What you need to know about Apple’s SSL bug

Update: Apple has released 10.9.2, which patches the SSL vulnerability discussed in this article.

News of a serious vulnerability within Apple’s implementation of a key encryption technology has been making the rounds this weekend. Read on to find out more about what the flaw is, and how it affects you.

Okay, so how did we find out about this?

On Friday, Apple issued what seemed at first to be a run-of-the-mill security update. According to the update’s initial documentation, the patch was supposed to “provide a fix for SSL connection verification.” But when Apple posted the patch’s security information to its website, the company revealed that the fix was for something quite serious: Without the patch, “an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS.” That was hardly run-of-the-mill.

What is SSL/TLS? What does it do?

SSL (Secure Sockets Layer) and Transport Layer Security are a pair of networking technologies that establish an encrypted link between your computer and servers. Though most often seen in your web browser (that’s what that little padlock icon signifies), SSL/TLS is also used in other places, such as connections with mail clients, calendar servers, and chat servers—basically, any time you want to securely exchange information over the Internet. Together, the technologies not only encrypt communications between clients and servers, but also ensure that the server you’re accessing is who it purports to be (preventing things like phishing and man-in-the-middle attacks).

What exactly happened?

An error in the code—nobody is sure exactly how it got there—caused the entire system to fail in what is called the “signature verification” part of the process. Or, in other words, though the system can correctly prove that a security certificate is in fact cryptographically correct, it can’t authenticate who signed said certificate. Imagine receiving a message from a friend—or an institution—that looks correct in every way, but is ultimately forged, and you’ll have a basic idea of the problem here.

For a more technical explanation, check out these write ups by Adam Langley, a Google software engineer who works on HTTPS and Chrome, and security researcher Ashkan Soltani.

What systems are affected?

Apple’s issued patches for iOS 7, iOS 6, and the Apple TV, but as yet no update has been released for OS X. Some reports suggest that the issue does not exist in versions of OS X prior to OS X 10.9 Mavericks or iOS prior to iOS 6.

So does this just affect Safari?

These days, SSL/TLS is the encryption solution of choice for network connections, and since the error is in Apple’s implementation of the system, pretty much any software on the Mac or iOS relies on this central library. That includes Apple apps like Mail, Messages, Calendar, FaceTime, connections to the Mac App Store and App Store, and even third-party apps that use Apple’s SSL implementation (which is probably most of them). In short: Any secure connection on an unpatched system is vulnerable to someone performing the right kind of attack.

Here are some of the apps which rely on the vulnerable Apple #gotofail SSL library beyond Safari /cc @a_greenberg pic.twitter.com/ombDOOa01A

— ashkan soltani (@ashk4n) February 23, 2014

Does it affect other browsers, like Chrome?

Chrome and Firefox rely on different implementations of SSL/TLS, meaning that they aren’t subject to the same vulnerability, as it’s in Apple’s code. That means that in the meantime you should be able to safely browse with them instead.

But my Wi-Fi network is encrypted—am I still at risk?

Wi-Fi security, which often uses the WPA (Wireless Protected Access) standard, is an entirely different ballgame. It simply assures that communications between devices on your wireless network with your router are encrypted. Unfortunately, Wi-Fi network security is often considered a deterrent at best. Cracks exist for most existing implementations; anybody who really wants to intercept your communications is probably capable of doing so. But SSL/TLS is intended to protect communications from end-to-end, meaning that even if an attacker compromises your network security, all they’ll decrypt will be encrypted communications.

However, though your personal Wi-Fi network is likely too small to be a target, and larger institutions like your ISP are unlikely to be out to get you, it might be safest to avoid public hotspots like those at an Internet café—where all your traffic is routed through a single point of access that’s not under your control—until this bug is fixed. 

So … should I not be online banking on my Mac until this is fixed?

Until the vulnerability is fixed, it would be best to do any secure tasks you need on an alternative browser like Chrome or Firefox, or on a patched iOS device. Though it’s unlikely that most people will be targeted, there is certainly a risk. And if you’re concerned, using a workaround is probably the best approach.

In addition, you may be able to potentially save your traffic from prying eyes with a VPN (Virtual Private Network). Although the VPN hooks into the security framework where the SSL/TLS bug exists, the VPN protocols supported by OS X don’t directly use SSL. You’ll need to check with your network administrator to make sure all your traffic runs through the VPN, however, and it’s not just site-specific (as some work-related VPNs can be).

There is a small possibility that VPN traffic interacts with SSL/TLS, so we can’t 100 percent guarantee that it’s the safest method, but it’s safer than just using Safari as-is. (Thanks to security writer Nick Arnott and Macworld contributor Marco Tabini for their investigation into VPN protocols.)

Does that mean hackers have been snooping through my banking info? Should I change my passwords?

Well, it depends, as is so often the case. There seems to be no widespread news of anybody exploiting this vulnerability, but it’s impossible to categorically state that it hasn’t been. And while sites don’t generally store password as clear text, rather relying on a version that is hashed (a form of encryption), if you are at all concerned, it’s never a bad idea to change your password.

Could this vulnerability let the NSA snoop on my private communications?

Astute and topical question. Daring Fireball’s John Gruber has suggested that this bug, which has apparently gone unpatched since iOS 6’s release in 2012, could be what the NSA was referring to when it claimed it could conduct surveillance on Apple products under the PRISM program. As to whether or not the NSA specifically planted or exploited the bug, which is in a piece of open-source software, that depends on your own level of interest in conspiracy theories—but it’s certainly not out of the question.

When is a patch expected?

Given the severity of the problem, we’d expect imminently. Apple spokesperson Trudy Muller told Macworld that a fix was “coming soon.” An unofficial patch has been released, but we’d recommend waiting for the fix directly from Apple. And just in case you want to know the moment it’s out, there’s already a site for that.

Updated at 5:08 p.m. ET with information about OS X’s VPN. Updated at 4:29 p.m. ET with comment from Apple. Updated at 4:02 p.m. ET to correct timeframe for the bug on iOS.