Page 1 of 2

Question about Openssl Heartbleed bug and retroshare

PostPosted: Wed Apr 09, 2014 10:42 pm
by Benni12345
Hi, recently, an extremely severe bug was found in openssl, called heartbleed bug

http://heartbleed.com/

This is a bug of the heartbeat extension and is present in recent openssl versions. It allows an attacker to get the private keys without requiring any priviledges

Retroshare uses openssl. I want to know whether it Is affected by the heartbleed bug.

Thank you for answers.

Benni

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Thu Apr 10, 2014 12:26 pm
by Distro
A couple people have tried and Retroshare seems to not be vulnerable to the attack.

Worst case (a friend or MITM attacked successfully) your GPG key should be safe, because it is only decrypted in RAM when needed (as far as Retroshare is concerned anyway…).

Edit: it’s a good idea to update openssl though. If you’re on Linux a system update should do it. If you’re on Windows you might have to replace the openssl DLL in retroshare’s directory.

Edit: it’s vulnerable.

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Thu Apr 10, 2014 1:09 pm
by Benni12345
Hi, Thank you for your reply.

What makes me sorrow is for example this article on retroshare Version 0.5.4a_5582 :
http://www.gulli.com/news/19797-anonymi ... 2012-09-24

it states that this version of retroshare got an openssl library updated to version 1.0.1c.

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable, if it is not compiled with the -DOPENSSL_NO_HEARTBEATS option.

OpenSSL 1.0.1g is NOT vulnerable, OpenSSL 1.0.0 branch is NOT vulnerable, OpenSSL 0.9.8 branch is NOT vulnerable

If you make a google search with heartbeat retroshare, you find for example: viewtopic.php?f=8&t=820 with entries like
"set heartbeat values to intermediate value"

This is for a very old retroshare version.

I am only a retroshare newbie, but what openssl version does the current retroshare use?
Wikipedia says it uses a modified version of openssl. I have not found the openssl library in the retroshare sourcecode yet. Perhaps retroshare relies on the system wide installed openssl library. But then certainly the windows installer ships with an openssl library. Does retroshare use the openssl library with the heartbeat option enabled? Does retroshare use the heartbeat option somehow?

Even if first tests say retroshare is not vulnerable, i still think that updating openssl (if it is shiped with retroshare somehow) would be a good thing to do,

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Thu Apr 10, 2014 1:54 pm
by Benni12345
If you’re on Windows you might have to replace the openssl DLL in retroshare’s directory.


I have a windows box and the newest retroshare version. I can not see a openssl dll in the folder where the retroshare application is. I just see various Qt, libgcc, mingw, miniupnpc and pthreadgc2d dlls.

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Thu Apr 10, 2014 1:56 pm
by csoler
Retroshare *is* vulnerable to the Heartbleed bug. This has been confirmed. An attacker can dump up to 64K of your process memory, and obtain all sorts of information that is normally private. Here's what should be done:

*Debian/Ubuntu*: update libssl, and restart Retroshare.
*Windows*: we'll publish a new installer/windows package tonight (Apr. 10) since ssl is statically linked
*MacOS*: make sure you're not vulnerable. Apparently MacOS uses openssl 0.9.8 which is fine, otherwise, update libssl as well.

What to do next?
* Since your private PGP key is stored encrypted in memory, it's unlikely that an attacker can obtain it. If your PGP password is not strong, that still can be a problem;
* your location keys (SSL keys) might be compromised by an attacker. Since Retroshare uses PFS, recorded conversations cannot be decrypted anyway. But it is advised to generate new locations for your Retroshare nodes.

In any case, if you're dealing with sensible information, re-generate your keys.

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Thu Apr 10, 2014 1:58 pm
by Distro
Benni12345 wrote:I have a windows box and the newest retroshare version. I can not see a openssl dll in the folder where the retroshare application is. I just see various Qt, libgcc, mingw, miniupnpc and pthreadgc2d dlls.

Ok, then you have to wait for an update of the windows build.

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Thu Apr 10, 2014 2:04 pm
by Distro
Benni12345 wrote:If you make a google search with heartbeat retroshare, you find for example: viewtopic.php?f=8&t=820 with entries like
"set heartbeat values to intermediate value"

This is another, unrelated, heartbeat.

Benni12345 wrote:Wikipedia says it uses a modified version of openssl.

I don’t think that information is up to date.

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Thu Apr 10, 2014 2:09 pm
by Benni12345
Once you have this windows build, you should perhaps make a note on the main retroshare homepage, and on the forums.

It seems that all users have at least to update retroshare, or even to generate new identities and reconnect. The users must be noticed somehow.

A chinese dissident might not live long, if he communicates with an unpatched retroshare right now.
Also, the nsa will perhaps figure out this vulnerability quickly, given that certain slides showed them having a special eye on all people using pgp anyway.

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Fri Apr 11, 2014 11:35 am
by csoler
New windows version has been uploaded and website has been updated.
File closed ;-)

Re: Question about Openssl Heartbleed bug and retroshare

PostPosted: Fri Apr 11, 2014 6:47 pm
by rotbart
What about the portable version?