1Password data leaked for months

AgileBits is far from at fault here. It’s Cloudflare who stand at the stage of the problem. From what I’ve gathered, the problem in its essence is that their content delivery system, the way it had been designed, would occasionally leak private data sent to it via SSL, undermining their use of HTTPS. “Cloudbleed” it’s being called, and Cloudflare have a technical analysis of the issue on their blog. Of course, the issue has quickly been resolved.

I trust AgileBits’ word when they say that they don’t rely on HTTPS to be secure. They’re password management specialists after all, and 1Password is their primary product and service so you can expect them to be especially focused on stabilising and staying vigilant to the security aspects of their service.

ahr10 said:

It's especially galling that 1Password try to pretend that their three layer 'defence' would protect customers. They've also stated that "no sensitive data was exposed because it was encrypted in transit." Anybody who understands encryption (like Tavis) knows this doesn't make any difference in this case.

Your sense of trust is galling. If you don’t trust encryption and you heavily value privacy over the information you transmit over the internet, how is it that you’ve signed up with any internet service at all? Encryption is the basis of your safety on the internet. If you don’t trust encryption I’m not sure what technology you were relying on for safety prior to the news. Perhaps it were the terms “SSL” and “HTTPS” that made you feel safe. These protocols themselves are completely encryption oriented. Encryption is an established process.

ahr10 said:

It seems like 1Password don't know what they're doing.

One of my friends, a software developer for Apple, said that 1Password didn't understand what was needed on a developer's certificate... despite Apple having told them previously. Then they issued a twee blog post trying to blame Apple for 1Password's own mistake.

This was a completely separate incident in which their mistake was hardly a disreputable one. The developers screwed up, got flamed for it, worked tirelessly to resolve the issue. I can sympathise. It happens, you get over it, you move on.

From what I can interpret, they were completely honest about the situation the whole way through: Certificates, Provisioning Profiles, and Expiration Dates: The Perfect Storm

This was painful for everyone. We lost sleep over the weekend, but worse than that… our users temporarily lost access to some of their most important information. This is unacceptable to us and we want to make sure this doesn’t happen again.

Furthermore, there’s nothing that indicates AgileBits putting blaming on Apple for their own mistake. In fact, if anything, they have drawn closer relations to Apple now as they ensure that the incident doesn’t repeat itself in future.

We’ve reached out to Apple for help and guidance on what we can do to avoid this happening again in the future. Our new provisioning profile doesn’t expire until 2022, but we’ll make sure that this is resolved far before then so that you need not worry about that happening.

And that is the best action they could have possibly taken in the circumstances.

By the way, I’m sure Apple doesn’t spend their days going around telling developers how to compose a developer’s certificate. If you’ve got evidence of “Apple having told them previously”, I’d like to hear.

Unless a wave of instances of 1Password users suddenly discovering their login details being compromised begins to surface, I say AgileBits get to keep their established reputability in security for now.

logicearth said:

I see, so you must trust and use nothing then is that right? I can go down a list and find "obvious critical problems" for any piece of software you use. Linux for example had several "obvious critical problems" that went unnoticed for years, they have a bunch of developers, are they negligent?
Look, you don't want to trust them fine that is your prerogative. Its not a question if security vulnerabilities exist for whatever it is you use. The question is how do you response to them. The folks over at Lastpass have shown time and time again they take it seriously and they fix it.

You're misunderstanding the principal issue at play here. You simply cannot find "obvious critical problems" (note the plural) in Linux because it's open source. More on that later.

There have been several issues in Linux but not all in the same piece of software and most of which have not been obvious. A minority have been critical and have been quickly repaired by the Linux developers.

The difference between LastPass, 1Password and Linux is that Linux is open source. That means anybody can review the source code and point problems out, submit a fix to the community for approval or just repair their own software. You cannot do that in black box software (LastPass or 1Password); it's illegal - DCMA laws etc.

For one security researcher [Tavis Ormandy] to find "a bunch of obvious critical problems" after "a quick look" is terrible. Tavis is paid by Google so he's not go the time to do a full audit the LastPass code but it disgusts me that a commercial company cannot be bothered to pay independent auditors to take a thorough look at their code. Clearly they don't take security seriously.

With Linux the whole code (not just little bits of it) is open to inspection. Anybody competent can do this for free... and they do because it's part of a community spirit. Very few people will be willing to do this for a commercial company who have the funds and resources to do this themselves. Any problems in Linux have not been that "obvious" because the code has been reviewed thousands if not tens of thousands of times.

Also LastPass and 1Password are a massive target for obvious reasons - they have a repository of passwords that unlock your online life. For these problems to go unnoticed is dire and inexcusable. Look at the two biggest open source, free password managers: KeePass and Password Safe. Neither have any known critical vulnerabilities and both can have their source code inspected.

Linux on the other hand has various distributions, different implementations, other safeguards etc. which make breaking part of it nowhere near as severe as cracking a general purpose password manager. If somebody gets into your password manager the results can be devastating.

Company blogs are normally propaganda pieces to make them look like they're being open and honest when the reality is they're doing damage limitation.

"Every issue you can pull out of the air have already been fixed."

You can bet your bottom dollar that hackers are aware of other/new issues and they won't be reporting them to LastPass to be fixed. And because LastPass don't proactively audit their code (otherwise issues would be found) the hackers will have a field day.

AgileBits is far from at fault here. It’s Cloudflare who stand at the stage of the problem. From what I’ve gathered, the problem in its essence is that their content delivery system, the way it had been designed, would occasionally leak private data sent to it via SSL, undermining their use of HTTPS. “Cloudbleed” it’s being called, and Cloudflare have a technical analysis of the issue on their blog. Of course, the issue has quickly been resolved.

I've read Cloudflare's blog and their damage limitation. Let me quote Troy Hunt of Microsoft:

"Firstly, Cloudflare serves an almost unfathomably large amount of traffic. I wrote a course on Getting Started with CloudFlare Security in mid-2015 and they were serving 5 trillion requests a month at that time and I assume much more as of today. The bottom line is that we're looking at millions of requests per month potentially leaking data."

Why didn't Cloudlflare detect this major breach themselves?

I trust AgileBits’ word when they say that they don’t rely on HTTPS to be secure. They’re password management specialists after all, and 1Password is their primary product and service so you can expect them to be especially focused on stabilising and staying vigilant to the security aspects of their service.

But 1Password are not being truthful. They serve the 'Emergency Kit' (which has your unique SRP key inside) over HTTPS. This coupled with your password can be used to get inside your trove of passwords.

As "password management specialists" they didn't perceive this breach would occur and their mitigation doesn't cut it. Nor have they been particularly vigilant otherwise they'd have spotted this before Tavis!

If the company can't even stay the top of their game when it comes to basic stuff (developers' certificates) I must entirely reject the argument that they're "vigilant".

Your sense of trust is galling. If you don’t trust encryption and you heavily value privacy over the information you transmit over the internet, how is it that you’ve signed up with any internet service at all? Encryption is the basis of your safety on the internet. If you don’t trust encryption I’m not sure what technology you were relying on for safety prior to the news. Perhaps it were the terms “SSL” and “HTTPS” that made you feel safe. These protocols themselves are completely encryption oriented. Encryption is an established process.

There's a difference between one service being breached and your whole online life being put at risk because of a vulnerability in a password manager. Neither SSL or HTTPS make me feel safe. Actually it's TLS over HTTPS these days.

It's a matter of perspective as I alluded to in my earlier post. A company like 1Password is a massive target because if they're breached then so are all your other passwords.

This was a completely separate incident in which their mistake was hardly a disreputable one. The developers screwed up, got flamed for it, worked tirelessly to resolve the issue. I can sympathise. It happens, you get over it, you move on.
From what I can interpret, they were completely honest about the situation the whole way through: Certificates, Provisioning Profiles, and Expiration Dates: The Perfect Storm

Of course they're going to suggest they worked tirelessly. People pay them money to stay on top of the latest developments in security so that they (the individual customers) don't have to. They should have pre-empted this and taken appropriate action instead of waiting for something to happen and then doing reactive firefighting.

Furthermore, there’s nothing that indicates AgileBits putting blaming on Apple for their own mistake. In fact, if anything, they have drawn closer relations to Apple now as they ensure that the incident doesn’t repeat itself in future.
And that is the best action they could have possibly taken in the circumstances.

They've already tried to make it sound like it was a perfectly normal mistake by saying:

"The exact same perfect storm appears to caused our friends at Smile to hit the same rough seas that we had..."

Bullshit. You can't say it's affected other companies so that's okay. There's a monumental difference between some PDF software and a password manager.

By the way, I’m sure Apple doesn’t spend their days going around telling developers how to compose a developer’s certificate. If you’ve got evidence of “Apple having told them previously”, I’d like to hear.

How do they communicate with developers then? Of course they tell them of any changes. In this case there is evidence, directly from Apple (which Apple may choose to release in due course), that Apple told them of the changes in response to an earlier service request.

But even if Apple didn't notify them personally the onus still lies with 1Password to keep up-to-date. They are writing security critical software after all.

Unless a wave of instances of 1Password users suddenly discovering their login details being compromised begins to surface, I say AgileBits get to keep their established reputability in security for now.

I'm already hearing anecdotal evidence from colleagues that they (and their companies) won't be renewing subscriptions to 1Password. Those same IT pros won't be recommending 1Password either - they're actively discouraging people from moving towards the service.

1Password have severely damaged any reputation they've built because of these breaches... and it's not the first time. The last time there was a serious issue they played it down by blaming customers for not migrating to a new data format although 1Password didn't think it was necessary to inform customers that they needed to do this and the new format was not compatible with all platforms.

ahr10 said:

Why didn't Cloudlflare detect this major breach themselves?

Because people make bad judgments and sometimes those mistakes can go unnoticed for years. Did you hear about the Shellshock vulnerability that lurked, hidden away in Unix systems for many years, only for it’s security concerns to be realised in 2014?

ahr10 said:

Pyprohly said:

I trust AgileBits’ word when they say that they don’t rely on HTTPS to be secure. They’re password management specialists after all, and 1Password is their primary product and service so you can expect them to be especially focused on stabilising and staying vigilant to the security aspects of their service.

But 1Password are not being truthful. They serve the 'Emergency Kit' (which has your unique SRP key inside) over HTTPS. This coupled with your password can be used to get inside your trove of passwords.

Not being truthful about what? It doesn’t matter how valuable the payload, being a critical piece of data such as the 1Password ’Emergency Kit’ or not doesn’t void the fact that encryption standards protect your information from being opened and read.

1Password will undoubtedly encrypt its payload before sending it through the internet. The HTTPS protocol encrypts this data even further, the payload experiencing a double encryption, but this double encryption is wholly redundant because most encryption standards are very strong and few computers today have the capacity to break this encryption. Even if they could do so easily, the underlying program must know what it’s looking for, or have at least a vague idea of the structure of which was the original data. This problem is discussed in relation to the idea of Unicity Distance.

I hope this puts the true security of encryption into perspective.

ahr10 said:

They've already tried to make it sound like it was a perfectly normal mistake by saying:

"The exact same perfect storm appears to caused our friends at Smile to hit the same rough seas that we had..."

Bullshit. You can't say it's affected other companies so that's okay.

That’s your interpretation. They never proclaimed what had happened was ok. Repeating one of their statements:

This was painful for everyone. We lost sleep over the weekend, but worse than that… our users temporarily lost access to some of their most important information. This is unacceptable to us and we want to make sure this doesn’t happen again.

They understand that “this was painful for everyone”, describing their mistake as “unacceptable”. Their high modality statements regarding their error exemplifies a sincere apology, and the first person plurals expresses their sense of ownership over the distress that they’ve caused for their users. The ellipsis even epitomises their embracement over the situation, a slight hesitation from revealing the truth, but they do, and they do so openly.

ahr10 said:

Of course they're going to suggest they worked tirelessly. People pay them money to stay on top of the latest developments in security so that they (the individual customers) don't have to.

Fair, but your previous remarks on their honesty still intrigues me.

ahr10 said:

They should have pre-empted this and taken appropriate action instead of waiting for something to happen and then doing reactive firefighting.

Recall the fate of Samsung’s Galaxy Note 7. Your line fits as a perfect retrospective response to this terrible disaster. Why couldn’t Samsung pre-empt this incident? Because nobody’s perfect, that’s why.

ahr10 said:

Pyprohly said:

By the way, I’m sure Apple doesn’t spend their days going around telling developers how to compose a developer’s certificate. If you’ve got evidence of “Apple having told them previously”, I’d like to hear.

How do they communicate with developers then? Of course they tell them of any changes. In this case there is evidence, directly from Apple (which Apple may choose to release in due course), that Apple told them of the changes in response to an earlier service request.

Where then? Evidence? I don’t see a link, I don’t see a quote, I don’t see stats or figures or facts that would indicate as proof that Apple would act to protect a third-party from defilement. If there was some communication it would certainly be robotic, not personal—you don’t know this. Apple’s practises don’t concern us. And Apple doesn’t email developers of an incoming developer certificate expiration. (see my remark below)

ahr10 said:

But even if Apple didn't notify them personally the onus still lies with 1Password to keep up-to-date. They are writing security critical software after all.

True. It certainly is AgileBits’ responsibility to ensure their product is up-to-date and functioning to standards, but as I’ve said, the problem was catalysed from from humanistic error, a mistake. Mistakes can’t be be avoided once they are made, there is only recuperation, and I think they took the best course of action to right their wrong and prevent a similar incident from occurring in future.

Namely, they have “reached out to Apple for help and guidance” over the situation and have subsequently taken the initiative to file an “enhancement request with Apple asking that developers be notified via email of impending distribution certificate or provisioning profile expirations” and additionally include “explanations of repercussions” along with this notice, after they had cleared the problem.

Conveniently, in the same document, “Certificates, Provisioning Profiles, and Expiration Dates: The Perfect Storm”, AgileBits’ recited their ethical stance in software production.

We were one of the first apps to sign with Developer ID certificates, use XPC, and leverage the entitlements required for Touch ID. It’s always exciting being on the cutting edge of technology but we wouldn’t have it any other way. 🙂

They continue to claim their quality of service in ensuring up-to-date and secure software for their users. Take their word or leave it, that’s your own entitlement.

ahr10 said:

1Password have severely damaged any reputation they've built because of these breaches... and it's not the first time. The last time there was a serious issue they played it down by blaming customers for not migrating to a new data format although 1Password didn't think it was necessary to inform customers that they needed to do this and the new format was not compatible with all platforms.

I want a citation on this. Have you considered that this change was likely made in the interest of enhanced security? Though, if the fact is as true as how you have framed it, my question doesn’t change the fact that the changes had caused inconveniences among users, I understand.


You raise fair points, but my tendency of concern is not on par with your level and I remain unfazed by the faults in the quality of service AgileBits may have delivered in the past on the account that any sufficiently large and experienced business is bound to encounter accidents similar in scale as to what AgileBits have gone through.

You need to put some trust and pliability toward a few things or you’ll only inconvenience your own comfort at the expense of, really, trivial matters. Your information was never at risk. There’s just no mounting evidence to suggest it.

Hi, everybody! Brenty from AgileBits, the makers of 1Password, here.

I just stumbled upon this discussion searching for something (ain't Google great for falling down rabbit holes?) and just wanted to clarify a few things in case it helps anyone.

There haven't actually been any breaches of 1Password data, though we continue to work hard ourselves and with other parties to identify and fix anything that might pose a risk to 1Password users. I think what ahr10 was thinking of was an older data format in which titles and URLs were not encrypted. That hasn't ever been the case with usernames, passwords, and other sensitive data, but in that case, if someone got your vault somehow (access to your computer, for example), they could find out that you have an item named "Amazon", or with an amazon.com URL, for instance.

More to the point regarding the recent "excitement", in the case of the CloudFlare vulnerability that was discovered, 1Password customers weren't affected because no matter what, data is secured before being encrypted again to be transmitted over SSL/TLS. You can read more details on our blog:

Three layers of encryption

But the short version is that when you use 1Password, AgileBits never has access to your data, regardless of the setup you choose. Even with 1Password.com, your data is encrypted on your device, so all the server ever ends up with is an encrypted blob. And since the Account Key is created locally, your Master Password is only known by you, and neither is ever transmitted, no one — including AgileBits — has the means to decrypt it. You can read more details on how all of this works in our white paper [PDF].
And in the case of macOS preventing 1Password for Mac 6.5.3 from launching, while I can certainly appreciate that some might feel it's "passing the buck" to say that this is a macOS issue, it really it. That's not to say we don't feel terrible that this affected our customers. It sucks that anyone had to manually download an update later in the day to be able to run 1Password again. That just isn't a good experience, and that's why we're resolved to make sure something like this never happens again — for users of any macOS app. You can read the final details of our investigation in this blog post:

PSA for macOS Developers

Opinions may vary, but we feel pretty strongly apps shouldn't simply stop working one day, in the absence of system changes that prevent them from functioning, or a security issue. I personally really enjoy running old school apps and games using VMs and things like DOSbox, and while this isn't mission-critical stuff, I'd be disappointed (to say the least) if I couldn't run a virtualized copy of something like Firewatch in a few years because it "expired".

Anyway, I hope this helps. Whether you're using 1Password or something else, stay safe out there! :)