GitHub hit by Massive DDoS Attack From China


Github – a popular coding website used by programmers to collaborate on software development – was hit by a large-scale distributed denial of service (DDoS) attack for more than 24 hours late Thursday night.

It seems like when users from outside countries visit different websites on the Internet that serve advertisements and tracking code from Chinese Internet giant Baidu, the assailants on Chinese border quietly inject malicious JavaScript code into the pages of those websites.
The code instructs browsers of visitors to those websites to rapidly connect to every two seconds in a way that visitors couldn’t smell, creating “an extremely large amount of traffic,” according to a researcher who goes by the name A nthr@x.

“A certain device at the border of China’s inner network and the Internet has hijacked the HTTP connections went into China, replaced some JavaScript files from Baidu with malicious ones,” A nthr@xwrote at Insight Labs.
“In other words, even people outside China are being weaponized to target things the Chinese government does not like, for example, freedom of speech.”

The attack specifically targets two popular Github projects – GreatFire and CN-NYTimes – anti-censorship tools used to help Chinese citizens circumvent The Great Firewall Of China, the government’s censorship of Internet access in China.
  • GreatFire – A well-known group on Github that fights against Chinese government censorship of the Internet.
  • CN-NYTimes – A group that hosts New York Times mirrors to allow Chinese citizens to access the news website, which is normally blocked in China.
Since Baidu search engine is extremely popular, the attack results in the massive flood of traffic on the Github website which begun around 2 AM UTC on Friday and last for more than 24 hours.
GitHub said yesterday that the flood of traffic, a continuous string of distributed denial-of-service attacks, caused irregular outages and that their admins have been working to mitigate the attack with periodic success.
However, the most recent status on the site says the company has deployed new defenses.
We’re aware that is intermittently unavailable for some users during the ongoing DDoS,” GitHub said in a message posted at 1549 UTC Friday.

“Restoring service for all users while deflecting attack traffic is our number one priority. We’ve deployed our volumetric attack defenses against an extremely large amount of traffic. Performance is stabilizing,” a message posted by Github at 15:04 UTC says.

Later, the company noted, “We’ve been under continuous DDoS attack for 24+ hours. The attack is evolving, and we’re all hands on deck mitigating.”
The researcher analyzed the attack and dug out the injected JavaScript that looks like this (pastebin), once unscrambled.
Chinese search engine giant has denied any involvement in the current DDoS attack, saying that Baidu was not intentionally involved in any traffic redirection. “We’ve notified other security organizations,” the company said in a statement, “and are working together to get to the bottom of this.
Original Post:

Ubuntu 15.04 Beta 2 Released, Download Now

After the release of Ubuntu MATE 15.04 Beta 2, Ubuntu 15.04 Final Beta, Ubuntu Kylin 15.04 Beta 2 and Kubuntu 15.04 Beta 2, its time to greet the final beta release of Ubuntu 15.04 (Vivid Vernet). Ubuntu 15.04 Beta 2 has been released and you can download it to test and use. This Ubuntu release is the second release in the Ubuntu 15.04 development cycle. This final beta release will be followed by the final Ubuntu 15.04 release on April 23. And before the final release, you will also get a pinch of a Release Candidate build on April 16.

New Features in Ubuntu 15.04 Beta 2:

It should be remembered that Ubuntu 15.04, codenamed Vivid Vervet is a maintenance release. This is very much similar to the 14.04 LTS release. There are small improvements and bug fixes here and there. The Ubuntu desktop shell Unity is now here with new improvements in this release cycle. The Dash, logout/shutdown dialog and HUD are now displayed properly over the full screen windows. A faster shutdown and startup should be experienced owing to the minor adjustments to the logout and login animations.

Ubuntu 15.04 final beta users will be welcomed by updated versions of Firefox web-browser, Rhythmbox music player and Thunderbird e-mail client as a part of the updated app set. nVidia has given Compiz window manager a fix to solve issues with Nvidia proprietary driver.

Bugs in Ubuntu 15.04 Beta 2 release:

However, there are two bugs in this beta release and they affect all flavors. These are expected to be addressed in the upcoming daily builds:

If you click “reboot now” button after installation, it will eject the installation media and won’t reboot. To deal with this issue, manually turn off they machine and boot it.

Apart from testing purposes, oem-config isn’t recommended to be used with the final beta release because, the OEM user won’t be removed at the final prepare-to-ship stage.

Download Ubuntu 15.04 Beta 2 here:

Download the Ubuntu 15.04 Beta 2 and Flavors from the links given below:

Ubuntu 15.04 Beta

Ubuntu 15.04 MATE Beta 2

Kubuntu 15.04 Beta 2

Ubuntu GNOME 15.04 Beta 2

Original Post:


In this article, we’re taking a look at a method for improving the visual appeal of the Wireshark IO Graph.  The IO Graph in Wireshark is fantastic for getting the bare information out of the tool to communicate to others.  In some cases though, we need to provide that data in a more visually appealing manner.  We’ll be using an online tool called amCharts to create our graphs using data form Wireshark.

What is amCharts?

AmCharts is an advanced charting library that will suit any data visualization need. Our charting solution include Column, Bar, Line, Area, Step, Step without risers, Smoothed line, Candlestick, OHLC, Pie/Donut, Radar/ Polar, XY/Scatter/Bubble, Bullet, Funnel/Pyramid charts as well as Gauges.

Our charts is a completely standalone and independent library, which doesn’t require any 3rd party includes. You can download, try and even use our charts for free. Check chart demos to see all the charts in action.

AmCharts allows us to quickly upload any type of CSV data to be displayed.  In our case, we’ll be using output from Wireshark.  The interface of amCharts then gives us endless flexibility to modify and present our data.

Wireshark IO Graph vs. amCharts

Let’s take a look at the below screenshots.  These charts display the same information – the count of HTTP packets sent, as well as the count of TCP retransmissions.

As we can see, the default display of data out of the Wireshark IO Graph is not ideal.  It’s limited in presentation options, and honestly is an overwhelming amount of buttons and knobs.  The amCharts chart, however, is clean, concise, and easy to read.

Creating a Chart

In this example, we will be creating the chart above using AmCharts.  The purpose of this chart is to visualize the representation between TCP retransmissions and HTTP throughput.  In the case of this issue, there was a bad wire causing the connection to incur significant packet loss.  For this scenario, management wants to have an explanation of what happened and why there was customer impact.  We want to present all of the data to them, but we want to do it simply.

To get a useful chart out of amCharts, there are three main steps we need to follow:

1.       Use the Wireshark IO Graph to find the data you want to present

2.        Copy the data to amCharts

3.       Tweak the amCharts display

We’ll work through each step above to get to a point where you have a chart you can share with your team.

We will be working off the data in this capture file.  Feel free to work along with your own data.

Note:The data uploaded to amCharts will not contain any sensitive data.  The output from Wireshark is exclusively tabular data that will not contain any additional information.

1.  Use the Wireshark IO Graph to Find Your Data

We’re going into this on the assumption that you’re familiar enough with the Wireshark IO Graph to decide that you need something better.  We’re going to skip over the process of creating a basic chart in Wireshark, but for a primer, you can take a look at this page.

1.       Open the IO Graph

2.       Apply the display filters you’re interested in.  In this case, they are:

1.       http

2.       tcp.analysis.retransmission

3.       Select the Copy button

Once we select the Copy button, Wireshark copies the CSV output to our clipboard.  We’ll use this to paste the data to AmCharts.

2.  Copy the Data to amCharts

In this step, we will take the data that’s been copied from Wireshark, open a new amChart project, and paste the copied data into the graph.

1.       Navigate to and select Make a Chart 

2.       You will be asked what type of chart to create.  Let’s choose Line from the Line grouping

3.       The default line chart and data will open and look like this:

default line chart

4.       Remove each of the columns in the data area:2015-03-18_12-14-34

5.       Select the import button and paste the data copied from Wireshark to amCharts

6.       Update the names of the columns – This is mostly for organization


At this point, the data has been uploaded to amCharts.  The next step is to modify the configuration of the data to be represented how we would like.

3.  Configure the amCharts Display Options

In this step, we’ll focus on getting the data displayed in amCharts.

1.       Navigate to General Settings>Category field then select Time.  With this step, we’re telling the chart to use the Time column for the X axis.


2.       Next, navigate to the Graphs folder on the left and select AmGraph-1.

· Change the Title to HTTP


· Expand Data Fields and scroll down to Value Field and select HTTP.  Once HTTP is selected, the graph for HTTP should show up

3.       Select AhGraph-2 and follow similar steps as step 2.

·         Change the Title to TCP Retransmissions

·         Expand the Data Fields and scroll down to Value Field and select TCP Retransmissions.

Now we have a basic chart!  Your chart should look similar to the one below.  As you can see, there are still a few things we want to change – namely the chart titles.


1.       Chart Title is configured under the Titles folder.

2.       The Axis Title is configured under the Value Axis folder then Value Axis-1.

At this point, we have a basic chart showing the relevant information we need.  Already, this chart is much more easy on the eyes than the default output form the Wireshark IO Graph.

There are numerous options for configuring the display of a chart.  Once you’re at this point, it comes down to display preferences.  In the next section, I’ll show some examples of charts created using data from packet captures.  Hopefully these will give some inspiration!


Here are a couple examples of charts that can be created using packet capture data exported from Wireshark.


TCP Retransmissions


TCP SYN/ACK Relationship


Backgrounds and Title Bubbles for Charts

Original Post:,283.html

Enhanced Mitigation Experience Toolkit 5.2 Released

Protect Your Enterprise

The Enhanced Mitigation Experience Toolkit (EMET) is designed to help customers with their defense in depth strategies against cyberattacks, by helping detect and block exploitation techniques that are commonly used to exploit memory corruption vulnerabilities. EMET anticipates the most common actions and techniques adversaries might use in compromising a computer, and helps protect by diverting, terminating, blocking, and invalidating those actions and techniques. EMET helps protect your computer systems even before new and undiscovered threats are formally addressed by security updates and antimalware software. EMET benefits enterprises and all computer users by helping to protect against security threats and breaches that can disrupt businesses and daily lives.

Helps customers with their defense in depth strategies

EMET helps protect against new and undiscovered threats even before they are formally addressed through security updates or antimalware software. EMET includes 14 security mitigations that complement other defense in-depth security measures, such as Windows Defender and antivirus software. EMET installs with default protection profiles, which are XML files that contain preconfigured settings for common Microsoft and third-party applications.

Works well for the enterprise

Enterprise IT professionals can easily deploy EMET through Microsoft System Center Configuration Manager and apply Group Policies in Windows Active Directory to comply with enterprise account, user, and role policies. Administrators can customize and configure EMET deployments and determine which applications they want to protect through which mitigation techniques.

Even for enterprise legacy software that cannot easily be rewritten, or for software being phased out where the source code is not available, EMET provides mitigation protections. The reporting capabilities in EMET are provided through a component called the EMET Agent, which allows enterprises to create logs and notifications for audit purposes.

EMET customer support is available through Microsoft Premier Support Services.

Helps protect in a wide range of scenarios

EMET is compatible with most commonly used third-party applications at home and in the enterprise, from productivity software to music players. EMET works for a range of client and server operating systems used at home and in the enterprise**. When users browse secure HTTPS sites on the Internet or log on to popular social media sites, EMET can help further protect by validating Secure Sockets Layer (SSL) certificates against a set of user-defined rules.

EMET Security Mitigations Included
Attack Surface Reduction (ASR) Mitigation
Export Address Table Filtering (EAF+) Security Mitigation
Data Execution Prevention (DEP) Security Mitigation
Structured Execution Handling Overwrite Protection (SEHOP) Security Mitigation
NullPage Security Mitigation
Heapspray Allocation Security Mitigation
Export Address Table Filtering (EAF) Security Mitigation
Mandatory Address Space Layout Randomization (ASLR) Security Mitigation
Bottom Up ASLR Security Mitigation
Load Library Check – Return Oriented Programming (ROP) Security Mitigation
Memory Protection Check – Return Oriented Programming (ROP) Security Mitigation
Caller Checks – Return Oriented Programming (ROP) Security Mitigation*
Simulate Execution Flow – Return Oriented Programming (ROP) Security Mitigation*
Stack Pivot – Return Oriented Programming (ROP) Security Mitigation

* Available and applicable only to 32-bit processes

** EMET 5.1 supports Windows Vista Service Pack 2, Windows 7 Service Pack 1, Windows 8, Windows 8.1, Windows Server 2003 Service Pack 2, Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Server 2012 R2.


Original Post:

Bruce Schneier: The security mirage

The feeling of security and the reality of security don’t always match, says computer-security expert Bruce Schneier. In his talk, he explains why we spend billions addressing news story risks, like the “security theater” now playing at your local airport, while neglecting more probable risks — and how we can break this pattern.

The most brutal security bugs: Freak, ShellShock, Poodle, Heartbleed and BEAST

In the last couple of years various terrifying methods have been published which allow hackers and security professionals to penetrate environments that are vulnerable to the method or exploit that is being used by the hacker or security professional.


The ShellShock is also known in the security field as the Bashdoor bug. The Shellshock exploit uses various vulnerabilities which can be found in outdated Unix Bash shell environments. Cybercriminals and security professionals could use the Bash vulnerability to process certain requests. The requests could allow the cybercriminal or the security professional to gain unauthorized access to the targeted device(s).

The following CVE’s provide more information about the ShellShock exploit and the Unix Bash shell environment vulnerabilities:

  • CVE-2014-6271
  • CVE-2014-6277
  • CVE-2014-6278
  • CVE-2014-7169
  • CVE-2014-7186
  • CVE-2014-7187

If you want to know if your environment is vulnerable to the Shellshock exploit, then you might want to use the following resources which will answer your question directly:

If you want to test it locally, you can use the following bash command in your Linux environment:

env X='() { (a)=>\’ bash -c “echo date”; cat echo


The HeartBleed security bug has been published in April 2014, the Heartbleed security bug is/was found in the OpenSSL cryptography library which is globally used for the Transport Layer Security protocol.

Now in simple words, the Heartbleed security bug allowed security professionals and cybercriminals to gain access to the memory (storage) of the service which holds the secret key of the SSL/TLS communication.

This means that each device which used the vulnerable SSL/TLS communication would allow hackers and security profesionals to perform man in the middle attacks.

The Man In the Middle attack would allow them to gain information about the user which is using the targeted device.

  • CVE-2014-0160
  • CVE-2014-0346

The following services would be vulnerable to hackers and security professionals:

  • Internet surfing
  • E-mail communication
  • Instant messaging communication
  • Virtual Private Networks

If you want to check if your environment is vulnerable to the Heartbleed bug, then you might want to take a look at the Acunetix Heartbleed test:


The Padding Oracle On Downgraded Legacy Encryption attack is a man in the middle attack which exploits the internet and security software clients fallback to SSL 3.0.

A new variant of the original POODLE attack was announced on December 8, 2014. This attack exploits implementation flaws of CBC encryption mode in the TLS 1.0 – 1.2 protocols. Even though TLS specifications require servers to check the padding, some implementations fail to validate it properly, which makes some servers vulnerable to POODLE even if they disable SSL 3.0  (Source Wikipedia)

  • CVE-2014-3566
  • CVE-2014-8730

If you want to know if you are vulnerable to the Poodle attack, then you can take a look at the following Poodle scanners here:


The Factoring RSA Export Keys attack has been published in 2015, and the attack can harm millions of unaware users worldwide. The FREAK attack is possible because of the fact that the United States has published a policy which would deny the use of stronger SSL/TLS cryptographic methods.

The Freak attack has the following CVE’s:

  • CVE-2015-0204
  • CVE-2015-1637


The Browser Exploit Against SSL/TLS attack is a exploit which had been published in 2011. This attack also exploited the weak encryption which was globally used.

You can find more information about the BEAST attack in CVE-2014-3566.

Original Post:

File Integrity Monitoring (FIM) and PCI-DSS

In this article, we will learn about the requirement of file integrity monitoring in PCI-DSS (Payment Card Industry Data Security Standard). If we talk about PCI-DSS, FIM is the most commonly overlooked requirement, just because the statements in PCI itself do not quite clearly specify what all needs to be protected in order to ensure protection of card holder data. This article will discuss the basics of FIM, FIM requirements in PCI-DSS, Types of FIM, FIM and the Change and Control management processes, and the features that a FIM product must have. Also, this article will be taking newly released guidelines in PCI-DSS 3.0 as a reference.


I have described here in my previous article clearly what led to the evolution of PCI-DSS 3.0 or the key drivers that led to PCI-DSS. FIM control is a mechanism performed to validate the integrity of operating system and business specific files by regular monitoring the state of files against a valid known base line. A checksum is calculated of the important system file and the FIM process keeps on calculating the on-state checksum of the marked files with that of the baseline checksum.

In an organization, file changes will naturally happen and they will happen in a large amount. That is the reason organizations usually try to overlook the monitoring of system files, but to keep a check on the important data, compliances like PCI have made it as a requirement to regularly monitor the important files that if they were to undergo unexpected changes, it would result in critical data loss and serious damage. There are various attributes of files that should be monitored, like privileges, security settings, content, hash values, configuration values, etc. A good deployment of FIM also ensures that malicious code has not been embedded in the monitored locations and prevents the insertion of backdoor or Trojans into one of the core program files like /etc/host ( hosts . allow and hosts . deny etc.).

FIM Requirements in PCI-DSS

The PCI-DSS (Payment Card Industry Data Security Standard) specifies the following requirements:

Requirement no 10.5.5 states that “Use file integrity monitoring or change detection software on logs to ensure that existing log data cannot be changed without generating alerts(although new data being added should not cause an alert)“.

PCI Guidance for Requirement no 10.5.5 “File integrity monitoring or change detection systems check for changes to critical files, and notify when such changes are noted. For file integrity monitoring purposes, an entity usually monitors files that don’t regularly change, but when changed indicate a possible compromise“.

Requirement no 11.5 states that “Deploy a change detection mechanism (for example, file integrity monitoring tools) to alert personnel to unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly“.

PCI Guidance for Requirement no 11.5 “Change detection solutions such as file integrity monitoring (FIM) tools check for changes to critical files, and notify when such changes are detected. If not implemented properly and the output of the change detection solution monitored, a malicious individual could alter configuration file contents, operating system programs, or application executables. Unauthorized changes, if undetected, could render existing security controls ineffective and/or result in cardholder data being stolen with no perceptible impact to normal processing“.

The goal of PCI 10.5.5 and PCI 11.5 is to ensure the integrity of critical logs from the PCI environment and to ensure that changes to files do not allow a breach of PCI data. PCI 10.5.5 ensures the importance of deploying a FIM solution so as to maintain the integrity of the existing log data to make sure log files are not tampered with and the log files meet the requirements during forensic analysis. PCI 11.5 calls for file-integrity monitoring software to look for file changes, and true integrity of your PCI environment requires much more frequent monitoring. An important thing about FIM is that the solution must provide real time monitoring of files and not make system resources take a hit performance wise.

File Integrity Monitoring (FIM) types

FIM works in two modes, namely:

  • Agent based
  • Agent less

In agent based FIM, an agent sits on a host and provides real time monitoring of files. The FIM agent also removes the repeated scanning load on the host and network. But the biggest question that rises against a FIM agent is that it will eat up the host resources. With a FIM agent, a local baseline will be established, and thereafter only qualifying changes will require some operations from the FIM agent and thus consumption of host resources. The FIM agent must have all the capabilities of detecting unauthorized changes, should be platform independent, and have reporting capability of what has been changed alongside with who has changed it.

On the other hand, agent less FIM scanners will be effective only on their scheduled time i.e., there is no real time detection or reporting capability. Also, agent less scanners need to re-baseline and hash every single file on the system each time it scans. Agent less FIM scanner has some positive sides also, like it is easier to operate without the hassle of maintaining the endpoint agents.

Scope of FIM

PCI has stated in a NOTE under requirement no 11.5 that “For change detection purposes, critical files are usually those that do not regularly change, but the modification of which could indicate a system compromise or risk of compromise. Change detection mechanisms such as file integrity monitoring products usually comes pre configured with critical files for the related operating system. Other critical files, such as those for custom applications, must be evaluated and defined by the entity (that is, the merchant or service provider)“.

This statement is a very general and does not point to a particular area (i.e. the word critical is not very well defined). So as a starting point, FIM should be configured to monitor the system files like for Windows System32 or SysWOW64 directory structure. Alongside these system files, Application folders where card related data is kept must also be monitored. The FIM approach should be to track all file attributes and to generate a secure hash out of it. Even a small change would be reported when the file integrity checks will be re-run again as the newly created hash will not be same as that of the hash previously created at the file. A FIM check process should include:

  • File Size
  • Version
  • When the file is created and modified
  • Who has modified the file
  • Unauthorized access of confidential files
  • Changes to directories
  • Security permissions – newly added permissions, deleted permissions and changed to existing permissions
  • Registry Changes – changed registry values, removed registry keys and sub keys
  • Changes in System Binaries and Configuration files

FIM and Change Management Process

If FIM is deployed and configured in a standstill mode, then a large number of false positives would result. As a best practice, the FIM process should be tightly integrated with the Change Management process defined in an organization. Since FIM provides zero tolerance to any amount of changes (whether major or minor), the change management process should be well defined, followed and must inform FIM well in advance about the changes about to occur, so that the false positive count does not rise.

In fact, most advanced FIM systems provide a means through a change template that can be predefined to provide easy means to observe all the changes marked as a planned activity. This will also help in detecting any changes that have occurred outside the planned change window or template and will be recognized as unplanned and therefore damaging or malicious. Therefore, FIM used in conjunction with a closed loop change management system schedules planned changes, and associated file integrity changes must be logged.

Features that a FIM must possess

A FIM product without some useful features as described below is of no use. A FIM product must be capable of detecting that an unauthorized change has occurred, what has been changed, who has changed it, etc. Following are the features that a FIM product must possess:

  • Detection of unauthorized change

    The first and foremost feature of the FIM product should be to detect any unauthorized changes to file system. I have used the term unauthorized because a FIM deployment must happen with a change control process so as to remove approved changes from being listed as a FIM alert. FIM products must generate a hash using algorithms like SHA to protect the data theft from malicious software like malware.

    A question that usually comes from organizations is that they have an antimalware or antivirus solution in place, so the chances of a malicious program to do something in the system are very low. One thing organizations must realize and understand is that solutions like antimalware first of all must be regularly updated, and even if they are so, there can be zero day exploits that can happen against them. So if a zero day attack happens, then there is no means to detect any unusual modifying of file content. So a FIM is a necessary solution that actually acts as a last line of defense.

  • Give more information about who has changed what, when.

    Generating a secure hash will only give you indication that something has changed, but not other attributes like what has changed, who has changed it, etc. So a good FIM solution alongside detecting that something has changed must also provide more information about who has changed it and what exactly has changed. For this to happen, the FIM product should consider the file and capture the file as a readable text, and any changes will be detected and reported. Suppose if an access control list is changed, so if that ACL comes under FIM, then it must state out the exact changes.

  • File or Folder Access Monitoring

    We have discussed that the hash should be generated for files that need to be monitored, and FIM on a re-run check again generates a hash file to detect any change. But think about log files. Log files are constantly updated, so generating a hash and re-generating a hash on a re-run will always trigger an alert that is certainly a false positive. As per reports, most of the data theft that has occurred is because of an insider, so to deal with log files, files and folders access permissions must be under FIM radar, so that any access, whether authorized or unauthorized (for rogue admins) is detected, and the FIM product must provide a full audit trail, including account names about who has accessed the data and their further activity.

  • A lightweight FIM endpoint agent

    If an organization has chosen to deploy a FIM agent, then the FIM agent must be very light and should not eat up too many host resources. Organizations must keep a check on performance and resource consumption of the FIM agent.


FIM is a must-have monitoring solution that every organization must deploy and manage. But deploying a FIM without a defined change management process would generate a lot of false positives, so the organization’s specific change management process should be well defined and integrated with FIM to gather unapproved and malicious events from FIM.


Original Post:

‘FREAK’ — New SSL/TLS Vulnerability Explained


Another new widespread and disastrous SSL/TLS vulnerability has been uncovered that for over a decade left Millions of users of Apple and Android devices vulnerable to man-in-the-middle attacks on encrypted traffic when they visited supposedly ‘secured’ websites, including the official websites of the White House, FBI and National Security Agency.

Dubbed the FREAK” vulnerability (CVE-2015-0204) – also known as Factoring Attack on RSA-EXPORT Keys – enables hackers or intelligence agencies to force clients to use older, weaker encryption i.e. also known as the export-grade key or 512-bit RSA keys.
FREAK vulnerability discovered by security researchers of French Institute for Research in Computer Science and Automation (Inria) and Microsoft, resides in OpenSSL versions 1.01k and earlier, and Apple’s Secure Transport.
Back in 1990s, the US government attempted to regulate the export of products utilizing “strong” encryption and devices were loaded with weaker “export-grade” encryption before being shipped out of the country.
At that time, it was allowed a maximum key length of 512 bits for “export-grade” encryption. Later in 2000, with the modification of the US export laws, vendors were able to include 128-bit ciphers in their products and were able to distribute these all over the world.
The only problem is that “export-grade” cryptography support was never removed and now three decades later, FREAK vulnerability make it significantly easier for hackers to decode the website’s private key and decrypt passwords, login cookies, and other sensitive information from HTTPS connections.
Assistant Research Professor Matthew Green of Johns Hopkins University’s Information Security Institute in Maryland summarizes the FREAK vulnerability in a blog post detailing how a hacker could perform MitM attack:
  • In the client’s Hello message, it asks for a standard ‘RSA’ ciphersuite.
  • The MITM attacker changes this message to ask for ‘export RSA’.
  • The server responds with a 512-bit export RSA key, signed with its long-term key.
  • The client accepts this weak key due to the OpenSSL/Secure Transport bug.
  • The attacker factors the RSA modulus to recover the corresponding RSA decryption key.
  • When the client encrypts the ‘pre-master secret’ to the server, the attacker can now decrypt it to recover the TLS ‘master secret’.
  • From here on out, the attacker sees plain text and can inject anything it wants.

A scan of more than 14 million websites that support the SSL/TLS protocols found that more than 36% of them were vulnerable to the decryption attacks that support RSA export cipher suites (e.g.,TLS_RSA_EXPORT_WITH_DES40_CBC_SHA).

Cracking a 512-bit key back in the ’90s would have required access to supercomputers of that time, but today, it can be done in seven hours and cost nearly $100 per website only.
It is possible to carry out FREAK vulnerability attack when a user running a vulnerable device — currently includes Android smartphones, iPhones and Macs running Apple’s OS X operating system — connects to a vulnerable HTTPS-protected website. At the moment, Windows and Linux end-user devices were not believed to be affected.
FREAK vulnerability is similar to last year’s POODLE flaw or Padding Oracle On Downgraded Legacy Encryption, which allowed hackers to downgrade the entire SSL/TLS Internet-communication security suite to the weakest possible version. FREAK affects only those SSL/TLS implementations that accept export versions of protocols that use the RSA encryption algorithm.
Online SSL FREAK Testing Tool
Security researchers are maintaining a list of top vulnerable websites and encourage web server administrators to disable support for export suites, including all known insecure ciphers, and enable forward secrecy.

You can also use an Online SSL FREAK Testing Tool to check whether a website is vulnerable or not.

Google said an Android patch has already been distributed to partners. Meanwhile, Google is also calling on all websites to disable support for export certificates.
Apple also responded to the FREAK vulnerability and released a statement that, “We have a fix in iOS and OS X that will be available in software updates next week.”
Original Post:

Up ↑