(800) 441-6612    |    +1 (339) 368-5641
LuxSciLuxSci
Secure Email,
Web and Form Solutions
Phone: 800-441-6612
sales@luxsci.com
support@luxsci.com

Is SSL/TLS Really Broken by the BEAST attack? What is the Real Story? What Should I Do?

Share Post:
More...

Update – April, 2012. openssl v1.0.1 is out and it supports TLS v1.1 and v1.2 which help mitigate this attack.  All web sites hosted by LuxSci now use this updated software and are safe from BEAST.  LuxSci recommends using a web host which supports TLS v1.1 and v1.2 for secure web connections.

—-

SSL v3 and TLS v1 are subject to a serious exploit, according to a recently published attack mechanism (called BEAST).  This sounds foundation-shattering and kind of scary. When people see this, as when we did, the first panicky questions that arise are:

  • What is really affected?
  • How serious is it?
  • What can I do to protect myself?
  • How does the BEAST attack actually work?

After researching this issue, we have digested what we have found and produced this article to answer all of these questions for you.

What is really affected by BEAST?

This problem can affect people browsing secure web sites, allowing eavesdroppers to gain full access to your accounts on those web sites under certain conditions.  It does not affect

It does affect:

  • Accounts you may have with secure web sites that you login to, like PayPal, LuxSci, Gmail, Bank of America, Facebook, etc.

When could my web site browsing be compromised?

If you are using a network where someone malicious can view all normal traffic on the network, and where they can also intercept and modify that traffic, then they can try to compromise your secure web site browsing.

Note that this does not include bad people using the same wifi network or ISP as you, who can eavesdrop on your insecure connections — SSL is still an effective defense against them.   It does include situations where, for example:

  • The folks in charge of your local network are malicious.
  • Malicious folks have broken into your local network and have gained control over its servers.
  • You are in a country where all network traffic into and out of it is monitored.

People who are not in malicious countries and are using networks that are “trusted” probably do not have to worry too much.  By “trusted”, we mean

  • The administrators as your local ISP (i.e. Comcast, AOL, Verizon, etc.) are usually trusted.  We already trust them to a large degree — if they wanted to they could compromise our systems much more easily than using this TLS attack (i.e. by designing Trojans or viruses and introducing them into our systems)
  • The IT staff running your school or work network are usually trusted.  (Well, the people at work already “own” everything you do in their network.)  And, like ISP operations staff, the administrators of these networks could do much worse things to you much more easily than this TLS attack, if they wanted to.
  • The Government — do you trust them to not force ISPs to eavesdrop on you?  Even if they were doing this, depending on the Government involved and the situation, most people would have little to worry about.

This attack is an issue of organizations that want to eavesdrop on your communications or access your accounts without your knowledge and who either (a) already know what web sites you frequent, or (b) have access to enough people’s web traffic that they just try to compromise accounts of very popular places like Gmail, PayPal, or certain Banks.

If you are not the trusting sort, you see that there is a significant threat potential here that depends on where you are and what you are doing.

Under what conditions can I be compromised?

Simply put, if there is an attack made against you, you could be compromised if:

  1. You load up any insecure web page (i.e. the web page address starts with http:// and not https://) and have JavaScript enabled in your browser.
  2. You keep browsing the Internet using the same browser for up to 10 minutes
  3. You then visit that secure web site which the attacker desires to be able to access as you.

Note that the attacker needs to guess or know about 10 minutes ahead of time what secure web site you are going to visit.  This timeframe of 10 minutes will get shorter and shorter as more computer power is brought to bear in the attacks.

As an example, let us assume that the attacker is trying to eavesdrop on everyone’s Gmail account accesses in order to gain usernames, passwords, and other sensitive data.

  1. When you visit an insecure web page (like http://google.com)
  2. The attacker beings gathering and processing data for accessing https://gmail.com
  3. You surf around for a while,
  4. You visit https://gmail.com to check your email
  5. The attacker is able to use the information gathered to access your Gmail account as if they had just logged in as you.

How can I protect myself?

If you are concerned about this attack, you can protect yourself from it by:

  • Closing your browser (all open windows)
  • Open your browser and go directly to the desired secure site without connecting to any insecure sites first.

This works because the attack requires the same browser session be used for a period of time.  Closing and re-opening your browser negates any preparation work done by the attacker.  Starting in a secure (https://) web browsing session prevents the attacker from even getting started.

You can accomplish this without much effort by:

  1. Make your “home page” (the page that opens when you start your web browser) a secure page.  I.e. https://luxsci.com.  Then you can use browser-bookmarks to your favorite secure sites to navigate to them from your initial secure page.
  2. Put  bookmarks to frequently visited secure web sites on your desktop, so when you click on them your browser is opened and you go directly to that secure page.
  3. Disable JavaScript in your browser.  Alternately, configure your browser to only allow JavaScript with specific trusted secure sites.
  4. Use a VPN (virtual private network).  If you connect your computer to a network you do trust (like work), this sends all your secure and insecure web connections over the VPN bypassing any ability of a malicious person in your local network from viewing or interfering with any of your web browsing.

Also, if your attacker doesn’t know your browsing habits, then they are unlikely to compromise your browsing of secure sites that are not very, very popular.  I.e. sites like gmail.com, facebook,com, bankofamerica.com, and other ones that very large numbers of people visit are likely targets.  Smaller sites like luxsci.com are not.  However, if the attacker knows where you visit, all bets are off in this respect.

How does the BEAST attack actually work?

  1. When you visit an insecure web page, the attacker alters the returned page or returned JavaScript to add malicious JavaScript to the content that you download.
  2. This malicious JavaScript runs automatically in your web browser (if you have use of JavaScript enabled)
  3. The JavaScript opens a secure connection to (for example) https://gmail.com
  4. The attacker compares the encrypted traffic between your browser and https://gmail.com with the known data that was sent by the JavaScript.  Using several minutes of computer processing power, the attacker can figure out something called the “Initialization Vector” of your secure session.
  5. This information allows them to access the future secure authentication cookies sent to the same web site in the same browser session.
  6. These cookies can be “replayed” by the attacker to give them full access to your account as if they were already logged in.  They can see any sensitive data that you have there and perform actions as you.

It is important to note that:

  • This attack requires JavaScript in a web browser to work.
  • It requires an insecure web connection be made and for the attacker to be able to modify the content returned to you.
  • The attacker must guess what secure web site you will visit.
  • The attacker must have time to gather and analyze data.
  • You must then connect to and login to that same web site in the same browser session (i.e. without closing and re-opening your browser or using a different browser).
  • The attacker must use that site as you while your logged in session is active (if you explicitly logout, that would usually also logout the attacker; lets hope the attacker has not changed your password on you!).

Also:

  • This attack affects SSL v3 and its successor, TLS v1.0
  • It does not affect web sites using TLS v1.1 or TLS v1.2 for encryption

Well, can I just use “TLS v1.1″ or “TLS v1.2″?

The answer is “Yes, kind of”.

  • Only the Internet Explorer and Opera web browsers support TLS v1.1 and higher.  All other web browsers (i.e. Google Chrome, FireFox, Safari, and probably most if not all mobile browsers) do not support these newer security protocols at all.  Also, even though Internet Explorer does support these, they are generally disabled by default.  There is also some concern that enabling them can cause issues accessing some regular secure web sites — i.e. if you enable it and some sites no longer work, you know what happened.
  • Most web servers do not support TLS v1.1 or TLS v1.2 yet, so even if your browser supports it, your target secure site probably does not — i.e. bankofamerica.com does not, luxsci.com does not, mail.google.com does not, etc. According to Opera only 0.25% of web servers support TLS v1.1 or better – that is NOT 25% that is one quarter of one percent!

Why do most servers not support the better TLS v1.1+?

  • The standard production-quality SSL software libraries, like “openssl“, do not yet include TLS v1.1 support so most web sites cannot enable it.  While the newest still-in-development openssl versions do support TLS v1.1, these are obviously not yet included in the standard operating system install distributions and there are concerns about performance, reliability, and bugs.
  • There has not been a strong need for TLS v1.1 and v1.2 support up until now.

LuxSci is contacting the various vendors (like RedHat) to see if perhaps TLS v1.1 support will be incorporated into existing distributions so that everyone out there who depends on these can upgrade easily.

The alternatives — use some other SSL system or use a very new openssl distribution that has not been well vetted  in the context of peoples’ servers — are both very unattractive as they would require many updates, lots of lots of testing, and probably some downtime to install and push out across an organization.  Use of alternative software would also mean that any future openssl security updates need to be managed either manually or via some new to-be-implemented update mechanisms.  All very unattractive — that is why these alternate solutions are not in wide use yet, in deference to the standard auto-updating non-TLS v1.1-supporting versions.

Despite this, LuxSci.com is currently investigating adding TLS v1.1 support to its secure web servers as it is the right thing to do and the sooner the better.

You can check the SSL-capabilities of any web site you like and also see if it supports TLS v1.1 or v1.2 by using this SSLLabs web site.

What about the Web Browser updates?

The browser manufacturers are currently investigating this issue and the extent to which it makes their users vulnerable.  We would expect them to issue some browser software updates that mitigate this attack to some degree without needing web servers to upgrade to TLS v1.1. While web server upgrades are, of course, desirable in the long run, they certainly won’t happen fast.

Microsoft considers the threat level of this issue relatively low; FireFox is looking to develop a “Fix” soon; other TLS experts are not overly concerned at the moment.

The Take Away Message

People should always be concerned and aware of security as the landscape changes constantly.  We think that beyond the need to upgrade and to implement software fixes, consider the following:

  • We should actually use SSL and TLS whenever possible. Insecure sites puts our browser and computer at risk, as we have no control over what malicious third party may inject into our browsing session.  SSL and TLS actually protect us from that threat.
  • When going to secured web sites, it is best to start in a new browsing session or one that has only visited other secure (https://)  sites.
  • Make your home page a secure site and your other secure sites easily-accessed via bookmarks
  • Use a separate web browsers for normal insecure browsing and for access to your secure sites.
  • Keep your software, web browsers, operating system, anti-virus, and other components up to date.

If/when browser manufacturers push out fixes for this problem, the “threat level” will significantly decrease (it is low at the moment anyway as there are probably few if any people out there actively using this attack vector yet).

However, it is very likely that similar attacks that hijack insecure connections for various reasons will continue to arise in the future.  It would be a good habit to use separate browsers for your secure and insecure browsing, as described above.

Proactive security habits are a good thing.

Share:
More...

4 Responses to “Is SSL/TLS Really Broken by the BEAST attack? What is the Real Story? What Should I Do?”

  1. Erik Kangas Says:

    According to Slashdot, The Google Chrome developers have already developed a “fix” for BEAST that is in the latest version of Chrome and which will likely propagate to everyone using Chrome soon. I presume other browser manufacturers will follow suit soon.

    http://it.slashdot.org/story/11/09/22/038227/Google-Prepares-Fix-To-Stop-SSLTLS-Attacks

  2. beverett Says:

    Is one solution to start securing entire sites? For example, this blog is not secure. If I spend 10 minutes reading it and then log into my LuxSci account, am I endangering my account?

  3. Erik Kangas Says:

    That is one possible, though drastic, solution. Securing entire sites would put quite a strain on servers as the overhead of encryption does take quite a toll when lots of people are using a site.

    This blog is not currently secure, by default. However, you can always browse LuxSci’s public pages securely by changing the URL from http:// to https:// — of course any real solution would no depend on any manual action of the end user. Are you endangering your account — probably not unless there is someone who has started using this attack already and is in your local network.

    We’ll have to see what direction the net goes in. Currently the major browser vendors are working to fix this issue (which won’t help people who refuse to stop using Internet Explorer 6, 7, and 8) — as with most security issues, people who stick with old software leave themselves vulnerable. LuxSci is looking at supporting TLS 1.1 — however, even if we do that right away, it won’t really help the common man much until support for that is standard and enabled across major browsers.

  4. Erik Kangas Says:

    Update from Microsoft:

    Microsoft Security Advisory (2588513)

    Vulnerability in SSL/TLS Could Allow Information Disclosure Published: Monday, September 26, 2011 Version: 1.0 General Information Executive Summary Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0 and TLS 1.0, affecting the Windows operating system. This vulnerability affects the protocol itself and is not specific to the Windows operating system. This is an information disclosure vulnerability that allows the decryption of encrypted SSL/TLS traffic. This vulnerability primarily impacts HTTPS traffic, since the browser is the primary attack vector, and all web traffic served via HTTPS or mixed content HTTP/HTTPS is affected. We are not aware of a way to exploit this vulnerability in other protocols or components and we are not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Leave a Comment

You must be logged in to post a comment.

Security Certifications TRUSTe EU Safe Harbor Thawte Extended Validation SSL Certificate McAfee Secure Authorize.net Merchant
• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 BlackBerry
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries