Feeds

Update your Mac NOW: Apple fixes OS X 'goto fail' SSL spying vuln

Guys, Patch Tuesday is for Microsoft and Adobe, this should have been Patch Friday

The essential guide to IT transformation

Apple has released OS X 10.9.2 which, you'll be delighted to know, improves the "accuracy" of the unread message count in Mail, and fixes the autofill feature in Safari among other little tweaks.

It also just so happens to snap shut a gaping security vulnerability that potentially allowed hackers to hijack users' bank accounts, read their email, steal their passwords, and compromise other SSL-encrypted communications.

On Friday afternoon, the Cupertino giant updated iOS 7 and 6 for iPhones, iPods, iPads, and Apple TVs to squash a flaw that knackered the integrity of SSL connections: a programming bug caused Apple's SSL code to skip over vital checks of a server's authenticity when establishing a connection. Apps affected by the flaw were left with no way to securely prove who they were talking to over the network.

Then it quickly became clear over the weekend that Apple's desktop operating system OS X 10.9.1, the latest publicly available, was also vulnerable since it used the same broken SSL library. But an update to fix the issue was only released on Tuesday.

Any software running on OS X 10.9.1 that relies on Apple's vulnerable Security library – such as the Safari web browser, the official Twitter for Mac app, iMessage, FaceTime, and the Mail email client – was vulnerable to man-in-the-middle attacks. A malicious router or Wi-Fi point could intercept HTTPS, IMAPS, and other SSL-encrypted traffic from the machine, silently masquerade as a legit website or other online service, and decrypt the information in transit without the victim knowing.

Thanks to tools like mitmproxy, it is trivial to set up a system on a network to pull this off. Your marks will even come to you: Sophos' James Lyne and his colleague Paul Ducklin set up a free Wi-Fi hotspot in San Francisco on Monday, and had hundreds of Apple users connect to it, although fortunately that access point was not configured to attack.

As described in detail by Google engineer Adam Langley on his personal weblog, the verification fault lies in the SSLVerifySignedServerKeyExchange() function of sslKeyExchange.c deep within the Security framework library used by OS X and iOS to provide supposedly secure connections across the internet.

The following code has two goto fail; statements, meaning if the first isn't executed, the second one surely will. A crucial cryptographic signature check is skipped over, allowing the server to offer a public certificate of, say, google.com, and claim to be that site, while not possessing the corresponding private key to prove it.

if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
                goto fail;
                goto fail;

Apple provoked fury on two levels among infosec professionals and its users: first, it allowed a change to the Security framework that broke SSL handling to pass through Q&A. Second, it waited days to fix the issue even though knowledge of the terrible flaw was in the wild, ready to be exploited, seemingly so that it could conveniently bundle the patch with an upgrade for making voice calls with FaceTime.

Screenshot of the list of updates for OS X 10.9.2

Last but certainly not least ... a critical security patch (click to enlarge)

Visiting gotofail.com, a reference to the above code cock-up, will test whether your web browser correctly rejects a malicious SSL certificate, rather than blindly trust the server is what it says it is.

On Monday, amid the fallout of the SSL bug, Apple CEO Tim Cook reflected on the anniversary of Apple cofounder Steve Jobs' birth, tweeting: "Remembering Steve on his birthday: 'Details matter, it's worth waiting to get it right.'"

For users fearing their passwords and bank account details were about to be put in the hands of crooks, that wait felt like an eternity. ®

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?