Feeds

Apple splats 'new' SSL snooping bug in iOS, OS X - but it's no Heartbleed

Triple-handshake flaw stalks Macs and iThings

Providing a secure and efficient Helpdesk

Apple has squashed a significant security bug in its SSL engine for iOS and OS X as part of a slew of patches for iThings and Macs.

The so-called "triple handshake" flaw quietly emerged yesterday amid panic over OpenSSL's Heartbleed vulnerability, and soon after the embarrassing "goto fail" blunder in iOS and OS X.

Apple's "triple handshake" bug [CVE-2014-1295, advisory] is unrelated to Heartbleed, and nothing like as serious, according to security experts. For one thing, Heartbleed is a problem in OpenSSL versions 1.0.1 to 1.0.1f, whereas Apple uses its own implementation of SSL/TLS, called Secure Transport, and provides an older OpenSSL library just in case.

"Apple ships with OpenSSL 0.9.8, a version that is not affected by Heartbleed," confirmed Wolfgang Kandek, CTO at cloud security firm Qualys, in a blog post.

Matthew Green, a professor of computer science who teaches cryptography at Johns Hopkins University in Maryland, US, commented: "The SSL patch in the new Apple update fixes a subtle issue with client authentication. Not too terrifying."

What is a triple-handshake vulnerability?

In Apple's words, the bug can be exploited thus:

In a 'triple handshake' attack, it was possible for an attacker to establish two connections which had the same encryption keys and handshake, insert the attacker's data in one connection, and renegotiate so that the connections may be forwarded to each other.

To prevent attacks based on this scenario, Secure Transport was changed so that, by default, a renegotiation must present the same server certificate as was presented in the original connection.

This vulnerability was assigned CVE-2014-1295 on 8 January, 2014, and is linked to the triple handshake design flaws in the SSL/TLS protocol that were publicly documented in early March by Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cedric Fournet, Alfredo Pironti and Pierre-Yves Strub (see Register passim).

Apple was privately warned of the vulnerabilities by the aforementioned researchers on 10 January, we're told. Yesterday's security update for Secure Transport "fixes renegotiation and header truncation issues", according to the triple-handshake team; the iPhone maker duly credited the Paris-based researchers in its advisory this week.

"To summarize the attacks briefly, if a TLS client connects to a malicious server and presents a client credential, the server can then impersonate the client at any other server that accepts the same credential," the team wrote on its website about the problem back in March.

In the case of the buggy Secure Transport, a miscreant with access to a router or dodgy Wi-Fi point can sit between, say, a web browser and a HTTPS web server, and potentially read web pages that should otherwise be fully encrypted between the pair, or inject malicious JavaScript into the pages. HTTPS relies on SSL/TLS to protect data in transit from eavesdroppers and tamperers.

(It's worth noting that the developers behind Chrome, Opera, Android, Firefox, and Internet Explorer were also notified of triple-handshake flaws in their software – some as early as October – and have patched, or are patching, accordingly. OpenSSL is "not directly affected", said the researchers.)

OS X update roundup

Apple published updates for Mac OS X 10.7 (Lion), 10.8 (Mountain Lion) and 10.9 (Mavericks) on Tuesday: these tackle a JPEG handling flaw in Mavericks that poses a code injection risk, and a format string issue in the URL handling that poses an identical type of remote-code exception threat in Mac OS X 10.9. Another patch tackles a PDF font parsing vulnerability that can be exploited by hackers to run malware on Mac OS X 10.8 machines.

Lastly, on the desktop front, there're patches for a lesser sandbox escape vulnerability in 10.8 (Mountain Lion) and 10.9 (Mavericks).

Apple also published a new version of iOS, namely version 7.1.1, that addresses some of the same issues. These various updates to Apple's computer and smartphone software, which include performance tweaks, are covered in greater depth in our earlier story here. ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.