After Apple's "goto fail", GNU TLS library has similar bug



  • Apparently this bug colossal fuckup has been there since 2005. Which is nearly a decade. GOGO LINUX SECURITY, how's that "many eyes" thing working out for you?

    This time, instead of a single misplaced "goto fail" command, the mistakes involve errors with several "goto cleanup" calls. The GnuTLS program, in turn, prematurely terminates code sections that are supposed to establish secure TLS connections only after the other side presents a valid X509 certificate signed by a trusted source. Attackers can exploit the error by presenting vulnerable systems with a fraudulent certificate that is never rejected, despite its failure to pass routine security checks. The failure may allow attackers using a self-signed certificate to pose as the cryptographically authenticated operator of a vulnerable website and to decrypt protected communications. It's significant that no one managed to notice such glaring errors, particularly since they were contained in code that anyone can review.

    Matt Green, a Johns Hopkins University professor specializing in cryptography, characterized the vulnerability this way: "It looks pretty terrible."

    My favourite part of that code (not related to the vulnerability):

    if (result == 1)
    {
      result = 1;
      goto cleanup;
    }
    

    Gotta make sure that 1 is 1... after all, when it comes to security, you can never make any assumptions!

    edit: yes I realise this topic was posted before but that thread failed to elicit the appropriate amount of disdain, so let's try another round. Also morbs is back now.


  • Discourse touched me in a no-no place

     At this point, I'm assuming all the TLS implementation libraries have elementary programming errors.



  • Something, something NSA.

    The most galling thing in this entire article is the image. Look at that fucking thing, a dickhead acting out an extremely tenuous connection to the article's contents. I want to stab everyone involved in its creation repeatedly.



  • @The_Assimilator said:

    Apparently this bug colossal fuckup has been there since 2005.
    Matt Green, a Johns Hopkins University professor specializing in
    cryptography, characterized the vulnerability this way: "It looks pretty
    terrible."
    These articles are always so much better when the experts weigh in.



  • @bstorer said:

    Something, something NSA.

    The most galling thing in this entire article is the image. Look at that fucking thing, a dickhead acting out an extremely tenuous connection to the article's contents. I want to stab everyone involved in its creation repeatedly.



  • @Ben L. said:

    @bstorer said:

    Something, something NSA.

    The most galling thing in this entire article is the image. Look at that fucking thing, a dickhead acting out an extremely tenuous connection to the article's contents. I want to stab everyone involved in its creation repeatedly.

     



  • Has there been any reporting on actual exploits of this or the Apple thing? We hear about terrible bugs like these two, and terrible breaches (e.g., Target), but those seem to be something other than an epic bug like this stuff.


  • Discourse touched me in a no-no place

    @boomzilla said:

    actual exploits of this
    Surely that would depend on having actual users of GNU TLS? I don't recall ever seeing anyone actively choose it for their code.



  • @dkf said:

    @boomzilla said:
    actual exploits of this

    Surely that would depend on having actual users of GNU TLS? I don't recall ever seeing anyone actively choose it for their code.

    Fat drunk and stupid is no way to go through life, son (but it can make for a pretty awesome spring break). Though I also asked about Apple. Seriously...are these serious problems that lead to serious breaches, or just potentially serious things that sound really awful but never amount to anything (like newlines in file names)?



  • @boomzilla said:

    @dkf said:
    @boomzilla said:
    actual exploits of this

    Surely that would depend on having actual users of GNU TLS? I don't recall ever seeing anyone actively choose it for their code.

    Fat drunk and stupid is no way to go through life, son (but it can make for a pretty awesome spring break). Though I also asked about Apple. Seriously...are these serious problems that lead to serious breaches, or just potentially serious things that sound really awful but never amount to anything (like newlines in file names)?

    I think the response somewhat fits. No one of any note using Apple products either. When your market share is so low, you don't get hacked so often. Now if Apple had 80% of the market this would have been fixed years ago.


  • Discourse touched me in a no-no place

    @boomzilla said:

    Fat drunk and stupid is no way to go through life, son (but it can make for a pretty awesome spring break).
    I didn't mean the list of packages where some nutty maintainer had forced the software to use a dependency it wasn't intended for originally, but rather the list of things that really depend on it necessarily.



  • @boomzilla said:

    @dkf said:
    @boomzilla said:
    actual exploits of this

    Surely that would depend on having actual users of GNU TLS? I don't recall ever seeing anyone actively choose it for their code.

    Fat drunk and stupid is no way to go through life, son (but it can make for a pretty awesome spring break). Though I also asked about Apple. Seriously...are these serious problems that lead to serious breaches, or just potentially serious things that sound really awful but never amount to anything (like newlines in file names)?

    NOOO! Not elinks and mutt! How will I ever use the internet 20 years ago?!



  • @The_Assimilator said:

    My favourite part of that code (not related to the vulnerability):

    if (result == 1)
    {
      result = 1;
      goto cleanup;
    }
    

    Gotta make sure that 1 is 1... after all, when it comes to security, you can never make any assumptions!

    I don't see any issue here. For we know, they've redefined the = operator with some kind of side effect. What if it's some kind of home-brewed reference counter?


  • Discourse touched me in a no-no place

    @Frosh said:

    For we know, they've redefined the = operator with some kind of side effect.
    I know that's legal C++ and all, but if someone's done that then they need to die horribly.

    For the good of mankind.



  • @dkf said:

    @boomzilla said:
    Fat drunk and stupid is no way to go through life, son (but it can make for a pretty awesome spring break).
    I didn't mean the list of packages where some nutty maintainer had forced the software to use a dependency it wasn't intended for originally, but rather the list of things that really depend on it necessarily.
    What about filezilla and chromium-browser? Or are these not what I think they are? Because both of those sound pretty important.



  • @dkf said:

    @boomzilla said:
    Fat drunk and stupid is no way to go through life, son (but it can make for a pretty awesome spring break).

    I didn't mean the list of packages where some nutty maintainer had forced the software to use a dependency it wasn't intended for originally, but rather the list of things that really depend on it necessarily.

    I can't figure out what the heck you're talking about. At least bstorer cherry picked some lame-o stuff to make fun of. How does software " really depend on it necessarily" as opposed to whatever you think stuff like chromium and apache and curl and vnc are doing with it? Or are you saying that the Debian maintainers are re-writing the stuff to depend on gnu tls instead of whatever homebrew cryptography the original authors wanted to use?

    I mean, RMS has a lot of things going against him, but when you're targeting a system based on GNU, why wouldn't you use the stuff that's there (and the same goes for MS and Apple systems, of course)?



  • @LoremIpsumDolorSitAmet said:

    What about filezilla and chromium-browser? Or are these not what I think they are? Because both of those sound pretty important.

     

    And even more importantly, how did I not know that Debian had a web browser called "XXXTerm"?

     

     



  • @DCRoss said:

    @LoremIpsumDolorSitAmet said:

    What about filezilla and chromium-browser? Or are these not what I think they are? Because both of those sound pretty important.

     

    And even more importantly, how did I not know that Debian had a web browser called "XXXTerm"?



    ?? Please elaborate.

     



  • Dear God, a vulnerability in GnuTLS!? Think of all the MUDs that were probably compromised by this!



  • @Frosh said:

    @The_Assimilator said:

    My favourite part of that code (not related to the vulnerability):

    if (result == 1)
    {
      result = 1;
      goto cleanup;
    }
    

    Gotta make sure that 1 is 1... after all, when it comes to security, you can never make any assumptions!

    I don't see any issue here. For we know, they've redefined the = operator with some kind of side effect. What if it's some kind of home-brewed reference counter?

    Um, did I miss the part where GnuTLS is in C++? Or where overloading the = operator in C++ for something like this would be non-asinine? Or where using C++ in the first place isn't a WTF?


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.