[HTTPS-E Rulesets] OpenSSL vulnerability and HTTPS Everywhere
Yan Zhu
yan at eff.org
Mon Apr 7 17:41:15 PDT 2014
Hi all,
A serious vulnerability in OpenSSL 1.0.1-1.0.1f was announced today,
which allows a connected client or server to read up to 64kb of memory
at a time. This can be exploited repeatedly to leak arbitrary amounts of
key material, including private SSL keys and Tor Hidden Service private
keys. (You can read more about the impact on Tor via this blog post:
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160.)
Here's how this bug affects HTTPS Everywhere, to the best of my
understanding:
* The EFF server that hosted HTTPS Everywhere downloads was running an
affected version of OpenSSL. In theory, this means that an attacker
could have exploited the vulnerability to get a copy of our private SSL
key. Note that this also applies to a large fraction of the servers on
the Internet. In our case, the potential damage is mitigated by the fact
that our servers supported ciphersuites with forward secrecy (such that
future compromise of our SSL private key can't be used to decrypt past
communications).
* However, even if EFF's private SSL keys have been compromised, updates
to Firefox and Chrome HTTPS Everywhere are still safe (assuming you
downloaded a safe copy of HTTPS Everywhere to begin with). This is
because we sign all updates with an offline key, and Firefox/Chrome
rejects updates unless they have a valid signature.
To check that you have a "good" copy of HTTPS Everywhere (one with the
correct update signing keys), you can do the following:
# Firefox:
1. Go to your Firefox profile directory:
https://support.mozilla.org/en-US/kb/profiles-where-firefox-stores-user-data#w_how-do-i-find-my-profile.
2. From there, go into ./extensions/https-everywhere at eff.org/
3. Open up install.rdf. You should see the following line:
<em:updateKey>MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MR8W/galdxnpGqBsYbqOzQb2eyW15YFjDDEMI0ZOzt8f504obNs920lDnpPD2/KqgsfjOgw2K7xWDJIj/18xUvWPk3LDkrnokNiRkA3KOx3W6fHycKL+zID7zy+xZYBuh2fLyQtWV1VGQ45iNRp9+Zo7rH86cdfgkdnWTlNSHyTLW9NbXvyv/E12bppPcEvgCTAQXgnDVJ0/sqmeiijn9tTFh03aM+R2V/21h8aTraAS24qiPCz6gkmYGC8yr6mglcnNoYbsLNYZ69zF1XHcXPduCPdPdfLlzVlKK1/U7hkA28eG3BIAMh6uJYBRJTpiGgaGdPd7YekUB8S6cy+CQIDAQAB</em:updateKey>
# Chrome:
1. Go to your Chrome/Chromium profile directory:
http://www.chromium.org/user-experience/user-data-directory
2. From there, go into
./Extensions/gcbommkclmclpchllfjekcdonpmejbdp/ADDON_VERSION, where
ADDON_VERSION should be something like 2014.1.3_0.
3. Open up manifest.json. You should see the following value for "key":
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MR8W/galdxnpGqBsYbqOzQb2eyW15YFjDDEMI0ZOzt8f504obNs920lDnpPD2/KqgsfjOgw2K7xWDJIj/18xUvWPk3LDkrnokNiRkA3KOx3W6fHycKL+zID7zy+xZYBuh2fLyQtWV1VGQ45iNRp9+Zo7rH86cdfgkdnWTlNSHyTLW9NbXvyv/E12bppPcEvgCTAQXgnDVJ0/sqmeiijn9tTFh03aM+R2V/21h8aTraAS24qiPCz6gkmYGC8yr6mglcnNoYbsLNYZ69zF1XHcXPduCPdPdfLlzVlKK1/U7hkA28eG3BIAMh6uJYBRJTpiGgaGdPd7YekUB8S6cy+CQIDAQAB"
(Note that the keys are the same. For reference, the sha1sum is
c33840b49a97cddc65e2c6bd312b2c6e7e6982e8.)
Hope this helps,
Yan
PS: Server operators are recommended to update OpenSSL to 1.0.1f
immediately and rotate all private keys that could have been exposed.
--
Yan Zhu <yan at eff.org>, <yan at torproject.org>
Staff Technologist
Electronic Frontier Foundation https://www.eff.org
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140407/ab85715a/attachment.sig>
More information about the HTTPS-Everywhere-Rules
mailing list