WebPirate icon indicating copy to clipboard operation
WebPirate copied to clipboard

Published 20 hours ago verified publisher icon Dax89

Vulnerable to Freak Attack

Open smurfy opened this issue 9 years ago • 9 comments

Webprirate is vulnerable to the Freak attack. See: https://freakattack.com/ Stock browser is safe.

smurfy avatar Mar 06 '15 11:03 smurfy

See this as a reference: https://together.jolla.com/question/85049/sailfish-freaked-out/ From a security standpoint it isn't a pressuring issue as there are only theoretical ways to use this vulnerability (because QtWebkit itself does not support RSA_EXPORT and you need extra complicated hacks [hacking your access point/router/modem and the website] to get this working). And this is all theory for the moment.

llelectronics avatar Mar 06 '15 11:03 llelectronics

@llelectronics sure, i think its not that big of a problem too, still it should be fixed. (if possible)

About qtwebkit not supporting it, if you test with https://cve.freakattack.com the stock browser refuses the connection (invalid server key, i'm aware stock is gecko), my desktop chrome does the same.

Webpirate allows the unsecure key.

smurfy avatar Mar 06 '15 12:03 smurfy

I know this issue but I can't do anything atm.

I don't know when Jolla release Qt >= 5.4 on Sailfish, so this week I have worked on an experimental version of WebPirate which uses Blink instead of the obsolete/buggy QtWebKit.

I have (almost) successfully ported the Chromium Embedded Framework (https://code.google.com/p/chromiumembedded/) on Qt/QML.

CEF uses Chromium 42 code base, it's updated and faster, and a very good alternative to QtWebKit.

Dax89 avatar Mar 06 '15 12:03 Dax89

Yeah same as webcat. Therefor cooperating with Jolla is necessary hopefully the problem will be fixed with an update of qtwebkit && openssl . I also hope sslv3 will be fixed aswell as I see this as a bigger issue atm.

@Dax89 : Great news that you are working on chromiumembedded. That will bring in lots of cool new stuff and speed. I personally believe Qt 5.4 will be part of the SailfishOS 2.0 update coming in June.

llelectronics avatar Mar 06 '15 12:03 llelectronics

Thanks to you both for creating an alternative browser for sailfish. I just wasn't sure about if its on your radar. I also think that the freak attack can and should be mitigated primarily by the server owner.

Keep up your great work.

smurfy avatar Mar 06 '15 12:03 smurfy

@llelectronics I will upload the porting here on GitHub when it starts to become usable, so we can benefit both :) @smurfy Thanks! :)

Dax89 avatar Mar 06 '15 12:03 Dax89

This is the repository containing my work done with Chromium Embedded (currently based on Chromium 42): https://github.com/Dax89/QtCEF

I'm giving priority on QtQuick implementation (the QWidget part is stubbed), I'm able to render web pages and playing HTML5 videos without issues (the rendering part needs a rewrite, but is low priority atm).

This is the result using the example contained in the repository: https://dl.dropboxusercontent.com/u/40206233/Screenshots/QtCEF/Chromium_QtQuick.png

A lot of work still needs to be done :)

Dax89 avatar Mar 15 '15 22:03 Dax89

Cool, very nice

smurfy avatar Mar 16 '15 09:03 smurfy

POODLE & others too. https://www.ssllabs.com/ssltest/viewMyClient.html :(

Mikaela avatar Oct 09 '15 05:10 Mikaela