Project: | Web |
Component: | Main |
Category: | bug report |
Priority: | normal |
Assigned: | david |
Status: | needs more info |
Hi! I just heard of the Heartbleed security flaw -- http://heartbleed.com/ -- and tested Trisquel website against it: http://possible.lv/tools/hb/?domain=trisquel.info
Results are:
Looking for TLS extensions on https://trisquel.info
ext 65281 (renegotiation info, length=1)
ext 00035 (session ticket, length=0)
ext 00015 (heartbeat, length=1) <-- Your server supports heartbeat. Bug is possible when linking against OpenSSL 1.0.1f or older. Let me check.
Actively checking if CVE-2014-0160 works: Your server appears to be patched against this bug.
Checking your certificate
Certificate has NOT been reissued since the 0day. <-- Your stuff may be compromised. Consider changing the certificate and passwords.
So... :-)
Might be a good idea to reset people's passwords after changing the certificate.
Resetting passwords is not necessary. The Trisquel website uses Perfect Forward Secrecy. In this setup, if a server was configured to support forward secrecy, then a compromise of its private key can't be used to decrypt past communications.
Every site should support forward secrecy:
https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-important-web-privacy-protection
Passwords should be reset so future communications also are secure. At least that's my understanding of the matter.
Thanks for the information, jxself. But I don't understand how PFS would prevent the exploitation of the Heartbleed bug, which allows an attacker (ironically protected by PFS...?) access to raw memory data, which may be not encrypted (please correct me if I am wrong)... and that could leak sensitive information like users' passwords, even if the leaking of SSL private keys wouldn't do much harm -- which could happen if PFS were disabled in the future.
So, it appears to me we should take two steps:
1. Change our user passwords (perhaps resetting all of them);
2. Reissue the certificate, to avoid potential harm if a mistake is made in the future that eventually disable PFS.
What do you think?
lembas, please read up on perfect forward secrecy. It helps to protect data in transit such that, even if Trisquel's private key was later obtained, it could not be used to decrypt previous network traffic.
GustavoCM seems to be addressing a different topic though which is exploitation of the bug to obtain data at rest. That's one thing that PFS can't help with here but it does place a limit on the "value" of the private key.
Hi! We had to wait a bit to renew the certificates while things settled with our cert provider, but the process is now complete, and the new certificate is live.
Regarding the changing of user passwords, it shouldn't be necessary because of this bug, although it's of course a good measure to take with any online accounts from time to time; I don't think we'll enforce a change, though, but I'll read a bit about the matter.
Thanks to all for your participation and support!