The SSL Labs results discussion thread

Impetus

https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Fonlinebanking.aib.ie%2Finet%2Froi%2Flogin.htm

Summary:

This server is vulnerable to the POODLE attack against TLS servers. Patching required. Grade set to F. MORE INFO »
This server uses SSL 3, which is obsolete and insecure. Grade capped to B. MORE INFO »
Certificate uses a weak signature. When renewing, ensure you upgrade to SHA2. MORE INFO »
This server accepts the RC4 cipher, which is weak. Grade capped to B. MORE INFO »
The server does not support Forward Secrecy with the reference browsers. MORE INFO »

Server Key and Certificate #1Common namesonlinebanking.aib.ieAlternative namesonlinebanking.aib.iePrefix handlingNot required for subdomainsValid fromTue, 02 Dec 2014 00:00:00 UTCValid untilThu, 03 Dec 2015 23:59:59 UTC (expires in 6 months and 13 days)KeyRSA 2048 bits (e 65537)Weak key (Debian)NoIssuerVeriSign Class 3 Secure Server CA - G3Signature algorithmSHA1withRSA WEAKExtended ValidationNoCertificate TransparencyNoRevocation informationCRL, OCSPRevocation statusGood (not revoked)TrustedYes

SubjectVeriSign Class 3 Public Primary Certification Authority - G5
Fingerprint: 32f30882622b87cf8856c63db873df0853b4dd27Valid untilSun, 07 Nov 2021 23:59:59 UTC (expires in 6 years and 5 months)KeyRSA 2048 bits (e 65537)IssuerVeriSign / Class 3 Public Primary Certification AuthoritySignature algorithmSHA1withRSA WEAK

Certification PathsPath #1: Trusted1Sent by serveronlinebanking.aib.ie
Fingerprint: 48f8a55d24aca9573d5bb6b4532d5cacd77c4dcc
RSA 2048 bits (e 65537) / SHA1withRSA
WEAK SIGNATURE2Sent by serverVeriSign Class 3 Secure Server CA - G3
Fingerprint: 5deb8f339e264c19f6686f5f8f32b54a4c46b476
RSA 2048 bits (e 65537) / SHA1withRSA
WEAK SIGNATURE3In trust storeVeriSign Class 3 Public Primary Certification Authority - G5 Self-signed
Fingerprint: 4eb6d578499b1ccf5f581ead56be3d9b6744a5e5
RSA 2048 bits (e 65537) / SHA1withRSA
Weak or insecure signature, but no impact on root certificate

ProtocolsTLS 1.2YesTLS 1.1YesTLS 1.0YesSSL 3 INSECUREYesSSL 2No
Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites always at the end)TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK128TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)128TLS_RSA_WITH_AES_256_CBC_SHA (0x35)256TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)112TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)128TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)256TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH 256 bits (eq. 3072 bits RSA) FS128TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH 256 bits (eq. 3072 bits RSA) FS256TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) ECDH 256 bits (eq. 3072 bits RSA) FS112


Protocol DetailsSecure RenegotiationSupportedSecure Client-Initiated RenegotiationSupported DoS DANGER (more info)Insecure Client-Initiated RenegotiationNoBEAST attackMitigated server-side (more info) SSL 3: 0x5, TLS 1.0: 0x5POODLE (SSLv3)No, mitigated (more info) SSL 3: 0x5POODLE (TLS)Vulnerable INSECURE (more info)Downgrade attack preventionNo, TLS_FALLBACK_SCSV not supported (more info)TLS compressionNoRC4Yes WEAK (more info)Heartbeat (extension)NoHeartbleed (vulnerability)No (more info)OpenSSL CCS vuln. (CVE-2014-0224)No (more info)Forward SecrecyNo WEAK (more info)Next Protocol Negotiation (NPN)NoSession resumption (caching)No (IDs assigned but not accepted)Session resumption (tickets)NoOCSP staplingNoStrict Transport Security (HSTS)NoPublic Key Pinning (HPKP)NoLong handshake intoleranceNoTLS extension intoleranceNoTLS version intoleranceNoIncorrect SNI alerts-SSL 2 handshake compatibilityYes

AskAIB: Katherina

Hi Impetus,

At AIB we take security very seriously. We continue to implement enhanced security measures and strive to proactively improve our security systems and infrastructure against common industry threats and vulnerabilities. This is aimed at enhancing the confidentiality and integrity of data communication between AIB systems and our customers.

Such common vulnerabilities across the industry include those that target end user secure browser sessions (better known as HTTPS or SSL). AIB is working to implement supplementary controls to improve the standards for secure online browsing. AIB encourages its customers to use up to date software (including browsers) patched to current levels to further reduce security risk.

If you would like to get in touch with us directly, you can talk to us at AskAIB and we will be happy to help

All the best
Trina

Impetus

AskAIB: Katherina wrote: »

Hi Impetus,

At AIB we take security very seriously. We continue to implement enhanced security measures and strive to proactively improve our security systems and infrastructure against common industry threats and vulnerabilities. This is aimed at enhancing the confidentiality and integrity of data communication between AIB systems and our customers.

Such common vulnerabilities across the industry include those that target end user secure browser sessions (better known as HTTPS or SSL). AIB is working to implement supplementary controls to improve the standards for secure online browsing. AIB encourages its customers to use up to date software (including browsers) patched to current levels to further reduce security risk.

If you would like to get in touch with us directly, you can talk to us at AskAIB and we will be happy to help

All the best
Trina

Thank you for your posting. It is not a matter of personal impact on myself, as the credit limit I have given to AIB in its current position is very low and thus any money I have with that bank are not material in size.

Triana, the best thing you could do for the bank in terms of the topic at hand is to have the IT system problems fixed, which cause the F rating here:

https://www.ssllabs.com/ssltest/anal...oi%2Flogin.htm

AskAIB: Katherina

Hi Impetus,

We appreciate your feedback and we have passed this onto our Security Team. If there's anything else we can help you with, please let us know.

Kind regards
Trina

Impetus

Local authorities and other government agencies involved in the collection of money via websites have very neglected security in their payments processing infrastructure, if a few random tests I have done recently are any indication of the overall position.

Many local authorities seem to be outsourcing payment functions to https://epayments.lgcsb.ie and this website is grossly insecure with an “F” rating. https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Fepayments.lgcsb.ie Their own website is at : http://www.lgcsb.ie

Other money taking sites with problems:

Motortax.ie 159.134.92.71 Grade “C”

https://www.eflow.ie Toll payment M50 etc “C” (it doesn’t support TLS 1.1 and 1.2)

TV License purchase: https://www.ssllabs.com/ssltest/analyze.html?d=tvlicence.ie “C” – it won’t support TLS 1.2 and has weak cyphers.

NCT – car testing: https://www.ssllabs.com/ssltest/analyze.html?d=ncts.ie “C” grade.

TLS best practice documentation: https://www.ssllabs.com/projects/documentation/

The above is just a random selection - and should not be assumed to be comprehensive. I may test some other sites, and publish the outcome at a later date. I may also follow up known defective sites to see if they have been fixed, and report on my findings - good or bad.

Government agencies, as well as companies, banks, insurance companies, and charities owe a duty of care to their customers to keep their computer security up to date. Clearly this duty of care is not being taken seriously in Ireland.

Impetus

Thanks Katherina. I neglected to mention that AIB Business Banking also has similar issues - https://www.ssllabs.com/ssltest/analyze.html?d=ibusinessbanking.aib.ie

This is even more critical in my mind given the larger payment limits that apply to various business customers and the size of balances on corporate accounts. I would have PM'd you, only I couldn't find a link.

Regards

Impetus

Impetus

Ulster Bank only manage a "C" grade on their business banking portal

https://www.ssllabs.com/ssltest/analyze.html?d=bankline.ulsterbank.ie

0lddog

Same as ROS.ie

So thats OK then :eek:

Impetus

I have no doubt that ros.ie will review the matter seriously, and take any action they feel appropriate.

I notice that the Local Government Management Agency appear to have taken their payment processing system down – however their F rating is far more serious, than a “C”.

Refreshingly different from the pig headed approach taken by Ryanair, refusing to allow clients connect via TLS 1.2 – the only protocol with a clear record so far. Most PCs can use TLS 1.2 and aren’t forced to use MD4, etc.

Even if Ryanair has a lot of customers with antiquated XP sp2 or older PCs using Internet Explorer, the European travelling public should not be forced to make reservations using technology that should be in the gutter. If Ryanair has enough crappy PC users in its client base, it is a simple matter to re-route a connection from an XP sp2 or worse machine to an alternative domain – eg insecure_client_service_area.ryanair.com. With a message advertising replacement PCs at discounted prices, instead of Samsonite cases or rental cars. Pointing out that their reservation task had to be quarantined.

Ryanair is the largest collector of personal information based in Ireland – much of it needlessly collected for the purpose of a reservation. I can only suspect that Ryanair is selling the firehose of customer data to the NSA, GDHQ and others, either directly or indirectly?

https://www.ssllabs.com/ssltest/analyze.html?d=www.ryanair.com&s=37.18.148.99&latest

Snowden has said on many occasions that the NSA & co use deprecation (forcing computer connections to take place at low levels of security (eg 512 bit rather than 2,048 bits). Companies that leave defunct and weak security running on their system allow this deprecation to happen, making it easy to crack the plain text of an “encrypted” stream. The only solution is to shut out weak technologies, and if necessary tell customers with old machines to do their business over a dedicated phone number – charging them extra for the service.

For anybody interested in an A+ grade set-up have a look at Vienna based https://jabber.at which runs on Drupal 7. Configuration of system:
https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Fjabber.at

Well worth reading : https://www.ssllabs.com/projects/best-practices/index.html

You can check your browser at this link: https://www.ssllabs.com/ssltest/viewMyClient.html

niallb

There's a good discussion on a recent Security Now podcast (ep 505) about the background to this and the fact that it also impacts Bank of America and many other large international banks. The RC4 cipher is the most likely default negotiated in that case because while it is weak, there were no current exploits against it when POODLE, BEAST and other attacks were examined, and it was promoted in the list to be accepted even if a better grade of encryption was offered.

The grade applied to RC4 by sslinfo here is capped to B to allow for time to remove it, but will be downgraded to an F if still in use in September.

syklops

Jesus, even in his own thread about Ulster Bank he descends into a rant about Ryanair.

timmywex

Errrrr do we need a separate thread with the results from an automated scanning website on organisations? Could i suggest using one thread maybe for them all if you like?

Have you contacted the organisations for comment or to notify them?

TBH there's many bigger security issues and concerns for most org's, Even though some sites are getting low ratings they are complex attacks in most cases, requiring some luck, and requiring fairly advanced knowledge above and beyond for example a script kiddie.

Impetus

https://www.ssllabs.com/ssltest/analyze.html?d=amazon.com&s=72.21.206.6

Amazon supports SCSV for preventing protocol downgrade attacks (I have only checked AWS).

https://datatracker.ietf.org/doc/rfc7507/

This in my view is key to allowing secure connections for client machines that support the newest and strongest protocols. Particularly relevant for servers that have been compromised to support Windows XP SP2 and older. SHA 1 was designed by the NSA - and one can't help but think that this organization designed in the weakness to this protocol? If a client supports SHA2 and SHA3?

B00MSTICK

I'm beginning to think a single SSL security thread may be better than having separate ones for every interesting site you look at?

Khannie

Yep. I'll box this off later.

Khannie

Done.

Let's keep similar posts in this thread please.

ifah

Khannie wrote: »

Done.

Let's keep similar posts in this thread please.

Cheers Khannie - could you change the Title also ? "Impetus' glorious SSLLabs Expose" or something similar.

Impetus

Perhaps of the word "glorious" was removed fromthe topic title, it would be more logical? Few of the servers referred to in the cases cited deserve to be in the "glory" category.

In any event, its use and origin suggest a certain bias in the thinking of the person responsible for the creation of the title, vis-a-vis the items discussed or the general topic.

Khannie

The glorious was meant to refer to the thread, but you don't like it, so it's removed.