Researcher busts into Twitter via SSL reneg hole

A Turkish grad student has devised a serious, real-world attack on Twitter that targeted a recently discovered vulnerability in the secure sockets layer protocol. The exploit by Anil Kurmus is significant because it successfully targeted the so-called SSL renegotiation bug to steal Twitter login credentials that passed through …

This topic is closed for new posts.

Posted Saturday 14th November 2009 15:38 GMT

Anonymous Coward

Fixes...

At present "fixes" can only disable renegotiation by brute force. This can cause major problems with some websites but is the best that can be done for the moment. A standard which fully addresses this issue is still at the draft stage and being discussed. Unreleased (but publicly available) versions of OpenSSL implement the current draft standard.

Posted Monday 16th November 2009 02:16 GMT

Anonymous Coward

This is Why I Now Always Use Server-Based Sessions

1 Login, then a constantly-changing SESSION_ID.

Makes hacking a wee bit more difficult, although hackers are smart. I have no illusions that they will never be able to crack these (especially if I write stupid server code).

Posted Monday 16th November 2009 10:52 GMT

Mat

remind me

What is halfway between twat and shitter?

Posted Monday 16th November 2009 13:38 GMT

David Hicks

Why does twitter renegotiate?

I really thought that re-negotiation was a rare phenomenon, and that this attack was hard to pull off without some way to force a renegotiation to occur, or a site that specifically uses it for either client certificate authentication (unusual) or multiple different crypto levels for different parts of a site (totally unnecessary).

Hmmm.

Posted Monday 16th November 2009 16:46 GMT

Paul Simmonds