Most Internet communications security is provided by the SSL/TLS series of protocols. There is an enormous problem with early versions of SSL/TLS. We have known about this problem since 2002, and a solution has been available since 2006. Sadly, we still need to worry about this. Here is a brief timeline:
In 2002, Phillip Rogaway discovered a theoretical attack against SSL v3.0 and TLS v1.0. This was considered just theoretical, an attack seemed unfeasible. All the same, people started looking into a fix. TLS v1.1, available since 2006, protects against those attacks.
Thai Duong and Juliano Rizzo described a Java applet named BEAST, for Browser Exploit Against SSL/TLS in September 2011. The theoretical attack against SSL v3.0 and TLS v1.0 became practical.
This sounds like nothing but historical detail. You have patched your systems since 2006, so you should be safe. Right?
Developers of web servers (e.g., Apache and IIS) and web clients (e.g., Firefox and Explorer) have not moved beyond TLS v1.0!
It’s circular finger-pointing. Web server developers saw no need to support TLS v1.1 and later because browsers didn’t support those protocols. And the web browser developers? They saw no need because the servers didn’t support them!
A 2011 automated survey of 298,604 of the most popular HTTPS servers on the Internet found that only 69 of them supported TLS 1.2 and only 916 supported TLS 1.1. For 292,366 of these servers (that’s 99.7%), the vulnerable TLS 1.0 was the best protocol available. 5,205 of them only supported SSL 3.0, while a sorry 110 of them only supported SSL 2.0, a protocol that browsers released after 2005-2006 won’t even attempt! The survey is described here and can be downloaded here.
There are some workarounds and some mitigation that can be put into place on servers and clients, whether they are in the cloud or not. We show you what these are in Learning Tree’s course, Cloud Security Essentials.
What do you think? Share your feedback!