
This URL crashes Chrome/Chromium - reirob
https://demo.cmrg.net/
======
Robin_Message
Flagged. That's pretty annoying reirob; I assumed that would be a link to an
article about the URL, since just crashing my browser was obviously a bad
thing to do.

Question to downvoters: You don't ever click down the list of Hacker News
submissions without thinking too hard first, or you don't think crashing my
browser (and losing any state I had in them) is annoying?

~~~
reirob
Well, I have got it from Fefe's blog [1] directly as the link. I tried it out
before submitting, i.e. I opened a Chromium browser and put the link. The
title says what it does - I do not think it is link bait. And Fefe's blog
gives as explanation (rough translation from German): The TLS handshake of
this site kills Chrome browser.

I too want to know what goes on and I actually think that HN IS the place to
submit this kind of bugs.

------
aurumpotest
...I didn't think that one through.

~~~
millerc
Well... nobody can say the title is misleading.

------
pgrote
I didn't try it in Chrome, but in Firefox I get the following. Is that right?

Secure Connection Failed

An error occurred during a connection to demo.cmrg.net. SSL received a weak
ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error
code: ssl_error_weak_server_ephemeral_dh_key)

    
    
        The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
        Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

------
willvarfar
Anyone explain what it does to chrome?

I'm using chrome on android, and it doesn't crash and the lock icon info
doesn't show anything that jumps out as wrong.. ?

~~~
reirob
Document explaining the root of the weakness in the TLS protocol:
[https://secure-resumption.com/](https://secure-resumption.com/)

Blog from Chrome- and TLS developer Adam Langley:
[https://www.imperialviolet.org/2014/03/03/triplehandshake.ht...](https://www.imperialviolet.org/2014/03/03/triplehandshake.html)

~~~
ambrop7
Those links just talk about some weakness, I don't see anything saying they're
related to the crash.

------
fotcorn
This also works in a html file with an img tag:

<img src="[https://demo.cmrg.net/">](https://demo.cmrg.net/">)

------
JetSpiegel
Firefox says

SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange
handshake message.

~~~
double051
(Error code: ssl_error_weak_server_ephemeral_dh_key)

------
barrkel
It didn't crash Chrome for me, but that's because I was using an out of date
version.

------
pritambaral
Relevant Chromium issue:
[https://code.google.com/p/chromium/issues/detail?id=348987](https://code.google.com/p/chromium/issues/detail?id=348987)

------
hannob
The crash is caused by very short parameters for diffie hellman key exchanges
in TLS. I did some further tests on that:
[https://dh.tlsfun.de/](https://dh.tlsfun.de/)

Here's what I found in my blog: [http://blog.hboeck.de/archives/841-Diffie-
Hellman-and-TLS-wi...](http://blog.hboeck.de/archives/841-Diffie-Hellman-and-
TLS-with-nonsense-parameters.html)

------
artimaeis
IE11 gives a page can't be displayed. Investigating console reveals "code on
this page disabled back and forward caching".

------
benbristow
I thought the process-per-tab thing was meant to stop this sort of thing from
taking the whole browser down.

~~~
pritambaral
That helps when the website code itself is malicious/broken. This crash is due
a bug in the underlying TLS code itself. I don't think TLS is sandboxed or
separated-per-tab, nor should it expectedly be.

------
codesilverback
I don't know what I expected.

[http://i3.kym-
cdn.com/entries/icons/original/000/014/009/mic...](http://i3.kym-
cdn.com/entries/icons/original/000/014/009/michael.jpg)

~~~
redeemedfadi
exactly what I came here to post.

------
BESebastian
I'm not entirely sure what I expected when I clicked this.

------
ambrop7
Crashed Chromium 33.0.1750.117 x86_64 built on Gentoo.

------
napkindrawing
Crashes Chrome 33.0.1750.146 on OSX 10.9.1

------
dmarlow
Fell for it. I see what you did there...

------
Shorel
Opera 12 shows a big warning dialog warning the user that the site uses
outdated and unsafe encryption.

------
owenversteeg
It didn't crash Chromium for me. Arch Linux, Chromium 28.

~~~
pritambaral
Seems like a regression in the latest (33).

------
uslic001
Crashed Chrome Version 33.0.1750.146 m on Windows 8.0.

------
tete
Btw. it didn't just crash the sandbox.

------
jongibbins
Opera 20 on Windows. Boom!

------
qKyuu
Stop posting a direct link that crashes the whole web browser, that is down
right malicious!

It's some sort of regression and a patch is already in review:
[https://codereview.chromium.org/178003011/](https://codereview.chromium.org/178003011/)

Stop karma whoring with this irresponsible shit.

