Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 26 Nov 2014 21:01:09 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: Re: Apple goto fail - lessons that should be learned

On Wed, 26 Nov 2014 12:34:15 -0500 (EST)
"David A. Wheeler" <dwheeler@...eeler.com> wrote:

> I've previously done this exercise with:
> * Heartbleed: http://www.dwheeler.com/essays/heartbleed.html
> * Shellshock: http://www.dwheeler.com/essays/shellshock.html
> * POODLE: http://www.dwheeler.com/essays/poodle-sslv3.html

I've written something similar on POODLE (and BERserk), not sure if I
posted this here before:
https://blog.hboeck.de/archives/858-Dancing-protocols,-POODLEs-and-other-tales-from-TLS.html

Not surprisingly I come to somewhat similar conclusions (protocol
downgrade protection, encrypt-then-mac etc.)
BERserk has somewhat similar problems, e.g. it's basically also a "we
don't deprecate weak/old crypto" (PKCS #1 1.5 and RSA with e=3).

But the most important conclusion from POODLE is imho: Be very careful
with implementing workarounds for broken hard/software - and don't do
them if they compromise security.


-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: BBB51E42

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.