

Zero-day flaw found in web encryption - Anon84
http://news.zdnet.co.uk/security/0,1000000189,39860592,00.htm

======
tptacek
What a fabulously badly written, sensationalistic article. The TLS problem
published last week affects virtually none of the applications that use HTTPS
on the web today: they're currently only relevant to applications in which the
_client_ is required to carry a certificate to authenticate themselves.

~~~
jerf
That was the initial report from one of the researchers, but there are claims
that it can be demonstrated to work in cases not involving client-side
certificates, too. See <http://extendedsubset.com/?p=8> : "Cases not involving
client certificates have been demonstrated as well."

Unfortunately, that's all the data I have on that, that one sentence, and a
few other places that have the same basic info which may or may not simply be
reflections of this one. I haven't seen any additional substantiation.

~~~
tptacek
The flaw here is that TLS tunnels multiple sessions inside a single
connection, and, particularly with HTTPS, the first one of those sessions is
both client-anonymous and (the bug) "live" --- in that any commands received
in that session will be processed as long as a subsequent session is client-
authenticated. That's the "authentication gap" being talked about in the
reports.

What's also true is that there are lots of protocols, many of them very
obscure, that either rely on client auth, or that may themselves have an app-
layer notion of multiple sessions which will conflict with TLS's session
renegotiation.

I'm not going to eat my hat or anything if this happens, but I'd bet againt
someone finding a plausible MITM attack that beats server certificates using
this attack. I think it's reasonably safe shorthand right now to say this
attack largely applies to apps that use SSL outside of its common case.

------
_pius
The "web encryption" being discussed are the TLS and SSL protocols.

------
maukdaddy
Does zdnet understand what zero-day really means?

~~~
wyday
They used it correctly.

From wiki: _"Zero-day attacks occur when a vulnerability window exists between
the time a threat is released and the time security vendors release patches."_

A flaw exists. No released patches yet.

~~~
ramchip
I was surprised to read this. Wikipedia also has "Zero-day warez: copyrighted
works that are pirated on the same day they are released", so the meaning of
zero-day is different depending on the context.

I'm not quite convinced by the Wiki quote though; more than once, I've heard
0-day attacks to mean a vulnerability found on the day a new version of a
software is released. Perhaps both meanings exist.

~~~
ars
> I've heard 0-day attacks to mean a vulnerability found on the day a new
> version of a software is released.

I've never heard that meaning. It doesn't really make sense - why would
someone care if the vulnerability was the same day of the new version or not?
(Except to show off.)

Zero day to me, means it's the first day after the vulnerability was found.
i.e. it's a brand new vulnerability, and no one else knows about it or has a
defense for it. (It being assumed that all vulnerabilities are fixed the day
they are found.) Extending it to mean "until it's fixed" makes sense too when
dealing with certain vendors who don't fix things very fast.

~~~
tptacek
No matter who's defining it, the term is always _very much_ about showing off.

~~~
ramchip
Exactly - warez group love to show off. Just look at those 'old school' cracks
with the tracked music and animation, all coded in raw assembly for the sake
of speed and glory.

------
bcl
And a FYI - SSH is not vulnerable to it.

