The Poodle flaw discovered by Google folks is a big deal. It will not be hard to fix, because for most systems there is just no need to support SSLv3. Fixing those will only imply changing configuration so not to allow SSL fallback. However, this flaw brings to our attention, again, how the weakest link in security often lies in the graceful degradation mechanisms that are there to support interoperability. Logic that degrades security for the sake of interoperability is hard to do right and is often easy to exploit. Exploitation is usually carried out by the attacker connecting while pretending to be “the dumbest” principal, letting the “smarter” principal drop security to as low as it will go.
All this is not new. What may be new is a thought on what such types of flaws may imply on the emerging domain of the Internet-of-Things.
Poodle is a design flaw (i.e., has to do with the protocol, not with a particular implementation) that succeeds only thanks to the existence of a mechanism that addresses fragmentation in the client/server TLS space.
Simply, Poodle allows to exploit an SSLv3 connection. SSLv3 was replaced with a better protocol a decade ago, and almost no-one uses it. So how can this attack still succeed so well? Simply, it succeeds by using a faulty security degradation mechanism that was established to work around fragmentation in the client-server space.
Blame the need for graceful security degradation
We have the web for decades, with billions of users, and still, a decade after introducing a new security protocol, still have to program each device with complex and faulty “graceful degradation” mechanisms, because we still have old SSLv3 devices fielded. SSLv3 connections are only 0.65% of all secure connections, but no-one wants his device/software to be the one rejecting connections. Due to this “fragmentation” we are all held back, and the double-quotes are there because 0.65% barely deserves to be called “fragmentation".
Preparing for the inevitable with IoT
Today IoT at large has zero to little security. One day it improves, but the long tail of less-secure (let alone completely insecure) devices is going to be long and thick, for decades. And so, mechanisms for graceful security degradation, which are known in the security community to be almost impossible to do right, will remain for decades.
Since graceful security degradation is so hard to do right, and since IoT security will have to be full of it, we have to be prepared for a daily supply of Poodles in this domain. Means for recovering from the Poodle-du-jour is thus at least as important as making our systems secure in the first place.