What is Heartbleed?

This MacMedics Blog post was written by Brent Amersbach a MacMedics Engineer from our Baltimore office:
Update 4-15-14: Worried about Heartbleed? Here’s a master list of what passwords need changing and what is safe. Click here for the current list.
Update 4-11-14: Need help figuring out how Heartbleed works? Check out this easy to understand cartoon that explains it quite well. http://xkcd.com/1354/
There’s a lot of fuss about the Heartbleed vulnerability today. People are freaking out, and I think it’s important we understand what exactly it is and what it means.
Background: The IP protocol uses two types of transport protocols to move data: TCP and UDP. TCP provides a persistent connection that maintains state, and assures all packets ultimately reach their destination (retransmitting if necessary). UDP just fires packets off and hopes they get where they need to go. It’s used for quick exchanges (like a DNS lookup), or for realtime communications where a retransmitted late packet is useless (like VOIP or streaming video). When you layer SSL/TLS security on top, TCP has a clear way to terminate the connection via a RST (reset) or FIN (finish) packet. UDP does not, and so it was recognized that if we wanted to secure UDP we needed a way to tell the endpoints when it was OK to deallocate resources and “close” the connection. This was accomplished through the implementation of a “heartbeat” in the UDP version of TLS (DTLS).
The Exploit: OpenSSL is a library used to add SSL/TLS support to web servers and other Internet services. As of versions 1.0.1 and 1.0.2 beta, there is a flaw that can cause the server to transmit a random 64k chunk of its memory as part of the heartbeat. This can be used to try and find private keys, passwords, or other private info currently stored in RAM. This vulnerability was introduced two years ago when the heartbeat was added to OpenSSL, and has been out there this whole time. It is not a flaw in SSL/TLS itself, nor does it affect any other SSL/TLS implementation (such as Microsoft IIS). Older versions of OpenSSL are also not vulnerable. The flaw is fixed in OpenSSL 1.0.1g
What it can do: The most worrying thing that could leak is the private key for the server’s SSL/TLS certificate. This certificate is used by your browser to verify the website’s identity. An attacker who obtained the certificate’s private key would be able to clone the certificate and use it to impersonate that site in a later man in the middle or phishing attack. It’s also possible that user passwords could be captured should they currently be in memory and the attacker happens to get that particular 64k chunk. Harvesting passwords would be a much more time consuming process, and the attacker would have to catch your password while you’re in the process of logging in.
What you need to do: Most likely, end users do not need to do anything. You may want to avoid using vulnerable websites for the next couple days until it settles down, but since it’s difficult to know what sites are affected, that essentially means not using the Internet. That isn’t really practical for most of us. The responsibility for this is on any website administrator using OpenSSL to get themselves updated. In order for you to be affected by a compromised certificate, you would need to be the victim of somebody interfering with your Internet connection. This would be either by inserting themselves between you and the Internet, or by changing the DNS servers your computer uses to find websites on the Internet. Standard good practices apply. Do no click links in email even if they seem to be coming from valid senders, do not install software you did not specifically go looking for (as in from ads and popups), and be wary of using secure websites when you’re on public WiFi hotspots. Generally the targets of these attacks will be sites an attacker would want to impersonate (like banks or major online retailers). Small private web and email servers are less likely to be a target, but if you are administering such a server it wouldn’t be a bad idea to keep an eye on server logs for any suspicious activity in case one of your users’ password was captured.
Major websites are already in the process of patching the problem (if they had it to begin with), and have been since Monday. While the exploit is bad, it is not something it does the average Internet user much good to be concerned about. Administrators of smaller web and email servers should be moderately concerned, but are likely not the target. Administrators of major websites whose certificates and user passwords are desirable to hackers know who they are and are already fixing the problem.
References:
Security Now episode 450 (Discussion of Heartbleed starts at about 44:15): http://twit.tv/show/security-now/450
Ars Technica: http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/