My OperaHow secure is the secure web? SSL/TLS-server stats, part 2
By Audun Mathias Øygardamoygardopera. Wednesday, June 2, 2010 2:44:52 PM
It's about time for an update on the status of renego-patched servers across the Web. Our "TLS prober", as introduced a few weeks ago, has been regularly checking which secure servers support the renegotiation protocol every week since late February. We have seen a slow and steady increase over the last weeks, and, on our last run, done this week, the share of servers that were patched was just over 12%, at 12.1%. A good cause for a celebration! 
We are a bit worried that the growth is not going faster than this, though. It even seems to have slowed down a bit. If the growth continues at the same pace, or slower, this means that all servers will not be patched earlier than the end of 2011. This is far too long for a potential security hole to be in the wild, in our opinion. We currently do not have a good overview of which of the big vendors are responsible for most of the unpatched servers, but we will definitely look into this and do what we can to push for faster patching.
Something else worrying we have discovered is that the majority (around 80-90%) of the patched servers have spec-violations in how they have implemented the renegotiation patch (or rather, the renegotiation extension).
Yngve has more details on the issue in a new article, and we are contacting those vendors that we have clearly identified as having implemented non-compliant patches.
We're also looking into some of the other specs of the servers we test. One of the things we have been interested in is the cipher suite using MD5 (128 bit ARC4-RSA/MD5). Since this cipher suite is expected to become significantly weaker soon, as mentioned earlier, we want to disable it soon. We have even been contacted by users who are wondering why we still support this cipher suite. First though, as with the renegotiation issue, we have to know how many servers this will affect i.e., how many servers support only this cipher suite. According to our "TLS prober", around 1% of servers accept only this cipher suite. This is a sizable portion of servers, and even includes at least some important online payment services (!), so we will have to wait a bit longer before we disable this cipher suite.
Do you have any ideas on how to make server owners patch their servers faster? Let us know in the comments!
We are a bit worried that the growth is not going faster than this, though. It even seems to have slowed down a bit. If the growth continues at the same pace, or slower, this means that all servers will not be patched earlier than the end of 2011. This is far too long for a potential security hole to be in the wild, in our opinion. We currently do not have a good overview of which of the big vendors are responsible for most of the unpatched servers, but we will definitely look into this and do what we can to push for faster patching.
Something else worrying we have discovered is that the majority (around 80-90%) of the patched servers have spec-violations in how they have implemented the renegotiation patch (or rather, the renegotiation extension).
Yngve has more details on the issue in a new article, and we are contacting those vendors that we have clearly identified as having implemented non-compliant patches.
We're also looking into some of the other specs of the servers we test. One of the things we have been interested in is the cipher suite using MD5 (128 bit ARC4-RSA/MD5). Since this cipher suite is expected to become significantly weaker soon, as mentioned earlier, we want to disable it soon. We have even been contacted by users who are wondering why we still support this cipher suite. First though, as with the renegotiation issue, we have to know how many servers this will affect i.e., how many servers support only this cipher suite. According to our "TLS prober", around 1% of servers accept only this cipher suite. This is a sizable portion of servers, and even includes at least some important online payment services (!), so we will have to wait a bit longer before we disable this cipher suite.
Do you have any ideas on how to make server owners patch their servers faster? Let us know in the comments!
You must be 
setsutekh # Wednesday, June 2, 2010 4:04:16 PM
Yngve Nysæter Pettersenyngve # Wednesday, June 2, 2010 4:08:59 PM
Charles SchlossChas4 # Wednesday, June 2, 2010 6:00:45 PM
There is the issue of threat in most countries data loss is supposed to be stopped by the company, and having bad security could cause a credit card sniffing (steal the # and stuff) so who would want to be the site blamed for not being able to keep the site safe from sniffer and hackers?
The TJMax thing was big as the security for the card terminals was not secure and that lead to a couple GB of credit card data being sniffed right over the air, so I don't think they want to be blamed for failing to protect their users sensitive data, on a spec-violation.
leomajko # Wednesday, June 2, 2010 6:41:50 PM
Cutting Spoonhellspork # Wednesday, June 2, 2010 7:17:24 PM
Nelson BMisterSSL # Wednesday, June 2, 2010 10:23:37 PM
Turn up the heat in steps.
1. Put an image like this in the status bar while viewing their site. Let it be a link to some page that explains how they (the site admins) can fix their servers to eliminate this.
http://madsenworld.dk/anigif/bars/rfirewal.gif
2. When they ignore that, superimpose an image like this over their site while viewing it.
http://images2.layoutsparks.com/1/146686/my-nightmare-burning-fire.gif
3. Get the other browsers to do likewise.
Artur „Jurgi” JurgawkaJurgi # Thursday, June 3, 2010 8:59:55 AM
Cutting Spoonhellspork # Friday, June 4, 2010 6:05:42 PM
Thomas PikeXiven # Monday, June 7, 2010 2:42:58 PM
Convincing the Debian and Ubuntu teams of the importance of patching this properly (rather than the half-patch they have done for the current stable releases) would be a very big step. Currently there is no stable Debian or Ubuntu release using a new enough version of openssl, making it extremely difficult for server admins to upgrade even if they should want to.
Cutting Spoonhellspork # Monday, June 7, 2010 4:47:24 PM
For some banking sites, they probably use deprecated software that cannot be made to support newer security. After all it is cheaper than rewriting the program for a newer platform, and perhaps they'll reconsider if something bad happens.
Developed nations should set an adoption requirement for security; banks that can't keep up would be punished.
Charles SchlossChas4 # Monday, June 7, 2010 8:37:46 PM
Originally posted by hellspork:
Yep it is true I saw a banking site that gave me when I used Opera 10 saying the it is not greater than version 4 (this was about 3 months ago)
Cutting Spoonhellspork # Tuesday, June 8, 2010 4:58:42 PM
Charles SchlossChas4 # Wednesday, August 11, 2010 4:50:48 AM
Microsoft Security Advisory (977377)
http://www.microsoft.com/technet/security/advisory/977377.mspx
Yngve Nysæter Pettersenyngve # Wednesday, August 11, 2010 9:45:48 AM
And it will be interesting to see what happens to the patch rate the next few weeks.
Cutting Spoonhellspork # Wednesday, August 11, 2010 10:32:39 PM