The Heartbleed vulnerability in the OpenSSL cryptographic library has dominated cybersecurity news in recent weeks, eclipsing even the much hyped retirement of Microsoft Windows XP. OpenSSL, an open source project staffed by only 10 individuals and run on a limited budget, is used to secure millions of servers, ensuring the integrity of email, e-commerce, online banking and other properties, in many cases for multi-billion dollar companies. Heartbleed obviously has wide-reaching implications, not only for the integrity of the Web, but also for mobile apps – but how much damage did it actually do prior to its discovery and patching?
Heartbleed: A brief refresher
Heartbleed takes advantage of an extension that was added to OpenSSL in December 2011. Called Heartbeat, this feature is meant to extend the life of TLS sessions through a series of verification mechanisms, or heartbeat messages. Properly implemented Heartbeat should facilitate conservation of network resources by reducing the need for session renegotiation.
However, Heartbleed enables leaks from servers using Heartbeat. An attacker can read 64KB of memory at a time without the action being logged by the server and ultimately obtain information that was supposed to have been safe from prying eyes.
"This small chunk of memory could contain user-critical personal information – private keys, usernames, passwords (in cleartext in a lot of cases), credit card information and confidential documents for example," explained Pawan Kinger, Trend Micro director of Deep Security Labs. "The attacker could request this chunk again and again in order to get as much information as they want – and this bug could be exploited by anyone on the Internet, anywhere."
The scope and severity of Heartbleed was debated in the days following its discovery in early April. In an April 11 blog post, CloudFlare's Nick Sullivan stated that, while not impossible, it would be extremely difficult for anyone to make off with a server's private keys by way of Heartbleed. CloudFlare soon issued a challenge to the cybersecurity community, asking them to sniff-out the keys from a demo server. A contributor to the Node.js framework successfully pulled it off while a Cambridge University Ph.D. candidate similarly proved that he could recover RSA private keys.
For end users, the tangible impact from Heartbleed's discovery has been the call to reset all Internet passwords, so as to be safe in the event that someone fished out a working one via server leak. Private key theft, though, is the worst case scenario, since in absence of perfect forward secrecy, the attacker could decrypt all previous traffic and conduct ongoing man-in-the-middle attacks against all future sessions.
How damaging was Heartbleed?
Heartbleed affects only a few versions of OpenSSL, yet it has spurred widespread action from Web companies reliant on at-risk servers. A Trend Micro scan of selected Top Level Domains around the world found that 5 percent of them were vulnerable to Heartbleed, consisting mostly of .kr and .jp domains.
Assessments from other security firms have returned similar results, with a small number of prominent Web properties still in danger. Most have patch their vulnerabilities, however. Targets such as Google, Facebook and Tumblr have done so, while still advising users to change their passwords.
The issue has also spread to mobile devices. Android apps, for instance, may connect to servers that could be affected by Heartbleed. While not dedicated browsing tools such as Google Chrome or Apple Safari, some of these apps have their own internal browsers, blurring the line between mobile software and the Web. That risk is worth noting, not just for the OpenSSL exploit but for future considerations about overall Internet security.
In early April, Trend Micro looked at almost 400,000 apps in Google Play, finding that 1,300 of them connected to at-risk servers. Examples spanned categories such as banking, shopping and payments. The bundled OpenSSL library in Android 4.1.1 was also initially found to be susceptible to Heartbleed, opening up the possibility of an attack on client devices from the server side.
Looking ahead: Heartbleed, the Internet of Everything and the inevitability of software bugs
These weaknesses are all addressable, and the speed with which companies and security experts have acted has been encouraging. Still, the community will have to stay on its toes to protect the emerging Internet of Everything from OpenSSL and future bugs.
Underscoring the risk, Berkeley computer scientist Nicholas Weaver recently stated that Western Digital's My Cloud appliance is just one example of the wide variety of endpoints vulnerable to OpenSSL. Others include printers, video conferencing systems, routers and storage servers. The scale of the threat is daunting, but keeping firmware and software up-to-date can mitigate much of the risk.
"If they don't auto-update, things will be bad bad bad," Weaver told Wired. "If they do auto-update, things will resolve themselves."
At the end of the day, bugs such as Heartbleed are unfortunately inevitable, even with many trained eyes looking at the code in question. Writing for Slate, software engineer David Auerbach explained that the flaw in OpenSSL was due to an all too common issue in the C programming language, with the faulty code contributed by someone who was not part of the project's official staff. He wished that the library could be rewritten in a more secure language, while noting that such a move is unrealistic at this time.
"[U]nknown bugs are a reality, not a hypothetical, and a large part of the work of any security engineer is in minimizing the possibility of them happening," argued Auerbach. "Heartbleed was unusually widespread and unusually severe, but it is hardly one of a kind."
Moreover, Heartbleed is an opportunity to recalibrate the security community's approach and devote more attention to policing widely used open source libraries. After all, Heartbleed follows close on the heels of the GnuTLS exploit. Educating users on password security best practices and the urgency of applying updates automatically (or as soon as possible) will be instrumental in minimizing the impact of Heartbleed and its successors.