Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

04:37 PM
Connect Directly

One-Fourth Of SSL Websites At Risk

Many sites haven't applied patches for well-known 'renegotiation' flaw

More than a year after the Internet Engineering Task Force (IETF) issued a security extension to the Secure Sockets Layer (SSL) protocol for a flaw that affects servers, browsers, smart cards, and VPN products, as well as many lower-profile devices such as Webcams, more than one-fourth of SSL websites haven't deployed the patch--leaving them vulnerable to a form of man-in-the-middle attack.

Of the 1.2 million SSL-enabled website servers recently surveyed by Ivan Ristic, director of engineering at Qualys, more than 25 percent were not running so-called secure renegotiation. Ristic also found that among 300,000 of the top one million Alexa websites, 35 percent were vulnerable to this type of attack, which basically takes advantage of a gap in the SSL authentication process and lets an attacker wage a MITM attack and inject his own text into the encrypted SSL session. The gap occurs in the renegotiation process, when some applications require that the encryption process be refreshed.

The IETF teamed up with the Industry Consortium for the Advancement of Security on the Internet, and several vendors, including Google, Microsoft, and PhoneFactor, and came up with a fix for SSL, known as Transport Layer Security (TLS) in the IETF standard. The fix -- Transport Layer Security (TLS) Renegotiation Indication Extension -- was issued in January of 2010 by the IETF.

"It's a paradoxical that the security of the top sites is worse than the average," Ristic says of the findings, which he presented for the first time today at InfoSec Europe in London.

Ristic says these vulnerable sites basically didn't patch for the flaw. "Secure renegotiation is automatically available after patching," he says. "The vulnerable systems could have also implemented a workaround--typically by disabling client-initiated renegotiation--but they didn't do that, either."

PhoneFactor's Marsh Ray, who discovered the flaw, says the data unfortunately shows a typical security pattern when it comes to deploying fixes. "A certain number of sites fix it right away, and then [adoption] trails off after that," Ray says.

"We did everything we could. We got the vendors in a position where they could offer patches. You can lead a horse to water," but you can't make him drink it, Ray says.

SSL security has been in the spotlight for some time, first with the MITM hack by researcher Moxie Marlinspike that dupes a user into thinking he's in an HTTPS session when he has actually been redirected by the attacker elsewhere. Then came researcher Dan Kaminsky's research, which exposed critical bugs in the X.509 digital certificate technology used in SSL.

"I think there's no chance of getting individual users to substantially improve SSL deployment. There's too many and virtually no one cares. My take is that we should focus on library developers [such as] OpenSSL to get them to remove obsolete features and software vendors to ship with properly secure defaults," Ristic says.

He says longer term, other efforts will help secure SSL deployment. "Long term, the approach used by Google will, I am sure, turn out very well. They are using performance improvements to sneak in security improvements. For example, their SPDY protocol is 100 percent encrypted by default. So all those people moving to SPDY for performance will also get extra security," Ristic notes. "Overall, our combined efforts, SPDY, DNSSEC, HSTS, and similar smaller protocol improvements will in time provide results."

Ristic and his SSL Labs team surveyed some 1.2 million servers with valid SSL certificates.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Latest Comment: Exactly
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-09-22
Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.
PUBLISHED: 2020-09-22
Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.
PUBLISHED: 2020-09-22
Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. It is possible to upload an executable or .bat file that can be executed with the help of a functionality (E.g. the "Application Star...
PUBLISHED: 2020-09-22
Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.
PUBLISHED: 2020-09-22
Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuratio...