Mozilla has pulled Firefox 37's opportunistic encryption feature after less than a week when it learned that tech designed to enhance security actually broke SSL certificate validation.
A simple patch wouldn't do the trick, so Mozilla opted to release an update, Firefox 37.0.1, that removed opportunistic encryption.
Going into reverse ferret mode and stripping out technology that evidently wasn't ready for prime time is a little embarrassing for Mozilla even though this is the responsible action to take in the circumstances.
Mozilla correctly labels Firefox 37.0.1 as a critical update.
Opportunistic encryption offers some basic encryption of data previously sent as clear text. The vulnerability arises in security flaws within the Alternative Services capability that underpins opportunistic encryption.
The CVE-2015-0799 bug in Mozilla's HTTP Alternative Services implementation – discovered by security researcher Muneaki Nishimura – left surfers vulnerable to man-in-the-middle attacks that involved hackers impersonating genuine sites.
Normally, the fake certificate hackers try to fool surfers with (in such cases) would generate warnings.
However, these certificate warnings would fail to appear, leaving surfers without a clue that anything was amiss, as a security advisory by Mozilla explains.
If an Alt-Svc header is specified in the HTTP/2 response, SSL certificate verification can be bypassed for the specified alternate server.
As a result of this, warnings of invalid SSL certificates will not be displayed and an attacker could potentially impersonate another site through a man-in-the-middle (MITM), replacing the original certificate with their own.
Mozilla plans to re-introduce opportunistic encryption once it irons out the wrinkles in its version of the technology. ®