Hack Like It's 1998: Sites Still Vulnerable to Revived ROBOT Exploit
Another week, yet another security bulletin in tech news, with yet another vulnerability that joins the fray of both Intel's meltdown and Western Digital's MyCloud hacks. A team of researchers recently wrote a paper they titled "Return Of Bleichenbacher's Oracle Threat (ROBOT)". This paper went on to show how a well-known, circa 1998 exploit is still a viable way to take advantage of websites of even big name companies and services, such as Facebook and PayPal (in total, around 2.8% of the top 1 million sites also tested positive). The ROBOT exploit, a critical, 19-year-old vulnerability that allows attackers to decrypt encrypted data and sign communications using compromised sites' secret encryption key, is still valid. Only, it's 19 years later.
The heart of the issue stems from a vulnerability that was discovered in 1998 by researcher Daniel Bleichenbacher, who found the vulnerability in the TLS predecessor known as secure sockets layer. The attack is dubbed an Oracle threat because attackers can write specialized queries to which the websites and affected systems respond with "Yes" or "No"; as such, it's possible, given enough time, for attackers to build up the amount of disclosed sensitive information and get a clear picture of the protected data. To the flaw's discovery by Bleichenbacher, SSL architects apparently responded in a B-movie type of way, which nevertheless might have been needed to keep all systems green: by designing workarounds on top of workarounds, rather than removing or rewriting the faulty RSA algorithm.
The heart of the issue stems from a vulnerability that was discovered in 1998 by researcher Daniel Bleichenbacher, who found the vulnerability in the TLS predecessor known as secure sockets layer. The attack is dubbed an Oracle threat because attackers can write specialized queries to which the websites and affected systems respond with "Yes" or "No"; as such, it's possible, given enough time, for attackers to build up the amount of disclosed sensitive information and get a clear picture of the protected data. To the flaw's discovery by Bleichenbacher, SSL architects apparently responded in a B-movie type of way, which nevertheless might have been needed to keep all systems green: by designing workarounds on top of workarounds, rather than removing or rewriting the faulty RSA algorithm.