The site used a protocol that wasn’t deemed insecure several years ago

Oct 7, 2013 14:04 GMT  ·  By

British security expert Paul Moore has analyzed the SSL implementation on report.ico.org.uk, the website used by the UK Information Commissioner’s Office (ICO) for Privacy and Electronic Communications Regulations (PECR) security breaches.

First, Moore analyzed the site by using the Qualys SSL Labs tool. The site got an F, the lowest rating.

The expert has found that the server supports SSLv2, an obsolete protocol that’s highly insecure. In addition, there’s no support for TLS v1.1 or TLS v1.2 and the only protocols available are vulnerable to Browser Exploit Against SSL and TLS (BEAST) attacks when combined with a block cypher.

The use of SSLv2 exposes the information submitted by users to man-in-the-middle (MitM) attacks.

“A server can offer SSLv2 support but not actually provide any supporting ciphers. The ICO however, provide two massively insecure ciphers on the SSLv2 protocol,” Moore noted.

While it’s true that only Internet Explorer 6 users are vulnerable to these attacks, according to the expert’s calculations, there are around 100,000 people in the UK who still use the outdated browser.

As far as the BEAST attacks are concerned, the expert noted, “Using TLSv1/SSLv2/3 combined with a block cipher is dangerous. An attacker can predict the IV’s used to randomize the ciphertext. Although he technically can’t decrypt it in the usual sense, he can encrypt his own data using the key/[initialization vector] and wait until he finds a match.”

He added, “This technique is far from efficient, but it’s also far from secure. Each encrypted fragment represents a piece of crucial data… a cookie, auth data, session tokens et al.”

In addition to report.ico.org.uk, the researcher has also found some SSL implementation flaws on another ICO website: igt.hscic.gov.uk, a website that’s used to report IG SIRIs (Information Governance – Serious Incident Requiring Investigation).

Moore has told Softpedia that he hasn’t notified the ICO before publishing his findings because the issues he had previously reported remained unfixed for long periods of time. However, just as we were about to publish this article, the expert noticed that the SSLv2 issue was addressed.

We’ve requested comment on the matter from the ICO a few hours ago. However, at the time this article was published, we didn’t hear back from the agency.

Additional technical details on the SSL implementation flaws in the ICO website are available on Paul Moore’s blog.

Update. The ICO continues to work on addressing the issues. According to Moore, the agency has patched the BEAST problem. However, in this process, they’ve blocked out most users since they’ve disabled every protocol except TLS v1.2.

This means that those who use Internet Explorer, Firefox, Safari, or a Chrome prior to version 30 cannot access the website.

Update 2. The ICO has responded to our inquiry with the following statement:

“We are aware of the concerns raised and have taken action to address the issues highlighted. We are satisfied that the form – used by electronic communications providers – is a secure and safe way of meeting our statutory reporting requirements.”

Currently, the reporting website is accessible, but according to Moore, it's still vulnerable to BEAST attacks.

The expert has provided Softpedia with the following response after seeing the ICO's statement:

“Unfortunately, it appears the ICO have missed the point entirely.

The underlying and as yet unanswered question is how these issues went unnoticed in the first place? For an authority purportedly responsible for data protection, 'promoting good practice and openness', this press-oriented, nondescript response does nothing to allay my concerns. Did the ICO assume it was safe and not bother testing it, or was the testing flawed too?

The speed at which the ICO responded should be applauded. However, the 'fix' appeared to be a very hit & miss affair... suggesting the developer(s) knew what needed to be done, but didn't quite understand how to do it.

Disabling TLSv1 for example, is a sure-fire way of rendering your site unusable to all but the latest compatible browsers. Despite several attempts, it appears the BEAST vulnerability still hasn't been resolved at the server side either.

When companies fail to meet their strict regulations, they're subject to investigation and can be fined up to £500,000. When the tables are turned however, is it fair we should accept such a flippant response? More importantly, if the ICO can miss something glaringly obvious in their own infrastructure, are they really in a position to comment on/penalize others?”