• United States




SSL goto fail

Feb 22, 20143 mins
Application Security

On Friday February 21, 2014 Apple released a patch for a problem concerning SSL on their iOS devices. They’ve not been providing proper SSL since Ocotber 2013. As a result iOS Version 7.0.6 was released ostensibly to mitigate this issue. 

From Apple:

Data Security


Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later


Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS


Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.





Hmm, a missing validation step? How very odd. So, what is the problem then? Well here you go,

Rather than reinvent the wheel, here is an excellent write up about the problem on ImperialViolet:

Note the two goto fail lines in a row. The first one is correctly bound to the if statement but the second, despite the indentation, isn’t conditional at all. The code will always jump to the end from that second goto, err will contain a successful value because the SHA1 update operation was successful and so the signature verification will never fail.


So if someone was to execute a man in the middle (MITM) attack against your iOS device via SSL you would not be aware of it. This is where an attacker can masquerade as the destination that you wish to connect to and you would be none the wiser. Short version, your encrypted connections might not be encrypted after all.


But, it doesn’t stop there. Apple’s email application is also affected by this problem under OS 10.9.1. Twitter user Ashkan Soltani provided a screen shot from his test of the This provided some evidence that demonstrated the problem does apply to OS X users as well as iThinger users. The issue in this case is that there isn’t a patch available for this issue just yet and no word as to when users can expect to see one. 

This begs the question, how long was the problem in place before it was fixed?

So goto fail was added before October 2013. It is in 10.9 but not 10.8.5; and it is in iOS 6.1 and iOS7…Ouch. Long time to not support SSL

— the grugq (@thegrugq) February 22, 2014

Yes, this problem doesn’t affect 10.8.5 as I was able to test with an older laptop that I had in my office. So, from at least October 2013 until the end of February 2014? How does this happen exactly? Copy & paste failure? I’m never going to identify myself as a coder but, wouldn’t a compiler catch an issue like this one? 

I will update this if I hear more information about the patch for OS X. In the meantime, update your iThingers as soon as possible.

(Image used under CC from fuzzcat)

(Image screen cap from Apple)


Dave Lewis has over two decades of industry experience. He has extensive experience in IT security operations and management. Currently, Dave is a Global Security Advocate for Akamai Technologies. He is the founder of the security site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast.

The opinions expressed in this blog are those of Dave Lewis and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author