Late on a Friday afternoon in the middle of February Apple quietly issued a fix for a critical certificate validation bug in iOS that essentially could have given an attacker the ability to spy on supposedly secure communications.
As critical as the bug was and as inconspicuous as a late Friday patch announcement is, this is standard fare for Apple. The Cupertino, California-based computer giant is well known for operating behind a legendary veil of secrecy.
However, heads turned and interests were piqued the following day when it emerged that the bug not only affected Apple’s mobile iOS operating system but its traditional OSX operating system as well. The plot thickened further last week when it became apparent that an eerily similar bug affected GnuTLS, a free and open-source piece of software used to implement encryption in various Linux distributions and other platforms.
As more people looked at the bugs (particularly the Apple ones), more news outlets and researchers published suggestions of subterfuge. Bruce Schneier, one of the world’s premiere cryptography and security experts, described the vulnerability as follows:
“The flaw is subtle, and hard to spot while scanning the code. It’s easy to imagine how this could have happened by error. And it would have been trivially easy for one person to add the vulnerability.
“Was this done on purpose? I have no idea. But if I wanted to do something like this on purpose, this is exactly how I would do it.”
Others researchers were more direct, challenging that the coding errors that led to the Apple bug – dubbed “goto fail” – would be nearly impossible to commit and even more difficult to miss in the coding review process. Of course, given the current climate and the utility of the ‘goto fail’ vulnerability, many have speculated the both the Apple and the GnuTLS bugs would be very valuable to anyone in the business of spying.
While no doubt coincidental and similar in effect, the bugs came to exist in quite different ways. Another crypto expert, Matthew Green of Johns Hopkins University, examined the GnuTLS bug and believes it was an honest – albeit dumb – coding mistake.
All conspiracies aside, this crypto validation failure in GnuTLS means that all Red Hat desktop and server products as well as all Debian and Ubuntu (Linux) installations contain a bug that could be exploited to monitor communications taking place on those machines. This bug impacts affected systems from the bottom to the top. Not only would your secure web-browsing sessions (as indicated by ‘HTTPS’) be affected, but so too would your applications, downloads, and really any other supposedly encrypted communications that use GnuTLS for implementation.
To be clear, an attacker would need to be on a local network with his or her target in order to exploit any of these bugs. However, under the appropriate circumstances, the bugs could enable an attacker to perform a man-in-the-middle attack, where the victim believes he or she is communicating with a trusted online service provider but is in fact sending data packets along to an attacker on the network. Both bugs provide a great way to steal login credentials and surveil local-network communications.
“This really is as bad as it gets,” said Kenneth White, a security expert and principal scientist at Social & Scientific Systems in North Carolina. “An attacker can trivially forge any arbitrary domain and make it appear authoritative and trusted to the requestor. So, not only interception of sensitive channels, but [also] potentially subverting the trusted package signature process as well.”
In other words, it’s possible to spoof the sorts of certificate trust information that lets a user know who developed the software or application that users is getting ready to download.
If you run a Linux machine, then you’re probably vulnerable. We recommend installing the most recent update to your Linux distribution as soon as possible. If you don’t run one of the many Linux operating systems available, that doesn’t necessarily mean you’re safe. GnuTLS is a widely deployed, open-source software package running on an unknown number of systems. The moral of the story here, as always: install patches early and often.