK to use such a browser, just saying that it's not necessarily the users own fault. Companies can be idiots too when it comes to IT security.

  15. Re:After the jump BULLSHIT by Anonymous Coward · · Score: 2, Interesting

    Not to feed the trolls more but... did you know that if you are logged in you can click the comment score and SEE all the moderation on the comment?
    At the current time, the post in question started at 2 and has +1 Funny for a total of 3.

    If you are logged in, you can also change the weight of users to remove the karma bonus.

  16. Re:Nothing to see here by DES · · Score: 1

    https://www.imperialviolet.org...

    This affects BigIP F5 and A10 load balancers which implement TLS incorrectly.

  17. Re:Nothing to see here by DES · · Score: 1

    This affects BigIP F5 and A10 load balancers which implement TLS incorrectly.

    Proper grouping: ((BigIP F5) and (A10)) (load balancers).

  18. SSL, Poodle and mail by oldmac31310 · · Score: 1
    My mac mail has been messed up by this and I have had to disable ssl entirely or I can neither send nor receive mail despite having changed the port to one recommended by my web host. I have done a lot of googling on this but nothing solves the problem - otherwise I wouldn't bring it up here.

    Anyone who doesn't irrationally hate Apple have any tips, suggestions for fixing this? I'm still using OS X 10.7 so maybe my best bet is to upgrade the OS, but would like to avoid doing so to keep some older programs running.

    --
    http://www.acetonestudio.com
    1. Re:SSL, Poodle and mail by Moridineas · · Score: 1

      I'm still using OS X 10.7 so maybe my best bet is to upgrade the OS, but would like to avoid doing so to keep some older programs running.

      Out of curiosity, what programs do you use that break post-10.7?

      The only program I've run into that works on 10.7 but not anything after is QuarkXPress 8 (and earlier) using a License Server (the license server networking code uses a deprecated system library).

      Other than that, Yosemite has been grand.

    2. Re:SSL, Poodle and mail by oldmac31310 · · Score: 1

      It's more a matter of - 'they ain't broke' - so I rather not find out what works and doesn't.

      --
      http://www.acetonestudio.com
  19. implementation flaw not protocol flaw by Anonymous Coward · · Score: 2, Informative

    It is very important to understand that this is a flaw in some vendors' TLS implementation, NOT in the tls protocol itself.

    1. Re:implementation flaw not protocol flaw by TechyImmigrant · · Score: 1

      It is very important to understand that this is a flaw in some vendors' TLS implementation, NOT in the tls protocol itself.

      The protocol invites this sort of implementation error. Hence proposals like this: http://clearcrypt.org/tls/

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.