Efforts to fix the notorious Heartbleed bug threaten to cause major disruptions to the Internet over the next several weeks, as companies scramble to repair encryption systems on hundreds of thousands of websites at the same time, security experts say.
Estimates of the severity of the bug's damage have mounted almost daily since researchers announced the discovery of Heartbleed last week. What initially seemed like an inconvenient matter of changing passwords for protection now appears much more serious. New revelations suggest that skilled hackers can use the bug to create fake websites that mimic legitimate ones to trick consumers into handing over valuable personal information.
The sheer scale of the work required to fix this aspect of the bug -- which makes it possible to steal the "security certificates" that verify that a website is authentic -- could overwhelm the systems designed to keep the Internet trustworthy.
The Heartbleed bug put many consumers' user names and passwords at risk. Undetected for two years, the bug quietly undermined the basic security of the Internet by leaving a gap in OpenSSL, an encryption technology used widely by businesses to protect sensitive data. By some estimates, the bug affected as much as two-thirds of the Internet; the flaw prompted thousands of Web users to change their passwords on Google, Yahoo, Facebook and other major services.
No examples have surfaced of anyone actually exploiting the vulnerability. But Web services firm CloudFlare issued an open challenge to hackers Friday to see if Heartbleed could be used to do something really dangerous -- steal the security certificates that prove Google, for instance, is really Google.
CloudFlare's initial tests suggested that it was probably impossible for an attacker to steal a site's security certificate and lure visitors to a duplicate that looked and behaved exactly like the real version. (Most browsers, if they detect an invalid security certificate, will block access to the site and warn the user that it may be illegitimate. But with a stolen certificate, a fake site would be allowed to load as if it were the real thing.)
For the challenge, CloudFlare urged Internet users to run their own tests on a dummy server with the Heartbleed bug. Hackers had to steal the security certificate from the server, then send a message to CloudFlare that was "signed" with the certificate in order to prove they had obtained it. Within nine hours of the challenge's launch -- and three hours after he began working on the problem -- a hacker named Fedor Indutny became the first to crack the code.
"It was just a fun way of spending Friday evening time, and a good chance to try my skills in a legal hacking action," Mr. Indutny wrote in an e-mail. "After starting a script on a cloud server, I watched a movie and totally forgot about it. Checking the logs in approximately 1 hour, to my surprise, revealed a private key to me."
Now what was thought to be impossible now turns out to be doable. Websites can indeed be tricked into giving up their identity papers, and those papers can be reused by malicious actors.
Changing your passwords will not protect you if you give them unwittingly to a hacker pretending to be your Web mail provider.
In the days after Heartbleed was revealed, many websites raced to update their systems. Those fixes plugged the immediate hole, so hackers could no longer take advantage of the vulnerability. But in light of this latest discovery, many sites still appear to be vulnerable; an attacker could have used Heartbleed to steal a site's valid security keys anytime before the site patched its systems.
The next step, experts say, is for all 500,000 affected sites -- from mom-and-pop retailers to big conglomerates -- to revoke their security certificates and issue new ones. But as necessary as that process is, it could have dramatic consequences for Web users' everyday experiences.
When you visit a secure site, your browser checks the site's security certificate against a list of invalidated certificates. Depending on how it is designed, the browser probably downloads that list to your computer. Because sites rarely change their certificates, the lists are relatively short.
But the Heartbleed exploit now requires hundreds of thousands of sites to add their certificates to the list, practically overnight. The certificate revocation lists will become bloated with new entries. And browsers will continue to download the now-massive files, according to Paul Mutton, a security consultant at the Web services firm Netcraft.