[tor-talk] New SSLv3 attack: Turn off SSLv3 in your TorBrowser

isis isis at torproject.org
Wed Oct 15 14:37:32 UTC 2014 

Matthew Finkel transcribed 2.7K bytes:
> On Tue, Oct 14, 2014 at 10:15:26PM -0400, Nick Mathewson wrote:
> > TorBrowser, on the other hand, does have the same default fallback
> > mechanisms as Firefox.  I expect and hope the TorBrowser team will be
> > releasing a new version soon with SSLv3 enabled.  But in the meantime,
> > I think you can disable SSLv3 yourself by changing the value of the
> > "security.tls.version.min" preference to 1.

I agree that adding `security.tls.version.min = 1` is the best fix until a
safe downgrading protocol like TLS_FALLBACK_SCSV is available. Someone
somewhere (I think Mike Perry quoting AGL) mentioned today that we'd only be
breaking 0.3% of the internet if we do this.

> > Obviously, this isn't a convenient way to do this; if you are
> > uncertain of your ability to do so, waiting for an upgrade might be a
> > good move.  In the meantime, if you have serious security requirements
> > and you cannot disable SSLv3, it might be a good idea to avoid using
> > the Internet for a week or two while this all shakes out.

GeKo said they are rebuilding now, so updates should be online within a couple
hours.

> For what it's worth, the extension[0] should work with the new Tor
> Browser 4.0, but this is untested.

The only thing that Addon does is:

    const gTLSVersionPrefName = "security.tls.version.min";
    const gTLSVersionPrefValue = 1;

    const { PrefsTarget } = require("sdk/preferences/event-target");
    const gPrefService = require("sdk/preferences/service");
    const gSimplePrefs = require("sdk/simple-prefs");

    let gPrefsTarget = PrefsTarget();

    function syncMinimumVersion() {
      var configuredMin = gSimplePrefs.prefs[gTLSVersionPrefName];
      gPrefService.set(gTLSVersionPrefName, configuredMin);
    }

which is what Nick's suggestion to manually set `security.tls.version.min = 1`
does. So, luckily, no one reading this should need to install any crazy
extensions. :)

> (and yes, they spelled it "cypher").

:D

> I'm also curious what Mike, Georg, and the other TB Devs think. It
> looks we need to wait until November when SSL will be disabled in
> mainline Firefox[1].

We could try to fix it ourselves now, since NSS 3.17.1 added
TLS_FALLBACK_SCSV, [0] but this is likely development effort that we could
better place elsewhere since Mozilla is already prioritising the issue.

[0]: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.1_release_notes

-- 
 ♥Ⓐ isis agora lovecruft
_________________________________________________________
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20141015/dffb57d0/attachment.sig>

More information about the tor-talk mailing list