Author

Topic: Electrum and openssl hearbeat bug (Read 2032 times)

legendary
Activity: 3710
Merit: 1586
April 12, 2014, 09:34:51 PM
#11

That's because you've upgraded the system-wide lib only. Python comes with its own openssl lib and must be upgraded separately.

Python uses the OS libs. And Thomas is right about the version number not being a good indicator. I get 1.01e on opensuse too even though its been updated with the fix.

Code:
openssl version -a
OpenSSL 1.0.1e 11 Feb 2013
built on: 2014-04-08 05:21:46.000000000 +0000

The built line seems more indicative
full member
Activity: 209
Merit: 148
April 12, 2014, 12:41:27 PM
#10
Code:
>>> import ssl
>>> ssl.OPENSSL_VERSION

This will tell you which version you're using. (just in case someone didn't know)

This is not reliable. On Ubuntu it will show 'OpenSSL 1.0.1e 11 Feb 2013' even after the security upgrade.

That's because you've upgraded the system-wide lib only. Python comes with its own openssl lib and must be upgraded separately.
sr. member
Activity: 475
Merit: 252
April 12, 2014, 12:20:32 PM
#9
Code:
>>> import ssl
>>> ssl.OPENSSL_VERSION

This will tell you which version you're using. (just in case someone didn't know)

This is not reliable. On Ubuntu it will show 'OpenSSL 1.0.1e 11 Feb 2013' even after the security upgrade.
Thanks for the heads up!
legendary
Activity: 1896
Merit: 1353
April 12, 2014, 10:02:54 AM
#8
Code:
>>> import ssl
>>> ssl.OPENSSL_VERSION

This will tell you which version you're using. (just in case someone didn't know)

This is not reliable. On Ubuntu it will show 'OpenSSL 1.0.1e 11 Feb 2013' even after the security upgrade.
sr. member
Activity: 475
Merit: 252
April 09, 2014, 12:54:34 PM
#7
The main danger is that of a rogue Electrum server trying to read information (private keys) from the memory of its its client.
Such an attack is possible if the client uses a vulnerable version of openSSL, and uses a weak or no password to encrypt his seed.

The binaries of Electrum that are distributed on electrum.org were built using openSSL 0.9.8.
This version of openSSL is not affected by the heartbleed bug, so you should be safe if you are using a binary.

If you run Electrum from python source, it will use the version of openSSL that is installed your system.
Therefore you should check which version of openssl is installed on your system, and upgrade if you are using 1.0.1.
If, for any reason, you cannot upgrade openSSL on your system, I guess it is better to select TCP instead of SSL in your Network settings.

I would like to add anyone running python source can check their version by opening the python console and typing the following.

Code:
>>> import ssl
>>> ssl.OPENSSL_VERSION

This will tell you which version you're using. (just in case someone didn't know)
legendary
Activity: 1896
Merit: 1353
April 09, 2014, 11:44:11 AM
#6
The main danger is that of a rogue Electrum server trying to read information (private keys) from the memory of its its client.
Such an attack is possible if the client uses a vulnerable version of openSSL, and uses a weak or no password to encrypt his seed.

The binaries of Electrum that are distributed on electrum.org were built using openSSL 0.9.8.
This version of openSSL is not affected by the heartbleed bug, so you should be safe if you are using a binary.

If you run Electrum from python source, it will use the version of openSSL that is installed your system.
Therefore you should check which version of openssl is installed on your system, and upgrade if you are using 1.0.1.
If, for any reason, you cannot upgrade openSSL on your system, I guess it is better to select TCP instead of SSL in your Network settings.

hero member
Activity: 672
Merit: 500
April 08, 2014, 04:51:27 PM
#5
I was just wondering what I should do... is my Electrum compromised if I connect to a malicious server? Then I followed OP's link and found I don't need to do much Cheesy

Quote
What should I be doing as a user?

If you're on Linux, update to the latest openssl libraries (ensure that the package was updated today and covers CVE-2014-0160). Ubuntu and Debian already have packages out to fix this.

If you're on OSX, the latest openssl available there is 0.9.8, which is not vulnerable. You don't need to update anything (unless you installed a vulnerable version manually, in which case you should update)

If you're on Windows, it doesn't come with openssl. If you installed it yourself (through cygwin, for example), you should check what version it is and try to update it if is a vulnerable version.
If you did have a vulnerable version of openssl installed, you should restart all of your computer applications after you update it to ensure they start using the new library.

http://www.reddit.com/r/technology/comments/22h163/critical_crypto_bug_in_openssl_opens_twothirds_of/
legendary
Activity: 1666
Merit: 1000
April 08, 2014, 04:25:01 PM
#4
As many of the servers are now patched with a new version of OpenSSL users may find they are unable to connect to the server (assuming the server name is unchanged).

You can delete the files in your ../certs directory and then reconnect as usual.

The client (I assume) is trying to protect you from connecting to a server with a conflicting certificate -- which is a good thing.

Since many new certs were just made it is probably worth removing all existing certs and starting fresh (or at a minimum deleting the old cert for your favorite server).
legendary
Activity: 3710
Merit: 1586
April 08, 2014, 03:47:03 PM
#3
The client does not communicate such data, and only data from the server can leak. Since the server does not know anything about seeds or private keys you don't have to worry about the latter.

Are you sure client memory can't leak to the server? There is this comment on reddit:

Quote
One of the factors of this bug is that vulnerable client applications may leak their memory to servers. As such, an evil server could potentially act as a honeypot, get you to connect via SSL, and then view a 64k window of memory from your client application.

http://www.reddit.com/r/technology/comments/22h163/critical_crypto_bug_in_openssl_opens_twothirds_of/cgn0ayf

hero member
Activity: 938
Merit: 1000
April 08, 2014, 03:42:17 PM
#2
The client does not communicate such data, and only data from the server can leak. Since the server does not know anything about seeds or private keys you don't have to worry about the latter.
legendary
Activity: 3710
Merit: 1586
April 08, 2014, 03:40:19 PM
#1
So I imagine some of you have already heard about this new bug in openssl that allows you to extract the server's private key remotely:

http://www.reddit.com/r/technology/comments/22h163/critical_crypto_bug_in_openssl_opens_twothirds_of/

I imagine this affects quite a few electrum servers. Their SSL private keys may be compromised and anyone can impersonate them. That is a problem but not a big one because no one expects to trust these servers anyway.

But I understand this bug also allows a malicious server to read the client's memory. By default when you run electrum you connect to a random server via SSL. If you are using Linux on your desktop, running a vulnerable version of openSSL and connecting to a malicious Electrum server could this exploit be used to read your electrum seed or addresses' private keys?
Jump to: