Time to change passwords

Today on the main Yandex, we will show all users a link to a page with our tips on the importance of monitoring your passwords and changing them regularly.

You probably know why we are doing this. CVE-2014-0160 is one of the most serious vulnerabilities found in recent years. This is not to say that it concerns only certain services and sites - the vulnerability affected almost the entire Internet. OpenSSL is one of the most common crypto libraries. According to various estimates, up to two thirds of all HTTPS connections on the Internet are organized using this library.

In this post I will tell you how we reacted to vulnerability information, what, when and why we did it.

HeartBleed has affected OpenSSL versions 1.0.1 through 1.0.1g. We started using this OpenSSL branch in December 2013, as previous versions did not support the new strong cryptographic protocols TLS 1.1 and TLS 1.2 (you can check how strong the protocols support the service, for example, here ).

We learned about the vulnerability on the night of Tuesday, April 8, as soon as information about it appeared in public sources. It took us a little time to analyze and assess the degree of criticality of the problem.

It is important to note here that in services for which a high degree of accessibility is crucial - and this is almost all Yandex services with a multimillion-dollar audience - no update can be installed “hot” or automatically. The slightest inconsistency - and a large number of users may experience difficulties in working with services.

In Yandex, as you know, a huge number of servers, and checking for the presence of vulnerabilities in them could be a big problem. Fortunately, we have long implemented security audit automation mechanisms. We talked about them in detail at the YaC 2011 conference. All that was required for us was to make an appropriate module for the system that scans our services for vulnerabilities from the publicly available PoC. Within an hour we already had a complete picture, and all the responsible system administrators were automatically notified and set to work. Testing, which must be carried out, in this case was done for the shortest possible time. By lunchtime, the largest Yandex services were updated. Our monitoring mechanism will also help to eliminate in the future the likelihood that some system will be with a problematic version of OpenSSL.

Upgrading the OpenSSL version resolved the most serious problem, the operation of which is possible in practice: theft of request and response headers to the web server. Theft of the web server’s private key is theoretically possible, but practically involves some technical difficulties. We, as well as the researchers who discovered the vulnerability, believe that theft of private SSL keys with this attack is unlikely. Although you can attach a small essay about password security in 64 kb of data from the web server’s memory, many factors must be in order for SSL keys to appear in it. However, we decided to gradually replace SSL certificates on our services. By the way, in critical Yandex services (Mail, Passport, client and partner interfaces of Yandex.Direct) we use HTTPS with PFS support. Therefore, even if we assume that in the future, for some reason, the private keys of the SSL servers will be compromised, the traffic of already completed user sessions will remain protected.

The most difficult part in this unpleasant story was to decide what to do with potentially affected users. The problem was that the exploitation of this vulnerability leaves no traces in the web server logs. Therefore, direct evidence that the problem was exploited in droves, we could not have. We decided to build on the time period that began with the publication of the vulnerability and ended with the moment the update was rolled out onto our servers. Potentially, the authentication data of millions of users could be affected. Mass razlogin and even more so forcing a password change in the absence of accurate information about the fact of users' compromise could do much more harm than good.

Fortunately, we have on hand a list of users who could theoretically suffer. And with the help of automatic detection of malicious activity within the user session, we will direct such users to razlogin and change the password.

In addition, as I already mentioned, today on the Yandex main page there will be links to the security.yandex.ru page . We believe that passwords in general should be changed regularly and the events of recent days are a good reason to remember this.