Then the BEAST Enters
Have you heard about the BEAST? Juliano Rizzo and Thai Duong presented their Browser Exploit Against SSL/TLS tool, a.k.a the BEAST, at the Ekoparty security conference a week ago. This tool has the potential to launch one of those seminal moments in computer history. It exploits a weakness in virtually every website that uses secure certificates to protect transactions (SSL/TLS). In other words, if it is successful in the wild, it could lead to people losing trust in e-commerce and secure transactions as a whole (which our current economy is heavily reliant on).
The researchers used PayPal as the example in the demonstration of the tool but just about everyone including banks, credit card processors, virtual private networks, instant messenger services, etc. are vulnerable. If the website, service or application relies on the “s” in “https” to encrypt the data transmitted between two parties they are potential targets.
The exploit itself isn’t publicly available, but they did reveal the basics of how it works. An article in Ars Technica describes the method well:
“The tool is based on a blockwise-adaptive chosen-plaintext attack, a man-in-the-middle approach that injects segments of plain text sent by the target’s browser into the encrypted request stream to determine the shared key. The code can be injected into the user’s browser through JavaScript associated with a malicious advertisement distributed through a Web ad service or an IFRAME in a linkjacked site, ad, or other scripted elements on a webpage.”
In short, if you launch a webpage with a piece of malicious Javascript on it and the attacker can employ a network sniffer to intercept your traffic, you can be compromised.
Evidently this vulnerability has been known for a while but up until now no one created an efficient way of exploiting it. According to at least one report the new method can work in as little as 10 minutes.
What remains to be seen is how companies like PayPal will approach this problem. On one hand, there are updated TLS versions which have addressed this issue and are safe from the attack. On the other hand no one is implementing those protocols! Almost no one that is.
I should give props to the much maligned Internet Explorer which has explicit options for whether to accept specific versions of TLS and SSL. Google has a patch in their developer version that addresses this vulnerability as well, and I’m sure Firefox, Safari and Opera won’t be too far behind if they haven’t addressed already.
But until someone updates the NSS which so many applications rely on, and people change their habits about not updating software, we can’t expect any quick resolution. Who is going to be the next Kevin Mitnick or Albert Gonzales that takes advantage of this exploit? Which companies are going to bake-in updated versions of TLS? Those companies will score the PR points when the issue blows up and they yell “You’re safe with us!”
By the way, if you feel the need to protect yourself, the best defense at the moment would be to set your browser to block ads and have it warn you of all iframes (or disable them altogether) since that is the most likely way an attacker is going to get the javascript required to perform the attack into a browser session.
This is a relatively new area for me so If someone has a better solution or corrections to what I’ve said I’d love to hear it.