SSL/TLS hack

Is this a problem? I thought SSL was a whole lot more secure than this.

http://www.msfn.org/_/security/microsoft-ssltls-attacks-highly-improbable-but-may-r8836

Microsoft has issued a security advisory about an exploit that can decrypt SSL and TLS Web traffic. While actual attacks are considered improbable, a security patch to protect Microsoft software is likely on the way...

“While the affected component is a Windows component, the primary vector is to attack the browser’s use of the HTTPS protocol to intercept sensitive information, such as the session cookie of the HTTPS session,” Microsoft said.

The weakness was fixed in Chromium source code three months ago, but a demonstration of the attack “succeeded in cracking the SSL confidentiality model as implemented by the Mozilla Firefox browser when communicating with paypal.com web servers over https” ...

the exact software to be patched is unclear because “the vulnerability exists on the protocol level, not on the application level. As such, a patch will transcend Internet Explorer, even if IE will be the most likely target.”

The hack works roughly as follows:
Attackers insert malicious JavaScript into the page they wish to attack — due to cross site scripting rules this should actually be quite difficult in normal situations.
The JavaScript sets up some cookies with known values.

Most SSL/TLS 1.0 cyphers work by breaking the stream up into blocks, but each block is initialised based on content from the previous block. Normally this isn't an issue as you don't know the content of any specific block. The insertion of those cookies earlier allows the content of specific blocks to be guessed even without the key. Once you have those blocks you can use them to make the guesses at the key — I'm a little fuzzy on the specifics there, whether you're working on the block with the known plaintext, or using that known plaintext to work on another block, but you can bring the time needed to break the connection down to a few hours — once they do that they might be able to get either passwords, or session cookies, or both.

The difficulty lies in successfully bringing all the elements together against a specific target. In the short term at least it's unlikely they'll be any real-world hacks resulting from this. In the longer term this might finally bring a greater urgency to implementing TLS 1.1/1.2 in servers and browsers (Opera already supports both, but server support is virtually non-existent) or you might just simply see workarounds like the one mentioned for Chromium which adds random data to blocks, servers ignore this data but it defeats the hack by breaking the position of the plaintext.

SSL/TLS is still fit for purpose for now but this does serve to highlight the surprisingly slow pace of deployment for updated versions — see also the Renego issue.