:fa_unlock: We might as well stop backing Apple, and Lojban encryption...



  • ...what we already have is crap anyway :frowning:

    I just ... I'm so TIRED of this crap! Help me, positive people, help me not to hate everyone today =_=



  • What we have here is some incompetent people still supporting SSLv2, a TLS precursor that was retired almost two decades ago because of weaknesses.

    That's like using IE 4 running on Win95 to browse the web today.


  • Discourse touched me in a no-no place

    "Banning strong encryption" is what caused this mess in the first place- yet another vulnerability that depends on oldskool export grade encryption.

    If we'd just drop fucking support for that shit entirely already....

    Of course, we're liable to need it again here real soon because of Terrists.


  • Discourse touched me in a no-no place

    And by Terrists I mean "pigfuck ignorant politicians"


  • Discourse touched me in a no-no place

    Unrelated, I just added a bunch of Obsolete attributes and NotImplementedExceptions to some scary old encryption algos in my codebase.

    All unused since we policy switched to PGP and SSL, but the damn things were still accessible surface area.



  • There are still web servers out there that accept SSLv2 connections? Hell, these days the default is to block both SSLv2 and SSLv3.



  • Representative snippet:
    "Matt Green, a cryptography expert at Johns Hopkins University who has read the research paper, told Ars. 'It's amazing to me that we keep finding one or two of these [vulnerabilities] per year for protocols that are this old. This shouldn't keep happening. It kind of makes me feel like we're not doing our jobs.' "


  • Discourse touched me in a no-no place


    Same with Mint (Intuit).

    This may be a side effect of the corporate proxy that MITMs the fuck out of most SSL connections, but the certificate looks genuine for this one, which suggests it is whitelisted.



  • @Vaire said:

    >It's amazing to me that we keep finding one or two of these [vulnerabilities] per year for protocols that are this old.

    Why is this amazing? If a protocol is owned, it's (well, it should be) abandoned, and then who cares how many more times it gets owned, if nobody sensible is still using it?

    TLDR: zOMG ownded protocol is owned! hax! amazing!! /dumbass



  • If the idiots who designed this shit would have made it easier to implement, there would be fewer bad implementations of it. It seems obvious but, to crypto developers, it is not.



  • @tar said:

    @Vaire said:
    >It's amazing to me that we keep finding one or two of these [vulnerabilities] per year for protocols that are this old.

    Why is this amazing? If a protocol is owned, it's (well, it should be) abandoned, and then who cares how many more times it gets owned, if nobody sensible is still using it?

    TLDR: zOMG ownded protocol is owned! hax! amazing!! /dumbass

    To put this into perspective, SSLv3 is older than Internet Explorer. And this exploit is for its predecessor SSLv2.



  • @blakeyrat said:

    If the idiots who designed this shit would have made it easier to implement, there would be fewer bad implementations of it. It seems obvious but, to crypto developers, it is not.

    Only @blakeyrat understands my pain :single tear:



  • I bet we could find terrorists faster just looking on social media and in strip clubs than placing back doors in phones.

    And by terrorists I mean both, politicians and extremists.



  • But then you lose security by obscurity...



  • @blakeyrat said:

    If the idiots who designed this shit would have made it easier to implement, there would be fewer bad implementations of it. It seems obvious but, to crypto developers, it is not.

    There are so many things wrong in this post that I don't even want to point them out.



  • @Gaska said:

    @blakeyrat said:
    If the idiots who designed this shit would have made it easier to implement, there would be fewer bad implementations of it. It seems obvious but, to crypto developers, it is not.

    There are so many things wrong in this post that I don't even want to point them out.

    If the idiots who designed CPUs would have just made it easier to produce one with a hammer, some wood, and nails, there would be fewer expensive CPUs on the market. It seems obvious, but,, to people who know why computers are complicated, it is not.


  • Discourse touched me in a no-no place

    The problem isn't the difficulty in the algos. The math is the easy part. Get it wrong and you'll generally not be compatible. (Save buffer overflows and other elementary shit)

    The recurring nasty parts are the key management, autoconfiguration and all the other ancillary protocol stuff, which very much could have been designed better if cryptogeeks hadn't done it.

    The other recurring nasty bit is OpenSSL the library being fucking awful.



  • It must have been designed by open source developers running on Linux hardware :rolleyes:


  • Winner of the 2016 Presidential Election

    @tar said:

    Why is this amazing?

    Because

    @tar said:

    it should be) abandoned

    but there are a lot of big-name people

    @tar said:

    still using it

    and potentially getting

    @tar said:

    ownded

    which is, I think, quite
    @tar said:
    amazing!!


  • Winner of the 2016 Presidential Election

    I knew it! @abarker is a serious threat to our nation's cyber security.



  • But the quote isn't "it's amazing people keep using these protocols", it's "it's amazing these protocols are still broken". That's not really amazing.



  • Analogy: you have a Yale lock on the door to your apartment. Some nefarious third party uses aan RPG to blast the door off its hinges. Another person then comes up to you and says: 'You have a Yale lock on your door. I can break that! How insecure! Amazing!'

    Well, sure, but you're ignoring the fact that the door was already blown off the hinges -- the strength of the lock is a moo point by now.



  • mooooooooooooooooooooo :cow2:


  • Discourse touched me in a no-no place

    @Vaire said:

    mooooooooooooooooooooo


  • Winner of the 2016 Presidential Election

    I don't know, the wording could go either way. The way I interpreted it is "It's amazing that we keep finding vulnerabilities that only work because people keep using these protocols"



  • Cows are like, the discourse of animals, man. Who gives a damn what they think?



  • @tar said:

    Cows are like, the discourse of animals

    That's really insulting for cows


  • Winner of the 2016 Presidential Election

    @tar said:

    Cows are like, the discourse of animals, man. Who gives a damn what they think?

    Almost flagged this for hate speech but then I figured, I didn't care enough whether a cow felt insulted by this or not and that somehow proved your point.

    Filed Under: Well played, sir!


  • Winner of the 2016 Presidential Election

    @TimeBandit said:

    That's really insulting for cows

    But...

    @tar said:

    Who gives a damn what they think?

    So, I think your point is... well... :moon:


  • Discourse touched me in a no-no place

    @TimeBandit said:

    What we have here is some incompetent people still supporting SSLv2, a TLS precursor that was retired almost two decades ago because of weaknesses.

    It's not as if it's that difficult to remove it...

            # SSL v2 is seriously flawed: http://en.wikipedia.org/w/index.php?title=Transport_Layer_Security&oldid=630398986#SSL_2.0
            # SSL v3 likewise http://en.wikipedia.org/w/index.php?title=Transport_Layer_Security&oldid=630398986#SSL_3.0 (POODLE: CVE-2014-3566)
            #
            ./Configure  linux-generic32 \
                                    --openssldir=/etc/ssl \
                                    --prefix=/usr shared \
                                    --install_prefix=${INSTALLFS} \
                                    no-ssl2 \
                                    no-ssl3
    


  • @Weng said:

    This may be a side effect of the corporate proxy that MITMs the fuck out of most SSL connections, but the certificate looks genuine for this one, which suggests it is whitelisted.

    This MITM pisses me off to no end. I have yet to meet a person working in IT security at a corporation that knows how to do anything except use a bunch of purchased tools to fuck with people.



  • @Weng said:

    This may be a side effect of the corporate proxy that MITMs the fuck out of most SSL connections, but the certificate looks genuine for this one, which suggests it is whitelisted.

    That's not an SSLv2 connection, it's TLS1.2 (and the certificate name says SHA2, not SSL2). Chrome disabled everything below TLSv1 ages ago. Microsoft servers don't support those either.

    @powerlord said:

    There are still web servers out there that accept SSLv2 connections?

    Just like there exists software written by bad developers, there exist deployments maintained by bad sysops. Existing configs on ancient last-updated-in-1999 systems etc.


  • Discourse touched me in a no-no place

    Derp. I saw the "obsolete" and "2" in that context and autocompleted.

    The MITM does force SSLv2 on the local leg (or did until recently). It still doesn't support TLS1.2 at all.



  • @Weng said:

    The MITM does force SSLv2 on the local leg

    "We fucked up your security twice!"


  • Discourse touched me in a no-no place

    To be fair, if our internal network is compromised, employee comms are the single least valuable target, and SSLv2 is a substantially tougher target than most everything else when you could reach out and grab.... Well, what you can reach out and grab is a Lounge topic.



  • :wave:

    Malvertising over HTTPS is a thing now. You're my least favorite kind of user. I don't like it too, but I don't have another choice. I don't go stealing your passwords.



  • That's definitely TLS 1.2 and not SSLv2 (doesn't it say literally that) and not MITM'd.

    :wtf:



  • @Weng said:

    The MITM does force SSLv2 on the local leg (or did until recently)

    No browsers support that, so it likely did not.

    @Weng said:

    It still doesn't support TLS1.3 at all.

    Neither do any browsers, since that's still in draft. TLS 1.2 is the newest standard.


  • Discourse touched me in a no-no place

    Fucking mobile fucking keyboard. Meant 1.2



  • From the article, you'd also need to disable all "export grade" ciphers to be safe (Which is default disabled on 1.0.1+) hence they recommands update instead of just disable it on configure.

    ◦Export cipher suites are disabled by default. [OpenSSL 1.0.2a (current release), OpenSSL 1.0.1m (current release)]


  • Most people should be doing that with the :!EXPORT directive in their configs anyways.

    However, it looks like some versions of OpenSSL can be forced to use disabled ciphers. So the update will still be needed.


  • Grade A Premium Asshole

    At some point, they might be able to fix this:

    Quantum Cryptography Explained – 08:13
    — Physics Girl

    Not in our lifetime...but one day.



  • You're a rare breed. At one place I worked, the security policy prevented the user from changing their password for two weeks after the help desk reset it to password1.



  • I think you have too little confidence in most IT Sec departments...we're not all 'tarded. ;)



  • Aren't more and more sites using DHE/ECDHE key exchanges nowadays? Forward secrecy should protect since this is basically an eavesdropping attack right?


  • Discourse touched me in a no-no place

    @PleegWat said:

    Forward secrecy should protect since this is basically an eavesdropping attack right?

    If you can't verify the identity of the other party in the communication, there are many trivial attacks possible on SSL and TLS, as you can establish a secure communication with the attacker and they can communicate securely with the legitimate other side. It's just proxying. That's why verifying identity is such an important part of secure communication; without it, you've just got a useless piece of security theatre.


  • Discourse touched me in a no-no place

    @blakeyrat said:

    If the idiots who designed this shit would have made it easier to implement, there would be fewer bad implementations of it.

    Crypto developers tend to be people who make git developers look like they make awesome user interfaces.



  • That's actually what some companies do: The got their AD issue e-cert that can be used as CA and distribute to all machines in the domain as trusted CA, then upload the CA-cert to their specially modified proxy.

    When you visit websites using those machines, the browser think they're connecting securely to the target webserver, while in fact the browser is securely connected to the proxy and then the proxy securely connected to the target web server. (You can see the CA of certs are of the company's name) All visits to websites except those on whitelist are side-logged.


  • Discourse touched me in a no-no place

    @cheong said:

    That's actually what some companies do

    I know. Doesn't make me happy about it.



  • @cheong said:

    the browser is securely connected to the proxy and then the proxy possibly securely connected to the target web server

    FTFY.


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.