[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] New SSLv3 attack: Turn off SSLv3 in your TorBrowser

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-talk] New SSLv3 attack: Turn off SSLv3 in your TorBrowser
From: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Tue, 14 Oct 2014 22:15:26 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 14 Oct 2014 22:15:40 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=LROiCUPbaefr2cdP0CgUsPDEGxy2GqTNdi8uSevogQA=; b=eqltVTBUARCy70ehwmnPNoE+GqLwrfptFXdNKG+6HxqkqcNG+NR3eXB7mMP3Yif2Sk IdwDR4mJ7JUIGut99yV6kuTWJt9Qps62RlZ2EhpE4LGaHFkdk9m+8FZQlrVzROJPYAGI J54e5nrY8c4ew03AxHDIHjYttuNdSkmOM9q2Un5lxBAioQFAx7kncX4l+YCBNRACSlt3 xQrY8SuCzbXVwuX5Z9hWHKCik2OCryySwfTAK7AF9AVUa2Hf8wjSiqKPZjt08ASc1syS uuUexgQpXJOjAuXPP16iwyg2xQrlAKC2e4P0oaV7Z/SEad3Y3XcnK+MW0SFeySYFLl78 iA1A==
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi!  It's a new month, so that means there's a new attack on TLS.

This time, the attack is that many clients, when they find a server
that doesn't support TLS, will downgrade to the ancient SSLv3.  And
SSLv3 is subject to a new padding oracle attack.

There is a readable summary of the issue at
https://www.imperialviolet.org/2014/10/14/poodle.html .

Tor itself is not affected: all released versions for a long time have
shipped with TLSv1 enabled, and we have never had a fallback mechanism
to SSLv3. Furthermore, Tor does not send the same secret encrypted in
the same way in multiple connection attempts, so even if you could
make Tor fall back to SSLv3, a padding oracle attack probably wouldn't
help very much.

TorBrowser, on the other hand, does have the same default fallback
mechanisms as Firefox.  I expect and hope the TorBrowser team will be
releasing a new version soon with SSLv3 enabled.  But in the meantime,
I think you can disable SSLv3 yourself by changing the value of the
"security.tls.version.min" preference to 1.

To do that:

1.  enter "about:config" in the URL bar.

2. Then you click "I'll be careful, I promise".

3. Then enter "security.tls.version.min" in the preference "search"
field underneath the URL bar.  (Not the search box next to the URL
bar.)

4. You should see an entry that says "security.tls.version.min" under
"Preference Name".  Double-click on it, then enter the value "1" and
click okay.

You should now see that the value of "security.tls.version.min" is set to one.


(Note that I am not a Firefox developer or a TorBrowser developer: if
you're cautious, you might want to wait until one of them says
something here before you try this workaround.)


Obviously, this isn't a convenient way to do this; if you are
uncertain of your ability to do so, waiting for an upgrade might be a
good move.  In the meantime, if you have serious security requirements
and you cannot disable SSLv3, it might be a good idea to avoid using
the Internet for a week or two while this all shakes out.

best wishes to other residents of interesting times,
-- 
Nick
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] New SSLv3 attack: Turn off SSLv3 in your TorBrowser
  - From: Matthew Finkel
- Re: [tor-talk] New SSLv3 attack: Turn off SSLv3 in your TorBrowser
  - From: Nick Mathewson

Prev by Author: Re: [tor-talk] Reasoning behind 10 minute circuit switch?
Next by Author: Re: [tor-talk] New SSLv3 attack: Turn off SSLv3 in your TorBrowser
Previous by thread: Re: [tor-talk] [msmtp-users] Proxy support patch
Next by thread: Re: [tor-talk] New SSLv3 attack: Turn off SSLv3 in your TorBrowser
Index(es):
- Author
- Thread