Another day, another SSL/TLS vulnerability ("logjam")
-
So, apparently there's a new TLS bug out there in the wild being called Logjam. This one involves the Diffie-Hellman Exchange protocols.
If you've heard of the FREAK attack, this is basically the same kind of attack, but against DHE algorithms instead of RSA algorithms.
If you hadn't heard of FREAK, the gist is that one end of the key exchange (or a MitM) can negotiate the strength of the encryption downward to 1990s export-grade connection strength (512 bit). Needless to say, this is a lot easier to break than the 2048-bit encryption generally used in 2015.
Clients and Servers could prevent this, but apparently the DHE_EXPORT ciphers are enabled by default on most browsers and servers.
Note: Elliptic-Curve DHE (ECDHE) is not affected by this.
-
Good thing we're not using TLS on here, right?
-
You're assuming there's anything worth intercepting here!
-
*******
-
-
-
-
How did you get my password?!?!
Filed Under: Obligatory lame old jokes
It shows as stars to me.
Filed Under: Continuing the obligatory lame old joke
-
-
Phew! For a second there I thought an exploit explanation would just have a simple chart showing with versions of which web servers are vulnerable!
I'm so glad I had to click like 4 links to find that "information" and even then didn't really find it. ("Here's a long list of gibberish acronyms, and here's another list on Mozilla's site and if one list matches the other... uh... well it doesn't say it fixes this but I guess it does?")
JESUS JUST TELL ME IF MY SERVER NEEDS PATCHING YOU DICKS!
... ahem. Sorry.
Also warning me about my browser being vulnerable is kind of a dick move when Chrome doesn't have the fix ready yet. I can update until the cows come home and it won't help.
-
Phew! For a second there I thought an exploit explanation would just have a simple chart showing with versions of which web servers are vulnerable!
I'm so glad I had to click like 4 links to find that "information" and even then didn't really find it. ("Here's a long list of gibberish acronyms, and here's another list on Mozilla's site and if one list matches the other... uh... well it doesn't say it fixes this but I guess it does?")
JESUS JUST TELL ME IF MY SERVER NEEDS PATCHING YOU DICKS!
This is because the configuration of a server or client influences what ciphers and key exchange methods are used -- if your server says "sorry, I can't speak that" when a DHE suite is requested, it's not vulnerable to Logjam. Also, sometimes servers are patched (hotfixed) without mucking around with versions...
The issue with the hardcoded DHE groups, though...ugh. I thought we learned our lesson about not hardcoding crypto params a while ago?
-
You're assuming there's anything worth intercepting here!
You're assuming there wouldn't be if we did have TLS.
-
This is because the configuration of a server or client influences what ciphers and key exchange methods are used -- if your server says "sorry, I can't speak that" when a DHE suite is requested, it's not vulnerable to Logjam. Also, sometimes servers are patched (hotfixed) without mucking around with versions...
It could at least tell me which ones are vulnerable BY DEFAULT.
And I'm only asking for major version numbers here. I can dig into the details if I I have to, but it'd be nice to have a little chart to show if I even have to.
-
It could at least tell me which ones are vulnerable BY DEFAULT.
The only one I know of which isn't vulnerable-by-default to the downgrade is IIS because it simply doesn't support export-grade DHE.
The stuff with the hardcoded DH groups though...
-
1990s export-grade connection strength
So again because the US acted like a dick 20 years ago and still there are people who propose governmental back doors.
-
JESUS JUST TELL ME IF MY SERVER NEEDS PATCHING
Turning to religion for your IT needs is never a good sign.
-
Right; but throwing up 58 barriers in the way of people updating their servers is not conducive to getting people to update their servers.
I always feel that pages like the one in the OP are like 95% interested in patting their own backs by explaining how clever they were to discover this and maybe 5% in actually making sure people are running secure software.
EDIT: oh I missed a lame joke, didn't I? Whatever. Still mad at that dumb site that wasted all my time.
-
EDIT: oh I missed a lame joke, didn't I? Whatever. Still mad at that dumb site that wasted all my time.
It was an excellent joke, made all the better by you not getting it and typing all that stuff.
-
hardcoding crypto params
What could ever go wrong?
Filed Under: My private key is always "dontbreakme"
-
JESUS JUST TELL ME IF MY SERVER NEEDS PATCHING YOU DICKS!
Considering they put up a browser test here: https://dhe512.zmap.io/
It should be simple for them to put up a "put in your domain name and we'll tell you if your server is fucked" page somewhere.
But did they?
-
-
I couldn't find an answer to the question, so I gave up after a few minutes.
-
Yes, there is one, and has been one all this time ;)
(The box is just halfway down the page or so)