CRITICAL: Heartbleed and what to change (cert, passwd) in Trisquel website

Project:Web
Component:Main
Category:bug report
Priority:normal
Assigned:david
Status:needs more info
Description

Hi! I just heard of the Heartbleed security flaw -- http://heartbleed.com/ -- and tested Trisquel website against it: http://possible.lv/tools/hb/?domain=trisquel.info

Results are:

Looking for TLS extensions on https://trisquel.info

ext 65281 (renegotiation info, length=1)
ext 00035 (session ticket, length=0)
ext 00015 (heartbeat, length=1) <-- Your server supports heartbeat. Bug is possible when linking against OpenSSL 1.0.1f or older. Let me check.
Actively checking if CVE-2014-0160 works: Your server appears to be patched against this bug.

Checking your certificate
Certificate has NOT been reissued since the 0day. <-- Your stuff may be compromised. Consider changing the certificate and passwords.

So... :-)

Wed, 04/09/2014 - 20:54

Might be a good idea to reset people's passwords after changing the certificate.

Thu, 04/10/2014 - 22:42

Resetting passwords is not necessary. The Trisquel website uses Perfect Forward Secrecy. In this setup, if a server was configured to support forward secrecy, then a compromise of its private key can't be used to decrypt past communications.

Every site should support forward secrecy:
https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-important-web-privacy-protection

Fri, 04/11/2014 - 07:13

Passwords should be reset so future communications also are secure. At least that's my understanding of the matter.

Fri, 04/11/2014 - 13:59
Title:CRITICAL: Reissue Trisquel website's certificates! #HeartBleed» CRITICAL: Heartbleed and what to change (cert, passwd) in Trisquel website

Thanks for the information, jxself. But I don't understand how PFS would prevent the exploitation of the Heartbleed bug, which allows an attacker (ironically protected by PFS...?) access to raw memory data, which may be not encrypted (please correct me if I am wrong)... and that could leak sensitive information like users' passwords, even if the leaking of SSL private keys wouldn't do much harm -- which could happen if PFS were disabled in the future.

So, it appears to me we should take two steps:
1. Change our user passwords (perhaps resetting all of them);
2. Reissue the certificate, to avoid potential harm if a mistake is made in the future that eventually disable PFS.

What do you think?

Fri, 04/11/2014 - 16:01

lembas, please read up on perfect forward secrecy. It helps to protect data in transit such that, even if Trisquel's private key was later obtained, it could not be used to decrypt previous network traffic.

GustavoCM seems to be addressing a different topic though which is exploitation of the bug to obtain data at rest. That's one thing that PFS can't help with here but it does place a limit on the "value" of the private key.

Tue, 04/22/2014 - 18:56
Priority:critical» normal
Assigned to:anonymous» david
Status:active» needs more info

Hi! We had to wait a bit to renew the certificates while things settled with our cert provider, but the process is now complete, and the new certificate is live.

Regarding the changing of user passwords, it shouldn't be necessary because of this bug, although it's of course a good measure to take with any online accounts from time to time; I don't think we'll enforce a change, though, but I'll read a bit about the matter.

Thanks to all for your participation and support!