201-632-3422 info@carvesystems.com

Low risk security issues can kill you. It isn’t that they come out and stab you in the heart, it is more a soft death of many cuts. You may not even know you are bleeding. Mosquito saliva has an anesthetic in it, you won’t even know it is there sucking your blood right away. The Bitcoin Protocol has a potentially lethal vulnerability, which by now everyone is familiar with, known as “Transaction Malleability”. The focus here is not how transaction malleability killed Mt. Gox (that has been discussed at length elsewhere), but how careful defenders must be when considering risk to their systems.

It is interesting to observe the meta-data regarding the history of this bug. The Bitcoin wiki entry was created on January 21st 2013. In a SourceForge thread, noted developer Gregory Maxwell (gmaxwell) observed that this issue has been known since at least 2011. Fantastic, catastrophic failures like this are often due to some subtle, or small problem. Once you have sorted out all of the big things that can hurt you, it is critical to dig deep and understand all of the attack scenarios.

Time has shown that seemingly innocuous security issues can rear their heads years later to bite. Padding Oracle Attacks are a great example of a category of issues that were widely ignored as a type of “low risk” infeasible to exploit cryptography detail. Rizzo and Duong changed the world’s opinion on that one. Nate Lawson showed us how simple “low risk”, but known, problems with crypto libraries can hurt. Even as recent as last year, Carve Systems discovered a padding oracle that could have caused significant damage for a customer.

As a defender, ensuring that you are protected from and have a risk management plan for all known vulnerabilities is critical. These vulnerabilities serve to inform, and demonstrate that “Low Risk” is very different from “No Risk”.