Thursday, 24 September 2015

Weak Diffie-Hellman and the Logjam Attack

I got the following message when attempting to contact my Glassfish admin console1:
Secure Connection Failed

An error occurred during a connection to www.karchan.org:4848. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.
Apparently it is related to a possible LogJam attack6.

Workaround

Of course, there is a workaround for Firefox2, but that is not what we should do. But for completeness, I'll provide it here:

Workaround for Firefox 39 and above:
  1. In FireFox, enter "about:config" in the URL field and press enter.
  2. Accept the "This might void your warranty!" warning :)
  3. In the search field at the top, enter "security.ssl3.dhe_rsa_aes"
  4. Double click each result (128 and 256) to toggle the Value to "false"

Ciphers

The reason I got this message, was that the server and the client (browser) could not agree on a sufficiently good cipher for the SSL connection. The new version of Glassfish has this solved, because of the extra ciphers it has added3.

If you look at the Appendix below, you immediately notice that the new ciphers all make use of Elliptic-Curve Diffie-Hellman Key Exchange, instead of normal Diffie-Hellman. It seems to be a great deal more secure and doesn't suffer from the Logjam weakness6.

Although it seems unnecessary, you could remove the weak ciphers from GlassFish, to prevent a loophole.5.

Appendix A. Available Ciphers

Glassfish 4.0 (build 89)Glassfish 4.1 (build 13)
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHASSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
SSL_DH_anon_WITH_3DES_EDE_CBC_SHASSL_DH_anon_WITH_3DES_EDE_CBC_SHA
SSL_DH_anon_WITH_DES_CBC_SHASSL_DH_anon_WITH_DES_CBC_SHA
SSL_DH_anon_WITH_RC4_128_MD5SSL_DH_anon_WITH_RC4_128_MD5
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHASSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHASSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHASSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHASSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHASSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHASSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHASSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_WITH_3DES_EDE_CBC_SHASSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHASSL_RSA_WITH_DES_CBC_SHA
SSL_RSA_WITH_NULL_MD5SSL_RSA_WITH_NULL_MD5
SSL_RSA_WITH_NULL_SHASSL_RSA_WITH_NULL_SHA
SSL_RSA_WITH_RC4_128_MD5SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHASSL_RSA_WITH_RC4_128_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHATLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA256TLS_DH_anon_WITH_AES_128_CBC_SHA256
TLS_DH_anon_WITH_AES_256_CBC_SHATLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA256TLS_DH_anon_WITH_AES_256_CBC_SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHATLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHATLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHATLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHATLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
TLS_ECDH_anon_WITH_NULL_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_ECDSA_WITH_NULL_SHA
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_RSA_WITH_NULL_SHA
TLS_ECDH_RSA_WITH_RC4_128_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_EMPTY_RENEGOTIATION_INFO_SCSVTLS_EMPTY_RENEGOTIATION_INFO_SCSV
TLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_NULL_SHA256TLS_RSA_WITH_NULL_SHA256

References

[1] StackOverflow - GF4 how to config security protocol to work with firefox v 39x
http://stackoverflow.com/questions/31346501/gf3-how-to-config-security-protocol-to-work-with-firefox-v-39x
[2] Mozilla - Questions & Answers
https://support.mozilla.org/pt-BR/questions/1066238#answer-738971
[3] GlassFish Server Open Source Edition Security Guide Release 4.0
https://glassfish.java.net/docs/4.0/security-guide.pdf
[4] GlassFish Server Open Source Edition Administration Guide Release 4.0
https://glassfish.java.net/docs/4.0/administration-guide.pdf
[5] ServerFault - Disable support for LOW encryption ciphers for glassfish port no 3920
http://serverfault.com/questions/614791/disable-support-for-low-encryption-ciphers-for-glassfish-port-no-3920
[6] Weak Diffie-Hellman and the Logjam Attack
https://weakdh.org/

Thursday, 17 September 2015

Logic in Epimenides Paradox

The Epimenides paradox reveals a problem with self-reference in logic1.

Epimenides was a Cretan who made one immortal statement:
“All Cretans are liars.”
Now then, there are two statements that are part of the paradox:
  • Epimenides was a Cretan.
  • All Cretans are liars.

If we assume that Epimenides said "All Cretans are liars.", there are exactly four possible outcomes:
Epimenides was a CretanAll Cretans are liars
FalseFalse
FalseTrue
TrueFalse
TrueTrue
The Paradox is only visible if both statements be true. In all other cases, there is no paradox, and things go merrily on their way.

Thomas Fowler (1869) made a major mistake in determining the logic negation of the statement "All Cretans are liars.".

He assumed that the opposite of "All Cretans are liars." is "All Cretans speak the truth.". We, hardcore software designers, of course, do not fall for this trap.

The logical negation of "All Cretans are liars." is "Not all Cretans are liars." This, consequently, can be rewritten as "There is at least one Cretan who speaks the truth."

References

[1] Wikipedia - Epimenides Paradox
https://en.wikipedia.org/wiki/Epimenides_paradox

Thursday, 10 September 2015

Uncanny Valley

A colleague of mine mentioned that Guildwars 2 became free to play on August 29th 20151. So there is nothing that can withhold me from playing.

In the past, as I am used to World of Warcraft and their cartoony look-and-feel, I had serious problems with accepting the realistic look-and-feel of other games that came out. I found those games creepy. As a matter of fact, I still have this problem in current games.

The same happened to certain films, like "The Polar Express" and "Final Fantasy: The Spirits Within".

When explaining this to my colleague, he mentioned that this is because of the "Uncanny Valley". As I've never heard of it, I decided to look it up2.

References

[1] Guildwars 2 - Play for free today!
https://www.guildwars2.com/en/news/play-for-free-today/
[2] Wikipedia - Uncanny Valley
https://en.wikipedia.org/wiki/Uncanny_valley
Wikipedia - Guildwars 2
https://en.wikipedia.org/wiki/Guild_Wars_2

Saturday, 5 September 2015

LEFT JOIN FETCH returns double results

I recently got a Bugreport from my manager that she was seeing double rows in one of our screens. After a little research I found the culprit to be the following (paraphrased) HQL query.

SELECT order from Order order LEFT JOIN FETCH order.items

The resultset returned from the database will look like this:
orderidcustomeriddateorderitemidorderidarticlenramount
112015-01-01112455
112015-01-01215741
As you can see, the order appears twice, once for each order item.

What we want to get from Hibernate is:

What we get from hibernate is:
Order
Order@25AF4E
Order@25AF4E
However, this is by design. As you can see you get two Orders, but they both refer to the same instance. Things are as it should be.

To fix this, see the great answer by Gavin King1 or on StackOverflow2.

When changing the result into:
SELECT DISTINCT order from Order order LEFT JOIN FETCH order.items
The double rows disappears, however the distinct does go through to the database (where it does nothing, as the rows are already distinct) however, it also adds the ResultTransformer implicitly, causing me to get the one row as designed.

Talked about it with the Architect, he doesn't like the use of 'distinct' in HQL queries, because:
  • it is unclear how it will be processed (locally or in the database)
  • may be a cause for performance issues if the distinct is forwarded to your database
  • In general, if you need a 'distinct' in your query to defeat double data, chances are that the query could use some improvements
With an explicit ResultTransformer, the code looks like the following:
List result = session.createQuery("select o from Order o left join fetch o.items"
                      .setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY)
                      .list();
And the problem is fixed.

References

[1] JBoss - Hibernate FAQ
https://developer.jboss.org/wiki/HibernateFAQ-AdvancedProblems#jive_content_id_Hibernate_does_not_return_distinct_results_for_a_query_with_outer_join_fetching_enabled_for_a_collection_even_if_I_use_the_distinct_keyword
[2] StackOverflow - Hibernate Criteria returns children multiple times with FetchType.EAGER
http://stackoverflow.com/questions/1995080/hibernate-criteria-returns-children-multiple-times-with-fetchtype-eager