L’home dibuixat

SSL Pulse manté una pàgina d'estadístiques sobre l'ús de SSL/TLS, indicant, entre d'altres, el percentatge de llocs SSL, llocs amb configuració errònia, nivell de xifrat,  etc…

[ThreatPost] «Research Shows Serious Problems With Android App SSL Implementations». Analitzades 13.500 aplicacions gratuïtes disponibles a Google Play per tal d'estudiar l'ús que fan dels protocols SSL/TLS. El resultat, un 17% de les aplicacions que fan crides a URL amb HTTPS fan ús d'una implementació errònia del protocol, fent que siguin vulnerables a atacs d'interceptació.

L'estudi complet és «Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security»

Many Android apps have a legitimate need to communicate over the Internet and are then responsible for protecting potentially sensitive data during transit. This paper seeks to better understand the potential security threats posed by benign Android apps that use the SSL/TLS protocols to protect data they transmit. Since the lack of visual security indicators for SSL/TLS usage and the inadequate use of SSL/TLS can be exploited to launch Man-in-the-Middle (MITM) attacks, an analysis of 13,500 popular free apps downloaded from Google's Play Market is presented.

We introduce MalloDroid, a tool to detect potential vulnerability against MITM attacks. Our analysis revealed that 1,074 (8.0%) of the apps examined contain SSL/TLS code that is potentially vulnerable to MITM attacks. Various forms of SSL/TLS misuse were discovered during a further manual audit of 100 selected apps that allowed us to successfully launch MITM attacks against 41 apps and gather a large variety of sensitive data.

Un nou projecte per avaluar la qualitat dels llocs web amb SSL, SSL Pulse, no dibuixa un panorama molt encoratjador: el 75% dels llocs són vulnerables a l'atac BEAST i únicament un 10% dels llocs poden qualificar-se com a pròpiament segurs.

There is quite a bit of alarming data in what the project has gathered, and one of those pieces of information is that more than 148,000 of the sites surveyed are vulnerable to the BEAST attack, which was developed by researchers Juliano Rizzo and Thai Duong and disclosed last year. Their attack uses what's known as a chosen-plaintext attack against the AES implementation in the TLS 1.0 protocol and enables them to use a custom tool they wrote to steal and decrypt supposedly secure HTTPS cookies. The attacker can then hijack the victim's secure SSL session with a site such as an e-commerce site or online banking site.

The BEAST attack is complex, but it's a serious concern and the fact that three quarters of the top sites that the project surveyed are still vulnerable to the attack is troubling. Sites can protect against the attack by implementing mitigations in their TLS 1.0 deployments, including configuring their servers to only use the RC4 cipher during TLS 1.0 or SSL 3.0 sessions.

Al lloc web del projecte es pot verificar la qualitat del certificat per a qualsevol URL.

Coincidint amb l'activació del protocol SSL per defecte a Twitter, ara és Linkedin qui anuncia que ja es pot configurar la utilització de SSL quan estigui disponible. Per fer-ho cal entrar a la configuració del compte, anar a l'apartat «Account» i dins de «Manage Security Settings» hi ha l'opció d'activar l'ús de SSL, per defecte no marcada.

Configurar SSL a Linkedin

És força recomanable activar-la.

Després de tenir-ho com a opció no activada per defecte des de fa un any, ara ja està activat per a tots els usuaris, excepte si expressament ho desactiven: «Twitter finally grabs wheel, drives all twits into HTTPS»

L'EFF avisa que, literalment, «desenes de milers de certificats utilitzats a servidors SSL /TLS no donen cap garantia de seguretat per culpa de l'ús d'algoritmes deficients per a la generació de nombres aleatoris»

While we have observed and warned about vulnerabilities due to insufficient randomness in the past, Lenstra's group was able to discover more subtle RNG bugs by searching not only for keys that were unexpectedly shared by multiple certificates, but for prime factors that were unexpectedly shared by multiple publicly visible public keys. This application of the 2,400-year-old Euclidean algorithm turned out to produce spectacular results.

In addition to TLS, the transport layer security mechanism underlying HTTPS, other types of public keys were investigated that did not use EFF's Observatory data set, most notably PGP. The cryptosystems that underlay the full set of public keys in the study included RSA (which is the most common class of cryptosystem behind TLS), ElGamal (which is the most common class of cryptosystem behind PGP), and several others in smaller quantities. Within each cryptosystem, various key strengths were also observed and investigated, for instance RSA 2048 bit as well as RSA 1024 bit keys. Beyond shared prime factors, there were other problems discovered with the keys, which all appear to stem from insufficient randomness in generating the keys. The most prominently affected keys were RSA 1024 bit moduli. This class of keys was deemed by the researchers to be only 99.8% secure, meaning that 2 out of every 1000 of these RSA public keys are insecure. Our first priority is handling this large set of tens of thousands of keys, though the problem is not limited to this set, or even to just HTTPS implementations.

We are very alarmed by this development. In addition to notifying website operators, Certificate Authorities, and browser vendors, we also hope that the full set of RNG bugs that are causing these problems can be quickly found and patched. Ensuring a secure and robust public key infrastructure is vital to the security and privacy of individuals and organizations everywhere.

sslyze és una eina (escrita en Python i provada en Windows 7 i Linux) per verificar el correcte funcionament de la configuració SSL/TLS d'un servidor. Pensada per trobar errors en la configuració (com poden ser l'ús de versions obsoletes del protocol, sistemes de xifrat de hash febles en la cadena de negociació, renegociació no segura o els paràmetres de represa de la sessió).