Heartbleed: Difference between revisions
GreenC bot (talk | contribs) Move 1 url. Wayback Medic 2.5 per WP:URLREQ#time.com |
|||
(43 intermediate revisions by 32 users not shown) | |||
Line 1: | Line 1: | ||
⚫ | |||
{{short description|Security bug in OpenSSL}} |
{{short description|Security bug in OpenSSL}} |
||
⚫ | |||
{{Use dmy dates|date=January 2021}} |
{{Use dmy dates|date=January 2021}} |
||
{{Infobox bug |
{{Infobox bug |
||
| name = Heartbleed |
| name = Heartbleed |
||
| image = [[File:Heartbleed.svg|180px]] |
| image = [[File:Heartbleed.svg|180px]] |
||
| caption = Logo representing Heartbleed. |
| caption = Logo representing Heartbleed. Awareness and media coverage of Heartbleed was unusually high for a software bug.<ref>{{cite web |url=https://www.kalzumeus.com/2014/04/09/what-heartbleed-can-teach-the-oss-community-about-marketing/ |title=What Heartbleed Can Teach The OSS Community About Marketing |last1=McKenzie |first1=Patrick |date=9 April 2014 |website=Kalzumeus |access-date=8 February 2018 |archive-date=20 December 2017 |archive-url=https://web.archive.org/web/20171220154843/http://www.kalzumeus.com/2014/04/09/what-heartbleed-can-teach-the-oss-community-about-marketing/ |url-status=live}}</ref><ref>{{cite news |url=https://techcrunch.com/2014/04/09/heartbleed-the-first-consumer-grade-exploit/ |title=Heartbleed, The First Security Bug With A Cool Logo |last1=Biggs |first1=John |date=9 April 2014 |work=TechCrunch |access-date=8 February 2018 |language=en |archive-date=11 February 2018 |archive-url=https://web.archive.org/web/20180211091948/https://techcrunch.com/2014/04/09/heartbleed-the-first-consumer-grade-exploit/ |url-status=live}}</ref> |
||
| CVE = [https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160 CVE-2014-0160] |
| CVE = [https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160 CVE-2014-0160] |
||
| CVSS = Base: 7.5 HIGH, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|||
| released = {{Start date and age|df=yes|2012|2|1}} |
| released = {{Start date and age|df=yes|2012|2|1}} |
||
| discovered = {{Start date and age|df=yes|2014|4|1}} |
| discovered = {{Start date and age|df=yes|2014|4|1}} |
||
| patched = {{Start date and age|df=yes|2014|4|7}} |
| patched = {{Start date and age|df=yes|2014|4|7}} |
||
| discoverer = {{unbulleted list|{{ill|Neel Mehta|wd=Q91186256|short=yes}} (Google Security)<ref name="hb"/>|Riku, Antti, and Matti ([[Codenomicon]])<ref name="hb"/><ref name="Pitkänen 2014">{{cite web |last=Pitkänen |first=Perttu |title=Näin suomalaistutkijat löysivät vakavan vuodon internetin sydämestä |website=Ilta-Sanomat |trans-title=This is how Finnish researchers discovered a serious leak in the heart of the internet |date=2014-04-09 |url=https://www.is.fi/digitoday/tietoturva/art-2000001832841.html |language=fi |access-date=2023-10-11}}</ref>}} |
|||
| discoverer = Neel Mehta |
|||
| affected software = [[OpenSSL]] (1.0.1) |
| affected software = [[OpenSSL]] (1.0.1) |
||
| website = {{URL|heartbleed.com}} |
| website = {{URL|heartbleed.com}} |
||
}} |
}} |
||
'''Heartbleed''' |
'''Heartbleed''' is a [[security bug]] in some outdated versions of the [[OpenSSL]] [[cryptography]] library, which is a widely used implementation of the [[Transport Layer Security]] (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed could be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It resulted from improper input validation (due to a missing [[bounds check]]) in the implementation of the TLS [[Heartbeat (computing)|heartbeat]] extension.<ref>{{cite web |url=https://kb.cyberoam.com/default.asp?id=2909 |title=Security Advisory – OpenSSL Heartbleed Vulnerability |date=11 April 2014 |website=Cyberoam |access-date=8 February 2018 |archive-date=8 February 2018 |archive-url=https://web.archive.org/web/20180208124031/https://kb.cyberoam.com/default.asp?id=2909 |url-status=live}}</ref> Thus, the bug's name derived from ''heartbeat''.<ref>{{cite web |url=https://gizmodo.com/how-heartbleed-works-the-code-behind-the-internets-se-1561341209 |title=How Heartbleed Works: The Code Behind the Internet's Security Nightmare |work=Gizmodo |date=9 April 2014 |last1=Limer |first1=Eric |access-date=24 November 2014 |archive-date=11 November 2014 |archive-url=https://web.archive.org/web/20141111073625/http://gizmodo.com/how-heartbleed-works-the-code-behind-the-internets-se-1561341209 |url-status=live}}</ref> The vulnerability was classified as a [[buffer over-read]],<ref name="cve" /> a situation where more data can be read than should be allowed.<ref>{{cite web |url=https://cwe.mitre.org/data/definitions/126.html |title=CWE-126: Buffer Over-read (3.0) |website=Common Vulnerabilities and Exposures |publisher=[[Mitre Corporation|Mitre]] |date=18 January 2018 |language=en |access-date=8 February 2018 |archive-date=8 February 2018 |archive-url=https://web.archive.org/web/20180208124312/https://cwe.mitre.org/data/definitions/126.html |url-status=live}}</ref> |
||
Heartbleed was registered in the [[Common Vulnerabilities and Exposures]] database as {{CVE|2014-0160}}.<ref name="cve">{{cite web |url=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 |title=CVE-2014-0160 |website=Common Vulnerabilities and Exposures |publisher=Mitre |language=en |access-date=8 February 2018 |archive-date=24 January 2018 |archive-url=https://web.archive.org/web/20180124041203/https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160 |url-status=live}}</ref> The federal [[Canadian Cyber Incident Response Centre]] issued a security bulletin advising system administrators about the bug.<ref>{{cite web |url=https://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2014/al14-005-en.aspx |title=AL14-005: OpenSSL Heartbleed Vulnerability |date=11 April 2014 |work=Cyber Security Bulletins |publisher=[[Public Safety Canada]] |language=en |access-date=8 February 2018 |archive-date=8 February 2018 |archive-url=https://web.archive.org/web/20180208124240/https://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2014/al14-005-en.aspx |url-status=live}}</ref> A fixed version of OpenSSL was released on 7 April 2014, on the same day Heartbleed was publicly disclosed.<ref>{{cite web |url=https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3 |title=Add heartbeat extension bounds check |website=git.openssl.org |publisher=[[OpenSSL]] |language=en |access-date=5 March 2019}}</ref> |
Heartbleed was registered in the [[Common Vulnerabilities and Exposures]] database as {{CVE|2014-0160}}.<ref name="cve">{{cite web |url=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 |title=CVE-2014-0160 |website=Common Vulnerabilities and Exposures |publisher=Mitre |language=en |access-date=8 February 2018 |archive-date=24 January 2018 |archive-url=https://web.archive.org/web/20180124041203/https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160 |url-status=live}}</ref> The federal [[Canadian Cyber Incident Response Centre]] issued a security bulletin advising system administrators about the bug.<ref>{{cite web |url=https://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2014/al14-005-en.aspx |title=AL14-005: OpenSSL Heartbleed Vulnerability |date=11 April 2014 |work=Cyber Security Bulletins |publisher=[[Public Safety Canada]] |language=en |access-date=8 February 2018 |archive-date=8 February 2018 |archive-url=https://web.archive.org/web/20180208124240/https://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2014/al14-005-en.aspx |url-status=live}}</ref> A fixed version of OpenSSL was released on 7 April 2014, on the same day Heartbleed was publicly disclosed.<ref>{{cite web |url=https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3 |title=Add heartbeat extension bounds check |website=git.openssl.org |publisher=[[OpenSSL]] |language=en |access-date=5 March 2019}}</ref> |
||
⚫ | System administrators were frequently slow to patch their systems. {{As of|2014|05|20}}, 1.5% of the 800,000 most popular TLS-enabled websites were still vulnerable to |
||
TLS implementations other than OpenSSL, such as [[GnuTLS]], [[Mozilla Foundation|Mozilla]]'s [[Network Security Services]], and the [[Security Support Provider Interface|Windows platform implementation of TLS]], were not affected because the defect existed in the OpenSSL's implementation of TLS rather than in the protocol itself.<ref>{{cite news |url=https://cloudblogs.microsoft.com/microsoftsecure/2014/04/10/microsoft-services-unaffected-by-openssl-heartbleed-vulnerability/ |title=Microsoft Services unaffected by OpenSSL "Heartbleed" vulnerability |last1=Pretorius |first1=Tracey |date=10 April 2014 |publisher=[[Microsoft]] |access-date=8 February 2018 |language=en-US |archive-date=8 February 2018 |archive-url=https://web.archive.org/web/20180208123701/https://cloudblogs.microsoft.com/microsoftsecure/2014/04/10/microsoft-services-unaffected-by-openssl-heartbleed-vulnerability/ |url-status=live}}</ref> |
TLS implementations other than OpenSSL, such as [[GnuTLS]], [[Mozilla Foundation|Mozilla]]'s [[Network Security Services]], and the [[Security Support Provider Interface|Windows platform implementation of TLS]], were not affected because the defect existed in the OpenSSL's implementation of TLS rather than in the protocol itself.<ref>{{cite news |url=https://cloudblogs.microsoft.com/microsoftsecure/2014/04/10/microsoft-services-unaffected-by-openssl-heartbleed-vulnerability/ |title=Microsoft Services unaffected by OpenSSL "Heartbleed" vulnerability |last1=Pretorius |first1=Tracey |date=10 April 2014 |publisher=[[Microsoft]] |access-date=8 February 2018 |language=en-US |archive-date=8 February 2018 |archive-url=https://web.archive.org/web/20180208123701/https://cloudblogs.microsoft.com/microsoftsecure/2014/04/10/microsoft-services-unaffected-by-openssl-heartbleed-vulnerability/ |url-status=live}}</ref> |
||
⚫ | System administrators were frequently slow to patch their systems. {{As of|2014|05|20}}, 1.5% of the 800,000 most popular TLS-enabled websites were still vulnerable to the bug,<ref>{{cite news |url=https://www.theregister.co.uk/2014/05/20/heartbleed_still_prevalent/ |title=AVG on Heartbleed: It's dangerous to go alone. Take this (an AVG tool) |last1=Leyden |first1=John |date=20 May 2014 |work=The Register |access-date=8 February 2018 |language=en |archive-date=23 January 2018 |archive-url=https://web.archive.org/web/20180123214859/https://www.theregister.co.uk/2014/05/20/heartbleed_still_prevalent/ |url-status=live}}</ref> and by {{As of|2014|06|21|bare=yes}}, 309,197 public web servers remained vulnerable.<ref name="Graham-2014-06-21" /> According to a {{As of|2017|01|23|bare=yes}} report<ref name="Shodan-report-DCPO7BkV" /> from [[Shodan (website)|Shodan]], nearly 180,000 internet-connected devices were still vulnerable to the bug,<ref name="Schwartz-2017-01-30" /><ref name="MacVittie-2017-02-02" /> but by {{As of|2017|07|06|bare=yes}}, the number had dropped to 144,000 according to a search performed on shodan.io for the vulnerability.<ref name="Carey-2017-07-10" /> Around two years later, {{As of|2019|07|11|bare=yes}}, Shodan reported<ref name="Shodan-report-2019">{{cite web |date=11 July 2019 |url=https://www.shodan.io/report/0Wew7Zq7 |last1=Shodan |title=[2019] Heartbleed Report |work=[[Shodan (website)|Shodan]] |access-date=11 July 2019 |archive-date=11 July 2019 |archive-url=https://web.archive.org/web/20190711082042/https://www.shodan.io/report/0Wew7Zq7 |url-status=live}}</ref> that 91,063 devices were vulnerable. The U.S. had the most vulnerable devices, with 21,258 (23%), and the 10 countries with the most vulnerable devices had a total of 56,537 vulnerable devices (62%). The remaining countries totaled 34,526 devices (38%). The report also broke the devices down by 10 other categories such as organization (the top 3 were wireless companies), product ([[Apache HTTP Server|Apache httpd]], [[Nginx]]), and service ([[HTTPS]], 81%). |
||
== History == |
== History == |
||
The Heartbeat Extension for the [[Transport Layer Security]] (TLS) and [[Datagram Transport Layer Security]] (DTLS) protocols was proposed as a standard in February 2012 by {{IETF RFC|6520}}.<ref>{{Cite IETF |title=Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension |rfc=6520 |last1=Seggelmann |first1=Robin |last2=Tuexen |first2=Michael |last3=Williams |first3=Michael |publisher=[[Internet Engineering Task Force|IETF]] |date=February 2012 |access-date=8 February 2018 |doi=10.17487/RFC6520 |issn=2070-1721 |language=en}}</ref> It provides a way to test and keep alive secure communication links without the need to renegotiate the connection each time. In 2011, one of the RFC's authors, Robin Seggelmann, then a Ph.D. student at the [[Fachhochschule Münster]], implemented the Heartbeat Extension for OpenSSL. Following Seggelmann's request to put the result of his work into OpenSSL,<ref name="smh">{{cite web |url=https://www.smh.com/it-pro/security-it/man-who-introduced-serious-heartbleed-security-flaw-denies-he-inserted-it-deliberately-20140410-zqta1.html |title=Man who introduced serious 'Heartbleed' security flaw denies he inserted it deliberately |date=11 April 2014 |work=[[The Sydney Morning Herald]] |last1=Grubb |first1=Ben}}</ref><ref>{{cite web |url=http://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=2658 |title=#2658: [PATCH] Add TLS/DTLS Heartbeats |publisher=OpenSSL |year=2011 |access-date=13 April 2014 |archive-date=8 August 2017 |archive-url=https://web.archive.org/web/20170808193401/https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=2658 |url-status=dead}}</ref><ref>{{cite news |url=https://www.theglobeandmail.com/news/national/meet-the-man-that-created-the-bug-that-almost-broke-the-internet/article17941003/ |title=Meet the man who created the bug that almost broke the Internet |newspaper=Globe and Mail |date=11 April 2014 |access-date=27 August 2017 |archive-date=4 January 2018 |archive-url=https://web.archive.org/web/20180104003820/https://www.theglobeandmail.com/news/national/meet-the-man-that-created-the-bug-that-almost-broke-the-internet/article17941003/ |url-status=live}}</ref> his change was reviewed by Stephen N. Henson, one of OpenSSL's four core developers. Henson failed to notice a bug in Seggelmann's implementation, and introduced the flawed code into OpenSSL's source code repository on 31 December 2011. The defect spread with the release of OpenSSL version 1.0.1 on 14 March 2012. Heartbeat support was enabled by default, causing affected versions to be vulnerable.<ref name="hb">{{cite web |title=Heartbleed Bug |date= |
The Heartbeat Extension for the [[Transport Layer Security]] (TLS) and [[Datagram Transport Layer Security]] (DTLS) protocols was proposed as a standard in February 2012 by {{IETF RFC|6520}}.<ref>{{Cite IETF |title=Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension |rfc=6520 |last1=Seggelmann |first1=Robin |last2=Tuexen |first2=Michael |last3=Williams |first3=Michael |publisher=[[Internet Engineering Task Force|IETF]] |date=February 2012 |access-date=8 February 2018 |doi=10.17487/RFC6520 |issn=2070-1721 |language=en}}</ref> It provides a way to test and keep alive secure communication links without the need to renegotiate the connection each time. In 2011, one of the RFC's authors, Robin Seggelmann, then a Ph.D. student at the [[Fachhochschule Münster]], implemented the Heartbeat Extension for OpenSSL. Following Seggelmann's request to put the result of his work into OpenSSL,<ref name="smh">{{cite web |url=https://www.smh.com/it-pro/security-it/man-who-introduced-serious-heartbleed-security-flaw-denies-he-inserted-it-deliberately-20140410-zqta1.html |title=Man who introduced serious 'Heartbleed' security flaw denies he inserted it deliberately |date=11 April 2014 |work=[[The Sydney Morning Herald]] |last1=Grubb |first1=Ben }}{{Dead link|date=August 2023 |bot=InternetArchiveBot |fix-attempted=yes }}</ref><ref>{{cite web |url=http://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=2658 |title=#2658: [PATCH] Add TLS/DTLS Heartbeats |publisher=OpenSSL |year=2011 |access-date=13 April 2014 |archive-date=8 August 2017 |archive-url=https://web.archive.org/web/20170808193401/https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=2658 |url-status=dead}}</ref><ref>{{cite news |url=https://www.theglobeandmail.com/news/national/meet-the-man-that-created-the-bug-that-almost-broke-the-internet/article17941003/ |title=Meet the man who created the bug that almost broke the Internet |newspaper=Globe and Mail |date=11 April 2014 |access-date=27 August 2017 |archive-date=4 January 2018 |archive-url=https://web.archive.org/web/20180104003820/https://www.theglobeandmail.com/news/national/meet-the-man-that-created-the-bug-that-almost-broke-the-internet/article17941003/ |url-status=live}}</ref> his change was reviewed by Stephen N. Henson, one of OpenSSL's four core developers. Henson failed to notice a bug in Seggelmann's implementation, and introduced the flawed code into OpenSSL's source code repository on 31 December 2011. The defect spread with the release of OpenSSL version 1.0.1 on 14 March 2012. Heartbeat support was enabled by default, causing affected versions to be vulnerable.<ref name="hb">{{cite web |title=Heartbleed Bug |date=11 October 2023 |url=http://heartbleed.com/ |access-date=9 April 2014 |archive-date=7 April 2014 |archive-url=https://web.archive.org/web/20140407203519/http://heartbleed.com/ |url-status=live}}</ref><ref>{{cite web |last1=Goodin |first1=Dan |title=Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping |work=Ars Technica |date=8 April 2014 |url=https://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/ |access-date=14 June 2017 |archive-date=5 July 2017 |archive-url=https://web.archive.org/web/20170705141135/https://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/ |url-status=live}}</ref> |
||
=== Discovery === |
=== Discovery === |
||
According to Mark J. Cox of OpenSSL, Neel Mehta of Google's security team privately reported Heartbleed to the OpenSSL team on 1 April 2014 11:09 UTC.<ref>{{cite web |title=Mark J Cox – #Heartbleed |url=https://plus.google.com/+MarkJCox/posts/TmCbp3BhJma |access-date=12 April 2014 |archive-date=16 April 2014 |archive-url=https://web.archive.org/web/20140416090758/https://plus.google.com/+MarkJCox/posts/TmCbp3BhJma |url-status=live}}</ref> |
According to Mark J. Cox of OpenSSL, Neel Mehta of Google's security team privately reported Heartbleed to the OpenSSL team on 1 April 2014 11:09 UTC.<ref>{{cite web |title=Mark J Cox – #Heartbleed |url=https://plus.google.com/+MarkJCox/posts/TmCbp3BhJma |access-date=12 April 2014 |archive-date=16 April 2014 |archive-url=https://web.archive.org/web/20140416090758/https://plus.google.com/+MarkJCox/posts/TmCbp3BhJma |url-status=live}}</ref> |
||
The bug was named by an engineer at Synopsys Software Integrity Group, a Finnish cyber security company that also created the bleeding heart logo and |
The bug was named by an engineer at Synopsys Software Integrity Group, a Finnish cyber security company that also created the bleeding heart logo<ref name="Pitkänen 2014b">{{cite web |last=Pitkänen |first=Perttu |title=Oululaiset sorvasivat nimen ja logon: Näin superbugi tuotteistettiin |trans-title=The people of Oulu turned the name and logo: This is how the superbug was produced |website=Ilta-Sanomat |date=2014-04-10 |url=https://www.is.fi/digitoday/tietoturva/art-2000001832843.html |language=fi |access-date=2023-10-11}}</ref>, designed by a Finnish graphic designer Leena Kurjenniska, and launched an informational website, heartbleed.com.<ref>{{cite news |url=https://www.washingtonpost.com/blogs/style-blog/wp/2014/04/09/why-is-it-called-the-heartbleed-bug/ |title=Why is it called the 'Heartbleed Bug'? |last1=Dewey |first1=Caitlin |access-date=25 November 2014 |archive-date=9 October 2014 |archive-url=https://web.archive.org/web/20141009063758/http://www.washingtonpost.com/blogs/style-blog/wp/2014/04/09/why-is-it-called-the-heartbleed-bug/ |url-status=live |language=en}}</ref> While Google's security team reported Heartbleed to OpenSSL first, both Google and Codenomicon discovered it independently at approximately the same time.<ref>{{cite news |url=https://www.vox.com/cards/heartbleed/who-discovered-the-vulnerability |title=Who discovered the vulnerability? |last1=Lee |first1=Timothy B. |date=10 April 2014 |work=Vox |access-date=4 December 2017 |archive-date=5 December 2017 |archive-url=https://web.archive.org/web/20171205093009/https://www.vox.com/cards/heartbleed/who-discovered-the-vulnerability |url-status=live |language=en}}</ref><ref>{{cite news |url=https://readwrite.com/2014/04/13/heartbleed-security-codenomicon-discovery/ |title=How Codenomicon Found The Heartbleed Bug Now Plaguing The Internet |last1=Lee |first1=Ariana |date=13 April 2014 |work=ReadWrite |access-date=4 December 2017 |language=en-US |quote=Discovered independently by Google engineer Neel Mehta and the Finnish security firm Codenomicon, Heartbleed has been called 'one of the most serious security problems to ever affect the modern web.' |archive-date=5 September 2017 |archive-url=https://web.archive.org/web/20170905234021/https://readwrite.com/2014/04/13/heartbleed-security-codenomicon-discovery/ |url-status=live}}</ref> Codenomicon reports 3 April 2014 as their date of discovery and their date of notification of {{ill|National Cyber Security Centre (Finland)|fi|Kyberturvallisuuskeskus|lt=NCSC-FI}} for vulnerability coordination.<ref>{{cite web |title=Näin suomalaistutkijat löysivät vakavan vuodon internetin sydämestä – transl/Finnish researchers found a serious leakage of the heart of the Internet |url=http://www.digitoday.fi/tietoturva/2014/04/10/nain-suomalaistutkijat-loysivat-vakavan-vuodon-internetin-sydamesta/20145118/66?&n=2#commentsHere |date=10 April 2014 |access-date=13 April 2014 |archive-date=4 November 2014 |archive-url=https://web.archive.org/web/20141104034647/http://www.digitoday.fi/tietoturva/2014/04/10/nain-suomalaistutkijat-loysivat-vakavan-vuodon-internetin-sydamesta/20145118/66?&n=2#commentsHere |url-status=live}}</ref> |
||
At the time of disclosure, some 17% (around half a million) of the Internet's secure web servers certified by [[Certificate authority|trusted authorities]] were believed to be vulnerable to the attack, allowing theft of the servers' [[private key]]s and users' session cookies and passwords.<ref>{{cite web |url=http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html |title=Half a million widely trusted websites vulnerable to Heartbleed bug |last1=Mutton |first1=Paul |date=8 April 2014 |work=Netcraft |access-date=24 November 2014 |archive-date=19 November 2014 |archive-url=https://web.archive.org/web/20141119102520/http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html |url-status=live}}</ref><ref>{{cite news |url=https://www.nytimes.com/2014/04/11/business/security-flaw-could-reach-beyond-websites-to-digital-devices-experts-say.html |title=Heartbleed Flaw Could Reach to Digital Devices, Experts Say |date=11 April 2014 |work=[[New York Times]] |last2=Hardy |first2=Quentin |last1=Perlroth |first1=Nicole |access-date=27 February 2017 |archive-date=28 April 2019 |archive-url=https://web.archive.org/web/20190428235605/https://www.nytimes.com/2014/04/11/business/security-flaw-could-reach-beyond-websites-to-digital-devices-experts-say.html |url-status=live}}</ref><ref>{{cite news |url=http://bits.blogs.nytimes.com/2014/04/09/qa-on-heartbleed-a-flaw-missed-by-the-masses/ |title=Q. and A. on Heartbleed: A Flaw Missed by the Masses |last1=Chen |first1=Brian X. |date=9 April 2014 |work= |
At the time of disclosure, some 17% (around half a million) of the Internet's secure web servers certified by [[Certificate authority|trusted authorities]] were believed to be vulnerable to the attack, allowing theft of the servers' [[private key]]s and users' session cookies and passwords.<ref>{{cite web |url=http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html |title=Half a million widely trusted websites vulnerable to Heartbleed bug |last1=Mutton |first1=Paul |date=8 April 2014 |work=Netcraft |access-date=24 November 2014 |archive-date=19 November 2014 |archive-url=https://web.archive.org/web/20141119102520/http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html |url-status=live}}</ref><ref>{{cite news |url=https://www.nytimes.com/2014/04/11/business/security-flaw-could-reach-beyond-websites-to-digital-devices-experts-say.html |title=Heartbleed Flaw Could Reach to Digital Devices, Experts Say |date=11 April 2014 |work=[[The New York Times]] |last2=Hardy |first2=Quentin |last1=Perlroth |first1=Nicole |access-date=27 February 2017 |archive-date=28 April 2019 |archive-url=https://web.archive.org/web/20190428235605/https://www.nytimes.com/2014/04/11/business/security-flaw-could-reach-beyond-websites-to-digital-devices-experts-say.html |url-status=live}}</ref><ref>{{cite news |url=http://bits.blogs.nytimes.com/2014/04/09/qa-on-heartbleed-a-flaw-missed-by-the-masses/ |title=Q. and A. on Heartbleed: A Flaw Missed by the Masses |last1=Chen |first1=Brian X. |date=9 April 2014 |work=The New York Times |access-date=10 April 2014 |archive-date=12 April 2014 |archive-url=https://web.archive.org/web/20140412021227/http://bits.blogs.nytimes.com/2014/04/09/qa-on-heartbleed-a-flaw-missed-by-the-masses/ |url-status=live}}</ref><ref>{{cite news |url=https://www.nytimes.com/2014/04/10/technology/flaw-calls-for-altering-passwords-experts-say.html |title=Flaw Calls for Altering Passwords, Experts Say |last1=Wood |first1=Molly |date=10 April 2014 |work=The New York Times |access-date=27 February 2017 |archive-date=19 October 2017 |archive-url=https://web.archive.org/web/20171019061550/https://www.nytimes.com/2014/04/10/technology/flaw-calls-for-altering-passwords-experts-say.html |url-status=live}}</ref><ref>{{cite news |url=https://www.nytimes.com/2014/04/10/technology/users-stark-reminder-as-web-grows-it-grows-less-secure.html |title=Users' Stark Reminder: As Web Grows, It Grows Less Secure |last1=Manjoo |first1=Farhad |date=10 April 2014 |work=The New York Times |access-date=27 February 2017 |archive-date=24 February 2018 |archive-url=https://web.archive.org/web/20180224091102/https://www.nytimes.com/2014/04/10/technology/users-stark-reminder-as-web-grows-it-grows-less-secure.html |url-status=live}}</ref> The [[Electronic Frontier Foundation]],<ref>{{cite web |url=https://www.eff.org/deeplinks/2014/04/why-web-needs-perfect-forward-secrecy |title=Why the Web Needs Perfect Forward Secrecy More Than Ever |last1=Zhu |first1=Yan |date=8 April 2014 |publisher=[[Electronic Frontier Foundation]] |access-date=10 April 2014 |archive-date=20 December 2017 |archive-url=https://web.archive.org/web/20171220154916/https://www.eff.org/deeplinks/2014/04/why-web-needs-perfect-forward-secrecy |url-status=live}}</ref> [[Ars Technica]],<ref>{{cite web |url=https://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/ |title=Critical crypto bug exposes Yahoo Mail, other passwords Russian roulette-style |last1=Goodin |first1=Dan |date=8 April 2014 |publisher=Ars Technica |access-date=14 June 2017 |archive-date=14 July 2017 |archive-url=https://web.archive.org/web/20170714122625/https://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/ |url-status=live}}</ref> and [[Bruce Schneier]]<ref>{{cite web |url=https://www.schneier.com/blog/archives/2014/04/heartbleed.html |title=Schneier on Security: Heartbleed |date=11 April 2014 |work=Schneier on Security |access-date=10 April 2014 |archive-date=23 December 2017 |archive-url=https://web.archive.org/web/20171223233638/https://www.schneier.com/blog/archives/2014/04/heartbleed.html |url-status=live}}</ref> all deemed the Heartbleed bug "catastrophic". ''[[Forbes]]'' cybersecurity columnist Joseph Steinberg wrote:{{blockquote|Some might argue that Heartbleed is the worst vulnerability found (at least in terms of its potential impact) since commercial traffic began to flow on the Internet.<ref>{{cite web |url=https://www.forbes.com/sites/josephsteinberg/2014/04/10/massive-internet-security-vulnerability-you-are-at-risk-what-you-need-to-do/ |title=Massive Internet Security Vulnerability – Here's What You Need To Do |last1=Steinberg |first1=Joseph |work=[[Forbes]] |date=10 April 2014 |access-date=29 August 2017 |archive-date=4 January 2018 |archive-url=https://web.archive.org/web/20180104003753/https://www.forbes.com/sites/josephsteinberg/2014/04/10/massive-internet-security-vulnerability-you-are-at-risk-what-you-need-to-do/ |url-status=live}}</ref>}} |
||
An unidentified UK Cabinet Office spokesman recommended that: {{blockquote|People should take advice on changing passwords from the websites they use. |
|||
Most websites have corrected the bug and are best placed to advise what action, if any, people need to take.<ref>{{cite web |last1=Kelion |first1=Leo |url=https://www.bbc.com/news/technology-26985818 |title=US government warns of Heartbleed bug danger |work=BBC News |date=11 April 2014 |access-date=21 June 2018 |archive-date=6 December 2018 |archive-url=https://web.archive.org/web/20181206170223/https://www.bbc.com/news/technology-26985818 |url-status=live}}</ref>}} On the day of disclosure, [[The Tor Project]] advised: {{ |
Most websites have corrected the bug and are best placed to advise what action, if any, people need to take.<ref>{{cite web |last1=Kelion |first1=Leo |url=https://www.bbc.com/news/technology-26985818 |title=US government warns of Heartbleed bug danger |work=BBC News |date=11 April 2014 |access-date=21 June 2018 |archive-date=6 December 2018 |archive-url=https://web.archive.org/web/20181206170223/https://www.bbc.com/news/technology-26985818 |url-status=live}}</ref>}} On the day of disclosure, [[The Tor Project]] advised: {{blockquote|If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.<ref name="tor">{{cite news |title=OpenSSL bug CVE-2014-0160 |url=https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 |publisher=Tor Project |date=7 April 2014 |access-date=9 April 2014 |archive-date=10 July 2017 |archive-url=https://web.archive.org/web/20170710101031/https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 |url-status=live}}</ref>}} |
||
''[[The Sydney Morning Herald]]'' published a timeline of the discovery on 15 April 2014, showing that some organizations had been able to patch the bug before its public disclosure. In some cases, it is not clear how they found out.<ref>{{cite news |last1=Grubb |first1=Ben |url=https://www.smh.com.au/it-pro/security-it/heartbleed-disclosure-timeline-who-knew-what-and-when-20140415-zqurk.html |work=The Sydney Morning Herald |title=Heartbleed disclosure timeline: who knew what and when |date=14 April 2014 |access-date=25 November 2014 |archive-date=25 November 2014 |archive-url=https://web.archive.org/web/20141125191721/http://www.smh.com.au/it-pro/security-it/heartbleed-disclosure-timeline-who-knew-what-and-when-20140415-zqurk.html |url-status=live |language=en}}</ref> |
''[[The Sydney Morning Herald]]'' published a timeline of the discovery on 15 April 2014, showing that some organizations had been able to patch the bug before its public disclosure. In some cases, it is not clear how they found out.<ref>{{cite news |last1=Grubb |first1=Ben |url=https://www.smh.com.au/it-pro/security-it/heartbleed-disclosure-timeline-who-knew-what-and-when-20140415-zqurk.html |work=The Sydney Morning Herald |title=Heartbleed disclosure timeline: who knew what and when |date=14 April 2014 |access-date=25 November 2014 |archive-date=25 November 2014 |archive-url=https://web.archive.org/web/20141125191721/http://www.smh.com.au/it-pro/security-it/heartbleed-disclosure-timeline-who-knew-what-and-when-20140415-zqurk.html |url-status=live |language=en}}</ref> |
||
Line 45: | Line 45: | ||
According to [[Netcraft]], about 30,000 of the 500,000+ X.509 certificates which could have been compromised due to Heartbleed had been reissued by 11 April 2014, although fewer had been revoked.<ref>{{cite web |url=http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html |title=Heartbleed certificate revocation tsunami yet to arrive |work=Netcraft |date=11 April 2014 |access-date=24 April 2014 |archive-date=29 May 2014 |archive-url=https://web.archive.org/web/20140529075149/http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html |url-status=live}}</ref> |
According to [[Netcraft]], about 30,000 of the 500,000+ X.509 certificates which could have been compromised due to Heartbleed had been reissued by 11 April 2014, although fewer had been revoked.<ref>{{cite web |url=http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html |title=Heartbleed certificate revocation tsunami yet to arrive |work=Netcraft |date=11 April 2014 |access-date=24 April 2014 |archive-date=29 May 2014 |archive-url=https://web.archive.org/web/20140529075149/http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html |url-status=live}}</ref> |
||
By 9 May 2014, only 43% of affected web sites had reissued their security certificates. In addition, 7% of the reissued security certificates used the potentially compromised keys. Netcraft stated:{{ |
By 9 May 2014, only 43% of affected web sites had reissued their security certificates. In addition, 7% of the reissued security certificates used the potentially compromised keys. Netcraft stated:{{blockquote|By reusing the same private key, a site that was affected by the Heartbleed bug still faces exactly the same risks as those that have not yet replaced their [[SSL certificates]].<ref name="Netcraft">{{cite web |url=https://news.netcraft.com/archives/2014/05/09/keys-left-unchanged-in-many-heartbleed-replacement-certificates.html |title=Keys left unchanged in many Heartbleed replacement certificates! |work=Netcraft |date=9 May 2014 |access-date=11 September 2016 |last1=Mutton |first1=Paul |language=en |archive-date=27 August 2016 |archive-url=https://web.archive.org/web/20160827220831/https://news.netcraft.com/archives/2014/05/09/keys-left-unchanged-in-many-heartbleed-replacement-certificates.html |url-status=live}}</ref>}} |
||
eWeek said, "[Heartbleed is] likely to remain a risk for months, if not years, to come."<ref>{{cite news |last1=Kerner |first1=Sean Michael |title=Heartbleed Still a Threat to Hundreds of Thousands of Servers |url=http://www.eweek.com/security/heartbleed-still-a-threat-to-hundreds-of-thousands-of-servers.html |archive-url=https://archive.today/20140511032609/http://www.eweek.com/security/heartbleed-still-a-threat-to-hundreds-of-thousands-of-servers.html |url-status=dead |archive-date=11 May 2014 |work=[[ |
''[[eWeek]]'' said, "[Heartbleed is] likely to remain a risk for months, if not years, to come."<ref>{{cite news |last1=Kerner |first1=Sean Michael |title=Heartbleed Still a Threat to Hundreds of Thousands of Servers |url=http://www.eweek.com/security/heartbleed-still-a-threat-to-hundreds-of-thousands-of-servers.html |archive-url=https://archive.today/20140511032609/http://www.eweek.com/security/heartbleed-still-a-threat-to-hundreds-of-thousands-of-servers.html |url-status=dead |archive-date=11 May 2014 |work=[[eWeek]] |date=10 May 2014 }}</ref> |
||
[[Cloudflare]] revoked all TLS certificates and estimated that publishing its [[Certificate revocation list]] would cost the issuer, [[GlobalSign]], $400,000 per month that year.<ref>{{cite web |title=The hidden costs of Heartbleed |url=https://blog.cloudflare.com/the-hard-costs-of-heartbleed/ |archive-date=30 April 2016 |archive-url=https://archive.today/20160430071928/https://blog.cloudflare.com/the-hard-costs-of-heartbleed/ |date=17 Apr 2014 |last=Prince |first=Matthew |work=Cloudflare}}</ref> |
|||
=== Exploitation === |
=== Exploitation === |
||
The [[Canada Revenue Agency]] reported a theft of [[ |
The [[Canada Revenue Agency]] reported a theft of [[social insurance number]]s belonging to 900 taxpayers, and said that they were accessed through an exploit of the bug during a 6-hour period on 8 April 2014.<ref>{{cite news |title=Heartbleed bug: 900 SINs stolen from Revenue Canada |url=http://www.cbc.ca/news/business/heartbleed-bug-rcmp-asked-revenue-canada-to-delay-news-of-sin-thefts-1.2609192 |date=14 April 2014 |last1=Evans |first1=Pete |work=CBC News |access-date=4 November 2014 |archive-date=14 March 2018 |archive-url=https://web.archive.org/web/20180314070302/http://www.cbc.ca/news/business/heartbleed-bug-rcmp-asked-revenue-canada-to-delay-news-of-sin-thefts-1.2609192 |url-status=live}} Some of the details are in the video linked from the page.</ref> After the discovery of the attack, the agency shut down its website and extended the taxpayer filing deadline from 30 April to 5 May.<ref>{{cite news |title=Canada Revenue Agency pushes tax deadline to May 5 after Heartbleed bug |url=http://www.ilstv.com/canada-revenue-agency-pushes-tax-deadline-to-may-5-after-heartbleed-bug/ |access-date=4 November 2014 |date=14 April 2014 |archive-url=https://web.archive.org/web/20141104062708/http://www.ilstv.com/canada-revenue-agency-pushes-tax-deadline-to-may-5-after-heartbleed-bug/ |archive-date=4 November 2014 |url-status=dead}}</ref> The agency said it would provide credit protection services at no cost to anyone affected. On 16 April, the [[Royal Canadian Mounted Police#National|RCMP]] announced they had charged a computer science student in relation to the theft with ''unauthorized use of a computer'' and ''mischief in relation to data''.<ref>{{cite news |url=http://www.cbc.ca/news/politics/stephen-arthuro-solis-reyes-charged-in-heartbleed-related-sin-theft-1.2612526 |title=Heartbleed bug accused charged by RCMP after SIN breach |last1=Thibedeau |first1=Hannah |date=16 April 2014 |work=CBC News |access-date=4 November 2014 |archive-date=28 October 2014 |archive-url=https://web.archive.org/web/20141028191638/http://www.cbc.ca/news/politics/stephen-arthuro-solis-reyes-charged-in-heartbleed-related-sin-theft-1.2612526 |url-status=live}}</ref><ref>{{cite news |url=https://www.bbc.com/news/technology-27058143 |title=Heartbleed hack case sees first arrest in Canada |work=BBC News |date=16 April 2014 |access-date=21 June 2018 |archive-date=23 May 2018 |archive-url=https://web.archive.org/web/20180523010721/http://www.bbc.com/news/technology-27058143 |url-status=live}}</ref> |
||
The UK parenting site [[Mumsnet]] had several user accounts hijacked, and its CEO was impersonated.<ref name="bbc-mumsnet" /> The site later published an explanation of the incident saying it was due to Heartbleed and the technical staff patched it promptly.<ref>{{cite web |url=http://www.mumsnet.com/features/mumsnet-and-heartbleed-as-it-happened |title=Mumsnet and Heartbleed as it happened |work=Mumsnet |access-date=17 April 2014 |archive-url=https://web.archive.org/web/20171229112220/https://www.mumsnet.com/features/mumsnet-and-heartbleed-as-it-happened |archive-date=29 December 2017 |url-status=dead |language=en}}</ref> |
The UK parenting site [[Mumsnet]] had several user accounts hijacked, and its CEO was impersonated.<ref name="bbc-mumsnet" /> The site later published an explanation of the incident saying it was due to Heartbleed and the technical staff patched it promptly.<ref>{{cite web |url=http://www.mumsnet.com/features/mumsnet-and-heartbleed-as-it-happened |title=Mumsnet and Heartbleed as it happened |work=Mumsnet |access-date=17 April 2014 |archive-url=https://web.archive.org/web/20171229112220/https://www.mumsnet.com/features/mumsnet-and-heartbleed-as-it-happened |archive-date=29 December 2017 |url-status=dead |language=en}}</ref> |
||
Line 55: | Line 57: | ||
Anti-malware researchers also exploited Heartbleed to their own advantage in order to access secret forums used by cybercriminals.<ref>{{cite web |last1=Ward |first1=Mark |title=Heartbleed used to uncover data from cyber-criminals |url=https://www.bbc.com/news/technology-27203766 |work=BBC News |date=29 April 2014 |access-date=21 June 2018 |archive-date=14 May 2018 |archive-url=https://web.archive.org/web/20180514175601/http://www.bbc.com/news/technology-27203766 |url-status=live}}</ref> Studies were also conducted by deliberately setting up vulnerable machines. For example, on 12 April 2014, at least two independent researchers were able to steal [[private key]]s from an experimental server intentionally set up for that purpose by [[CloudFlare]].<ref>{{cite web |url=https://www.engadget.com/2014/04/11/heartbleed-openssl-cloudflare-challenge/ |title=Cloudflare Challenge proves 'worst case scenario' for Heartbleed is actually possible |work=Engadget |last1=Lawler |first1=Richard |date=11 April 2014 |language=en |access-date=29 August 2017 |archive-date=29 December 2017 |archive-url=https://web.archive.org/web/20171229052232/https://www.engadget.com/2014/04/11/heartbleed-openssl-cloudflare-challenge/ |url-status=live}}</ref><ref>{{cite web |url=https://www.cloudflarechallenge.com/heartbleed |title=The Heartbleed Challenge |year=2014 |publisher=[[CloudFlare]] |url-status=dead |archive-url=https://web.archive.org/web/20140412234126/https://www.cloudflarechallenge.com/heartbleed |archive-date=12 April 2014}}</ref> Also, on 15 April 2014, [[J. Alex Halderman]], a professor at [[University of Michigan]], reported that his [[Honeypot (computing)|honeypot]] server, an intentionally vulnerable server designed to attract attacks in order to study them, had received numerous attacks originating from China. Halderman concluded that because it was a fairly obscure server, these attacks were probably sweeping attacks affecting large areas of the Internet.<ref>{{cite web |last1=Robertson |first1=Jordan |url=https://www.smh.com.au/it-pro/security-it/hackers-from-china-waste-little-time-in-exploiting-heartbleed-20140416-zqvkd.html |title=Hackers from China waste little time in exploiting Heartbleed |work=The Sydney Morning Herald |date=16 April 2014 |access-date=16 April 2020 |archive-date=28 December 2017 |archive-url=https://web.archive.org/web/20171228232557/http://www.smh.com.au/it-pro/security-it/hackers-from-china-waste-little-time-in-exploiting-heartbleed-20140416-zqvkd.html |url-status=live}}</ref> |
Anti-malware researchers also exploited Heartbleed to their own advantage in order to access secret forums used by cybercriminals.<ref>{{cite web |last1=Ward |first1=Mark |title=Heartbleed used to uncover data from cyber-criminals |url=https://www.bbc.com/news/technology-27203766 |work=BBC News |date=29 April 2014 |access-date=21 June 2018 |archive-date=14 May 2018 |archive-url=https://web.archive.org/web/20180514175601/http://www.bbc.com/news/technology-27203766 |url-status=live}}</ref> Studies were also conducted by deliberately setting up vulnerable machines. For example, on 12 April 2014, at least two independent researchers were able to steal [[private key]]s from an experimental server intentionally set up for that purpose by [[CloudFlare]].<ref>{{cite web |url=https://www.engadget.com/2014/04/11/heartbleed-openssl-cloudflare-challenge/ |title=Cloudflare Challenge proves 'worst case scenario' for Heartbleed is actually possible |work=Engadget |last1=Lawler |first1=Richard |date=11 April 2014 |language=en |access-date=29 August 2017 |archive-date=29 December 2017 |archive-url=https://web.archive.org/web/20171229052232/https://www.engadget.com/2014/04/11/heartbleed-openssl-cloudflare-challenge/ |url-status=live}}</ref><ref>{{cite web |url=https://www.cloudflarechallenge.com/heartbleed |title=The Heartbleed Challenge |year=2014 |publisher=[[CloudFlare]] |url-status=dead |archive-url=https://web.archive.org/web/20140412234126/https://www.cloudflarechallenge.com/heartbleed |archive-date=12 April 2014}}</ref> Also, on 15 April 2014, [[J. Alex Halderman]], a professor at [[University of Michigan]], reported that his [[Honeypot (computing)|honeypot]] server, an intentionally vulnerable server designed to attract attacks in order to study them, had received numerous attacks originating from China. Halderman concluded that because it was a fairly obscure server, these attacks were probably sweeping attacks affecting large areas of the Internet.<ref>{{cite web |last1=Robertson |first1=Jordan |url=https://www.smh.com.au/it-pro/security-it/hackers-from-china-waste-little-time-in-exploiting-heartbleed-20140416-zqvkd.html |title=Hackers from China waste little time in exploiting Heartbleed |work=The Sydney Morning Herald |date=16 April 2014 |access-date=16 April 2020 |archive-date=28 December 2017 |archive-url=https://web.archive.org/web/20171228232557/http://www.smh.com.au/it-pro/security-it/hackers-from-china-waste-little-time-in-exploiting-heartbleed-20140416-zqvkd.html |url-status=live}}</ref> |
||
In August 2014, it was made public that the Heartbleed vulnerability enabled hackers to steal security keys from [[Community Health Systems]], the second-biggest for-profit U.S. hospital chain in the United States, compromising the confidentiality of 4.5 million patient records. The breach happened a week after Heartbleed was first made public.<ref>{{cite |
In August 2014, it was made public that the Heartbleed vulnerability enabled hackers to steal security keys from [[Community Health Systems]], the second-biggest for-profit U.S. hospital chain in the United States, compromising the confidentiality of 4.5 million patient records. The breach happened a week after Heartbleed was first made public.<ref>{{cite magazine |url=https://time.com/3148773/report-devastating-heartbleed-flaw-was-used-in-hospital-hack/ |title=Report: Devastating Heartbleed Flaw Was Used in Hospital Hack |magazine=[[Time (magazine)|Time]] |last1=Frizell |first1=Sam |date=20 August 2014 |access-date=7 October 2014 |archive-date=7 October 2014 |archive-url=https://web.archive.org/web/20141007180516/http://time.com/3148773/report-devastating-heartbleed-flaw-was-used-in-hospital-hack/ |url-status=live}}</ref> |
||
==== Possible prior knowledge and exploitation ==== |
==== Possible prior knowledge and exploitation ==== |
||
Line 62: | Line 64: | ||
Based on examinations of audit logs by researchers, it has been reported that some attackers may have exploited the flaw for at least five months before discovery and announcement.<ref>{{cite web |first1=Sean |last1=Gallagher |title=Heartbleed vulnerability may have been exploited months before patch |url=https://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/ |work=[[Ars Technica]] |date=9 April 2014 |access-date=14 June 2017 |archive-date=3 March 2017 |archive-url=https://web.archive.org/web/20170303080855/https://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/ |url-status=live}}</ref><ref>{{cite web |last1=Eckersley |first1=Peter |title=Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013? |date=10 April 2014 |url=https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013 |publisher=Eff.org |access-date=25 November 2014 |archive-date=5 December 2014 |archive-url=https://web.archive.org/web/20141205224133/https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013 |url-status=live}}</ref> Errata Security pointed out that a widely used non-malicious program called ''Masscan'', introduced six months before Heartbleed's disclosure, abruptly terminates the connection in the middle of handshaking in the same way as Heartbleed, generating the same server log messages, adding "Two new things producing the same error messages might seem like the two are correlated, but of course, they aren't.<ref>{{cite web |last1=Graham |first1=Robert |title=No, we weren't scanning for hearbleed before April 7 |url=http://blog.erratasec.com/2014/04/no-we-werent-scanning-for-hearbleed.html |publisher=Errata Security |date=April 9, 2014 |access-date=10 April 2014 |archive-date=16 October 2017 |archive-url=https://web.archive.org/web/20171016070027/http://blog.erratasec.com/2014/04/no-we-werent-scanning-for-hearbleed.html |url-status=live}}</ref>" |
Based on examinations of audit logs by researchers, it has been reported that some attackers may have exploited the flaw for at least five months before discovery and announcement.<ref>{{cite web |first1=Sean |last1=Gallagher |title=Heartbleed vulnerability may have been exploited months before patch |url=https://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/ |work=[[Ars Technica]] |date=9 April 2014 |access-date=14 June 2017 |archive-date=3 March 2017 |archive-url=https://web.archive.org/web/20170303080855/https://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/ |url-status=live}}</ref><ref>{{cite web |last1=Eckersley |first1=Peter |title=Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013? |date=10 April 2014 |url=https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013 |publisher=Eff.org |access-date=25 November 2014 |archive-date=5 December 2014 |archive-url=https://web.archive.org/web/20141205224133/https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013 |url-status=live}}</ref> Errata Security pointed out that a widely used non-malicious program called ''Masscan'', introduced six months before Heartbleed's disclosure, abruptly terminates the connection in the middle of handshaking in the same way as Heartbleed, generating the same server log messages, adding "Two new things producing the same error messages might seem like the two are correlated, but of course, they aren't.<ref>{{cite web |last1=Graham |first1=Robert |title=No, we weren't scanning for hearbleed before April 7 |url=http://blog.erratasec.com/2014/04/no-we-werent-scanning-for-hearbleed.html |publisher=Errata Security |date=April 9, 2014 |access-date=10 April 2014 |archive-date=16 October 2017 |archive-url=https://web.archive.org/web/20171016070027/http://blog.erratasec.com/2014/04/no-we-werent-scanning-for-hearbleed.html |url-status=live}}</ref>" |
||
According to [[Bloomberg News]], two unnamed insider sources informed it that the United States' [[National Security Agency]] had been aware of the flaw since shortly after its appearance but{{mdashb}}instead of reporting it{{mdashb}}kept it secret among other unreported [[Zero-day attack|zero-day]] vulnerabilities in order to exploit it for the NSA's own purposes.<ref>{{cite web |last1=Riley |first1=Michael |url=https://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html |title=NSA Said to Exploit Heartbleed Bug for Intelligence for Years |work=Bloomberg |date=12 April 2014 |access-date=7 March 2017 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411231431/http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html |url-status=live}}</ref><ref>{{cite news |url=https://www.usatoday.com/story/tech/2014/04/11/heartbleed-cisco-juniper/7589759/ |last1=Molina |first1=Brett |title=Report: NSA exploited Heartbleed for years |work=[[USA Today]] |access-date=11 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411165801/http://www.usatoday.com/story/tech/2014/04/11/heartbleed-cisco-juniper/7589759/ |url-status=live}}</ref><ref>{{cite news |url=http://business.financialpost.com/2014/04/11/nsa-exploited-heartbleed-bug-for-two-years-to-gather-intelligence-sources-say/ |title=NSA exploited Heartbleed bug for two years to gather intelligence, sources say |last1=Riley |first1=Michael |work=[[Financial Post]] |access-date=11 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411223457/http://business.financialpost.com/2014/04/11/nsa-exploited-heartbleed-bug-for-two-years-to-gather-intelligence-sources-say/ |url-status=live}}</ref> The NSA has denied this claim,<ref>{{cite web |url=http://icontherecord.tumblr.com/post/82416436703/statement-on-bloomberg-news-story-that-nsa-knew |title=Statement on Bloomberg News story that NSA knew about the 'Heartbleed bug' flaw and regularly used it to gather critical intelligence |date=11 April 2014 |publisher=[[National Security Agency]] |access-date=13 April 2014 |archive-date=27 December 2017 |archive-url=https://web.archive.org/web/20171227092916/https://icontherecord.tumblr.com/post/82416436703/statement-on-bloomberg-news-story-that-nsa-knew |url-status=live}}</ref> as has [[Richard A. Clarke]], a member of the [[Director of National Intelligence Review Group on Intelligence and Communications Technologies|National Intelligence Review Group on Intelligence and Communications Technologies]] that reviewed the United States' electronic surveillance policy; he told Reuters on 11 April 2014 that the NSA had not known of Heartbleed.<ref>{{cite news |title=White House, spy agencies deny NSA exploited 'Heartbleed' bug |url=https://www.reuters.com/article/us-cybersecurity-internet-bug-nsa-idUSBREA3A1XD20140411 |newspaper=Reuters |date=11 April 2014 |last1=Hosenball |first1=Mark |last2=Dunham |first2=Will |access-date=1 July 2017 |archive-date=15 April 2014 |archive-url=https://web.archive.org/web/20140415175914/http://www.reuters.com/article/2014/04/11/us-cybersecurity-internet-bug-nsa-idUSBREA3A1XD20140411 |url-status=live}}</ref> The allegation prompted the American government to make, for the first time, a public statement on its zero-day vulnerabilities policy, accepting the recommendation of the review group's 2013 report that had asserted "in almost all instances, for widely used code, it is in the national interest to eliminate software vulnerabilities rather than to use them for US intelligence collection", and saying that the decision to withhold should move from the NSA to the White House.<ref>{{cite magazine |last1=Zetter |first1=Kim |title=U.S. Gov Insists It Doesn't Stockpile Zero-Day Exploits to Hack Enemies |magazine=Wired |url=https://www.wired.com/2014/11/michael-daniel-no-zero-day-stockpile/ |publisher=wired.com |access-date=25 November 2014 |archive-date=29 November 2014 |archive-url=https://web.archive.org/web/20141129023429/http://www.wired.com/2014/11/michael-daniel-no-zero-day-stockpile/ |url-status=live}}</ref> |
According to [[Bloomberg News]], two unnamed insider sources informed it that the United States' [[National Security Agency]] had been aware of the flaw since shortly after its appearance but{{mdashb}}instead of reporting it{{mdashb}}kept it secret among other unreported [[Zero-day attack|zero-day]] vulnerabilities in order to exploit it for the NSA's own purposes.<ref>{{cite web |last1=Riley |first1=Michael |url=https://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html |title=NSA Said to Exploit Heartbleed Bug for Intelligence for Years |work=Bloomberg |date=12 April 2014 |access-date=7 March 2017 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411231431/http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html |url-status=live}}</ref><ref>{{cite news |url=https://www.usatoday.com/story/tech/2014/04/11/heartbleed-cisco-juniper/7589759/ |last1=Molina |first1=Brett |title=Report: NSA exploited Heartbleed for years |work=[[USA Today]] |access-date=11 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411165801/http://www.usatoday.com/story/tech/2014/04/11/heartbleed-cisco-juniper/7589759/ |url-status=live}}</ref><ref>{{cite news |url=http://business.financialpost.com/2014/04/11/nsa-exploited-heartbleed-bug-for-two-years-to-gather-intelligence-sources-say/ |title=NSA exploited Heartbleed bug for two years to gather intelligence, sources say |last1=Riley |first1=Michael |work=[[Financial Post]] |access-date=11 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411223457/http://business.financialpost.com/2014/04/11/nsa-exploited-heartbleed-bug-for-two-years-to-gather-intelligence-sources-say/ |url-status=live}}</ref> The NSA has denied this claim,<ref>{{cite web |url=http://icontherecord.tumblr.com/post/82416436703/statement-on-bloomberg-news-story-that-nsa-knew |title=Statement on Bloomberg News story that NSA knew about the 'Heartbleed bug' flaw and regularly used it to gather critical intelligence |date=11 April 2014 |publisher=[[National Security Agency]] |access-date=13 April 2014 |archive-date=27 December 2017 |archive-url=https://web.archive.org/web/20171227092916/https://icontherecord.tumblr.com/post/82416436703/statement-on-bloomberg-news-story-that-nsa-knew |url-status=live}}</ref> as has [[Richard A. Clarke]], a member of the [[Director of National Intelligence Review Group on Intelligence and Communications Technologies|National Intelligence Review Group on Intelligence and Communications Technologies]] that reviewed the United States' electronic surveillance policy; he told Reuters on 11 April 2014 that the NSA had not known of Heartbleed.<ref>{{cite news |title=White House, spy agencies deny NSA exploited 'Heartbleed' bug |url=https://www.reuters.com/article/us-cybersecurity-internet-bug-nsa-idUSBREA3A1XD20140411 |newspaper=Reuters |date=11 April 2014 |last1=Hosenball |first1=Mark |last2=Dunham |first2=Will |access-date=1 July 2017 |archive-date=15 April 2014 |archive-url=https://web.archive.org/web/20140415175914/http://www.reuters.com/article/2014/04/11/us-cybersecurity-internet-bug-nsa-idUSBREA3A1XD20140411 |url-status=live}}</ref> The allegation prompted the American government to make, for the first time, a public statement on its zero-day vulnerabilities policy, accepting the recommendation of the review group's 2013 report that had asserted "in almost all instances, for widely used code, it is in the national interest to eliminate software vulnerabilities rather than to use them for US intelligence collection", and saying that the decision to withhold should move from the NSA to the White House.<ref>{{cite magazine |last1=Zetter |first1=Kim |title=U.S. Gov Insists It Doesn't Stockpile Zero-Day Exploits to Hack Enemies |magazine=[[Wired (magazine)|Wired]] |url=https://www.wired.com/2014/11/michael-daniel-no-zero-day-stockpile/ |publisher=wired.com |access-date=25 November 2014 |archive-date=29 November 2014 |archive-url=https://web.archive.org/web/20141129023429/http://www.wired.com/2014/11/michael-daniel-no-zero-day-stockpile/ |url-status=live}}</ref> |
||
== Behavior == |
== Behavior == |
||
Line 73: | Line 75: | ||
=== Affected OpenSSL installations === |
=== Affected OpenSSL installations === |
||
The affected versions of OpenSSL are OpenSSL 1.0.1 through 1.0.1f (inclusive). Subsequent versions (1.0.1g<ref>{{cite web |title=git.openssl.org Git – openssl.git/log |url=https://git.openssl.org/gitweb/?p=openssl.git;a=log;h=refs/tags/OpenSSL_1_0_1g |website=git.openssl.org |access-date=25 November 2014 |url-status=dead |archive-url=https://web.archive.org/web/20140415193656/https://git.openssl.org/gitweb/?p=openssl.git%3Ba%3Dlog%3Bh%3Drefs%2Ftags%2FOpenSSL_1_0_1g |archive-date=15 April 2014}}</ref> and later) and previous versions (1.0.0 branch and older) are |
The affected versions of OpenSSL are OpenSSL 1.0.1 through 1.0.1f (inclusive). Subsequent versions (1.0.1g<ref>{{cite web |title=git.openssl.org Git – openssl.git/log |url=https://git.openssl.org/gitweb/?p=openssl.git;a=log;h=refs/tags/OpenSSL_1_0_1g |website=git.openssl.org |access-date=25 November 2014 |url-status=dead |archive-url=https://web.archive.org/web/20140415193656/https://git.openssl.org/gitweb/?p=openssl.git%3Ba%3Dlog%3Bh%3Drefs%2Ftags%2FOpenSSL_1_0_1g |archive-date=15 April 2014}}</ref> and later) and previous versions (1.0.0 branch and older) are not vulnerable.<ref>{{cite web |url=http://community.spiceworks.com/topic/474704-cyberoam-users-need-not-bleed-over-heartbleed-exploit |title=Spiceworks Community Discussions |access-date=11 April 2014 |publisher=community.spiceworks.com |archive-date=15 April 2014 |archive-url=https://web.archive.org/web/20140415183620/http://community.spiceworks.com/topic/474704-cyberoam-users-need-not-bleed-over-heartbleed-exploit |url-status=live}}</ref> Installations of the affected versions are vulnerable unless OpenSSL was compiled with ''-DOPENSSL_NO_HEARTBEATS''.<ref>{{cite web |title=OpenSSL Security Advisory [07 Apr 2014] |url=https://www.openssl.org/news/secadv_20140407.txt |work=The OpenSSL Project |date=7 April 2014 |access-date=9 April 2014 |archive-date=8 April 2014 |archive-url=https://web.archive.org/web/20140408195036/https://www.openssl.org/news/secadv_20140407.txt |url-status=live}}</ref><ref>{{cite web |title=OpenSSL versions and vulnerability [9 April 2014] |url=https://blogs.comodo.com/e-commerce/heartbleed-bug-comodo-urges-openssl-users-to-apply-patch/ |access-date=9 April 2014 |website=Comodo |archive-url=https://web.archive.org/web/20140705212748/https://blogs.comodo.com/e-commerce/heartbleed-bug-comodo-urges-openssl-users-to-apply-patch/ |archive-date=5 July 2014 |url-status=dead}}</ref> |
||
==== Vulnerable program and function ==== |
==== Vulnerable program and function ==== |
||
Line 79: | Line 81: | ||
=== Patch === |
=== Patch === |
||
The problem can be fixed by ignoring Heartbeat Request messages that ask for more data than their payload need. |
The problem can be fixed by ignoring Heartbeat Request messages that ask for more data than their payload need, as required by the RFC. |
||
Version 1.0.1g of OpenSSL adds some bounds checks to prevent the buffer over-read. |
Version 1.0.1g of OpenSSL adds some bounds checks to prevent the buffer over-read. The test listed below was one introduced to determine whether a heartbeat request would trigger Heartbleed; it silently discards malicious requests. |
||
<syntaxhighlight lang="c"> |
<syntaxhighlight lang="c"> |
||
if (1 + 2 + payload + 16 > s->s3->rrec.length) return 0; /* silently discard per RFC 6520 sec. 4 */ |
if (1 + 2 + payload + 16 > s->s3->rrec.length) return 0; /* silently discard per RFC 6520 sec. 4 */ |
||
Line 97: | Line 99: | ||
=== Client-side vulnerability === |
=== Client-side vulnerability === |
||
Although the bug received more attention due to the threat it represents for servers,<ref>{{cite web |last1=Bradley |first1=Tony |title=Reverse Heartbleed puts your PC and devices at risk of OpenSSL attack |url=http://www.pcworld.com/article/2142808/reverse-heartbleed-puts-your-pc-and-the-internet-of-things-at-risk.html |work= |
Although the bug received more attention due to the threat it represents for servers,<ref>{{cite web |last1=Bradley |first1=Tony |title=Reverse Heartbleed puts your PC and devices at risk of OpenSSL attack |url=http://www.pcworld.com/article/2142808/reverse-heartbleed-puts-your-pc-and-the-internet-of-things-at-risk.html |work=[[PC World]] |publisher=IDG Consumer & SMB |date=14 April 2014 |access-date=10 May 2014 |archive-date=2 December 2016 |archive-url=https://web.archive.org/web/20161202162355/http://www.pcworld.com/article/2142808/reverse-heartbleed-puts-your-pc-and-the-internet-of-things-at-risk.html |url-status=live}}</ref> TLS clients using affected OpenSSL instances are also vulnerable. In what ''The Guardian'' therefore dubbed ''Reverse Heartbleed'', malicious servers are able to exploit Heartbleed to read data from a vulnerable client's memory.<ref name="guardian">{{cite web |last1=Arthur |first1=Charles |url=https://www.theguardian.com/technology/2014/apr/15/heartbleed-android-phones-vulnerable-data-shows |title=Heartbleed makes 50m Android phones vulnerable, data shows |publisher=Guardian News and Media Limited |work=The Guardian |date=15 April 2014 |access-date=14 December 2016 |archive-date=19 March 2016 |archive-url=https://web.archive.org/web/20160319092507/http://www.theguardian.com/technology/2014/apr/15/heartbleed-android-phones-vulnerable-data-shows |url-status=live}}</ref> Security researcher Steve Gibson said of Heartbleed that:{{blockquote|It's not just a server-side vulnerability, it's also a client-side vulnerability because the server, or whomever you connect to, is as able to ask you for a heartbeat back as you are to ask them.<ref>{{cite web |url=http://twit.tv/show/security-now/451 |title=Security Now 451 |publisher=Twit.Tv |access-date=2014-04-19 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419085120/http://twit.tv/show/security-now/451 |url-status=live}}</ref>}} |
||
The stolen data could contain usernames and passwords.<ref>{{cite web |last1=Ramzan |first1=Zulfikar |title='Reverse Heartbleed' can attack PCs and mobile phones |url=http://www.scmagazine.com/reverse-heartbleed-can-attack-pcs-and-mobile-phones/article/344108/ |work=SC Magazine |publisher=Haymarket Media, Inc. |date=24 April 2014 |access-date=10 May 2014 |archive-date=6 October 2016 |archive-url=https://web.archive.org/web/20161006171907/http://www.scmagazine.com/reverse-heartbleed-can-attack-pcs-and-mobile-phones/article/344108/ |url-status=live}}</ref> Reverse Heartbleed affected millions of application instances.<ref name="guardian" /> Some of the vulnerable applications are listed in the [[#Software applications|"Software applications" section below]].{{citation needed|date=July 2018}} |
The stolen data could contain usernames and passwords.<ref>{{cite web |last1=Ramzan |first1=Zulfikar |title='Reverse Heartbleed' can attack PCs and mobile phones |url=http://www.scmagazine.com/reverse-heartbleed-can-attack-pcs-and-mobile-phones/article/344108/ |work=SC Magazine |publisher=Haymarket Media, Inc. |date=24 April 2014 |access-date=10 May 2014 |archive-date=6 October 2016 |archive-url=https://web.archive.org/web/20161006171907/http://www.scmagazine.com/reverse-heartbleed-can-attack-pcs-and-mobile-phones/article/344108/ |url-status=live}}</ref> Reverse Heartbleed affected millions of application instances.<ref name="guardian" /> Some of the vulnerable applications are listed in the [[#Software applications|"Software applications" section below]].{{citation needed|date=July 2018}} |
||
Line 106: | Line 108: | ||
==== Websites and other online services ==== |
==== Websites and other online services ==== |
||
An analysis posted on [[GitHub]] of the most visited websites on 8 April 2014 revealed vulnerabilities in sites including [[Yahoo!]], [[Imgur]], [[Stack Overflow (website)|Stack Overflow]], [[Slate (magazine)|Slate]], and [[DuckDuckGo]].<ref name="heartbleed-masstest: Overview">{{cite web |url=https://github.com/musalbas/heartbleed-masstest#overview |title=heartbleed-masstest: Overview |website=[[GitHub]] |access-date=19 April 2014 |archive-date=1 June 2014 |archive-url=https://web.archive.org/web/20140601122323/https://github.com/musalbas/heartbleed-masstest#overview |url-status=live}}</ref><ref>{{cite web |last1=Cipriani |first1=Jason |title=Which sites have patched the Heartbleed bug? |url=https://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/ |date=10 April 2014 |website=[[CNET]] |access-date=10 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411204826/http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/ |url-status=live}}</ref> The following sites have services affected or made announcements recommending that users update passwords in response to the bug: |
An analysis posted on [[GitHub]] of the most visited websites on 8 April 2014 revealed vulnerabilities in sites including [[Yahoo!]], [[Imgur]], [[Stack Overflow (website)|Stack Overflow]], ''[[Slate (magazine)|Slate]]'', and [[DuckDuckGo]].<ref name="heartbleed-masstest: Overview">{{cite web |url=https://github.com/musalbas/heartbleed-masstest#overview |title=heartbleed-masstest: Overview |website=[[GitHub]] |access-date=19 April 2014 |archive-date=1 June 2014 |archive-url=https://web.archive.org/web/20140601122323/https://github.com/musalbas/heartbleed-masstest#overview |url-status=live}}</ref><ref>{{cite web |last1=Cipriani |first1=Jason |title=Which sites have patched the Heartbleed bug? |url=https://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/ |date=10 April 2014 |website=[[CNET]] |access-date=10 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411204826/http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/ |url-status=live}}</ref> The following sites have services affected or made announcements recommending that users update passwords in response to the bug: |
||
{{Div col|colwidth=20em}} |
{{Div col|colwidth=20em}} |
||
Line 134: | Line 136: | ||
{{div col end}} |
{{div col end}} |
||
The Canadian federal government temporarily shut online services of the [[Canada Revenue Agency]] (CRA) and several government departments over Heartbleed bug security concerns.<ref>{{cite news |title=Security concerns prompts tax agency to shut down website |url=http://www.ctvnews.ca/canada/security-concerns-prompts-tax-agency-to-shut-down-website-1.1767727 |publisher=[[CTV News]] |date=9 April 2014 |access-date=9 April 2014 |archive-date=18 January 2021 |archive-url=https://web.archive.org/web/20210118174845/https://www.ctvnews.ca/canada/canadians-filing-taxes-late-due-to-heartbleed-bug-won-t-face-penalties-cra-1.1767727 |url-status=live}}</ref><ref>{{cite news |title=Heartbleed: Canadian tax services back online |url=http://www.cbc.ca/news/business/heartbleed-canadian-tax-services-back-online-1.2608781 |work=CBC News |access-date=14 April 2014 |archive-date=25 April 2018 |archive-url=https://web.archive.org/web/20180425145951/http://www.cbc.ca/news/business/heartbleed-canadian-tax-services-back-online-1.2608781 |url-status=live}}</ref> Before the CRA online services were shut down, a hacker obtained approximately 900 [[ |
The Canadian federal government temporarily shut online services of the [[Canada Revenue Agency]] (CRA) and several government departments over Heartbleed bug security concerns.<ref>{{cite news |title=Security concerns prompts tax agency to shut down website |url=http://www.ctvnews.ca/canada/security-concerns-prompts-tax-agency-to-shut-down-website-1.1767727 |publisher=[[CTV News]] |date=9 April 2014 |access-date=9 April 2014 |archive-date=18 January 2021 |archive-url=https://web.archive.org/web/20210118174845/https://www.ctvnews.ca/canada/canadians-filing-taxes-late-due-to-heartbleed-bug-won-t-face-penalties-cra-1.1767727 |url-status=live}}</ref><ref>{{cite news |title=Heartbleed: Canadian tax services back online |url=http://www.cbc.ca/news/business/heartbleed-canadian-tax-services-back-online-1.2608781 |work=CBC News |access-date=14 April 2014 |archive-date=25 April 2018 |archive-url=https://web.archive.org/web/20180425145951/http://www.cbc.ca/news/business/heartbleed-canadian-tax-services-back-online-1.2608781 |url-status=live}}</ref> Before the CRA online services were shut down, a hacker obtained approximately 900 [[social insurance number]]s.<ref>{{cite news |last1=Ogrodnik |first1=Irene |title=900 SINs stolen due to Heartbleed bug: Canada Revenue Agency {{!}} Globalnews.ca |url=https://globalnews.ca/news/1269168/900-sin-numbers-stolen-due-to-heartbleed-bug-canada-revenue-agency/ |access-date=4 May 2019 |work=globalnews.ca |agency=Global News |date=14 April 2014 |language=en |archive-date=4 May 2019 |archive-url=https://web.archive.org/web/20190504115612/https://globalnews.ca/news/1269168/900-sin-numbers-stolen-due-to-heartbleed-bug-canada-revenue-agency/ |url-status=live}}</ref><ref>{{cite news |last1=Seglins |first1=Dave |title=CRA Heartbleed hack: Stephen Solis-Reyes facing more charges |url=https://www.cbc.ca/news/canada/cra-heartbleed-hack-stephen-solis-reyes-facing-more-charges-1.2859416 |access-date=4 May 2019 |work=cbc.ca |agency=CBC News |date=3 December 2014 |archive-date=4 May 2019 |archive-url=https://web.archive.org/web/20190504115756/https://www.cbc.ca/news/canada/cra-heartbleed-hack-stephen-solis-reyes-facing-more-charges-1.2859416 |url-status=live}}</ref> Another Canadian Government agency, [[Statistics Canada]], had its servers compromised due to the bug and also temporarily took its services offline.<ref>{{cite news |title=The Statistics Canada Site Was Hacked By an Unknown Attacker |url=https://motherboard.vice.com/en_us/article/kbygza/statistics-canada-revenue-agency-hacked |work=Vice – Motherboard |access-date=23 December 2018 |archive-date=24 December 2018 |archive-url=https://web.archive.org/web/20181224023751/https://motherboard.vice.com/en_us/article/kbygza/statistics-canada-revenue-agency-hacked |url-status=live}}</ref> |
||
Platform maintainers like the Wikimedia Foundation advised their users to change passwords.<ref name="wikimedia">{{cite web |url=https://lists.wikimedia.org/pipermail/wikitech-l/2014-April/075801.html |title=[Wikitech-l] Fwd: Security precaution – Resetting all user sessions today |last1=Grossmeier |first1=Greg |date=8 April 2014 |publisher=[[Wikimedia Foundation]] |access-date=9 April 2014 |archive-date=18 June 2014 |archive-url=https://web.archive.org/web/20140618113930/http://lists.wikimedia.org/pipermail/wikitech-l/2014-April/075801.html |url-status=live}}</ref> |
Platform maintainers like the Wikimedia Foundation advised their users to change passwords.<ref name="wikimedia">{{cite web |url=https://lists.wikimedia.org/pipermail/wikitech-l/2014-April/075801.html |title=[Wikitech-l] Fwd: Security precaution – Resetting all user sessions today |last1=Grossmeier |first1=Greg |date=8 April 2014 |publisher=[[Wikimedia Foundation]] |access-date=9 April 2014 |archive-date=18 June 2014 |archive-url=https://web.archive.org/web/20140618113930/http://lists.wikimedia.org/pipermail/wikitech-l/2014-April/075801.html |url-status=live}}</ref> |
||
Line 140: | Line 142: | ||
The servers of [[LastPass]] were vulnerable,<ref>{{cite news |last1=Fiegerman |first1=Seth |title=The Heartbleed Effect: Password Services Are Having a Moment |url=http://mashable.com/2014/04/14/heartbleed-password-management/ |newspaper=Mashable |date=14 April 2014 |access-date=28 April 2014 |archive-date=16 October 2017 |archive-url=https://web.archive.org/web/20171016225757/http://mashable.com/2014/04/14/heartbleed-password-management/ |url-status=live}}</ref> but due to additional encryption and forward secrecy, potential attacks were not able to exploit this bug. However, LastPass recommended that its users change passwords for vulnerable websites.<ref>{{cite web |title=LastPass and the Heartbleed Bug |url=http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html |date=8 April 2014 |website=LastPass |access-date=28 April 2014 |archive-date=18 December 2017 |archive-url=https://web.archive.org/web/20171218042409/https://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html/ |url-status=live}}</ref> |
The servers of [[LastPass]] were vulnerable,<ref>{{cite news |last1=Fiegerman |first1=Seth |title=The Heartbleed Effect: Password Services Are Having a Moment |url=http://mashable.com/2014/04/14/heartbleed-password-management/ |newspaper=Mashable |date=14 April 2014 |access-date=28 April 2014 |archive-date=16 October 2017 |archive-url=https://web.archive.org/web/20171016225757/http://mashable.com/2014/04/14/heartbleed-password-management/ |url-status=live}}</ref> but due to additional encryption and forward secrecy, potential attacks were not able to exploit this bug. However, LastPass recommended that its users change passwords for vulnerable websites.<ref>{{cite web |title=LastPass and the Heartbleed Bug |url=http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html |date=8 April 2014 |website=LastPass |access-date=28 April 2014 |archive-date=18 December 2017 |archive-url=https://web.archive.org/web/20171218042409/https://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html/ |url-status=live}}</ref> |
||
The [[Tor (anonymity network)|Tor]] Project recommended that Tor relay operators and hidden service operators revoke and generate fresh keys after patching OpenSSL, but noted that Tor relays use two sets of keys and that Tor's multi-hop design minimizes the impact of exploiting a single relay.<ref name="tor" /> 586 relays later found to be susceptible to the Heartbleed bug were taken off-line as a precautionary measure.<ref>{{cite web |url=https://lists.torproject.org/pipermail/tor-relays/2014-April/004336.html |title=[tor-relays] Rejecting 380 vulnerable guard/exit keys |publisher=Lists.torproject.org |access-date=19 April 2014 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419172640/https://lists.torproject.org/pipermail/tor-relays/2014-April/004336.html |url-status=live }}</ref><ref>{{cite web |url=https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-april-16th-2014 |title=Tor Weekly News—April 16th, 2014 | The Tor Blog |publisher=Blog.torproject.org |access-date=19 April 2014 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419165608/https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-april-16th-2014 |url-status=live}}</ref><ref>{{cite web |last1=Gallagher |first1=Sean |url=https://arstechnica.com/security/2014/04/tor-networks-ranks-of-relay-servers-cut-because-of-heartbleed-bug/ |title=Tor network's ranks of relay servers cut because of Heartbleed bug |publisher=Ars Technica |date=17 May 2012 |access-date=19 April 2014 |archive-date=1 May 2014 |archive-url=https://web.archive.org/web/20140501163047/http://arstechnica.com/security/2014/04/tor-networks-ranks-of-relay-servers-cut-because-of-heartbleed-bug/ |url-status=live}}</ref><ref>{{cite web |last1=Mimoso |first1=Michael |url=http://threatpost.com/tor-begins-blacklisting-exit-nodes-vulnerable-to-heartbleed/105519 |title=Tor Blacklisting Exit Nodes Vulnerable to Heartbleed Bug | Threatpost | The first stop for security news |publisher=Threatpost |access-date=19 April 2014 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419155907/http://threatpost.com/tor-begins-blacklisting-exit-nodes-vulnerable-to-heartbleed/105519 |url-status=live}}</ref> |
The [[Tor (anonymity network)|Tor]] Project recommended that Tor relay operators and hidden service operators revoke and generate fresh keys after patching OpenSSL, but noted that Tor relays use two sets of keys and that Tor's multi-hop design minimizes the impact of exploiting a single relay.<ref name="tor" /> 586 relays later found to be susceptible to the Heartbleed bug were taken off-line as a precautionary measure.<ref>{{cite web |url=https://lists.torproject.org/pipermail/tor-relays/2014-April/004336.html |title=[tor-relays] Rejecting 380 vulnerable guard/exit keys |date=16 April 2014 |publisher=Lists.torproject.org |access-date=19 April 2014 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419172640/https://lists.torproject.org/pipermail/tor-relays/2014-April/004336.html |url-status=live }}</ref><ref>{{cite web |url=https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-april-16th-2014 |title=Tor Weekly News—April 16th, 2014 | The Tor Blog |publisher=Blog.torproject.org |access-date=19 April 2014 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419165608/https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-april-16th-2014 |url-status=live}}</ref><ref>{{cite web |last1=Gallagher |first1=Sean |url=https://arstechnica.com/security/2014/04/tor-networks-ranks-of-relay-servers-cut-because-of-heartbleed-bug/ |title=Tor network's ranks of relay servers cut because of Heartbleed bug |publisher=Ars Technica |date=17 May 2012 |access-date=19 April 2014 |archive-date=1 May 2014 |archive-url=https://web.archive.org/web/20140501163047/http://arstechnica.com/security/2014/04/tor-networks-ranks-of-relay-servers-cut-because-of-heartbleed-bug/ |url-status=live}}</ref><ref>{{cite web |last1=Mimoso |first1=Michael |url=http://threatpost.com/tor-begins-blacklisting-exit-nodes-vulnerable-to-heartbleed/105519 |title=Tor Blacklisting Exit Nodes Vulnerable to Heartbleed Bug | Threatpost | The first stop for security news |date=17 April 2014 |publisher=Threatpost |access-date=19 April 2014 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419155907/http://threatpost.com/tor-begins-blacklisting-exit-nodes-vulnerable-to-heartbleed/105519 |url-status=live}}</ref> |
||
Game-related services including [[Steam (service)|Steam]], ''[[Minecraft]]'', [[Wargaming (company)|Wargaming]], ''[[League of Legends]]'', [[GOG.com]], [[Origin (service)|Origin]], [[Sony Online Entertainment]], [[Humble Bundle]], and ''[[Path of Exile]]'' were affected and subsequently fixed.<ref>{{cite web |last1=Younger |first1=Paul |url=http://www.incgamers.com/2014/04/pc-game-services-affected-by-heartbleed-and-actions-you-need-to-take |title=PC game services affected by Heartbleed and actions you need to take |publisher=IncGamers |date=11 April 2014 |access-date=15 April 2014 |archive-date=15 April 2014 |archive-url=https://web.archive.org/web/20140415142409/http://www.incgamers.com/2014/04/pc-game-services-affected-by-heartbleed-and-actions-you-need-to-take |url-status=live}}</ref> |
Game-related services including [[Steam (service)|Steam]], ''[[Minecraft]]'', [[Wargaming (company)|Wargaming]], ''[[League of Legends]]'', [[GOG.com]], [[Origin (service)|Origin]], [[Sony Online Entertainment]], [[Humble Bundle]], and ''[[Path of Exile]]'' were affected and subsequently fixed.<ref>{{cite web |last1=Younger |first1=Paul |url=http://www.incgamers.com/2014/04/pc-game-services-affected-by-heartbleed-and-actions-you-need-to-take |title=PC game services affected by Heartbleed and actions you need to take |publisher=IncGamers |date=11 April 2014 |access-date=15 April 2014 |archive-date=15 April 2014 |archive-url=https://web.archive.org/web/20140415142409/http://www.incgamers.com/2014/04/pc-game-services-affected-by-heartbleed-and-actions-you-need-to-take |url-status=live}}</ref> |
||
Line 163: | Line 165: | ||
Several Linux distributions were affected, including [[Debian]]<ref>{{cite web |url=https://www.debian.org/security/2014/dsa-2896 |title=DSA-2896-1 openssl—security update |date=7 April 2014 |publisher=The Debian Project |access-date=17 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411142825/http://www.debian.org/security/2014/dsa-2896 |url-status=live}}</ref> (and derivatives such as [[Linux Mint]] and [[Ubuntu (operating system)|Ubuntu]]<ref>{{cite web |url=http://www.ubuntu.com/usn/usn-2165-1/ |title=Ubuntu Security Notice USN-2165-1 |date=7 April 2014 |access-date=17 April 2014 |publisher=Canonical, Ltd. |archive-date=13 April 2014 |archive-url=https://web.archive.org/web/20140413002432/http://www.ubuntu.com/usn/usn-2165-1/ |url-status=live}}</ref>) and [[Red Hat Enterprise Linux]]<ref>{{cite web |url=http://rhn.redhat.com/errata/RHSA-2014-0376.html |title=Important: openssl security update |date=8 April 2014 |publisher=Red Hat, Inc. |access-date=17 April 2014 |archive-date=18 April 2014 |archive-url=https://web.archive.org/web/20140418182421/https://rhn.redhat.com/errata/RHSA-2014-0376.html |url-status=live}}</ref> (and derivatives such as [[CentOS]],<ref>{{cite web |url=http://lists.centos.org/pipermail/centos-announce/2014-April/020248.html |title=Karanbir Singh's posting to CentOS-announce |date=8 April 2014 |publisher=centos.org |access-date=17 April 2014 |archive-date=14 April 2014 |archive-url=https://web.archive.org/web/20140414002527/http://lists.centos.org/pipermail/centos-announce/2014-April/020248.html |url-status=live}}</ref> [[Oracle Linux]] 6<ref name="oracle-heartbleed" /> and [[Amazon Linux]]<ref>{{cite web |url=https://aws.amazon.com/amazon-linux-ami/security-bulletins/ALAS-2014-320/ |title=Amazon Linux AMI Security Advisory: ALAS-2014-320 |date=7 April 2014 |access-date=17 April 2014 |publisher=Amazon Web Services, Inc. |archive-date=6 June 2014 |archive-url=https://web.archive.org/web/20140606050725/https://aws.amazon.com/amazon-linux-ami/security-bulletins/ALAS-2014-320/ |url-status=live}}</ref>), as well as the following operating systems and firmware implementations: |
Several Linux distributions were affected, including [[Debian]]<ref>{{cite web |url=https://www.debian.org/security/2014/dsa-2896 |title=DSA-2896-1 openssl—security update |date=7 April 2014 |publisher=The Debian Project |access-date=17 April 2014 |archive-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411142825/http://www.debian.org/security/2014/dsa-2896 |url-status=live}}</ref> (and derivatives such as [[Linux Mint]] and [[Ubuntu (operating system)|Ubuntu]]<ref>{{cite web |url=http://www.ubuntu.com/usn/usn-2165-1/ |title=Ubuntu Security Notice USN-2165-1 |date=7 April 2014 |access-date=17 April 2014 |publisher=Canonical, Ltd. |archive-date=13 April 2014 |archive-url=https://web.archive.org/web/20140413002432/http://www.ubuntu.com/usn/usn-2165-1/ |url-status=live}}</ref>) and [[Red Hat Enterprise Linux]]<ref>{{cite web |url=http://rhn.redhat.com/errata/RHSA-2014-0376.html |title=Important: openssl security update |date=8 April 2014 |publisher=Red Hat, Inc. |access-date=17 April 2014 |archive-date=18 April 2014 |archive-url=https://web.archive.org/web/20140418182421/https://rhn.redhat.com/errata/RHSA-2014-0376.html |url-status=live}}</ref> (and derivatives such as [[CentOS]],<ref>{{cite web |url=http://lists.centos.org/pipermail/centos-announce/2014-April/020248.html |title=Karanbir Singh's posting to CentOS-announce |date=8 April 2014 |publisher=centos.org |access-date=17 April 2014 |archive-date=14 April 2014 |archive-url=https://web.archive.org/web/20140414002527/http://lists.centos.org/pipermail/centos-announce/2014-April/020248.html |url-status=live}}</ref> [[Oracle Linux]] 6<ref name="oracle-heartbleed" /> and [[Amazon Linux]]<ref>{{cite web |url=https://aws.amazon.com/amazon-linux-ami/security-bulletins/ALAS-2014-320/ |title=Amazon Linux AMI Security Advisory: ALAS-2014-320 |date=7 April 2014 |access-date=17 April 2014 |publisher=Amazon Web Services, Inc. |archive-date=6 June 2014 |archive-url=https://web.archive.org/web/20140606050725/https://aws.amazon.com/amazon-linux-ami/security-bulletins/ALAS-2014-320/ |url-status=live}}</ref>), as well as the following operating systems and firmware implementations: |
||
* [[Android (operating system)|Android]] 4.1.1, used in various portable devices.<ref>{{cite web |url=http://gadgets.ndtv.com/internet/news/android-411-devices-vulnerable-to-heartbleed-bug-says-google-508262 |title=Android 4.1.1 devices vulnerable to Heartbleed bug, says Google |publisher=NDTV Convergence |date=14 April 2014 |access-date=19 April 2014 |archive-date=20 April 2014 |archive-url=https://web.archive.org/web/20140420115004/http://gadgets.ndtv.com/internet/news/android-411-devices-vulnerable-to-heartbleed-bug-says-google-508262 |url-status=live}}</ref> Chris Smith writes in [[Boy Genius Report]] that just this one version of Android is affected but that it is a popular version of Android ([[Chitika]] claim 4.1.1 is on 50 million devices;<ref>{{cite web |url= |
* [[Android (operating system)|Android]] 4.1.1, used in various portable devices.<ref>{{cite web |url=http://gadgets.ndtv.com/internet/news/android-411-devices-vulnerable-to-heartbleed-bug-says-google-508262 |title=Android 4.1.1 devices vulnerable to Heartbleed bug, says Google |publisher=NDTV Convergence |date=14 April 2014 |access-date=19 April 2014 |archive-date=20 April 2014 |archive-url=https://web.archive.org/web/20140420115004/http://gadgets.ndtv.com/internet/news/android-411-devices-vulnerable-to-heartbleed-bug-says-google-508262 |url-status=live}}</ref> Chris Smith writes in [[Boy Genius Report]] that just this one version of Android is affected but that it is a popular version of Android ([[Chitika]] claim 4.1.1 is on 50 million devices;<ref>{{cite web |url=https://www.foxnews.com/tech/around-50-million-android-smartphones-are-still-vulnerable-to-the-heartbleed-bug/ |title=Around 50 million Android smartphones are still vulnerable to the Heartbleed Bug |publisher=Fox News |date=17 April 2014 |access-date=19 April 2014 |archive-date=19 April 2014 |archive-url=https://web.archive.org/web/20140419163157/http://www.foxnews.com/tech/2014/04/17/about-50-million-android-devices-are-still-vulnerable-to-heartbleed-bug/ |url-status=live}}</ref> Google describe it as less than 10% of activated Android devices). Other Android versions are not vulnerable as they either have heartbeats disabled or use an unaffected version of OpenSSL.<ref>{{cite web |url=http://bgr.com/2014/04/16/heartbleed-android-4-1-1-jelly-bean |title=Heartbleed: Android 4.1.1 Jelly Bean could be seriously affected |publisher=BGR Media |date=16 April 2014 |access-date=19 April 2014 |archive-date=9 March 2017 |archive-url=https://web.archive.org/web/20170309065218/http://bgr.com/2014/04/16/heartbleed-android-4-1-1-jelly-bean/ |url-status=live}}</ref><ref>{{cite web |last1=Blaich |first1=Andrew |title=Heartbleed Bug Impacts Mobile Devices |url=https://bluebox.com/technical/heartbleed-bug-impacts-mobile-devices/ |publisher=Bluebox |date=8 April 2014 |url-status=dead |archive-url=https://web.archive.org/web/20140506061224/https://bluebox.com/technical/heartbleed-bug-impacts-mobile-devices/ |archive-date=6 May 2014}} |
||
<!-- This reference would not be needed, but explains why 4.1.2 and later are not vulnerable in practice, which is relevant as David Wheeler claims 4.1.4 is vulnerable --></ref> |
<!-- This reference would not be needed, but explains why 4.1.2 and later are not vulnerable in practice, which is relevant as David Wheeler claims 4.1.4 is vulnerable --></ref> |
||
* Firmware for some [[AirPort]] base stations<ref>{{cite web |last1=Snell |first1=Jason |title=Apple releases Heartbleed fix for AirPort Base Stations |url=https://www.macworld.com/article/2146391/apple-releases-heartbleed-fix-for-airport-base-stations.html |work=Macworld |date=22 April 2014 |access-date=16 April 2020 |archive-date=25 April 2020 |archive-url=https://web.archive.org/web/20200425073209/https://www.macworld.com/article/2146391/apple-releases-heartbleed-fix-for-airport-base-stations.html |url-status=live}}</ref> |
* Firmware for some [[AirPort]] base stations<ref>{{cite web |last1=Snell |first1=Jason |title=Apple releases Heartbleed fix for AirPort Base Stations |url=https://www.macworld.com/article/2146391/apple-releases-heartbleed-fix-for-airport-base-stations.html |work=[[Macworld]] |date=22 April 2014 |access-date=16 April 2020 |archive-date=25 April 2020 |archive-url=https://web.archive.org/web/20200425073209/https://www.macworld.com/article/2146391/apple-releases-heartbleed-fix-for-airport-base-stations.html |url-status=live}}</ref> |
||
* Firmware for some [[Cisco Systems]] routers<ref name="Cisco" /><ref>{{cite news |last1=Kleinman |first1=Alexis |date=11 April 2014 |title=The Heartbleed Bug Goes Even Deeper Than We Realized – Here's What You Should Do |newspaper=[[The Huffington Post]] |url=https://www.huffingtonpost.com/2014/04/11/heartbleed-routers_n_5132306.html |access-date=16 April 2020 |archive-date=23 March 2019 |archive-url=https://web.archive.org/web/20190323043433/https://www.huffingtonpost.com/2014/04/11/heartbleed-routers_n_5132306.html |url-status=live}}</ref><ref name="online.wsj.com">{{cite web |last1=Yadron |first1=Danny |url=https://www.wsj.com/news/articles/SB10001424052702303873604579493963847851346?mg=reno64-wsj&url=https://www.wsj.com/article/SB10001424052702303873604579493963847851346.html |title=Heartbleed Bug Found in Cisco Routers, Juniper Gear |publisher=Dow Jones & Company, Inc. |date=10 April 2014}}</ref> |
* Firmware for some [[Cisco Systems]] routers<ref name="Cisco" /><ref>{{cite news |last1=Kleinman |first1=Alexis |date=11 April 2014 |title=The Heartbleed Bug Goes Even Deeper Than We Realized – Here's What You Should Do |newspaper=[[The Huffington Post]] |url=https://www.huffingtonpost.com/2014/04/11/heartbleed-routers_n_5132306.html |access-date=16 April 2020 |archive-date=23 March 2019 |archive-url=https://web.archive.org/web/20190323043433/https://www.huffingtonpost.com/2014/04/11/heartbleed-routers_n_5132306.html |url-status=live}}</ref><ref name="online.wsj.com">{{cite web |last1=Yadron |first1=Danny |url=https://www.wsj.com/news/articles/SB10001424052702303873604579493963847851346?mg=reno64-wsj&url=https://www.wsj.com/article/SB10001424052702303873604579493963847851346.html |title=Heartbleed Bug Found in Cisco Routers, Juniper Gear |publisher=Dow Jones & Company, Inc. |date=10 April 2014}}</ref> |
||
* Firmware for some [[Juniper Networks]] routers<ref name="online.wsj.com" /><ref>{{cite web |url=http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10623 |title=2014-04 Out of Cycle Security Bulletin: Multiple products affected by OpenSSL "Heartbleed" issue (CVE-2014-0160) |publisher=Juniper Networks |date=14 April 2014 |access-date=19 April 2014 |archive-date=16 April 2014 |archive-url=https://web.archive.org/web/20140416201958/http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10623 |url-status=live}}</ref> |
* Firmware for some [[Juniper Networks]] routers<ref name="online.wsj.com" /><ref>{{cite web |url=http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10623 |title=2014-04 Out of Cycle Security Bulletin: Multiple products affected by OpenSSL "Heartbleed" issue (CVE-2014-0160) |publisher=Juniper Networks |date=14 April 2014 |access-date=19 April 2014 |archive-date=16 April 2014 |archive-url=https://web.archive.org/web/20140416201958/http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10623 |url-status=live}}</ref> |
||
Line 202: | Line 204: | ||
Vulnerability to Heartbleed is resolved by updating OpenSSL to a [[Patch (computing)|patched]] version (1.0.1g or later). OpenSSL can be used either as a standalone program, a [[Library (computing)#Shared libraries|dynamic shared object]], or a [[Static library|statically-linked library]]; therefore, the updating process can require restarting processes loaded with a vulnerable version of OpenSSL as well as re-linking programs and libraries that linked it statically. In practice this means updating packages that link OpenSSL statically, and restarting running programs to remove the in-memory copy of the old, vulnerable OpenSSL code.{{citation needed|date=January 2019}} |
Vulnerability to Heartbleed is resolved by updating OpenSSL to a [[Patch (computing)|patched]] version (1.0.1g or later). OpenSSL can be used either as a standalone program, a [[Library (computing)#Shared libraries|dynamic shared object]], or a [[Static library|statically-linked library]]; therefore, the updating process can require restarting processes loaded with a vulnerable version of OpenSSL as well as re-linking programs and libraries that linked it statically. In practice this means updating packages that link OpenSSL statically, and restarting running programs to remove the in-memory copy of the old, vulnerable OpenSSL code.{{citation needed|date=January 2019}} |
||
After the vulnerability is patched, server administrators must address the potential breach of confidentiality. Because Heartbleed allowed attackers to disclose [[Public-key cryptography|private keys]], they must be treated as compromised; key pairs must be regenerated, and [[Public key certificate|certificates]] that use them must be reissued; the old certificates must be [[ |
After the vulnerability is patched, server administrators must address the potential breach of confidentiality. Because Heartbleed allowed attackers to disclose [[Public-key cryptography|private keys]], they must be treated as compromised; key pairs must be regenerated, and [[Public key certificate|certificates]] that use them must be reissued; the old certificates must be [[certificate revocation|revoked]]. Heartbleed also had the potential to allow disclosure of other in-memory secrets; therefore, other authentication material (such as [[password]]s) should also be regenerated. It is rarely possible to confirm that a system which was affected has not been compromised, or to determine whether a specific piece of information was leaked.<ref>{{cite web |url=http://haydenjames.io/patched-servers-remain-vulnerable-heartbleed-openssl/ |title=Patched Servers Remain Vulnerable to Heartbleed OpenSSL | Hayden James |date=10 April 2014 |publisher=Haydenjames.io |access-date=10 April 2014 |archive-date=13 April 2014 |archive-url=https://web.archive.org/web/20140413130335/http://haydenjames.io/patched-servers-remain-vulnerable-heartbleed-openssl/ |url-status=live}}</ref> |
||
Since it is difficult or impossible to determine when a credential might have been compromised and how it might have been used by an attacker, certain systems may warrant additional remediation work even after patching the vulnerability and replacing credentials. For example, signatures made by keys that were in use with a vulnerable OpenSSL version might well have been made by an attacker; this raises the possibility integrity has been violated, and opens signatures to [[Repudiation (cryptography)|repudiation]]. Validation of signatures and the legitimacy of other authentications made with a potentially compromised key (such as [[client certificate]] use) must be done with regard to the specific system involved.{{citation needed|date=January 2019}} |
Since it is difficult or impossible to determine when a credential might have been compromised and how it might have been used by an attacker, certain systems may warrant additional remediation work even after patching the vulnerability and replacing credentials. For example, signatures made by keys that were in use with a vulnerable OpenSSL version might well have been made by an attacker; this raises the possibility integrity has been violated, and opens signatures to [[Repudiation (cryptography)|repudiation]]. Validation of signatures and the legitimacy of other authentications made with a potentially compromised key (such as [[client certificate]] use) must be done with regard to the specific system involved.{{citation needed|date=January 2019}} |
||
Line 210: | Line 212: | ||
== Root causes, possible lessons, and reactions == |
== Root causes, possible lessons, and reactions == |
||
Although evaluating the total cost of Heartbleed is difficult, |
Although evaluating the total cost of Heartbleed is difficult, ''eWeek'' estimated US$500 million as a starting point.<ref>{{cite news |last1=Kerner |first1=Sean Michael |title=Heartbleed SSL Flaw's True Cost Will Take Time to Tally |url=http://www.eweek.com/security/heartbleed-ssl-flaws-true-cost-will-take-time-to-tally.html |work=eWeek |date=19 April 2014 |access-date=24 April 2014 |archive-date=10 February 2020 |archive-url=https://archive.today/20200210104151/https://www.eweek.com/security/heartbleed-ssl-flaw-s-true-cost-will-take-time-to-tally |url-status=live}}</ref> |
||
David A. Wheeler's paper ''How to Prevent the next Heartbleed'' analyzes why Heartbleed wasn't discovered earlier, and suggests several techniques which could have led to a faster identification, as well as techniques which could have reduced its impact. According to Wheeler, the most efficient technique which could have prevented Heartbleed is a test suite thoroughly performing [[robustness testing]], i.e. testing that invalid inputs cause failures rather than successes. Wheeler highlights that a single general-purpose test suite could serve as a base for all TLS implementations.<ref name="wheeler">{{cite web |last1=A. Wheeler |first1=David |title=How to Prevent the next Heartbleed |url=https://www.dwheeler.com/essays/heartbleed.html |date=29 April 2014 |access-date=30 January 2017 |archive-date=2 February 2017 |archive-url=https://web.archive.org/web/20170202064748/https://www.dwheeler.com/essays/heartbleed.html |url-status=live}}</ref> |
David A. Wheeler's paper ''How to Prevent the next Heartbleed'' analyzes why Heartbleed wasn't discovered earlier, and suggests several techniques which could have led to a faster identification, as well as techniques which could have reduced its impact. According to Wheeler, the most efficient technique which could have prevented Heartbleed is a test suite thoroughly performing [[robustness testing]], i.e. testing that invalid inputs cause failures rather than successes. Wheeler highlights that a single general-purpose test suite could serve as a base for all TLS implementations.<ref name="wheeler">{{cite web |last1=A. Wheeler |first1=David |title=How to Prevent the next Heartbleed |url=https://www.dwheeler.com/essays/heartbleed.html |date=29 April 2014 |access-date=30 January 2017 |archive-date=2 February 2017 |archive-url=https://web.archive.org/web/20170202064748/https://www.dwheeler.com/essays/heartbleed.html |url-status=live}}</ref> |
||
Line 216: | Line 218: | ||
According to an article on ''[[The Conversation (website)|The Conversation]]'' written by Robert Merkel, Heartbleed revealed a ''massive failure of risk analysis''. Merkel thinks OpenSSL gives more importance to performance than to security, which no longer makes sense in his opinion. But Merkel considers that OpenSSL should not be blamed as much as OpenSSL users, who chose to use OpenSSL, without funding better auditing and testing. Merkel explains that two aspects determine the risk that more similar bugs will cause vulnerabilities. One, the library's source code influences the risk of writing bugs with such an impact. Secondly, OpenSSL's processes affect the chances of catching bugs quickly. On the first aspect, Merkel mentions the use of the [[C (programming language)|C programming language]] as one risk factor which favored Heartbleed's appearance, echoing Wheeler's analysis.<ref name="wheeler" /><ref>{{cite web |last1=Merkel |first1=Robert |title=How the Heartbleed bug reveals a flaw in online security |url=https://theconversation.com/how-the-heartbleed-bug-reveals-a-flaw-in-online-security-25536 |work=The Conversation |date=11 April 2014 |access-date=21 April 2014 |archive-date=17 April 2014 |archive-url=https://web.archive.org/web/20140417090409/http://theconversation.com/how-the-heartbleed-bug-reveals-a-flaw-in-online-security-25536 |url-status=live}}</ref> |
According to an article on ''[[The Conversation (website)|The Conversation]]'' written by Robert Merkel, Heartbleed revealed a ''massive failure of risk analysis''. Merkel thinks OpenSSL gives more importance to performance than to security, which no longer makes sense in his opinion. But Merkel considers that OpenSSL should not be blamed as much as OpenSSL users, who chose to use OpenSSL, without funding better auditing and testing. Merkel explains that two aspects determine the risk that more similar bugs will cause vulnerabilities. One, the library's source code influences the risk of writing bugs with such an impact. Secondly, OpenSSL's processes affect the chances of catching bugs quickly. On the first aspect, Merkel mentions the use of the [[C (programming language)|C programming language]] as one risk factor which favored Heartbleed's appearance, echoing Wheeler's analysis.<ref name="wheeler" /><ref>{{cite web |last1=Merkel |first1=Robert |title=How the Heartbleed bug reveals a flaw in online security |url=https://theconversation.com/how-the-heartbleed-bug-reveals-a-flaw-in-online-security-25536 |work=The Conversation |date=11 April 2014 |access-date=21 April 2014 |archive-date=17 April 2014 |archive-url=https://web.archive.org/web/20140417090409/http://theconversation.com/how-the-heartbleed-bug-reveals-a-flaw-in-online-security-25536 |url-status=live}}</ref> |
||
On the same aspect, [[Theo de Raadt]], founder and leader of the [[OpenBSD]] and [[OpenSSH]] projects, has criticized the OpenSSL developers for writing their own memory management routines and thereby, he claims, circumventing OpenBSD [[C standard library]] exploit countermeasures, saying "OpenSSL is not developed by a responsible team."<ref name="deraadt">{{cite web |url=http://article.gmane.org/gmane.os.openbsd.misc/211963 |title=Re: FYA: http: heartbleed.com |website=Gmane |access-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411014301/http://article.gmane.org/gmane.os.openbsd.misc/211963 |archive-date=11 April 2014 |url-status=dead}}</ref><ref>{{cite web |url=http://it.slashdot.org/story/14/04/10/1343236/theo-de-raadts-small-rant-on-openssl |title=Theo De Raadt's Small Rant On OpenSSL |publisher=Dice |work=Slashdot |date=10 April 2014 |access-date=22 April 2014 |archive-date=24 April 2014 |archive-url=https://web.archive.org/web/20140424233911/http://it.slashdot.org/story/14/04/10/1343236/theo-de-raadts-small-rant-on-openssl |url-status=live}}</ref> Following Heartbleed's disclosure, members of the OpenBSD project [[Fork (software development)|forked]] OpenSSL into [[LibreSSL]].<ref>{{cite news |last1=Kerner |first1=Sean Michael |date=22 April 2014 |title=After Heartbleed, OpenSSL Is Forked Into LibreSSL |url=https://www.eweek.com/security/after-heartbleed-openssl-is-forked-into-libressl |access-date=19 January 2021 |work= |
On the same aspect, [[Theo de Raadt]], founder and leader of the [[OpenBSD]] and [[OpenSSH]] projects, has criticized the OpenSSL developers for writing their own memory management routines and thereby, he claims, circumventing OpenBSD [[C standard library]] exploit countermeasures, saying "OpenSSL is not developed by a responsible team."<ref name="deraadt">{{cite web |url=http://article.gmane.org/gmane.os.openbsd.misc/211963 |title=Re: FYA: http: heartbleed.com |website=Gmane |access-date=11 April 2014 |archive-url=https://web.archive.org/web/20140411014301/http://article.gmane.org/gmane.os.openbsd.misc/211963 |archive-date=11 April 2014 |url-status=dead}}</ref><ref>{{cite web |url=http://it.slashdot.org/story/14/04/10/1343236/theo-de-raadts-small-rant-on-openssl |title=Theo De Raadt's Small Rant On OpenSSL |publisher=Dice |work=Slashdot |date=10 April 2014 |access-date=22 April 2014 |archive-date=24 April 2014 |archive-url=https://web.archive.org/web/20140424233911/http://it.slashdot.org/story/14/04/10/1343236/theo-de-raadts-small-rant-on-openssl |url-status=live}}</ref> Following Heartbleed's disclosure, members of the OpenBSD project [[Fork (software development)|forked]] OpenSSL into [[LibreSSL]].<ref>{{cite news |last1=Kerner |first1=Sean Michael |date=22 April 2014 |title=After Heartbleed, OpenSSL Is Forked Into LibreSSL |url=https://www.eweek.com/security/after-heartbleed-openssl-is-forked-into-libressl |access-date=19 January 2021 |work=eWeek |publisher=TechnologyAdvice |language=en}}</ref> LibreSSL made a big code cleanup, removing more than 90,000 lines of C code just in its first week.<ref>{{cite web |url=https://www.zdnet.com/article/openbsd-forks-prunes-fixes-openssl/ |title=OpenBSD forks, prunes, fixes OpenSSL |first1=Larry |last1=Seltzer |work=Zero Day |publisher=[[ZDNet]] |date=21 April 2014 |access-date=21 April 2014 |archive-date=21 April 2014 |archive-url=https://web.archive.org/web/20140421235922/http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/ |url-status=live}}</ref> |
||
The author of the change which introduced Heartbleed, Robin Seggelmann,<ref>{{cite web |last1=Timson |first1=Lia |date=11 April 2014 |title=Who is Robin Seggelmann and did his Heartbleed break the internet? |url=https://www.smh.com.au/it-pro/security-it/who-is-robin-seggelmann-and-did-his-heartbleed-break-the-internet-20140411-zqtjj.html |url-status=live |archive-url=https://web.archive.org/web/20171019203952/http://www.smh.com.au/it-pro/security-it/who-is-robin-seggelmann-and-did-his-heartbleed-break-the-internet-20140411-zqtjj.html |archive-date=19 October 2017 |access-date=16 April 2020 |work= |
The author of the change which introduced Heartbleed, Robin Seggelmann,<ref>{{cite web |last1=Timson |first1=Lia |date=11 April 2014 |title=Who is Robin Seggelmann and did his Heartbleed break the internet? |url=https://www.smh.com.au/it-pro/security-it/who-is-robin-seggelmann-and-did-his-heartbleed-break-the-internet-20140411-zqtjj.html |url-status=live |archive-url=https://web.archive.org/web/20171019203952/http://www.smh.com.au/it-pro/security-it/who-is-robin-seggelmann-and-did-his-heartbleed-break-the-internet-20140411-zqtjj.html |archive-date=19 October 2017 |access-date=16 April 2020 |work=The Sydney Morning Herald}}</ref> stated that he ''missed validating a variable containing a length'' and denied any intention to submit a flawed implementation.<ref name="smh" /> Following Heartbleed's disclosure, Seggelmann suggested focusing on the second aspect, stating that OpenSSL is not reviewed by enough people.<ref>{{cite web |last1=Williams |first1=Chris |title=OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts |url=https://www.theregister.co.uk/Print/2014/04/11/openssl_heartbleed_robin_seggelmann/ |work=The Register |date=11 April 2014 |access-date=29 August 2017 |archive-date=19 September 2016 |archive-url=https://web.archive.org/web/20160919104402/http://www.theregister.co.uk/Print/2014/04/11/openssl_heartbleed_robin_seggelmann/ |url-status=live}}</ref> Although Seggelmann's work was reviewed by an OpenSSL core developer, the review was also intended to verify functional improvements, a situation making vulnerabilities much easier to miss.<ref name="wheeler" /> |
||
OpenSSL core developer [[Ben Laurie]] claimed that a security audit of OpenSSL would have caught Heartbleed.<ref>{{cite web |last1=Smith |first1=Gerry |title=How The Internet's Worst Nightmare Could Have Been Avoided |url=https://www.huffingtonpost.com/2014/04/10/heartbleed-bug_n_5120457.html |work=The Huffington Post |date=10 April 2014 |quote=The bug revealed this week was buried inside 10 lines of code and would have been spotted in an audit, according to Laurie, who works on the security team at Google. |access-date=16 April 2020 |archive-date=19 July 2017 |archive-url=https://web.archive.org/web/20170719123217/http://www.huffingtonpost.com/2014/04/10/heartbleed-bug_n_5120457.html |url-status=live}}</ref> Software engineer John Walsh commented: {{ |
OpenSSL core developer [[Ben Laurie]] claimed that a security audit of OpenSSL would have caught Heartbleed.<ref>{{cite web |last1=Smith |first1=Gerry |title=How The Internet's Worst Nightmare Could Have Been Avoided |url=https://www.huffingtonpost.com/2014/04/10/heartbleed-bug_n_5120457.html |work=The Huffington Post |date=10 April 2014 |quote=The bug revealed this week was buried inside 10 lines of code and would have been spotted in an audit, according to Laurie, who works on the security team at Google. |access-date=16 April 2020 |archive-date=19 July 2017 |archive-url=https://web.archive.org/web/20170719123217/http://www.huffingtonpost.com/2014/04/10/heartbleed-bug_n_5120457.html |url-status=live}}</ref> Software engineer John Walsh commented: {{blockquote|Think about it, OpenSSL only has two [fulltime] people to write, maintain, test, and review 500,000 lines of business critical code.<ref name="Walsh">{{cite web |url=http://blog.ssh.com/free-can-make-you-bleed |title=Free Can Make You Bleed |work=SSH Communications Security |date=30 April 2014 |access-date=11 September 2016 |last1=Walsh |first1=John |archive-url=https://web.archive.org/web/20161202163921/http://blog.ssh.com/free-can-make-you-bleed |archive-date=2 December 2016 |url-status=dead |language=en}}</ref>}} The OpenSSL foundation's president, Steve Marquess, said "The mystery is not that a few overworked volunteers missed this bug; the mystery is why it hasn't happened more often."<ref name="Walsh" /> David A. Wheeler described audits as an excellent way to find vulnerabilities in typical cases, but noted that "OpenSSL uses unnecessarily complex structures, which makes it harder to both humans and machines to review." He wrote: |
||
<blockquote>There should be a continuous effort to simplify the code, because otherwise just adding capabilities will slowly increase the software complexity. The code should be refactored over time to make it simple and clear, not just constantly add new features. The goal should be code that is "obviously right", as opposed to code that is so complicated that "I can't see any problems".<ref name="wheeler" /></blockquote> |
<blockquote>There should be a continuous effort to simplify the code, because otherwise just adding capabilities will slowly increase the software complexity. The code should be refactored over time to make it simple and clear, not just constantly add new features. The goal should be code that is "obviously right", as opposed to code that is so complicated that "I can't see any problems".<ref name="wheeler" /></blockquote> |
||
⚫ | According to security researcher [[Dan Kaminsky]], Heartbleed is sign of an economic problem which needs to be fixed. Seeing the time taken to catch this simple error in a simple feature from a "critical" dependency, Kaminsky fears numerous future vulnerabilities if nothing is done. When Heartbleed was discovered, OpenSSL was maintained by a handful of volunteers, only one of whom worked full time.<ref>{{cite web |last1=Pagliery |first1=Jose |title=Your Internet security relies on a few volunteers |url=https://money.cnn.com/2014/04/18/technology/security/heartbleed-volunteers/ |work=CNNMoney |publisher=Cable News Network |date=18 April 2014 |access-date=3 August 2020 |archive-date=7 August 2020 |archive-url=https://web.archive.org/web/20200807102139/https://money.cnn.com/2014/04/18/technology/security/heartbleed-volunteers/ |url-status=live}}</ref> Yearly donations to the OpenSSL project were about US$2,000.<ref name="nytimes" /> The Heartbleed website from Codenomicon advised money donations to the OpenSSL project.<ref name="hb" /> After learning about donations for the 2 or 3 days following Heartbleed's disclosure totaling US$841, Kaminsky commented "We are building the most important technologies for the global economy on shockingly underfunded infrastructure."<ref>{{cite web |last1=Kaminsky |first1=Dan |title=Be Still My Breaking Heart |url=http://dankaminsky.com/2014/04/10/heartbleed/ |work=Dan Kaminsky's Blog |date=10 April 2014 |access-date=22 April 2014 |archive-date=14 April 2014 |archive-url=https://web.archive.org/web/20140414222554/http://dankaminsky.com/2014/04/10/heartbleed/ |url-status=live}}</ref> Core developer Ben Laurie has qualified the project as "completely unfunded".<ref name="nytimes" /> Although the OpenSSL Software Foundation has no [[bug bounty program]], the Internet Bug Bounty initiative awarded US$15,000 to Google's Neel Mehta, who discovered Heartbleed, for his responsible disclosure.<ref name="nytimes">{{cite news |last1=Perlroth |first1=Nicole |title=Heartbleed Highlights a Contradiction in the Web |url=https://www.nytimes.com/2014/04/19/technology/heartbleed-highlights-a-contradiction-in-the-web.html?_r=0 |work=The New York Times |date=18 April 2014 |access-date=27 February 2017 |archive-date=8 May 2014 |archive-url=https://web.archive.org/web/20140508233942/http://www.nytimes.com/2014/04/19/technology/heartbleed-highlights-a-contradiction-in-the-web.html?_r=0 |url-status=live}}</ref> Mehta later donated his reward to a [[Freedom of the Press Foundation]] fundraiser.<ref>{{Cite web|date=2014-04-10|title=Here's another way exposing Heartbleed made the Internet more secure|url=https://www.dailydot.com/unclick/heartbleed-neel-mehta-freedom-press-foundation-encryption/|access-date=2022-01-25|website=The Daily Dot|language=en-US}}</ref> |
||
LibreSSL made a big code cleanup, removing more than 90,000 lines of C code just in its first week.<ref>{{cite web |url=https://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/ |title=OpenBSD forks, prunes, fixes OpenSSL |first1=Larry |last1=Seltzer |work=Zero Day |publisher=[[ZDNet]] |date=21 April 2014 |access-date=21 April 2014 |archive-date=21 April 2014 |archive-url=https://web.archive.org/web/20140421235922/http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/ |url-status=live}}</ref> |
|||
⚫ | According to security researcher [[Dan Kaminsky]], Heartbleed is sign of an economic problem which needs to be fixed. Seeing the time taken to catch this simple error in a simple feature from a "critical" dependency, Kaminsky fears numerous future vulnerabilities if nothing is done. When Heartbleed was discovered, OpenSSL was maintained by a handful of volunteers, only one of whom worked full |
||
Paul Chiusano suggested Heartbleed may have resulted from failed software economics.<ref>{{cite web |last1=Chiusano |first1=Paul |title=The failed economics of our software commons, and what you can about it right now |url=https://pchiusano.github.io/2014-12-08/failed-software-economics |website=Paul Chiusano's blog |date=8 December 2014 |access-date=3 November 2017 |archive-date=6 April 2017 |archive-url=https://web.archive.org/web/20170406180008/http://pchiusano.github.io/2014-12-08/failed-software-economics |url-status=live}}</ref><!-- Not about Heartbleed, but uses it and TLS libraries as main example --> |
Paul Chiusano suggested Heartbleed may have resulted from failed software economics.<ref>{{cite web |last1=Chiusano |first1=Paul |title=The failed economics of our software commons, and what you can about it right now |url=https://pchiusano.github.io/2014-12-08/failed-software-economics |website=Paul Chiusano's blog |date=8 December 2014 |access-date=3 November 2017 |archive-date=6 April 2017 |archive-url=https://web.archive.org/web/20170406180008/http://pchiusano.github.io/2014-12-08/failed-software-economics |url-status=live}}</ref><!-- Not about Heartbleed, but uses it and TLS libraries as main example --> |
||
The industry's collective response to the crisis was the [[Core Infrastructure Initiative]], a multimillion-dollar project announced by the [[Linux Foundation]] on 24 April 2014 to provide funds to critical elements of the global information infrastructure.<ref name="cii">{{cite web |title=Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, VMware and The Linux Foundation Form New Initiative to Support Critical Open Source Projects |url=http://www.linuxfoundation.org/news-media/announcements/2014/04/amazon-web-services-cisco-dell-facebook-fujitsu-google-ibm-intel |work=The Linux Foundation |date=24 April 2014 |access-date=25 April 2014 |archive-date=25 April 2014 |archive-url=https://web.archive.org/web/20140425124353/http://www.linuxfoundation.org/news-media/announcements/2014/04/amazon-web-services-cisco-dell-facebook-fujitsu-google-ibm-intel |url-status=live}}</ref> The initiative intends to allow lead developers to work full |
The industry's collective response to the crisis was the [[Core Infrastructure Initiative]], a multimillion-dollar project announced by the [[Linux Foundation]] on 24 April 2014 to provide funds to critical elements of the global information infrastructure.<ref name="cii">{{cite web |title=Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, VMware and The Linux Foundation Form New Initiative to Support Critical Open Source Projects |url=http://www.linuxfoundation.org/news-media/announcements/2014/04/amazon-web-services-cisco-dell-facebook-fujitsu-google-ibm-intel |work=The Linux Foundation |date=24 April 2014 |access-date=25 April 2014 |archive-date=25 April 2014 |archive-url=https://web.archive.org/web/20140425124353/http://www.linuxfoundation.org/news-media/announcements/2014/04/amazon-web-services-cisco-dell-facebook-fujitsu-google-ibm-intel |url-status=live}}</ref> The initiative intends to allow lead developers to work full time on their projects and to pay for security audits, hardware and software infrastructure, travel, and other expenses.<ref>{{cite web |last1=Paul |first1=Ian |title=In Heartbleed's wake, tech titans launch fund for crucial open-source projects |url=http://www.pcworld.com/article/2147014/after-heartbleed-tech-giants-commit-to-supporting-critical-open-source-projects.html |work=PC World |date=24 April 2014 |language=en |access-date=24 April 2014 |archive-date=25 April 2014 |archive-url=https://web.archive.org/web/20140425003840/http://www.pcworld.com/article/2147014/after-heartbleed-tech-giants-commit-to-supporting-critical-open-source-projects.html |url-status=live}}</ref> OpenSSL is a candidate to become the first recipient of the initiative's funding.<ref name="cii" /> |
||
After the discovery Google established [[Project Zero]] which is tasked with finding ''zero-day vulnerabilities'' to help secure the Web and society.<ref>{{cite web |title=Google Project Zero aims to keep the Heartbleed Bug from happening again |url=http://www.techradar.com/news/internet/web/google-project-zero-aims-to-stop-the-heartbleed-bug-from-happening-again-1257434 |work=TechRadar |date=15 July 2014 |access-date=9 April 2017 |language=en |archive-date=10 April 2017 |archive-url=https://web.archive.org/web/20170410051739/http://www.techradar.com/news/internet/web/google-project-zero-aims-to-stop-the-heartbleed-bug-from-happening-again-1257434 |url-status=live}}</ref><ref>{{cite magazine |last1=Greenberg |first1=Andy |url=https://www.wired.com/2014/07/google-project-zero/ |title=Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers |date=15 July 2014 |magazine=Wired |access-date=6 March 2019 |issn=1059-1028}}</ref> |
After the discovery Google established [[Project Zero]] which is tasked with finding ''zero-day vulnerabilities'' to help secure the Web and society.<ref>{{cite web |title=Google Project Zero aims to keep the Heartbleed Bug from happening again |url=http://www.techradar.com/news/internet/web/google-project-zero-aims-to-stop-the-heartbleed-bug-from-happening-again-1257434 |work=TechRadar |date=15 July 2014 |access-date=9 April 2017 |language=en |archive-date=10 April 2017 |archive-url=https://web.archive.org/web/20170410051739/http://www.techradar.com/news/internet/web/google-project-zero-aims-to-stop-the-heartbleed-bug-from-happening-again-1257434 |url-status=live}}</ref><ref>{{cite magazine |last1=Greenberg |first1=Andy |url=https://www.wired.com/2014/07/google-project-zero/ |title=Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers |date=15 July 2014 |magazine=Wired |access-date=6 March 2019 |issn=1059-1028}}</ref> |
||
Line 237: | Line 237: | ||
== Bibliography == |
== Bibliography == |
||
{{ |
{{refbegin}} |
||
* {{cite book |last1=Brock |first1=Kevin |title=Rhetorical Code Studies |year=2019 |publisher=University of Michigan Press |isbn=978-0-472-13127-3 |pages=9–32 |url=https://www.jstor.org/stable/j.ctvndv9pc |chapter-url=https://www.jstor.org/stable/j.ctvndv9pc.8 |access-date=19 January 2021 |chapter=Toward the Rhetorical Study of Code |jstor=j.ctvndv9pc.8 |language=en}} |
* {{cite book |last1=Brock |first1=Kevin |title=Rhetorical Code Studies |year=2019 |publisher=University of Michigan Press |isbn=978-0-472-13127-3 |pages=9–32 |url=https://www.jstor.org/stable/j.ctvndv9pc |chapter-url=https://www.jstor.org/stable/j.ctvndv9pc.8 |access-date=19 January 2021 |chapter=Toward the Rhetorical Study of Code |jstor=j.ctvndv9pc.8 |language=en}} |
||
* {{cite report |last1=Wu |first1=Han |title=Heartbleed OpenSSL Vulnerability: a Forensic Case Study at Medical School |journal=NJMS Advancing Research IT |date=May 2014 |url=http://research.njms.rutgers.edu/m/it/Publications/docs/Heartbleed_OpenSSL_Vulnerability_a_Forensic_Case_Study_at_Medical_School.pdf |access-date=19 January 2021 |publisher=Rutgers University |language=en}} |
* {{cite report |last1=Wu |first1=Han |title=Heartbleed OpenSSL Vulnerability: a Forensic Case Study at Medical School |journal=NJMS Advancing Research IT |date=May 2014 |url=http://research.njms.rutgers.edu/m/it/Publications/docs/Heartbleed_OpenSSL_Vulnerability_a_Forensic_Case_Study_at_Medical_School.pdf |access-date=19 January 2021 |publisher=Rutgers University |language=en}} |
||
* {{cite conference | last1=Durumeric | first1=Zakir | last2=Li | first2=Frank | last3=Kasten | first3=James | last4=Amann | first4=Johanna | last5=Beekman | first5=Jethro | last6=Payer | first6=Mathias | last7=Weaver | first7=Nicolas | last8=Adrian | first8=David | last9=Paxson | first9=Vern | last10=Bailey | first10=Michael | last11=Halderman | first11=J. Alex | title=Proceedings of the 2014 Conference on Internet Measurement Conference | chapter=The Matter of Heartbleed | publisher=ACM | publication-place=New York, NY, USA | date=2014-11-05 | doi=10.1145/2663716.2663755 |pages=475–488 |s2cid=142767 |isbn=978-1-4503-3213-2 |display-authors=2}} |
* {{cite conference | last1=Durumeric | first1=Zakir | last2=Li | first2=Frank | last3=Kasten | first3=James | last4=Amann | first4=Johanna | last5=Beekman | first5=Jethro | last6=Payer | first6=Mathias | last7=Weaver | first7=Nicolas | last8=Adrian | first8=David | last9=Paxson | first9=Vern | last10=Bailey | first10=Michael | last11=Halderman | first11=J. Alex | title=Proceedings of the 2014 Conference on Internet Measurement Conference | chapter=The Matter of Heartbleed | publisher=ACM | publication-place=New York, NY, USA | date=2014-11-05 | doi=10.1145/2663716.2663755 |pages=475–488 |s2cid=142767 |isbn=978-1-4503-3213-2 |display-authors=2| doi-access=free }} |
||
{{refend}} |
{{refend}} |
||
== External links == |
== External links == |
||
{{ |
{{Sister project links|d=Q16244272|v=Managing risk from cyber attacks|c=Category:Heartbleed bug|b=no|voy=no|s=no|m=no|mw=no|species=no|n=no|q=no}} |
||
* [http://heartbleed.com/ Summary and Q&A about the bug] by Codenomicon Ltd |
* [http://heartbleed.com/ Summary and Q&A about the bug] by Codenomicon Ltd |
||
* [http://heartbleed.ca/ Information for Canadian organizations and individuals] |
* [http://heartbleed.ca/ Information for Canadian organizations and individuals] |
||
* [https://www.cyberwatch.fr/en/vulnerabilities/CVE-2014-0160 List of all security notices] |
* [https://www.cyberwatch.fr/en/vulnerabilities/CVE-2014-0160 List of all security notices] {{Webarchive|url=https://web.archive.org/web/20180719233422/https://www.cyberwatch.fr/en/vulnerabilities/CVE-2014-0160 |date=19 July 2018 }} |
||
{{Hacking in the 2010s}} |
{{Hacking in the 2010s}} |
||
{{ |
{{TLS/SSL}} |
||
[[Category:2014 in computing]] |
[[Category:2014 in computing]] |
Latest revision as of 06:05, 17 November 2024
CVE identifier(s) | CVE-2014-0160 |
---|---|
CVSS score | Base: 7.5 HIGH, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Released | 1 February 2012 |
Date discovered | 1 April 2014 |
Date patched | 7 April 2014 |
Discoverer |
|
Affected software | OpenSSL (1.0.1) |
Website | heartbleed |
Heartbleed is a security bug in some outdated versions of the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed could be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It resulted from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension.[5] Thus, the bug's name derived from heartbeat.[6] The vulnerability was classified as a buffer over-read,[7] a situation where more data can be read than should be allowed.[8]
Heartbleed was registered in the Common Vulnerabilities and Exposures database as CVE-2014-0160.[7] The federal Canadian Cyber Incident Response Centre issued a security bulletin advising system administrators about the bug.[9] A fixed version of OpenSSL was released on 7 April 2014, on the same day Heartbleed was publicly disclosed.[10]
TLS implementations other than OpenSSL, such as GnuTLS, Mozilla's Network Security Services, and the Windows platform implementation of TLS, were not affected because the defect existed in the OpenSSL's implementation of TLS rather than in the protocol itself.[11]
System administrators were frequently slow to patch their systems. As of 20 May 2014[update], 1.5% of the 800,000 most popular TLS-enabled websites were still vulnerable to the bug,[12] and by 21 June 2014[update], 309,197 public web servers remained vulnerable.[13] According to a 23 January 2017[update] report[14] from Shodan, nearly 180,000 internet-connected devices were still vulnerable to the bug,[15][16] but by 6 July 2017[update], the number had dropped to 144,000 according to a search performed on shodan.io for the vulnerability.[17] Around two years later, 11 July 2019[update], Shodan reported[18] that 91,063 devices were vulnerable. The U.S. had the most vulnerable devices, with 21,258 (23%), and the 10 countries with the most vulnerable devices had a total of 56,537 vulnerable devices (62%). The remaining countries totaled 34,526 devices (38%). The report also broke the devices down by 10 other categories such as organization (the top 3 were wireless companies), product (Apache httpd, Nginx), and service (HTTPS, 81%).
History
[edit]The Heartbeat Extension for the Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) protocols was proposed as a standard in February 2012 by RFC 6520.[19] It provides a way to test and keep alive secure communication links without the need to renegotiate the connection each time. In 2011, one of the RFC's authors, Robin Seggelmann, then a Ph.D. student at the Fachhochschule Münster, implemented the Heartbeat Extension for OpenSSL. Following Seggelmann's request to put the result of his work into OpenSSL,[20][21][22] his change was reviewed by Stephen N. Henson, one of OpenSSL's four core developers. Henson failed to notice a bug in Seggelmann's implementation, and introduced the flawed code into OpenSSL's source code repository on 31 December 2011. The defect spread with the release of OpenSSL version 1.0.1 on 14 March 2012. Heartbeat support was enabled by default, causing affected versions to be vulnerable.[3][23]
Discovery
[edit]According to Mark J. Cox of OpenSSL, Neel Mehta of Google's security team privately reported Heartbleed to the OpenSSL team on 1 April 2014 11:09 UTC.[24]
The bug was named by an engineer at Synopsys Software Integrity Group, a Finnish cyber security company that also created the bleeding heart logo[25], designed by a Finnish graphic designer Leena Kurjenniska, and launched an informational website, heartbleed.com.[26] While Google's security team reported Heartbleed to OpenSSL first, both Google and Codenomicon discovered it independently at approximately the same time.[27][28] Codenomicon reports 3 April 2014 as their date of discovery and their date of notification of NCSC-FI for vulnerability coordination.[29]
At the time of disclosure, some 17% (around half a million) of the Internet's secure web servers certified by trusted authorities were believed to be vulnerable to the attack, allowing theft of the servers' private keys and users' session cookies and passwords.[30][31][32][33][34] The Electronic Frontier Foundation,[35] Ars Technica,[36] and Bruce Schneier[37] all deemed the Heartbleed bug "catastrophic". Forbes cybersecurity columnist Joseph Steinberg wrote:
Some might argue that Heartbleed is the worst vulnerability found (at least in terms of its potential impact) since commercial traffic began to flow on the Internet.[38]
An unidentified UK Cabinet Office spokesman recommended that:
People should take advice on changing passwords from the websites they use. Most websites have corrected the bug and are best placed to advise what action, if any, people need to take.[39]
On the day of disclosure, The Tor Project advised:
If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.[40]
The Sydney Morning Herald published a timeline of the discovery on 15 April 2014, showing that some organizations had been able to patch the bug before its public disclosure. In some cases, it is not clear how they found out.[41]
Bugfix and deployment
[edit]Bodo Möller and Adam Langley of Google prepared the fix for Heartbleed. The resulting patch was added to Red Hat's issue tracker on 21 March 2014.[42] Stephen N. Henson applied the fix to OpenSSL's version control system on 7 April.[43] The first fixed version, 1.0.1g, was released on the same day. As of 21 June 2014[update], 309,197 public web servers remained vulnerable.[13] As of 23 January 2017[update], according to a report[14] from Shodan, nearly 180,000 internet-connected devices were still vulnerable.[15][16] The number had dropped to 144,000 as of 6 July 2017[update], according to a search on shodan.io for "vuln:cve-2014-0160".[17]
Certificate renewal and revocation
[edit]According to Netcraft, about 30,000 of the 500,000+ X.509 certificates which could have been compromised due to Heartbleed had been reissued by 11 April 2014, although fewer had been revoked.[44]
By 9 May 2014, only 43% of affected web sites had reissued their security certificates. In addition, 7% of the reissued security certificates used the potentially compromised keys. Netcraft stated:
By reusing the same private key, a site that was affected by the Heartbleed bug still faces exactly the same risks as those that have not yet replaced their SSL certificates.[45]
eWeek said, "[Heartbleed is] likely to remain a risk for months, if not years, to come."[46]
Cloudflare revoked all TLS certificates and estimated that publishing its Certificate revocation list would cost the issuer, GlobalSign, $400,000 per month that year.[47]
Exploitation
[edit]The Canada Revenue Agency reported a theft of social insurance numbers belonging to 900 taxpayers, and said that they were accessed through an exploit of the bug during a 6-hour period on 8 April 2014.[48] After the discovery of the attack, the agency shut down its website and extended the taxpayer filing deadline from 30 April to 5 May.[49] The agency said it would provide credit protection services at no cost to anyone affected. On 16 April, the RCMP announced they had charged a computer science student in relation to the theft with unauthorized use of a computer and mischief in relation to data.[50][51]
The UK parenting site Mumsnet had several user accounts hijacked, and its CEO was impersonated.[52] The site later published an explanation of the incident saying it was due to Heartbleed and the technical staff patched it promptly.[53]
Anti-malware researchers also exploited Heartbleed to their own advantage in order to access secret forums used by cybercriminals.[54] Studies were also conducted by deliberately setting up vulnerable machines. For example, on 12 April 2014, at least two independent researchers were able to steal private keys from an experimental server intentionally set up for that purpose by CloudFlare.[55][56] Also, on 15 April 2014, J. Alex Halderman, a professor at University of Michigan, reported that his honeypot server, an intentionally vulnerable server designed to attract attacks in order to study them, had received numerous attacks originating from China. Halderman concluded that because it was a fairly obscure server, these attacks were probably sweeping attacks affecting large areas of the Internet.[57]
In August 2014, it was made public that the Heartbleed vulnerability enabled hackers to steal security keys from Community Health Systems, the second-biggest for-profit U.S. hospital chain in the United States, compromising the confidentiality of 4.5 million patient records. The breach happened a week after Heartbleed was first made public.[58]
Possible prior knowledge and exploitation
[edit]Many major web sites patched the bug or disabled the Heartbeat Extension within days of its announcement,[59] but it is unclear whether potential attackers were aware of it earlier and to what extent it was exploited.[citation needed]
Based on examinations of audit logs by researchers, it has been reported that some attackers may have exploited the flaw for at least five months before discovery and announcement.[60][61] Errata Security pointed out that a widely used non-malicious program called Masscan, introduced six months before Heartbleed's disclosure, abruptly terminates the connection in the middle of handshaking in the same way as Heartbleed, generating the same server log messages, adding "Two new things producing the same error messages might seem like the two are correlated, but of course, they aren't.[62]"
According to Bloomberg News, two unnamed insider sources informed it that the United States' National Security Agency had been aware of the flaw since shortly after its appearance but—instead of reporting it—kept it secret among other unreported zero-day vulnerabilities in order to exploit it for the NSA's own purposes.[63][64][65] The NSA has denied this claim,[66] as has Richard A. Clarke, a member of the National Intelligence Review Group on Intelligence and Communications Technologies that reviewed the United States' electronic surveillance policy; he told Reuters on 11 April 2014 that the NSA had not known of Heartbleed.[67] The allegation prompted the American government to make, for the first time, a public statement on its zero-day vulnerabilities policy, accepting the recommendation of the review group's 2013 report that had asserted "in almost all instances, for widely used code, it is in the national interest to eliminate software vulnerabilities rather than to use them for US intelligence collection", and saying that the decision to withhold should move from the NSA to the White House.[68]
Behavior
[edit]The RFC 6520 Heartbeat Extension tests TLS/DTLS secure communication links by allowing a computer at one end of a connection to send a Heartbeat Request message, consisting of a payload, typically a text string, along with the payload's length as a 16-bit integer. The receiving computer then must send exactly the same payload back to the sender.[citation needed]
The affected versions of OpenSSL allocate a memory buffer for the message to be returned based on the length field in the requesting message, without regard to the actual size of that message's payload. Because of this failure to do proper bounds checking, the message returned consists of the payload, possibly followed by whatever else happened to be in the allocated memory buffer.[citation needed]
Heartbleed is therefore exploited by sending a malformed heartbeat request with a small payload and large length field to the vulnerable party (usually a server) in order to elicit the victim's response, permitting attackers to read up to 64 kilobytes of the victim's memory that was likely to have been used previously by OpenSSL.[69] Where a Heartbeat Request might ask a party to "send back the four-letter word 'bird'", resulting in a response of "bird", a "Heartbleed Request" (a malicious heartbeat request) of "send back the 500-letter word 'bird'" would cause the victim to return "bird" followed by whatever 496 subsequent characters the victim happened to have in active memory. Attackers in this way could receive sensitive data, compromising the confidentiality of the victim's communications. Although an attacker has some control over the disclosed memory block's size, it has no control over its location, and therefore cannot choose what content is revealed.[citation needed]
Affected OpenSSL installations
[edit]The affected versions of OpenSSL are OpenSSL 1.0.1 through 1.0.1f (inclusive). Subsequent versions (1.0.1g[70] and later) and previous versions (1.0.0 branch and older) are not vulnerable.[71] Installations of the affected versions are vulnerable unless OpenSSL was compiled with -DOPENSSL_NO_HEARTBEATS.[72][73]
Vulnerable program and function
[edit]The vulnerable program source files are t1_lib.c and d1_both.c and the vulnerable functions are tls1_process_heartbeat() and dtls1_process_heartbeat().[74][75]
Patch
[edit]The problem can be fixed by ignoring Heartbeat Request messages that ask for more data than their payload need, as required by the RFC.
Version 1.0.1g of OpenSSL adds some bounds checks to prevent the buffer over-read. The test listed below was one introduced to determine whether a heartbeat request would trigger Heartbleed; it silently discards malicious requests.
if (1 + 2 + payload + 16 > s->s3->rrec.length) return 0; /* silently discard per RFC 6520 sec. 4 */
The OpenSSL version control system contains a complete list of changes.[43]
Impact
[edit]The data obtained by a Heartbleed attack may include unencrypted exchanges between TLS parties likely to be confidential, including any form post data in users' requests. Moreover, the confidential data exposed could include authentication secrets such as session cookies and passwords, which might allow attackers to impersonate a user of the service.[76]
An attack may also reveal private keys of compromised parties,[3][77] which would enable attackers to decrypt communications (future or past stored traffic captured via passive eavesdropping, unless perfect forward secrecy is used, in which case only future traffic can be decrypted if intercepted via man-in-the-middle attacks).[citation needed]
An attacker having gained authentication material may impersonate the material's owner after the victim has patched Heartbleed, as long as the material is accepted (for example, until the password is changed or the private key revoked). Heartbleed therefore constitutes a critical threat to confidentiality. However, an attacker impersonating a victim may also alter data. Indirectly, Heartbleed's consequences may thus go far beyond a confidentiality breach for many systems.[78]
A survey of American adults conducted in April 2014 showed that 60 percent had heard about Heartbleed. Among those using the Internet, 39 percent had protected their online accounts, for example by changing passwords or canceling accounts; 29 percent believed their personal information was put at risk because of the Heartbleed bug; and 6 percent believed their personal information had been stolen.[79]
Client-side vulnerability
[edit]Although the bug received more attention due to the threat it represents for servers,[80] TLS clients using affected OpenSSL instances are also vulnerable. In what The Guardian therefore dubbed Reverse Heartbleed, malicious servers are able to exploit Heartbleed to read data from a vulnerable client's memory.[81] Security researcher Steve Gibson said of Heartbleed that:
It's not just a server-side vulnerability, it's also a client-side vulnerability because the server, or whomever you connect to, is as able to ask you for a heartbeat back as you are to ask them.[82]
The stolen data could contain usernames and passwords.[83] Reverse Heartbleed affected millions of application instances.[81] Some of the vulnerable applications are listed in the "Software applications" section below.[citation needed]
Specific systems affected
[edit]Cisco Systems has identified 78 of its products as vulnerable, including IP phone systems and telepresence (video conferencing) systems.[84]
Websites and other online services
[edit]An analysis posted on GitHub of the most visited websites on 8 April 2014 revealed vulnerabilities in sites including Yahoo!, Imgur, Stack Overflow, Slate, and DuckDuckGo.[85][86] The following sites have services affected or made announcements recommending that users update passwords in response to the bug:
- Akamai Technologies[87]
- Amazon Web Services[88]
- Ars Technica[89]
- Bitbucket[90]
- BrandVerity[91]
- Freenode[92]
- GitHub[93]
- IFTTT[94]
- Internet Archive[95]
- Mojang[96]
- Mumsnet[52]
- PeerJ[97]
- Pinterest[98]
- Prezi[99]
- Reddit[100]
- Something Awful[101]
- SoundCloud[102]
- SourceForge[103]
- SparkFun[104]
- Stripe[105]
- Tumblr[106][107]
- All Wikimedia Foundation wikis (including Wikipedia in all languages)[108][109]
- Wunderlist[110]
The Canadian federal government temporarily shut online services of the Canada Revenue Agency (CRA) and several government departments over Heartbleed bug security concerns.[111][112] Before the CRA online services were shut down, a hacker obtained approximately 900 social insurance numbers.[113][114] Another Canadian Government agency, Statistics Canada, had its servers compromised due to the bug and also temporarily took its services offline.[115]
Platform maintainers like the Wikimedia Foundation advised their users to change passwords.[108]
The servers of LastPass were vulnerable,[116] but due to additional encryption and forward secrecy, potential attacks were not able to exploit this bug. However, LastPass recommended that its users change passwords for vulnerable websites.[117]
The Tor Project recommended that Tor relay operators and hidden service operators revoke and generate fresh keys after patching OpenSSL, but noted that Tor relays use two sets of keys and that Tor's multi-hop design minimizes the impact of exploiting a single relay.[40] 586 relays later found to be susceptible to the Heartbleed bug were taken off-line as a precautionary measure.[118][119][120][121]
Game-related services including Steam, Minecraft, Wargaming, League of Legends, GOG.com, Origin, Sony Online Entertainment, Humble Bundle, and Path of Exile were affected and subsequently fixed.[122]
Software applications
[edit]Vulnerable software applications include:
- Several Hewlett-Packard server applications, such as HP System Management Homepage (SMH) for Linux and Windows.[123]
- Some versions of FileMaker 13[124]
- LibreOffice 4.2.0 to 4.2.2 (fixed in 4.2.3)[125][126]
- LogMeIn claimed to have "updated many products and parts of our services that rely on OpenSSL".[127]
- Multiple McAfee products, in particular some versions of software providing anti-viral coverage for Microsoft Exchange, software firewalls, and McAfee Email and Web Gateways[128]
- Oracle MySQL Connector/C 6.1.0-6.1.3 and Connector/ODBC 5.1.13, 5.2.5-5.2.6, 5.3.2[129]
- Oracle Big Data Appliance (includes Oracle Linux 6)[129]
- Primavera P6 Professional Project Management (includes Primavera P6 Enterprise Project Portfolio Management)[129]
- WinSCP (FTP client for Windows) 5.5.2 and some earlier versions (only vulnerable with FTP over TLS/SSL, fixed in 5.5.3)[130]
- Multiple VMware products, including VMware ESXi 5.5, VMware Player 6.0, VMware Workstation 10 and the series of Horizon products, emulators and cloud computing suites[131]
Several other Oracle Corporation applications were affected.[129]
Operating systems/firmware
[edit]Several Linux distributions were affected, including Debian[132] (and derivatives such as Linux Mint and Ubuntu[133]) and Red Hat Enterprise Linux[134] (and derivatives such as CentOS,[135] Oracle Linux 6[129] and Amazon Linux[136]), as well as the following operating systems and firmware implementations:
- Android 4.1.1, used in various portable devices.[137] Chris Smith writes in Boy Genius Report that just this one version of Android is affected but that it is a popular version of Android (Chitika claim 4.1.1 is on 50 million devices;[138] Google describe it as less than 10% of activated Android devices). Other Android versions are not vulnerable as they either have heartbeats disabled or use an unaffected version of OpenSSL.[139][140]
- Firmware for some AirPort base stations[141]
- Firmware for some Cisco Systems routers[84][142][143]
- Firmware for some Juniper Networks routers[143][144]
- pfSense 2.1.0 and 2.1.1 (fixed in 2.1.2)[145]
- DD-WRT versions between and including 19163 and 23881 (fixed in 23882)[146]
- Western Digital My Cloud product family firmware[147]
Vulnerability testing services
[edit]Several services have been made available to test whether Heartbleed affects a given site. However, many services have been claimed to be ineffective for detecting the bug.[148] The available tools include:
- Tripwire SecureScan[149]
- AppCheck – static binary scan and fuzzing, from Synopsys Software Integrity Group (formerly Codenomicon)[150]
- Arbor Network's Pravail Security Analytics[151]
- Norton Safeweb Heartbleed Check Tool[152]
- Heartbleed testing tool by a European IT security company[153]
- Heartbleed test by Italian cryptographer Filippo Valsorda[154]
- Heartbleed Vulnerability Test by Cyberoam[155]
- Critical Watch Free Online Heartbleed Tester[156]
- Metasploit Heartbleed scanner module[157]
- Heartbleed Server Scanner by Rehmann[158]
- Lookout Mobile Security Heartbleed Detector, an app for Android devices that determines the OpenSSL version of the device and indicates whether the vulnerable heartbeat is enabled[159]
- Heartbleed checker hosted by LastPass[160]
- Online network range scanner for Heartbleed vulnerability by Pentest-Tools.com[161]
- Official Red Hat offline scanner written in the Python language[162]
- Qualys SSL Labs' SSL Server Test[163] which not only looks for the Heartbleed bug, but can also find other SSL/TLS implementation errors.
- Browser extensions, such as Chromebleed[164] and FoxBleed[165]
- SSL Diagnos[166]
- CrowdStrike Heartbleed Scanner[167] – Scans routers, printers and other devices connected inside a network including intranet web sites.[168]
- Netcraft Site Report[169] – indicates whether a website's confidentiality could be jeopardized due to a past exploitation of Heartbleed by checking data from Netcraft's SSL Survey to determine whether a site offered the heartbeat TLS Extension prior to the Heartbleed disclosure. The Netcraft Extensions for Chrome, Firefox and Opera[170] also perform this check, whilst looking for potentially compromised certificates.[171]
Other security tools have added support for finding this bug. For example, Tenable Network Security wrote a plugin for its Nessus vulnerability scanner that can scan for this fault.[172] The Nmap security scanner includes a Heartbleed detection script from version 6.45.[173]
Sourcefire has released Snort rules to detect Heartbleed attack traffic and possible Heartbleed response traffic.[174] Open source packet analysis software such as Wireshark and tcpdump can identify Heartbleed packets using specific BPF packet filters that can be used on stored packet captures or live traffic.[175]
Remediation
[edit]Vulnerability to Heartbleed is resolved by updating OpenSSL to a patched version (1.0.1g or later). OpenSSL can be used either as a standalone program, a dynamic shared object, or a statically-linked library; therefore, the updating process can require restarting processes loaded with a vulnerable version of OpenSSL as well as re-linking programs and libraries that linked it statically. In practice this means updating packages that link OpenSSL statically, and restarting running programs to remove the in-memory copy of the old, vulnerable OpenSSL code.[citation needed]
After the vulnerability is patched, server administrators must address the potential breach of confidentiality. Because Heartbleed allowed attackers to disclose private keys, they must be treated as compromised; key pairs must be regenerated, and certificates that use them must be reissued; the old certificates must be revoked. Heartbleed also had the potential to allow disclosure of other in-memory secrets; therefore, other authentication material (such as passwords) should also be regenerated. It is rarely possible to confirm that a system which was affected has not been compromised, or to determine whether a specific piece of information was leaked.[176]
Since it is difficult or impossible to determine when a credential might have been compromised and how it might have been used by an attacker, certain systems may warrant additional remediation work even after patching the vulnerability and replacing credentials. For example, signatures made by keys that were in use with a vulnerable OpenSSL version might well have been made by an attacker; this raises the possibility integrity has been violated, and opens signatures to repudiation. Validation of signatures and the legitimacy of other authentications made with a potentially compromised key (such as client certificate use) must be done with regard to the specific system involved.[citation needed]
Browser security certificate revocation awareness
[edit]Since Heartbleed threatened the privacy of private keys, users of a website which was compromised could continue to suffer from Heartbleed's effects until their browser is made aware of the certificate revocation or the compromised certificate expires.[177] For this reason, remediation also depends on users making use of browsers that have up-to-date certificate revocation lists (or OCSP support) and honour certificate revocations.[citation needed]
Root causes, possible lessons, and reactions
[edit]Although evaluating the total cost of Heartbleed is difficult, eWeek estimated US$500 million as a starting point.[178]
David A. Wheeler's paper How to Prevent the next Heartbleed analyzes why Heartbleed wasn't discovered earlier, and suggests several techniques which could have led to a faster identification, as well as techniques which could have reduced its impact. According to Wheeler, the most efficient technique which could have prevented Heartbleed is a test suite thoroughly performing robustness testing, i.e. testing that invalid inputs cause failures rather than successes. Wheeler highlights that a single general-purpose test suite could serve as a base for all TLS implementations.[179]
According to an article on The Conversation written by Robert Merkel, Heartbleed revealed a massive failure of risk analysis. Merkel thinks OpenSSL gives more importance to performance than to security, which no longer makes sense in his opinion. But Merkel considers that OpenSSL should not be blamed as much as OpenSSL users, who chose to use OpenSSL, without funding better auditing and testing. Merkel explains that two aspects determine the risk that more similar bugs will cause vulnerabilities. One, the library's source code influences the risk of writing bugs with such an impact. Secondly, OpenSSL's processes affect the chances of catching bugs quickly. On the first aspect, Merkel mentions the use of the C programming language as one risk factor which favored Heartbleed's appearance, echoing Wheeler's analysis.[179][180]
On the same aspect, Theo de Raadt, founder and leader of the OpenBSD and OpenSSH projects, has criticized the OpenSSL developers for writing their own memory management routines and thereby, he claims, circumventing OpenBSD C standard library exploit countermeasures, saying "OpenSSL is not developed by a responsible team."[181][182] Following Heartbleed's disclosure, members of the OpenBSD project forked OpenSSL into LibreSSL.[183] LibreSSL made a big code cleanup, removing more than 90,000 lines of C code just in its first week.[184]
The author of the change which introduced Heartbleed, Robin Seggelmann,[185] stated that he missed validating a variable containing a length and denied any intention to submit a flawed implementation.[20] Following Heartbleed's disclosure, Seggelmann suggested focusing on the second aspect, stating that OpenSSL is not reviewed by enough people.[186] Although Seggelmann's work was reviewed by an OpenSSL core developer, the review was also intended to verify functional improvements, a situation making vulnerabilities much easier to miss.[179]
OpenSSL core developer Ben Laurie claimed that a security audit of OpenSSL would have caught Heartbleed.[187] Software engineer John Walsh commented:
Think about it, OpenSSL only has two [fulltime] people to write, maintain, test, and review 500,000 lines of business critical code.[188]
The OpenSSL foundation's president, Steve Marquess, said "The mystery is not that a few overworked volunteers missed this bug; the mystery is why it hasn't happened more often."[188] David A. Wheeler described audits as an excellent way to find vulnerabilities in typical cases, but noted that "OpenSSL uses unnecessarily complex structures, which makes it harder to both humans and machines to review." He wrote:
There should be a continuous effort to simplify the code, because otherwise just adding capabilities will slowly increase the software complexity. The code should be refactored over time to make it simple and clear, not just constantly add new features. The goal should be code that is "obviously right", as opposed to code that is so complicated that "I can't see any problems".[179]
According to security researcher Dan Kaminsky, Heartbleed is sign of an economic problem which needs to be fixed. Seeing the time taken to catch this simple error in a simple feature from a "critical" dependency, Kaminsky fears numerous future vulnerabilities if nothing is done. When Heartbleed was discovered, OpenSSL was maintained by a handful of volunteers, only one of whom worked full time.[189] Yearly donations to the OpenSSL project were about US$2,000.[190] The Heartbleed website from Codenomicon advised money donations to the OpenSSL project.[3] After learning about donations for the 2 or 3 days following Heartbleed's disclosure totaling US$841, Kaminsky commented "We are building the most important technologies for the global economy on shockingly underfunded infrastructure."[191] Core developer Ben Laurie has qualified the project as "completely unfunded".[190] Although the OpenSSL Software Foundation has no bug bounty program, the Internet Bug Bounty initiative awarded US$15,000 to Google's Neel Mehta, who discovered Heartbleed, for his responsible disclosure.[190] Mehta later donated his reward to a Freedom of the Press Foundation fundraiser.[192]
Paul Chiusano suggested Heartbleed may have resulted from failed software economics.[193]
The industry's collective response to the crisis was the Core Infrastructure Initiative, a multimillion-dollar project announced by the Linux Foundation on 24 April 2014 to provide funds to critical elements of the global information infrastructure.[194] The initiative intends to allow lead developers to work full time on their projects and to pay for security audits, hardware and software infrastructure, travel, and other expenses.[195] OpenSSL is a candidate to become the first recipient of the initiative's funding.[194]
After the discovery Google established Project Zero which is tasked with finding zero-day vulnerabilities to help secure the Web and society.[196][197]
References
[edit]- ^ McKenzie, Patrick (9 April 2014). "What Heartbleed Can Teach The OSS Community About Marketing". Kalzumeus. Archived from the original on 20 December 2017. Retrieved 8 February 2018.
- ^ Biggs, John (9 April 2014). "Heartbleed, The First Security Bug With A Cool Logo". TechCrunch. Archived from the original on 11 February 2018. Retrieved 8 February 2018.
- ^ a b c d e "Heartbleed Bug". 11 October 2023. Archived from the original on 7 April 2014. Retrieved 9 April 2014.
- ^ Pitkänen, Perttu (9 April 2014). "Näin suomalaistutkijat löysivät vakavan vuodon internetin sydämestä" [This is how Finnish researchers discovered a serious leak in the heart of the internet]. Ilta-Sanomat (in Finnish). Retrieved 11 October 2023.
- ^ "Security Advisory – OpenSSL Heartbleed Vulnerability". Cyberoam. 11 April 2014. Archived from the original on 8 February 2018. Retrieved 8 February 2018.
- ^ Limer, Eric (9 April 2014). "How Heartbleed Works: The Code Behind the Internet's Security Nightmare". Gizmodo. Archived from the original on 11 November 2014. Retrieved 24 November 2014.
- ^ a b "CVE-2014-0160". Common Vulnerabilities and Exposures. Mitre. Archived from the original on 24 January 2018. Retrieved 8 February 2018.
- ^ "CWE-126: Buffer Over-read (3.0)". Common Vulnerabilities and Exposures. Mitre. 18 January 2018. Archived from the original on 8 February 2018. Retrieved 8 February 2018.
- ^ "AL14-005: OpenSSL Heartbleed Vulnerability". Cyber Security Bulletins. Public Safety Canada. 11 April 2014. Archived from the original on 8 February 2018. Retrieved 8 February 2018.
- ^ "Add heartbeat extension bounds check". git.openssl.org. OpenSSL. Retrieved 5 March 2019.
- ^ Pretorius, Tracey (10 April 2014). "Microsoft Services unaffected by OpenSSL "Heartbleed" vulnerability". Microsoft. Archived from the original on 8 February 2018. Retrieved 8 February 2018.
- ^ Leyden, John (20 May 2014). "AVG on Heartbleed: It's dangerous to go alone. Take this (an AVG tool)". The Register. Archived from the original on 23 January 2018. Retrieved 8 February 2018.
- ^ a b Graham, Robert (21 June 2014). "300k servers vulnerable to Heartbleed two months later". Errata Security. Archived from the original on 23 June 2014. Retrieved 22 June 2014.
- ^ a b Shodan (23 January 2017). "Heartbleed Report (2017-01)". shodan.io. Archived from the original on 23 January 2017. Retrieved 10 July 2019.
- ^ a b Schwartz, Mathew J. (30 January 2017). "Heartbleed Lingers: Nearly 180,000 Servers Still Vulnerable". Bank Info Security. Archived from the original on 11 July 2019. Retrieved 10 July 2019.
- ^ a b Mac Vittie, Lori (2 February 2017). "Friendly Reminder: App Security in the Cloud Is Your Responsibility". F5 Labs. Archived from the original on 11 July 2019. Retrieved 10 July 2019.
- ^ a b Carey, Patrick (10 July 2017). "Heartbleed's Heartburn: Why a 5 Year Old Vulnerability Continues to Bite". The Security Ledger. Archived from the original on 11 July 2019. Retrieved 10 July 2019.
- ^ Shodan (11 July 2019). "[2019] Heartbleed Report". Shodan. Archived from the original on 11 July 2019. Retrieved 11 July 2019.
- ^ Seggelmann, Robin; Tuexen, Michael; Williams, Michael (February 2012). Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension. IETF. doi:10.17487/RFC6520. ISSN 2070-1721. RFC 6520. Retrieved 8 February 2018.
- ^ a b Grubb, Ben (11 April 2014). "Man who introduced serious 'Heartbleed' security flaw denies he inserted it deliberately". The Sydney Morning Herald.[permanent dead link ]
- ^ "#2658: [PATCH] Add TLS/DTLS Heartbeats". OpenSSL. 2011. Archived from the original on 8 August 2017. Retrieved 13 April 2014.
- ^ "Meet the man who created the bug that almost broke the Internet". Globe and Mail. 11 April 2014. Archived from the original on 4 January 2018. Retrieved 27 August 2017.
- ^ Goodin, Dan (8 April 2014). "Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping". Ars Technica. Archived from the original on 5 July 2017. Retrieved 14 June 2017.
- ^ "Mark J Cox – #Heartbleed". Archived from the original on 16 April 2014. Retrieved 12 April 2014.
- ^ Pitkänen, Perttu (10 April 2014). "Oululaiset sorvasivat nimen ja logon: Näin superbugi tuotteistettiin" [The people of Oulu turned the name and logo: This is how the superbug was produced]. Ilta-Sanomat (in Finnish). Retrieved 11 October 2023.
- ^ Dewey, Caitlin. "Why is it called the 'Heartbleed Bug'?". Archived from the original on 9 October 2014. Retrieved 25 November 2014.
- ^ Lee, Timothy B. (10 April 2014). "Who discovered the vulnerability?". Vox. Archived from the original on 5 December 2017. Retrieved 4 December 2017.
- ^ Lee, Ariana (13 April 2014). "How Codenomicon Found The Heartbleed Bug Now Plaguing The Internet". ReadWrite. Archived from the original on 5 September 2017. Retrieved 4 December 2017.
Discovered independently by Google engineer Neel Mehta and the Finnish security firm Codenomicon, Heartbleed has been called 'one of the most serious security problems to ever affect the modern web.'
- ^ "Näin suomalaistutkijat löysivät vakavan vuodon internetin sydämestä – transl/Finnish researchers found a serious leakage of the heart of the Internet". 10 April 2014. Archived from the original on 4 November 2014. Retrieved 13 April 2014.
- ^ Mutton, Paul (8 April 2014). "Half a million widely trusted websites vulnerable to Heartbleed bug". Netcraft. Archived from the original on 19 November 2014. Retrieved 24 November 2014.
- ^ Perlroth, Nicole; Hardy, Quentin (11 April 2014). "Heartbleed Flaw Could Reach to Digital Devices, Experts Say". The New York Times. Archived from the original on 28 April 2019. Retrieved 27 February 2017.
- ^ Chen, Brian X. (9 April 2014). "Q. and A. on Heartbleed: A Flaw Missed by the Masses". The New York Times. Archived from the original on 12 April 2014. Retrieved 10 April 2014.
- ^ Wood, Molly (10 April 2014). "Flaw Calls for Altering Passwords, Experts Say". The New York Times. Archived from the original on 19 October 2017. Retrieved 27 February 2017.
- ^ Manjoo, Farhad (10 April 2014). "Users' Stark Reminder: As Web Grows, It Grows Less Secure". The New York Times. Archived from the original on 24 February 2018. Retrieved 27 February 2017.
- ^ Zhu, Yan (8 April 2014). "Why the Web Needs Perfect Forward Secrecy More Than Ever". Electronic Frontier Foundation. Archived from the original on 20 December 2017. Retrieved 10 April 2014.
- ^ Goodin, Dan (8 April 2014). "Critical crypto bug exposes Yahoo Mail, other passwords Russian roulette-style". Ars Technica. Archived from the original on 14 July 2017. Retrieved 14 June 2017.
- ^ "Schneier on Security: Heartbleed". Schneier on Security. 11 April 2014. Archived from the original on 23 December 2017. Retrieved 10 April 2014.
- ^ Steinberg, Joseph (10 April 2014). "Massive Internet Security Vulnerability – Here's What You Need To Do". Forbes. Archived from the original on 4 January 2018. Retrieved 29 August 2017.
- ^ Kelion, Leo (11 April 2014). "US government warns of Heartbleed bug danger". BBC News. Archived from the original on 6 December 2018. Retrieved 21 June 2018.
- ^ a b "OpenSSL bug CVE-2014-0160". Tor Project. 7 April 2014. Archived from the original on 10 July 2017. Retrieved 9 April 2014.
- ^ Grubb, Ben (14 April 2014). "Heartbleed disclosure timeline: who knew what and when". The Sydney Morning Herald. Archived from the original on 25 November 2014. Retrieved 25 November 2014.
- ^ "heartbeat_fix". Archived from the original on 19 November 2018. Retrieved 14 April 2014.
- ^ a b ""complete list of changes" (Git – openssl.git/commitdiff)". The OpenSSL Project. 7 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Heartbleed certificate revocation tsunami yet to arrive". Netcraft. 11 April 2014. Archived from the original on 29 May 2014. Retrieved 24 April 2014.
- ^ Mutton, Paul (9 May 2014). "Keys left unchanged in many Heartbleed replacement certificates!". Netcraft. Archived from the original on 27 August 2016. Retrieved 11 September 2016.
- ^ Kerner, Sean Michael (10 May 2014). "Heartbleed Still a Threat to Hundreds of Thousands of Servers". eWeek. Archived from the original on 11 May 2014.
- ^ Prince, Matthew (17 April 2014). "The hidden costs of Heartbleed". Cloudflare. Archived from the original on 30 April 2016.
- ^ Evans, Pete (14 April 2014). "Heartbleed bug: 900 SINs stolen from Revenue Canada". CBC News. Archived from the original on 14 March 2018. Retrieved 4 November 2014. Some of the details are in the video linked from the page.
- ^ "Canada Revenue Agency pushes tax deadline to May 5 after Heartbleed bug". 14 April 2014. Archived from the original on 4 November 2014. Retrieved 4 November 2014.
- ^ Thibedeau, Hannah (16 April 2014). "Heartbleed bug accused charged by RCMP after SIN breach". CBC News. Archived from the original on 28 October 2014. Retrieved 4 November 2014.
- ^ "Heartbleed hack case sees first arrest in Canada". BBC News. 16 April 2014. Archived from the original on 23 May 2018. Retrieved 21 June 2018.
- ^ a b Kelion, Leo (14 April 2014). "Heartbleed hacks hit Mumsnet and Canada's tax agency". BBC News. Archived from the original on 29 November 2017. Retrieved 21 June 2018.
- ^ "Mumsnet and Heartbleed as it happened". Mumsnet. Archived from the original on 29 December 2017. Retrieved 17 April 2014.
- ^ Ward, Mark (29 April 2014). "Heartbleed used to uncover data from cyber-criminals". BBC News. Archived from the original on 14 May 2018. Retrieved 21 June 2018.
- ^ Lawler, Richard (11 April 2014). "Cloudflare Challenge proves 'worst case scenario' for Heartbleed is actually possible". Engadget. Archived from the original on 29 December 2017. Retrieved 29 August 2017.
- ^ "The Heartbleed Challenge". CloudFlare. 2014. Archived from the original on 12 April 2014.
- ^ Robertson, Jordan (16 April 2014). "Hackers from China waste little time in exploiting Heartbleed". The Sydney Morning Herald. Archived from the original on 28 December 2017. Retrieved 16 April 2020.
- ^ Frizell, Sam (20 August 2014). "Report: Devastating Heartbleed Flaw Was Used in Hospital Hack". Time. Archived from the original on 7 October 2014. Retrieved 7 October 2014.
- ^ Cipriani, Jason (9 April 2014). "Heartbleed bug: Check which sites have been patched". CNET. Archived from the original on 17 April 2020. Retrieved 16 April 2020.
- ^ Gallagher, Sean (9 April 2014). "Heartbleed vulnerability may have been exploited months before patch". Ars Technica. Archived from the original on 3 March 2017. Retrieved 14 June 2017.
- ^ Eckersley, Peter (10 April 2014). "Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013?". Eff.org. Archived from the original on 5 December 2014. Retrieved 25 November 2014.
- ^ Graham, Robert (9 April 2014). "No, we weren't scanning for hearbleed before April 7". Errata Security. Archived from the original on 16 October 2017. Retrieved 10 April 2014.
- ^ Riley, Michael (12 April 2014). "NSA Said to Exploit Heartbleed Bug for Intelligence for Years". Bloomberg. Archived from the original on 11 April 2014. Retrieved 7 March 2017.
- ^ Molina, Brett. "Report: NSA exploited Heartbleed for years". USA Today. Archived from the original on 11 April 2014. Retrieved 11 April 2014.
- ^ Riley, Michael. "NSA exploited Heartbleed bug for two years to gather intelligence, sources say". Financial Post. Archived from the original on 11 April 2014. Retrieved 11 April 2014.
- ^ "Statement on Bloomberg News story that NSA knew about the 'Heartbleed bug' flaw and regularly used it to gather critical intelligence". National Security Agency. 11 April 2014. Archived from the original on 27 December 2017. Retrieved 13 April 2014.
- ^ Hosenball, Mark; Dunham, Will (11 April 2014). "White House, spy agencies deny NSA exploited 'Heartbleed' bug". Reuters. Archived from the original on 15 April 2014. Retrieved 1 July 2017.
- ^ Zetter, Kim. "U.S. Gov Insists It Doesn't Stockpile Zero-Day Exploits to Hack Enemies". Wired. wired.com. Archived from the original on 29 November 2014. Retrieved 25 November 2014.
- ^ Hunt, Troy (9 April 2014). "Everything you need to know about the Heartbleed SSL bug". Troyhunt. Archived from the original on 11 April 2014. Retrieved 11 April 2014.
- ^ "git.openssl.org Git – openssl.git/log". git.openssl.org. Archived from the original on 15 April 2014. Retrieved 25 November 2014.
- ^ "Spiceworks Community Discussions". community.spiceworks.com. Archived from the original on 15 April 2014. Retrieved 11 April 2014.
- ^ "OpenSSL Security Advisory [07 Apr 2014]". The OpenSSL Project. 7 April 2014. Archived from the original on 8 April 2014. Retrieved 9 April 2014.
- ^ "OpenSSL versions and vulnerability [9 April 2014]". Comodo. Archived from the original on 5 July 2014. Retrieved 9 April 2014.
- ^ "Cyberoam Users Need not Bleed over Heartbleed Exploit". cyberoam.com. Archived from the original on 15 April 2014. Retrieved 11 April 2014.
- ^ "tls1_process_heartbeat [9 April 2014]". Archived from the original on 26 August 2014. Retrieved 10 April 2014.
- ^ "Why Heartbleed is dangerous? Exploiting CVE-2014-0160". IPSec.pl. 2014. Archived from the original on 8 April 2014. Retrieved 9 April 2014.
- ^ Graham-Cumming, John (28 April 2014). "Searching for The Prime Suspect: How Heartbleed Leaked Private Keys". CloudFlare. Archived from the original on 29 December 2017. Retrieved 7 June 2014.
- ^ Judge, Kevin. "Servers Vulnerable to Heartbleed [14 July 2014]". Archived from the original on 26 August 2014. Retrieved 25 August 2014.
- ^ Rainie, Lee; Duggan, Maeve (30 April 2014). "Heartbleed's Impact". Pew Research Internet Project. Pew Research Center. p. 2. Archived from the original on 28 December 2017. Retrieved 22 May 2014.
- ^ Bradley, Tony (14 April 2014). "Reverse Heartbleed puts your PC and devices at risk of OpenSSL attack". PC World. IDG Consumer & SMB. Archived from the original on 2 December 2016. Retrieved 10 May 2014.
- ^ a b Arthur, Charles (15 April 2014). "Heartbleed makes 50m Android phones vulnerable, data shows". The Guardian. Guardian News and Media Limited. Archived from the original on 19 March 2016. Retrieved 14 December 2016.
- ^ "Security Now 451". Twit.Tv. Archived from the original on 19 April 2014. Retrieved 19 April 2014.
- ^ Ramzan, Zulfikar (24 April 2014). "'Reverse Heartbleed' can attack PCs and mobile phones". SC Magazine. Haymarket Media, Inc. Archived from the original on 6 October 2016. Retrieved 10 May 2014.
- ^ a b "OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products". Cisco Systems. 9 April 2014. Archived from the original on 29 December 2017. Retrieved 8 May 2014.
- ^ "heartbleed-masstest: Overview". GitHub. Archived from the original on 1 June 2014. Retrieved 19 April 2014.
- ^ Cipriani, Jason (10 April 2014). "Which sites have patched the Heartbleed bug?". CNET. Archived from the original on 11 April 2014. Retrieved 10 April 2014.
- ^ "Heartbleed FAQ: Akamai Systems Patched". Akamai Technologies. 8 April 2014. Archived from the original on 8 April 2014. Retrieved 9 April 2014.
- ^ "AWS Services Updated to Address OpenSSL Vulnerability". Amazon Web Services. 8 April 2014. Archived from the original on 11 April 2014. Retrieved 9 April 2014.
- ^ "Dear readers, please change your Ars account passwords ASAP". Ars Technica. 8 April 2014. Archived from the original on 18 January 2017. Retrieved 14 June 2017.
- ^ "All Heartbleed upgrades are now complete". BitBucket Blog. 9 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Keeping Your BrandVerity Account Safe from the Heartbleed Bug". BrandVerity Blog. 9 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ @freenodestaff (8 April 2014). "we've had to restart a bunch of servers due to an openssl security vulnerability, which is/was very noisy. So sorry!" (Tweet) – via Twitter.
- ^ "Security: Heartbleed vulnerability". GitHub. 8 April 2014. Archived from the original on 10 April 2014. Retrieved 9 April 2014.
- ^ "IFTTT Says It Is 'No Longer Vulnerable' To Heartbleed". LifeHacker. 8 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Heartbleed bug and the Archive". Internet Archive Blogs. 9 April 2014. Retrieved 14 April 2014.
- ^ @KrisJelbring (8 April 2014). "If you logged in to any of our games or websites in the last 24 hours using your username+password I'd recommend you to change your password" (Tweet). Retrieved 14 April 2014 – via Twitter.
- ^ "The widespread OpenSSL 'Heartbleed' bug is patched in PeerJ". PeerJ. 9 April 2014. Archived from the original on 13 April 2014. Retrieved 9 April 2014.
- ^ "Was Pinterest impacted by the Heartbleed issue?". Pinterest Help Center. Archived from the original on 21 April 2014. Retrieved 20 April 2014.
- ^ "Heartbleed Defeated". Prezi. Archived from the original on 5 June 2014. Retrieved 13 April 2014.
- ^ "We recommend that you change your reddit password". Reddit. 14 April 2014. Archived from the original on 15 April 2014. Retrieved 14 April 2014.
- ^ "IMPORTANT ANNOUNCEMENTS FROM THE MAKERS OF CHILI". Archived from the original on 28 July 2013. Retrieved 13 April 2014.
- ^ Codey, Brendan (9 April 2014). "Security Update: We're going to sign out everyone today, here's why". SoundCloud. Archived from the original on 13 April 2014. Retrieved 9 April 2014.
- ^ "SourceForge response to Heartbleed". SourceForge. 10 April 2014. Archived from the original on 11 April 2014. Retrieved 10 April 2014.
- ^ "Heartbleed". SparkFun. 9 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Heartbleed". Stripe (company). 9 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Tumblr Staff-Urgent security update". 8 April 2014. Archived from the original on 9 April 2014. Retrieved 9 April 2014.
- ^ Hern, Alex (9 April 2014). "Heartbleed: don't rush to update passwords, security experts warn". The Guardian. Archived from the original on 3 January 2017. Retrieved 14 December 2016.
- ^ a b Grossmeier, Greg (8 April 2014). "[Wikitech-l] Fwd: Security precaution – Resetting all user sessions today". Wikimedia Foundation. Archived from the original on 18 June 2014. Retrieved 9 April 2014.
- ^ Grossmeier, Greg (10 April 2014). "Wikimedia's response to the "Heartbleed" security vulnerability". Wikimedia Foundation blog. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Wunderlist & the Heartbleed OpenSSL Vulnerability". 10 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Security concerns prompts tax agency to shut down website". CTV News. 9 April 2014. Archived from the original on 18 January 2021. Retrieved 9 April 2014.
- ^ "Heartbleed: Canadian tax services back online". CBC News. Archived from the original on 25 April 2018. Retrieved 14 April 2014.
- ^ Ogrodnik, Irene (14 April 2014). "900 SINs stolen due to Heartbleed bug: Canada Revenue Agency | Globalnews.ca". globalnews.ca. Global News. Archived from the original on 4 May 2019. Retrieved 4 May 2019.
- ^ Seglins, Dave (3 December 2014). "CRA Heartbleed hack: Stephen Solis-Reyes facing more charges". cbc.ca. CBC News. Archived from the original on 4 May 2019. Retrieved 4 May 2019.
- ^ "The Statistics Canada Site Was Hacked By an Unknown Attacker". Vice – Motherboard. Archived from the original on 24 December 2018. Retrieved 23 December 2018.
- ^ Fiegerman, Seth (14 April 2014). "The Heartbleed Effect: Password Services Are Having a Moment". Mashable. Archived from the original on 16 October 2017. Retrieved 28 April 2014.
- ^ "LastPass and the Heartbleed Bug". LastPass. 8 April 2014. Archived from the original on 18 December 2017. Retrieved 28 April 2014.
- ^ "[tor-relays] Rejecting 380 vulnerable guard/exit keys". Lists.torproject.org. 16 April 2014. Archived from the original on 19 April 2014. Retrieved 19 April 2014.
- ^ "Tor Weekly News—April 16th, 2014 | The Tor Blog". Blog.torproject.org. Archived from the original on 19 April 2014. Retrieved 19 April 2014.
- ^ Gallagher, Sean (17 May 2012). "Tor network's ranks of relay servers cut because of Heartbleed bug". Ars Technica. Archived from the original on 1 May 2014. Retrieved 19 April 2014.
- ^ Mimoso, Michael (17 April 2014). "Tor Blacklisting Exit Nodes Vulnerable to Heartbleed Bug | Threatpost | The first stop for security news". Threatpost. Archived from the original on 19 April 2014. Retrieved 19 April 2014.
- ^ Younger, Paul (11 April 2014). "PC game services affected by Heartbleed and actions you need to take". IncGamers. Archived from the original on 15 April 2014. Retrieved 15 April 2014.
- ^ "HP Servers Communication: OpenSSL "HeartBleed" Vulnerability". 18 April 2014. Archived from the original on 4 March 2016.
- ^ "FileMaker products and the Heartbleed bug". 6 May 2014. Archived from the original on 12 October 2016. Retrieved 8 May 2014.
- ^ italovignoli (10 April 2014). "LibreOffice 4.2.3 is now available for download". The Document Foundation. Archived from the original on 12 April 2014. Retrieved 11 April 2014.
- ^ "CVE-2014-0160". LibreOffice. 7 April 2014. Archived from the original on 3 May 2014. Retrieved 2 May 2014.
- ^ "LogMeIn and OpenSSL". LogMeIn. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "McAfee Security Bulletin – OpenSSL Heartbleed vulnerability patched in McAfee products". McAfee KnowledgeBase. 17 April 2014. Archived from the original on 16 April 2014. Retrieved 15 April 2014.
- ^ a b c d e "OpenSSL Security Bug – Heartbleed / CVE-2014-0160". Archived from the original on 28 May 2014. Retrieved 12 May 2014.
- ^ "Recent Version History". WinSCP. 14 April 2014. Archived from the original on 27 April 2014. Retrieved 2 May 2014.
- ^ "Response to OpenSSL security issue CVE-2014-0160/CVE-2014-0346 a.k.a: "Heartbleed"". VMware, Inc. Archived from the original on 16 April 2014. Retrieved 17 April 2014.
- ^ "DSA-2896-1 openssl—security update". The Debian Project. 7 April 2014. Archived from the original on 11 April 2014. Retrieved 17 April 2014.
- ^ "Ubuntu Security Notice USN-2165-1". Canonical, Ltd. 7 April 2014. Archived from the original on 13 April 2014. Retrieved 17 April 2014.
- ^ "Important: openssl security update". Red Hat, Inc. 8 April 2014. Archived from the original on 18 April 2014. Retrieved 17 April 2014.
- ^ "Karanbir Singh's posting to CentOS-announce". centos.org. 8 April 2014. Archived from the original on 14 April 2014. Retrieved 17 April 2014.
- ^ "Amazon Linux AMI Security Advisory: ALAS-2014-320". Amazon Web Services, Inc. 7 April 2014. Archived from the original on 6 June 2014. Retrieved 17 April 2014.
- ^ "Android 4.1.1 devices vulnerable to Heartbleed bug, says Google". NDTV Convergence. 14 April 2014. Archived from the original on 20 April 2014. Retrieved 19 April 2014.
- ^ "Around 50 million Android smartphones are still vulnerable to the Heartbleed Bug". Fox News. 17 April 2014. Archived from the original on 19 April 2014. Retrieved 19 April 2014.
- ^ "Heartbleed: Android 4.1.1 Jelly Bean could be seriously affected". BGR Media. 16 April 2014. Archived from the original on 9 March 2017. Retrieved 19 April 2014.
- ^ Blaich, Andrew (8 April 2014). "Heartbleed Bug Impacts Mobile Devices". Bluebox. Archived from the original on 6 May 2014.
- ^ Snell, Jason (22 April 2014). "Apple releases Heartbleed fix for AirPort Base Stations". Macworld. Archived from the original on 25 April 2020. Retrieved 16 April 2020.
- ^ Kleinman, Alexis (11 April 2014). "The Heartbleed Bug Goes Even Deeper Than We Realized – Here's What You Should Do". The Huffington Post. Archived from the original on 23 March 2019. Retrieved 16 April 2020.
- ^ a b Yadron, Danny (10 April 2014). "Heartbleed Bug Found in Cisco Routers, Juniper Gear". Dow Jones & Company, Inc.
- ^ "2014-04 Out of Cycle Security Bulletin: Multiple products affected by OpenSSL "Heartbleed" issue (CVE-2014-0160)". Juniper Networks. 14 April 2014. Archived from the original on 16 April 2014. Retrieved 19 April 2014.
- ^ "OpenSSL "Heartbleed" Information Disclosure, ECDSA". Electric Sheep Fencing LLC. 8 April 2014. Archived from the original on 2 May 2014. Retrieved 2 May 2014.
- ^ "OpenVPN affected by OpenSSL bug CVE-2014-016?". DD-WRT Forum. Archived from the original on 26 February 2017. Retrieved 26 February 2017.
- ^ "Heartbleed Bug Issue". Western Digital. 10 April 2014. Archived from the original on 19 April 2014.
- ^ Brewster, Tom (16 April 2014). "Heartbleed: 95% of detection tools 'flawed', claim researchers". The Guardian. Guardian News and Media Limited. Archived from the original on 4 March 2016. Retrieved 14 December 2016.
- ^ "Tripwire SecureScan". Tripwire – Take Control of IT Security and Regulatory Compliance with Tripwire Software. Archived from the original on 16 April 2014. Retrieved 7 October 2014.
- ^ "AppCheck – static binary scan, from Codenomicon". Archived from the original on 17 October 2014. Retrieved 7 October 2014.
- ^ "Arbor Network's Pravail Security Analytics". Archived from the original on 11 April 2014. Retrieved 7 October 2014.
- ^ "Norton Safeweb Heartbleed Check Tool". Archived from the original on 10 October 2014. Retrieved 7 October 2014.
- ^ "Heartbleed OpenSSL extension testing tool, CVE-2014-0160". Possible.lv. Archived from the original on 11 April 2014. Retrieved 11 April 2014.
- ^ "Test your server for Heartbleed (CVE-2014-0160)". Archived from the original on 11 December 2017. Retrieved 25 November 2014.
- ^ "Cyberoam Security Center". Archived from the original on 15 April 2014. Retrieved 25 November 2014.
- ^ "Critical Watch :: Heartbleed Tester :: CVE-2014-0160". Heartbleed.criticalwatch.com. Archived from the original on 14 April 2014. Retrieved 14 April 2014.
- ^ "metasploit-framework/openssl_heartbleed.rb at master". GitHub. Archived from the original on 28 June 2015. Retrieved 25 November 2014.
- ^ "OpenSSL Heartbeat Vulnerability Check (Heartbleed Checker)". Archived from the original on 24 December 2014. Retrieved 25 November 2014.
- ^ "Heartbleed Detector: Check If Your Android OS Is Vulnerable with Our App". Lookout Mobile Security. 9 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Heartbleed checker". LastPass. Archived from the original on 10 April 2014. Retrieved 11 April 2014.
- ^ "OpenSSL Heartbleed vulnerability scanner :: Online Penetration Testing Tools | Ethical Hacking Tools". Pentest-tools.com. Archived from the original on 13 April 2014. Retrieved 11 April 2014.
- ^ Stafford, Jared (14 April 2014). "heartbleed-poc.py". Red Hat, Inc. Archived from the original on 12 April 2014. Retrieved 11 April 2014.
- ^ "Qualys's SSL Labs' SSL Server Test". Archived from the original on 7 October 2014. Retrieved 7 October 2014.
- ^ "Chromebleed". Archived from the original on 18 October 2014. Retrieved 7 October 2014.
- ^ "FoxBleed". Archived from the original on 12 October 2014. Retrieved 7 October 2014.
- ^ "SSL Diagnos". SourceForge. Archived from the original on 12 October 2014. Retrieved 7 October 2014.
- ^ "CrowdStrike Heartbleed Scanner". 18 April 2014. Archived from the original on 11 October 2014. Retrieved 7 October 2014.
- ^ Lynn, Samara. "Routers, SMB Networking Equipment – Is Your Networking Device Affected by Heartbleed?". PCMag.com. Archived from the original on 24 April 2014. Retrieved 24 April 2014.
- ^ "Netcraft Site Report". Archived from the original on 17 August 2014. Retrieved 7 October 2014.
- ^ "Netcraft Extensions". Archived from the original on 11 October 2014. Retrieved 7 October 2014.
- ^ Mutton, Paul (24 June 2014). "Netcraft Releases Heartbleed Indicator For Chrome, Firefox and Opera". Netcraft. Archived from the original on 11 July 2014. Retrieved 24 June 2014.
- ^ Mann, Jeffrey (9 April 2014). "Tenable Facilitates Detection of OpenSSL Vulnerability Using Nessus and Nessus Perimeter Service". Tenable Network Security. Archived from the original on 13 April 2014. Retrieved 11 April 2014.
- ^ "Nmap 6.45 Informal Release". 12 April 2014. Archived from the original on 17 April 2014. Retrieved 23 April 2014.
- ^ "VRT: Heartbleed Memory Disclosure – Upgrade OpenSSL Now!". 8 April 2014. Archived from the original on 11 April 2014. Retrieved 11 April 2014.
- ^ "Blogs | How to Detect a Prior Heartbleed Exploit". Riverbed. 9 April 2014. Archived from the original on 19 April 2014. Retrieved 19 April 2014.
- ^ "Patched Servers Remain Vulnerable to Heartbleed OpenSSL | Hayden James". Haydenjames.io. 10 April 2014. Archived from the original on 13 April 2014. Retrieved 10 April 2014.
- ^ "Security Certificate Revocation Awareness – Specific Implementations". Gibson Research Corporation. Archived from the original on 12 May 2014. Retrieved 7 June 2014.
- ^ Kerner, Sean Michael (19 April 2014). "Heartbleed SSL Flaw's True Cost Will Take Time to Tally". eWeek. Archived from the original on 10 February 2020. Retrieved 24 April 2014.
- ^ a b c d A. Wheeler, David (29 April 2014). "How to Prevent the next Heartbleed". Archived from the original on 2 February 2017. Retrieved 30 January 2017.
- ^ Merkel, Robert (11 April 2014). "How the Heartbleed bug reveals a flaw in online security". The Conversation. Archived from the original on 17 April 2014. Retrieved 21 April 2014.
- ^ "Re: FYA: http: heartbleed.com". Gmane. Archived from the original on 11 April 2014. Retrieved 11 April 2014.
- ^ "Theo De Raadt's Small Rant On OpenSSL". Slashdot. Dice. 10 April 2014. Archived from the original on 24 April 2014. Retrieved 22 April 2014.
- ^ Kerner, Sean Michael (22 April 2014). "After Heartbleed, OpenSSL Is Forked Into LibreSSL". eWeek. TechnologyAdvice. Retrieved 19 January 2021.
- ^ Seltzer, Larry (21 April 2014). "OpenBSD forks, prunes, fixes OpenSSL". Zero Day. ZDNet. Archived from the original on 21 April 2014. Retrieved 21 April 2014.
- ^ Timson, Lia (11 April 2014). "Who is Robin Seggelmann and did his Heartbleed break the internet?". The Sydney Morning Herald. Archived from the original on 19 October 2017. Retrieved 16 April 2020.
- ^ Williams, Chris (11 April 2014). "OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts". The Register. Archived from the original on 19 September 2016. Retrieved 29 August 2017.
- ^ Smith, Gerry (10 April 2014). "How The Internet's Worst Nightmare Could Have Been Avoided". The Huffington Post. Archived from the original on 19 July 2017. Retrieved 16 April 2020.
The bug revealed this week was buried inside 10 lines of code and would have been spotted in an audit, according to Laurie, who works on the security team at Google.
- ^ a b Walsh, John (30 April 2014). "Free Can Make You Bleed". SSH Communications Security. Archived from the original on 2 December 2016. Retrieved 11 September 2016.
- ^ Pagliery, Jose (18 April 2014). "Your Internet security relies on a few volunteers". CNNMoney. Cable News Network. Archived from the original on 7 August 2020. Retrieved 3 August 2020.
- ^ a b c Perlroth, Nicole (18 April 2014). "Heartbleed Highlights a Contradiction in the Web". The New York Times. Archived from the original on 8 May 2014. Retrieved 27 February 2017.
- ^ Kaminsky, Dan (10 April 2014). "Be Still My Breaking Heart". Dan Kaminsky's Blog. Archived from the original on 14 April 2014. Retrieved 22 April 2014.
- ^ "Here's another way exposing Heartbleed made the Internet more secure". The Daily Dot. 10 April 2014. Retrieved 25 January 2022.
- ^ Chiusano, Paul (8 December 2014). "The failed economics of our software commons, and what you can about it right now". Paul Chiusano's blog. Archived from the original on 6 April 2017. Retrieved 3 November 2017.
- ^ a b "Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, VMware and The Linux Foundation Form New Initiative to Support Critical Open Source Projects". The Linux Foundation. 24 April 2014. Archived from the original on 25 April 2014. Retrieved 25 April 2014.
- ^ Paul, Ian (24 April 2014). "In Heartbleed's wake, tech titans launch fund for crucial open-source projects". PC World. Archived from the original on 25 April 2014. Retrieved 24 April 2014.
- ^ "Google Project Zero aims to keep the Heartbleed Bug from happening again". TechRadar. 15 July 2014. Archived from the original on 10 April 2017. Retrieved 9 April 2017.
- ^ Greenberg, Andy (15 July 2014). "Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers". Wired. ISSN 1059-1028. Retrieved 6 March 2019.
Bibliography
[edit]- Brock, Kevin (2019). "Toward the Rhetorical Study of Code". Rhetorical Code Studies. University of Michigan Press. pp. 9–32. ISBN 978-0-472-13127-3. JSTOR j.ctvndv9pc.8. Retrieved 19 January 2021.
- Wu, Han (May 2014). Heartbleed OpenSSL Vulnerability: a Forensic Case Study at Medical School (PDF). NJMS Advancing Research IT (Report). Rutgers University. Retrieved 19 January 2021.
- Durumeric, Zakir; Li, Frank; et al. (5 November 2014). "The Matter of Heartbleed". Proceedings of the 2014 Conference on Internet Measurement Conference. New York, NY, USA: ACM. pp. 475–488. doi:10.1145/2663716.2663755. ISBN 978-1-4503-3213-2. S2CID 142767.
External links
[edit]- Summary and Q&A about the bug by Codenomicon Ltd
- Information for Canadian organizations and individuals
- List of all security notices Archived 19 July 2018 at the Wayback Machine