Thursday, June 5, 2014

Within the Heartbleed Bug

Only a few months ago, the Hearbleed OpenSSL bug was discovered.


heartbleed-openssl-bug

We are still learning about the countless encrypted transactions that left your accounts vulnerable to theft.
When computers talk to each other, it is called a heartbeat.  Because of a coding mistake, the Heartbleed bug was born.

Lets say there is a banking transaction:  The client (you) sends its heartbeat to the server (your bank) and the server hands it back to you.  So if something goes wrong with the transaction, the other party will know because the heartbeats get out of sync.

It’s like a cassette tape breaking because one of the spindles stopped working correctly.

How it happened

The actual breach happened all because of the following code:
memcpy(bp, pl, payload);
To explain, the memcpy is a command that copies data, and it requires three pieces of information to do so. 
The first set of information is the destination of where the data needs to be copied.  The second is the exact location of the data that needs to be copied.  The third set is the amount of data the computer is going to find when it goes to make the copy.

OpenSSL Heartbleed

The bp is a place on the server computer, pl is where the actual data the client sent as a heartbeat is, and payload is the number that says how big pl is.

The bp, which is where the data is going to be copied, is full of the data sitting in the part of the computer before.  Although, the computer treats it as if it were empty because the data has been marked for deletion.

When memcpy takes the data from pl and puts it in bp, it covers up all the old data in bp.

Everything that used to be in bp is destroyed and filled up with the pl data.

If payload says that pl is 64 KB but it only has 0 KB,  memcpy creates a 64 KB sized open space at bp that’s full of garbage data.  None of the bp old data gets overwritten because there’s nothing to replace it since pl is actually empty.

Meaning whatever old data was sitting in bp prior to the heartbeat gets passed back to the client.  Sometimes the data is irrelevant and sometimes its your banking password.

The Heartbleed bug has been fixed but the vulnerability has existed for a decade.  Who knows how much data was exploited.

Do you have maximum protection on your PC?  Is your antivirus out-of-date?  Let us help you protect yourself from the many vulnerabilities that live on the net.  [P] 619-325-0990

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Aguilar, Mario
Internet Vulnerability Left Encrypted Data Exposed For 10 Years – GIZMODO
http://gizmodo.com/internet-vulnerability-left-encrypted-data-exposed…
Published: June 5, 2014

Limer, Eric
How Heartbleed Works: The Code Behind the Internet’s Security Nightmare – GIZMODO
http://gizmodo.com/how-heartbleed-works-the-code-behind-the-internets-se…

No comments:

Post a Comment