[OTR-users] OTR and OpenSSL Heartbleed vulnerability?
Bernard Tyers - ei8fdb
ei8fdb at ei8fdb.org
Wed Apr 16 17:28:44 EDT 2014
Hi Daniel,
On 16 Apr 2014, at 22:14, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On 04/16/2014 04:32 PM, Bernard Tyers - ei8fdb wrote:
>
>> Can you explain when where an IM client would use openssl in terms of OTR? I think I am misunderstanding the your comment.
>>
>> I’d like to know how IM clients (if any) could be affected, in terms of OTR, or file transfers, etc..
>
>
> I use IRSSI as an XMPP and IRC client. it uses openssl to connect to
> those IRC and XMPP servers that use TLS. It also has an OTR plugin,
> which uses gcrypt for the crypto. The plugin is a shared object, which
> means it loads and runs code in the main IRSSI process.
>
> If the client's connection to an IRC or XMPP server fails, it tries to
> reconnect automatically.
Thanks for the explanation.
> here's what an attacker in control of the network would do to get my OTR
> key:
>
> * send a TCP RST to cause an existing IRC or XMPP connection to fail
>
> * when the client tries to reconnect, it tries to make a TLS handshake
> with the remote server; the attacker handles this connection
>
> * during the TLS handshake phase, the client is vulnerable to the
> server, which may itself send heartbeat messages, including malicious
> ones. this can happen even before the server is authenticated.
>
> * the attacker delays completion of the TLS handshake, but instead
> sends malicious heartbeat messages.
>
> * IRSSI spits out chunks of memory to the attacker
Presumably, other IM clients who use TLS to connect to service <servername here> would be equally as vulnerable, right?
In which case, OTR *in isolation* is secure, however it could be compromised via the vulnerable service. Correct?
So, from that, how can I as an irssi XMPP/IRC service user protect myself against the heartbleed vuln? The services I use still need to patch if they are vulnerable to it, right?
> * this memory may include my OTR secret keys.
Would the OTR secret keys be identifiable as such, or would it be “something that looked like a secret key”?
> hth,
Yes it does, thanks.
Bernard
--------------------------------------
Bernard / bluboxthief / ei8fdb
If you’d like to get in touch, please do: http://me.ei8fdb.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20140416/de37a7a7/attachment.pgp>
More information about the OTR-users
mailing list