NSA knew about Heartbleed
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Saw this article: http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bu... "The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said. The NSA said in response to a Bloomberg News article that it wasn?t aware of Heartbleed until the vulnerability was made public by a private security report. The agency?s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government?s top computer experts." Thanks NSA, glad you've got our backs there. If you run a relay and you have been on one of the affected versions of OpenSSL, I would urge you to STRONGLY CONSIDER your relay compromised. Delete your keys per the recommendations and let Tor generate new ones. It's better to cripple the network temporarily while we come back from this, rather than preserving the uptime with possibly compromised keys. Security matters here. Please follow the best practice recommendations. If you run a web server, rekey your SSL certificates. Basically, if you were affected, consider encryption to have been bypassed and passwords and other sensitive information compromised. We cannot afford to take chances here. If the NSA knew it, you can also bet that someone else with a good static analyzer discovered it as well, I'll let you imagine one. Good luck out there everyone, we really need to revoke our keys if we were affected. Seriously, guys. It's worth it. On a lighter note, https://xkcd.com/1354/ Stay safe. Live long and prosper. Jesse V. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQF8BAEBCgBmBQJTSImHXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMjgyMjhENjEyODQ1OTU1NzBCMjgwRkFB RDk3MzY0RkMyMEJFQzgwAAoJEK2XNk/CC+yA0nIIAKj1lOXRGcwMFd39CxjnymSN FVzrPUa/JomCJHqW/A0xSFdxbVAZIvio6C1phuWHmiiDKhsBuBGwLNzXQMGFltaw BnaTO1lLCvvSbEdmXPg12hR3YqR1d5D7Xnb0iTlSfrjZ7gGDEsXoJG3pU/V/RCFo IOEqxfZtVcI3DdrImlwcR6gPw6ip9JlTo49w8ncy6/K4cHED2liCQ13JvWjaQzSl uB06eWNsNo1IhPCKkZ7gFzharhN/4kAQrytC+ZcTmIrXdPrsd1lUaVICHWK9AEon sciDu5lI77srXWwt77YVAKw6Jrls41N3USgvKBSrxZhfBVQlCPOmoXtTHdwbhks= =pmBQ -----END PGP SIGNATURE-----
Interesting. Could this be a part of what the leaked documents were referring to as "groundbreaking capabilities" a few months back? http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html... https://www.eff.org/document/2013-09-05-guard-bullrun On Sat, Apr 12, 2014 at 3:32 AM, Jesse Victors <jvictors@jessevictors.com>wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Saw this article:
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bu...
"The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said. The NSA said in response to a Bloomberg News article that it wasn?t aware of Heartbleed until the vulnerability was made public by a private security report. The agency?s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government?s top computer experts."
Thanks NSA, glad you've got our backs there.
If you run a relay and you have been on one of the affected versions of OpenSSL, I would urge you to STRONGLY CONSIDER your relay compromised. Delete your keys per the recommendations and let Tor generate new ones. It's better to cripple the network temporarily while we come back from this, rather than preserving the uptime with possibly compromised keys. Security matters here. Please follow the best practice recommendations. If you run a web server, rekey your SSL certificates. Basically, if you were affected, consider encryption to have been bypassed and passwords and other sensitive information compromised. We cannot afford to take chances here. If the NSA knew it, you can also bet that someone else with a good static analyzer discovered it as well, I'll let you imagine one.
Good luck out there everyone, we really need to revoke our keys if we were affected. Seriously, guys. It's worth it.
On a lighter note, https://xkcd.com/1354/
Stay safe. Live long and prosper. Jesse V.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQF8BAEBCgBmBQJTSImHXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMjgyMjhENjEyODQ1OTU1NzBCMjgwRkFB RDk3MzY0RkMyMEJFQzgwAAoJEK2XNk/CC+yA0nIIAKj1lOXRGcwMFd39CxjnymSN FVzrPUa/JomCJHqW/A0xSFdxbVAZIvio6C1phuWHmiiDKhsBuBGwLNzXQMGFltaw BnaTO1lLCvvSbEdmXPg12hR3YqR1d5D7Xnb0iTlSfrjZ7gGDEsXoJG3pU/V/RCFo IOEqxfZtVcI3DdrImlwcR6gPw6ip9JlTo49w8ncy6/K4cHED2liCQ13JvWjaQzSl uB06eWNsNo1IhPCKkZ7gFzharhN/4kAQrytC+ZcTmIrXdPrsd1lUaVICHWK9AEon sciDu5lI77srXWwt77YVAKw6Jrls41N3USgvKBSrxZhfBVQlCPOmoXtTHdwbhks= =pmBQ -----END PGP SIGNATURE-----
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Paris S <papasierra88@gmail.com> wrote:
Interesting. Could this be a part of what the leaked documents were referring to as "groundbreaking capabilities" a few months back?
http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html... https://www.eff.org/document/2013-09-05-guard-bullrun
I don't know the answer to your question. However, there is a problem that has come up on this list a number of times in the last few years that has never been resolved, and that is the sporadic, sudden mobbing of relays by tens to hundreds of times as many incoming connections as those relays normally get, often for up to several hours at a time. Systems whose CPUs are not powerful enough to keep up with the heavy influx of onions to be peeled become bogged down, sometimes to the point of their kernel listen queues overflowing and X servers becoming unresponsive. AFAIK, no one has ever figured out exactly what causes these mobbing events, although I have suspected (for purely circumstantial reasons) since shortly after they began happening that they were connected somehow to hidden services. Until very recently two things in particular about these mobbing events bothered me and remained unresolved: 1) if the mobbing events are related to hidden services, are they in connection to relays being used as rendezvous nodes? Or are they instead connected to running as a hidden service directory? 2) are the mobbing events due to a bug or design error? Or are they instead some sort of intentional attack? Now I think I can both confirm the suspicing that the mobbing is indeed connected somehow to hidden services and specifically to relays running hidden services directories. Since I changed HidServDirectoryV2 1 to HidServDirectoryV2 0 some weeks ago, there has been no sign of my relay being mobbed the manner described above, whereas formerly the mobbing events were quite frequent, often beginning several times per day and sometimes beginning before an earlier mobbing event had subsided. My conclusion is that the massive (in relation to the background) rates of inbound connections are accesses to the hidden services directory part of a tor relay. Since becoming aware of Heartbleed a few days ago, I have been wondering whether the NSA or some other criminal group(s) or individual(s) might be using untraceable connections to HSDir-flagged relays to acquire lots of memory contents illegally with relay operators noticing the events main;y because of their deleterious effects on system performance. Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *or* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************
On Apr 12, 2014, at 12:34 , Scott Bennett wrote:
[...] the sporadic, sudden mobbing of relays by tens to hundreds of times as many incoming connections as those relays normally get, often for up to several hours at a time. Systems whose CPUs are not powerful enough to keep up with the heavy influx of onions to be peeled become bogged down, sometimes to the point of their kernel listen queues overflowing and X servers becoming unresponsive. [...] My conclusion is that the massive (in relation to the background) rates of inbound connections are accesses to the hidden services directory part of a tor relay. Since becoming aware of Heartbleed a few days ago, I have been wondering whether the NSA or some other criminal group(s) or individual(s) might be using untraceable connections to HSDir-flagged relays to acquire lots of memory contents illegally with relay operators noticing the events main;y because of their deleterious effects on system performance.
I run a relay on a low-powered machine and I see this happening from time to time. Sometimes multiple times per week, sometimes not for a few weeks. In my case, during those times I also have way more download traffic than upload, so I become a data sink hole. If this were a data gathering attack, I would expect the opposite: more upload than download, altho this may be (somewhat) specific to me as I have an older openssl which is supposedly unaffected. My (less sexy) theory is that this is caused by clients using bittorrent over Tor and aggressively creating and abandoning connections without properly disconnecting, causing the imbalance between download and upload traffic. I never tried disabling HSDir but will do so at some point to test whether it stops these episodes from happening. -Job
I am wondering that another effect of the heartbleed was increased TLS overhead, that I saw many times also before April-7. Unfortunately I do not store more than 7 files worth of logs: Apr 1 02:50:23 localhost Tor[394]: TLS write overhead: 7% Apr 1 08:51:35 localhost Tor[394]: TLS write overhead: 7% Apr 1 14:52:45 localhost Tor[394]: TLS write overhead: 7% Apr 1 20:53:52 localhost Tor[394]: TLS write overhead: 7% Apr 2 02:55:02 localhost Tor[394]: TLS write overhead: 7% Apr 2 08:56:08 localhost Tor[394]: TLS write overhead: 7% Apr 2 14:57:20 localhost Tor[394]: TLS write overhead: 7% Apr 2 20:58:28 localhost Tor[394]: TLS write overhead: 7% Apr 3 02:59:37 localhost Tor[394]: TLS write overhead: 7% Apr 3 09:00:44 localhost Tor[394]: TLS write overhead: 7% Apr 3 15:01:53 localhost Tor[394]: TLS write overhead: 7% Apr 3 21:03:04 localhost Tor[394]: TLS write overhead: 7% Apr 4 03:04:12 localhost Tor[394]: TLS write overhead: 7% Apr 4 09:05:22 localhost Tor[394]: TLS write overhead: 7% Apr 4 15:06:30 localhost Tor[394]: TLS write overhead: 7% Apr 4 21:07:39 localhost Tor[394]: TLS write overhead: 7% Apr 5 03:08:49 localhost Tor[394]: TLS write overhead: 7% Apr 5 09:09:58 localhost Tor[394]: TLS write overhead: 7% Apr 5 15:11:06 localhost Tor[394]: TLS write overhead: 7% Apr 5 21:12:16 localhost Tor[394]: TLS write overhead: 7% Apr 6 03:13:24 localhost Tor[394]: TLS write overhead: 7% Apr 6 09:14:33 localhost Tor[394]: TLS write overhead: 7% Apr 6 15:15:42 localhost Tor[394]: TLS write overhead: 7% Apr 6 21:16:52 localhost Tor[394]: TLS write overhead: 7% Apr 7 23:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 05:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 11:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 23:06:23 localhost Tor[58851]: TLS write overhead: 41% Apr 9 05:06:23 localhost Tor[58851]: TLS write overhead: 37% Apr 9 11:06:23 localhost Tor[58851]: TLS write overhead: 29% Apr 9 17:06:23 localhost Tor[58851]: TLS write overhead: 23% Apr 9 23:06:23 localhost Tor[58851]: TLS write overhead: 19% Apr 10 05:06:23 localhost Tor[58851]: TLS write overhead: 18% Apr 10 11:06:23 localhost Tor[58851]: TLS write overhead: 14% Apr 10 17:06:23 localhost Tor[58851]: TLS write overhead: 8% Apr 11 02:00:13 localhost Tor[65758]: TLS write overhead: 6% Apr 11 08:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 11 14:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 11 20:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 02:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 08:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 14:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 20:00:13 localhost Tor[65758]: TLS write overhead: 5% Especially as it looks to be highly increased after the release of the vulnerability. I am not sure I am on right track but it does look suspicious. -mateusz
Mateusz B?aszczyk <blahu77@gmail.com> wrote:
I am wondering that another effect of the heartbleed was increased TLS overhead, that I saw many times also before April-7. Unfortunately I do not store more than 7 files worth of logs:
Apr 1 02:50:23 localhost Tor[394]: TLS write overhead: 7% Apr 1 08:51:35 localhost Tor[394]: TLS write overhead: 7% Apr 1 14:52:45 localhost Tor[394]: TLS write overhead: 7% Apr 1 20:53:52 localhost Tor[394]: TLS write overhead: 7% Apr 2 02:55:02 localhost Tor[394]: TLS write overhead: 7% Apr 2 08:56:08 localhost Tor[394]: TLS write overhead: 7% Apr 2 14:57:20 localhost Tor[394]: TLS write overhead: 7% Apr 2 20:58:28 localhost Tor[394]: TLS write overhead: 7% Apr 3 02:59:37 localhost Tor[394]: TLS write overhead: 7% Apr 3 09:00:44 localhost Tor[394]: TLS write overhead: 7% Apr 3 15:01:53 localhost Tor[394]: TLS write overhead: 7% Apr 3 21:03:04 localhost Tor[394]: TLS write overhead: 7% Apr 4 03:04:12 localhost Tor[394]: TLS write overhead: 7% Apr 4 09:05:22 localhost Tor[394]: TLS write overhead: 7% Apr 4 15:06:30 localhost Tor[394]: TLS write overhead: 7% Apr 4 21:07:39 localhost Tor[394]: TLS write overhead: 7% Apr 5 03:08:49 localhost Tor[394]: TLS write overhead: 7% Apr 5 09:09:58 localhost Tor[394]: TLS write overhead: 7% Apr 5 15:11:06 localhost Tor[394]: TLS write overhead: 7% Apr 5 21:12:16 localhost Tor[394]: TLS write overhead: 7% Apr 6 03:13:24 localhost Tor[394]: TLS write overhead: 7% Apr 6 09:14:33 localhost Tor[394]: TLS write overhead: 7% Apr 6 15:15:42 localhost Tor[394]: TLS write overhead: 7% Apr 6 21:16:52 localhost Tor[394]: TLS write overhead: 7% Apr 7 23:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 05:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 11:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 23:06:23 localhost Tor[58851]: TLS write overhead: 41% Apr 9 05:06:23 localhost Tor[58851]: TLS write overhead: 37% Apr 9 11:06:23 localhost Tor[58851]: TLS write overhead: 29% Apr 9 17:06:23 localhost Tor[58851]: TLS write overhead: 23% Apr 9 23:06:23 localhost Tor[58851]: TLS write overhead: 19% Apr 10 05:06:23 localhost Tor[58851]: TLS write overhead: 18% Apr 10 11:06:23 localhost Tor[58851]: TLS write overhead: 14% Apr 10 17:06:23 localhost Tor[58851]: TLS write overhead: 8% Apr 11 02:00:13 localhost Tor[65758]: TLS write overhead: 6% Apr 11 08:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 11 14:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 11 20:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 02:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 08:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 14:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 20:00:13 localhost Tor[65758]: TLS write overhead: 5%
Especially as it looks to be highly increased after the release of the vulnerability.
How can you tell that? tor did not log those messages back in 2012 when the vulnerability was released.
I am not sure I am on right track but it does look suspicious.
What would interest me would be to know whether the period of increased TLS write overhead highlighted above involved hidden services directory connections. Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *or* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************
On 13 Apr 2014, at 19:45, Scott Bennett wrote:
Mateusz B?aszczyk <blahu77@gmail.com> wrote:
I am wondering that another effect of the heartbleed was increased TLS overhead, that I saw many times also before April-7. Unfortunately I do not store more than 7 files worth of logs:
Apr 1 02:50:23 localhost Tor[394]: TLS write overhead: 7% Apr 1 08:51:35 localhost Tor[394]: TLS write overhead: 7% Apr 1 14:52:45 localhost Tor[394]: TLS write overhead: 7% Apr 1 20:53:52 localhost Tor[394]: TLS write overhead: 7% Apr 2 02:55:02 localhost Tor[394]: TLS write overhead: 7% Apr 2 08:56:08 localhost Tor[394]: TLS write overhead: 7% Apr 2 14:57:20 localhost Tor[394]: TLS write overhead: 7% Apr 2 20:58:28 localhost Tor[394]: TLS write overhead: 7% Apr 3 02:59:37 localhost Tor[394]: TLS write overhead: 7% Apr 3 09:00:44 localhost Tor[394]: TLS write overhead: 7% Apr 3 15:01:53 localhost Tor[394]: TLS write overhead: 7% Apr 3 21:03:04 localhost Tor[394]: TLS write overhead: 7% Apr 4 03:04:12 localhost Tor[394]: TLS write overhead: 7% Apr 4 09:05:22 localhost Tor[394]: TLS write overhead: 7% Apr 4 15:06:30 localhost Tor[394]: TLS write overhead: 7% Apr 4 21:07:39 localhost Tor[394]: TLS write overhead: 7% Apr 5 03:08:49 localhost Tor[394]: TLS write overhead: 7% Apr 5 09:09:58 localhost Tor[394]: TLS write overhead: 7% Apr 5 15:11:06 localhost Tor[394]: TLS write overhead: 7% Apr 5 21:12:16 localhost Tor[394]: TLS write overhead: 7% Apr 6 03:13:24 localhost Tor[394]: TLS write overhead: 7% Apr 6 09:14:33 localhost Tor[394]: TLS write overhead: 7% Apr 6 15:15:42 localhost Tor[394]: TLS write overhead: 7% Apr 6 21:16:52 localhost Tor[394]: TLS write overhead: 7% Apr 7 23:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 05:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 11:43:41 localhost Tor[523]: TLS write overhead: 6% Apr 8 23:06:23 localhost Tor[58851]: TLS write overhead: 41% Apr 9 05:06:23 localhost Tor[58851]: TLS write overhead: 37% Apr 9 11:06:23 localhost Tor[58851]: TLS write overhead: 29% Apr 9 17:06:23 localhost Tor[58851]: TLS write overhead: 23% Apr 9 23:06:23 localhost Tor[58851]: TLS write overhead: 19% Apr 10 05:06:23 localhost Tor[58851]: TLS write overhead: 18% Apr 10 11:06:23 localhost Tor[58851]: TLS write overhead: 14% Apr 10 17:06:23 localhost Tor[58851]: TLS write overhead: 8% Apr 11 02:00:13 localhost Tor[65758]: TLS write overhead: 6% Apr 11 08:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 11 14:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 11 20:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 02:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 08:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 14:00:13 localhost Tor[65758]: TLS write overhead: 5% Apr 12 20:00:13 localhost Tor[65758]: TLS write overhead: 5%
Especially as it looks to be highly increased after the release of the vulnerability.
How can you tell that? tor did not log those messages back in 2012 when the vulnerability was released.
These are from April, 2014. I am running this relay from Jan, 2014 and this messages were definitively logged. I can't tell obviously if I am right, I am guessing, sharing my thoughts.
I am not sure I am on right track but it does look suspicious.
What would interest me would be to know whether the period of increased TLS write overhead highlighted above involved hidden services directory connections.
I wouldn't be able to tell, don't have logs for that. -mateusz
It was sooooooooo much previsible :) Few days ago the bug was published, few years ago it was already there, and this kind of stuff totally matches with NSA's - and other state security agencies's - full-time work. So in fact there is no more usefull precipitation since Apr 7, but there is also No Way they haven't already found our keys, for a long time already. May be after most part of the network have been updated (and most of the keys changed ?) it would be usefull to "kick out" of the network every compromised relays ? As I'm better in understanding/avoiding bad habbits, than in using hacking techniques, I'm unable to know if computers that are hosting Tor Relays could have been entirely compromised : without anymore knowledge I decided to completely reinstall them. Do you think this is usefull ? We cannot deny that this kind of "well-kept secrets" aren't usefull for the world in some conditions (I'm thinking about terrorist threats), but as for lot of similar subject, how many crap things have been done by these these "all powerful governments" by playing with such a security flaw... So I'm curious about what will happen now that we (are may be thinking that we) remove that opportunity they had in their hands. At my side, waiting for what will happen now, I have completely erased and reinstalled my servers starting from 0, new passwords... let's hope that attention I have for avoiding bad habbits on my personnal computer are enough - for me and for others Tor relays Operators ! Best regards Julien ROBIN ----- Mail original ----- De: "Jesse Victors" <jvictors@jessevictors.com> À: tor-relays@lists.torproject.org Envoyé: Samedi 12 Avril 2014 02:32:07 Objet: [tor-relays] NSA knew about Heartbleed -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Saw this article: http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bu... "The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said. The NSA said in response to a Bloomberg News article that it wasn?t aware of Heartbleed until the vulnerability was made public by a private security report. The agency?s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government?s top computer experts." Thanks NSA, glad you've got our backs there. If you run a relay and you have been on one of the affected versions of OpenSSL, I would urge you to STRONGLY CONSIDER your relay compromised. Delete your keys per the recommendations and let Tor generate new ones. It's better to cripple the network temporarily while we come back from this, rather than preserving the uptime with possibly compromised keys. Security matters here. Please follow the best practice recommendations. If you run a web server, rekey your SSL certificates. Basically, if you were affected, consider encryption to have been bypassed and passwords and other sensitive information compromised. We cannot afford to take chances here. If the NSA knew it, you can also bet that someone else with a good static analyzer discovered it as well, I'll let you imagine one. Good luck out there everyone, we really need to revoke our keys if we were affected. Seriously, guys. It's worth it. On a lighter note, https://xkcd.com/1354/ Stay safe. Live long and prosper. Jesse V. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQF8BAEBCgBmBQJTSImHXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMjgyMjhENjEyODQ1OTU1NzBCMjgwRkFB RDk3MzY0RkMyMEJFQzgwAAoJEK2XNk/CC+yA0nIIAKj1lOXRGcwMFd39CxjnymSN FVzrPUa/JomCJHqW/A0xSFdxbVAZIvio6C1phuWHmiiDKhsBuBGwLNzXQMGFltaw BnaTO1lLCvvSbEdmXPg12hR3YqR1d5D7Xnb0iTlSfrjZ7gGDEsXoJG3pU/V/RCFo IOEqxfZtVcI3DdrImlwcR6gPw6ip9JlTo49w8ncy6/K4cHED2liCQ13JvWjaQzSl uB06eWNsNo1IhPCKkZ7gFzharhN/4kAQrytC+ZcTmIrXdPrsd1lUaVICHWK9AEon sciDu5lI77srXWwt77YVAKw6Jrls41N3USgvKBSrxZhfBVQlCPOmoXtTHdwbhks= =pmBQ -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Just a thought ... what does this mean for the security of the dirauth's? Should we also consider them compromised, and rekey them, and update the default builds? On April 12, 2014 12:08:06 PM CEST, Julien ROBIN <julien.robin28@free.fr> wrote:
It was sooooooooo much previsible :)
Few days ago the bug was published, few years ago it was already there, and this kind of stuff totally matches with NSA's - and other state security agencies's - full-time work.
So in fact there is no more usefull precipitation since Apr 7, but there is also No Way they haven't already found our keys, for a long time already.
May be after most part of the network have been updated (and most of the keys changed ?) it would be usefull to "kick out" of the network every compromised relays ?
As I'm better in understanding/avoiding bad habbits, than in using hacking techniques, I'm unable to know if computers that are hosting Tor Relays could have been entirely compromised : without anymore knowledge I decided to completely reinstall them. Do you think this is usefull ?
We cannot deny that this kind of "well-kept secrets" aren't usefull for the world in some conditions (I'm thinking about terrorist threats), but as for lot of similar subject, how many crap things have been done by these these "all powerful governments" by playing with such a security flaw...
So I'm curious about what will happen now that we (are may be thinking that we) remove that opportunity they had in their hands.
At my side, waiting for what will happen now, I have completely erased and reinstalled my servers starting from 0, new passwords... let's hope that attention I have for avoiding bad habbits on my personnal computer are enough - for me and for others Tor relays Operators !
Best regards Julien ROBIN
----- Mail original ----- De: "Jesse Victors" <jvictors@jessevictors.com> À: tor-relays@lists.torproject.org Envoyé: Samedi 12 Avril 2014 02:32:07 Objet: [tor-relays] NSA knew about Heartbleed
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Saw this article: http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bu...
"The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said. The NSA said in response to a Bloomberg News article that it wasn?t aware of Heartbleed until the vulnerability was made public by a private security report. The agency?s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government?s top computer experts."
Thanks NSA, glad you've got our backs there.
If you run a relay and you have been on one of the affected versions of OpenSSL, I would urge you to STRONGLY CONSIDER your relay compromised. Delete your keys per the recommendations and let Tor generate new ones. It's better to cripple the network temporarily while we come back from this, rather than preserving the uptime with possibly compromised keys. Security matters here. Please follow the best practice recommendations. If you run a web server, rekey your SSL certificates. Basically, if you were affected, consider encryption to have been bypassed and passwords and other sensitive information compromised. We cannot afford to take chances here. If the NSA knew it, you can also bet that someone else with a good static analyzer discovered it as well, I'll let you imagine one.
Good luck out there everyone, we really need to revoke our keys if we were affected. Seriously, guys. It's worth it.
On a lighter note, https://xkcd.com/1354/
Stay safe. Live long and prosper. Jesse V.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQF8BAEBCgBmBQJTSImHXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMjgyMjhENjEyODQ1OTU1NzBCMjgwRkFB RDk3MzY0RkMyMEJFQzgwAAoJEK2XNk/CC+yA0nIIAKj1lOXRGcwMFd39CxjnymSN FVzrPUa/JomCJHqW/A0xSFdxbVAZIvio6C1phuWHmiiDKhsBuBGwLNzXQMGFltaw BnaTO1lLCvvSbEdmXPg12hR3YqR1d5D7Xnb0iTlSfrjZ7gGDEsXoJG3pU/V/RCFo IOEqxfZtVcI3DdrImlwcR6gPw6ip9JlTo49w8ncy6/K4cHED2liCQ13JvWjaQzSl uB06eWNsNo1IhPCKkZ7gFzharhN/4kAQrytC+ZcTmIrXdPrsd1lUaVICHWK9AEon sciDu5lI77srXWwt77YVAKw6Jrls41N3USgvKBSrxZhfBVQlCPOmoXtTHdwbhks= =pmBQ -----END PGP SIGNATURE-----
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Jesse Victors:
"The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said. The NSA said in response to a Bloomberg News article that it wasn?t aware of Heartbleed until the vulnerability was made public by a private security report. The agency?s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government?s top computer experts."
I'm skeptical of this report. The Office of the Director of National Intelligence responded to the story by saying: "Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before 2014 are wrong" This is believable because if it were a lie, they would risk an outright contradiction from a leak or Snowden document, which would further damage their already terrible credibility and reputation. "Two sources familiar with matter" could merely be two computer security experts who have an unsubstantiated opinion that the NSA was exploiting this beforehand. We have no idea how credible these sources are. One thing I am sure of is this generated a lot of clicks for Bloomberg. NSA rumors involving hot technology topics seems like a good way to make money for a news website. That said, if you carefully parse the statement from DNI, it seems to me to imply they were aware of the Heartbleed vulnerability in 2014. Why would they say "before 2014" instead of "before its disclosure Monday" or something? They may have known about it weeks or months in advance, and been exploiting it or patching their systems. But that is not as egregious as it would be to conceal this flaw for years. Delton
On Sat, Apr 12, 2014 at 08:45:23PM +0000, Delton Barnes wrote:
"Two sources familiar with matter" could merely be two computer security experts who have an unsubstantiated opinion that the NSA was exploiting this beforehand. We have no idea how credible these sources are.
I agree. I'm assuming that particular article is nonsense until somebody shows up with some actual details. I guess it's hot to point at NSA conspiracies these days. But doing it in this case undermines the *actual* NSA conspiracies that we should indeed be upset about. Maybe there *is* yet another NSA conspiracy here, but I don't believe in one any more after reading the article than before it.
That said, if you carefully parse the statement from DNI, it seems to me to imply they were aware of the Heartbleed vulnerability in 2014. Why would they say "before 2014" instead of "before its disclosure Monday" or something?
Careful here -- the article is selectively quoting, maybe to stir things up more. The actual phrase from the DNI denial is "before April 2014". In any case, the conclusion ("oh crap, upgrade and throw out your old keys") is still accurate. --Roger
Roger Dingledine <arma@mit.edu> wrote:
On Sat, Apr 12, 2014 at 08:45:23PM +0000, Delton Barnes wrote:
"Two sources familiar with matter" could merely be two computer security experts who have an unsubstantiated opinion that the NSA was exploiting this beforehand. We have no idea how credible these sources are.
I agree.
I'm assuming that particular article is nonsense until somebody shows up with some actual details. I guess it's hot to point at NSA conspiracies these days. But doing it in this case undermines the *actual* NSA conspiracies that we should indeed be upset about.
Roger, I'll grant you that the article remains unproven. However, any claims made by NSC or NSA spokespersons also remain not credible by default without sufficient, verifiable proof ever since both Clapper and Alexander committed the felonies of perjury under oath on high-fidelity audio and video, still available for public viewing from the C-SPAN web site AFAIK, especially given that nary a hint of either an inquiry of impeachment or a criminal investigation for either perp has been detected to date. When the members of the nobility know that they remain untouchable for crimes they commit, why should their underlings following their orders be thought to be acting any differently or with any less impunity? The starting position under such circumstances should be that if those people say anything at all that they are lying or attempting to mislead. Sufficient, verifiable proof must be provided to counter that initial presumption. In contrast, the initial presumptions regarding the journalists, while waiting for evidence, might properly be correlated with the past performance of the same journalists w.r.t. accuracy of claims made.
Maybe there *is* yet another NSA conspiracy here, but I don't believe in one any more after reading the article than before it.
That said, if you carefully parse the statement from DNI, it seems to me to imply they were aware of the Heartbleed vulnerability in 2014. Why would they say "before 2014" instead of "before its disclosure Monday" or something?
Careful here -- the article is selectively quoting, maybe to stir things up more. The actual phrase from the DNI denial is "before April 2014".
In any case, the conclusion ("oh crap, upgrade and throw out your old keys") is still accurate.
I concur completely. BTW, so far I'm seeing only a slight dip in the number of relays assigned the "Named" flag, which suggests to me that not many relay operators have changed signing keys yet. Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *or* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************
Delton Barnes:
That said, if you carefully parse the statement from DNI, it seems to me to imply they were aware of the Heartbleed vulnerability in 2014. Why would they say "before 2014" instead of "before its disclosure Monday" or something? They may have known about it weeks or months in advance, and been exploiting it or patching their systems. But that is not as egregious as it would be to conceal this flaw for years.
Another statement I see now says they were not aware of the vulnerability before "April 2014". If true (which I believe it is) they had at most about a week's foreknowledge.
Is it really so egregious? I'll let you be the judge! 1. http://www.c-span.org/video/?c4486712/sen-feinstein-accuses-cia-searching-co... 2. http://www.c-span.org/video/?c4486741/dianne-feinstein-cia-separation-powers 3. http://www.c-span.org/video/?318232-5/sen-feinstein-alleges-improper-cia-sea... ________________________________ От: Delton Barnes <delton.barnes@mail.ru> Кому: tor-relays@lists.torproject.org Отправлено: суббота, 12 апреля 2014 13:45 Тема: Re: [tor-relays] NSA knew about Heartbleed Jesse Victors:
"The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said. The NSA said in response to a Bloomberg News article that it wasn?t aware of Heartbleed until the vulnerability was made public by a private security report. The agency?s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government?s top computer experts."
I'm skeptical of this report. The Office of the Director of National Intelligence responded to the story by saying: "Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before 2014 are wrong" This is believable because if it were a lie, they would risk an outright contradiction from a leak or Snowden document, which would further damage their already terrible credibility and reputation. "Two sources familiar with matter" could merely be two computer security experts who have an unsubstantiated opinion that the NSA was exploiting this beforehand. We have no idea how credible these sources are. One thing I am sure of is this generated a lot of clicks for Bloomberg. NSA rumors involving hot technology topics seems like a good way to make money for a news website. That said, if you carefully parse the statement from DNI, it seems to me to imply they were aware of the Heartbleed vulnerability in 2014. Why would they say "before 2014" instead of "before its disclosure Monday" or something? They may have known about it weeks or months in advance, and been exploiting it or patching their systems. But that is not as egregious as it would be to conceal this flaw for years. Delton _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
participants (10)
-
Delton Barnes -
Eric Giannini -
Jesse Victors -
Jobiwan Kenobi -
Julien ROBIN -
Mateusz Błaszczyk -
Nils Vogels -
Paris S -
Roger Dingledine -
Scott Bennett