DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
Old 17th December 2010
rocket357's Avatar
rocket357 rocket357 is online now
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 330
Thanked 9 Times in 9 Posts
Default

Quote:
Originally Posted by Oliver_H View Post
GCC uses different enhancements in GCC like ProPolice etc.:

http://www.openbsd.org/cgi-bin/man.c...86&format=html
Propolice has nothing to do with the type of compiler compromise I'm talking about. Who cares if it inserts canary values and checks and such if it actively injects malicious code? A compiler is a program. It can be compromised to produce compromised programs even if the source of the program is "clean".
Reply With Quote
Old 17th December 2010
Oliver_H's Avatar
Oliver_H Oliver_H is offline
Real Name: Oliver Herold
UNIX lover
 
Join Date: May 2008
Location: Germany
Posts: 429
Thanked 26 Times in 22 Posts
Default

Quote:
Originally Posted by rocket357 View Post
Propolice has nothing to do with the type of compiler compromise I'm talking about. Who cares if it inserts canary values and checks and such if it actively injects malicious code? A compiler is a program. It can be compromised to produce compromised programs even if the source of the program is "clean".
Sure, but they're not just using GCC as other operating system. According to my information they do security auditing for GCC.
__________________
use UNIX or die :-)
Reply With Quote
Old 17th December 2010
rocket357's Avatar
rocket357 rocket357 is online now
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 330
Thanked 9 Times in 9 Posts
Default

Quote:
Originally Posted by Oliver_H View Post
Sure, but they're not just using GCC as other operating system. According to my information they do security auditing for GCC.
Point taken. =)
Reply With Quote
Old 17th December 2010
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

The old "compromised" program threat is geared more toward a system where an authorized user has replaced/tampered with a frequently used binary (..like the toolchain/compiler).

It's not that easy to introduce such code into a peer reviewed source repository, something complex enough to produce malicious executables would not go unnoticed.

There is no doubt that GCC 4.2.1 was recently audited before it was added to the tree, they had to deal with portability problems on several architectures.

Also, GCC doesn't actually generate executables.. that's done by the assembler, which receives an assembly representation, anyone can generate this using the -S argument of the compiler.

There is no sense discussing this, not unless anyone here has audited.. you'll have to trust that the accusation will be dealt with, or "shut up and hack".
Reply With Quote
Old 18th December 2010
Oliver_H's Avatar
Oliver_H Oliver_H is offline
Real Name: Oliver Herold
UNIX lover
 
Join Date: May 2008
Location: Germany
Posts: 429
Thanked 26 Times in 22 Posts
Default

>you'll have to trust that the accusation will be dealt with, or "shut up and hack".

The usual bullcrap-attitude of OpenBSD? It's all about trust and if there is some disturbance, then OpenBSD has a problem. You can live with such an attitude up to a certain degree, but it begins to hurt if the already rather small money flow declines even more. And if there is no money, then OpenBSD finally has to shut up.

Such discussions are necessary at least on a certain level, if there is no discussion anymore it's just faith only. And I'm not a religious man. I can follow technology in OpenBSD up to a certain level, I can even follow parts of the source code, I don't want to badmouth it, but I do need every clue about possible threats, so that I'm able to take certain actions.
__________________
use UNIX or die :-)
Reply With Quote
Old 18th December 2010
rocket357's Avatar
rocket357 rocket357 is online now
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 330
Thanked 9 Times in 9 Posts
Default

Quote:
Originally Posted by BSDfan666 View Post
There is no sense discussing this, not unless anyone here has audited.. you'll have to trust that the accusation will be dealt with
And there's no sense in moderating a thread unless you're a moderator...you'll have to trust that the moderators here will deal with any issues this discussion may bring up...
Reply With Quote
Old 18th December 2010
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Quote:
Originally Posted by rocket357 View Post
And there's no sense in moderating a thread unless you're a moderator...you'll have to trust that the moderators here will deal with any issues this discussion may bring up...
I'm not moderating.

Any discussions we have here won't effect the end results, and no, I'm not saying that we should trust that the developers should resolve the situation, I'm saying that if you're worried about the problem, audit things yourself, otherwise suck it up and move on.
Reply With Quote
Old 19th December 2010
rocket357's Avatar
rocket357 rocket357 is online now
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 330
Thanked 9 Times in 9 Posts
Default

Quote:
Originally Posted by BSDfan666 View Post
Any discussions we have here won't effect the end results
I suppose we should disable comments on the news section, then?
Reply With Quote
Old 19th December 2010
Oliver_H's Avatar
Oliver_H Oliver_H is offline
Real Name: Oliver Herold
UNIX lover
 
Join Date: May 2008
Location: Germany
Posts: 429
Thanked 26 Times in 22 Posts
Default

Quote:
Originally Posted by BSDfan666 View Post
I'm not moderating.

Any discussions we have here won't effect the end results, and no, I'm not saying that we should trust that the developers should resolve the situation, I'm saying that if you're worried about the problem, audit things yourself, otherwise suck it up and move on.
Well, I understand your concern for possible FUD about your OS of choice, but a discussion is always a must, as I said on a certain level of course. "Audit things yourself" is maybe the attitude in the "OpenBSD-community", but it's not the attitude of the rest of the world. So my advise would be shut up and think first the next time. OpenBSD is a nice operating system, I usually have great trust in the developers, but I don't see people with obvious "antisocial personality disorders" as prototypes for any kind of discussion culture among members of more "human" communities.

That said, there are times to just shut up, but there are also times to discuss. At the moment I don't see any problems in discussing this topic.
__________________
use UNIX or die :-)
Reply With Quote
Old 19th December 2010
vermaden's Avatar
vermaden vermaden is offline
Administrator
 
Join Date: Apr 2008
Location: pl_PL.lodz
Posts: 1,052
Thanked 118 Times in 93 Posts
Default

Quote:
Originally Posted by Oliver_H View Post
(...) but a discussion is always a must, as I said on a certain level of course.
Without discussion we would not have such great standards and protocols - RFC (Request for COMMENTS)
__________________
religions, worst damnation of mankind
"If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds

Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”.
vermaden's: links resources deviantart spreadbsd
Reply With Quote
Old 19th December 2010
Oliver_H's Avatar
Oliver_H Oliver_H is offline
Real Name: Oliver Herold
UNIX lover
 
Join Date: May 2008
Location: Germany
Posts: 429
Thanked 26 Times in 22 Posts
Default

Apart from that, I've found an interesting article more specific about the matter

http://extendedsubset.com/?p=41
__________________
use UNIX or die :-)
Reply With Quote
Old 20th December 2010
mechanic mechanic is offline
Port Guard
 
Join Date: Sep 2010
Posts: 15
Thanked 0 Times in 0 Posts
Default

I see we're still claiming 'Only two remote holes in the default install, in a heck of a long time!' - time to revisit this strap line?
Reply With Quote
Old 20th December 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,709
Thanked 214 Times in 189 Posts
Default

There are two assumptive errors I noted in that article, Oliver:
  1. That US developers traveled to Canada to develop crypto code
  2. That there was release-date pressure
#1: US developers and crypto

It is true that cryptographic logic was classed as a "munition" and treated as such by the US Department of State under International Traffic in Arms Regulations (ITAR). Under ITAR, US citizens, or non-US citizens working for US-owned companies are disallowed the export of munitions without permission from the Department. Those who do not follow ITAR can find themselves charged with violating the Arms Export Control Act.

This "export" can be defined as any disclosure of any information -- including when attending seminars and meetings outside the US. That the information can already be public (such as found on the Internet) has no bearing on the export. The State Department can find, if they like, the combination of two public documents constitutes a "teaching" and therefore an export of munititions technology.

Theo has already emphatically articulated, publicly and in writing, the constraints under which crypto code was developed. No US citizens or non-US citizens employed by US companies worked on the crypto code development. I'm thinking this was published by eWeek or InformationWeek or some other IT journal when the story broke last week, but I cannot find the reference at the moment. I'll look for it when I have time later this week, unless someone else posts a reference to it here sooner.

#2 Release data pressures

The OpenBSD release cycle is twice yearly. But there is no significant pressure to complete a particular development in time for this cycle. If code is not ready, by in large, it does not go in. Development is conducted in -current, for approximately four months. Then development is intentionally slowed for two months, during which the code is tested heavily, and a release produced. Release dates are flexible, to a degree, and when code is expected but is a little late, releases have been held in order to complete the development. But by-in-large, the project strives for quality over functionality as a culture.
Reply With Quote
Old 20th December 2010
backrow backrow is offline
Real Name: Anthony J. Bentley
Shell Scout
 
Join Date: Jul 2009
Location: Albuquerque, NM
Posts: 116
Thanked 10 Times in 4 Posts
Default

Quote:
Originally Posted by mechanic View Post
I see we're still claiming 'Only two remote holes in the default install, in a heck of a long time!' - time to revisit this strap line?
They will probably do so if they find a backdoor. Remember, as of now it’s just an allegation.
__________________
Many thanks to the forum regulars who put time and effort into helping others solve their problems.
Reply With Quote
Old 20th December 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,709
Thanked 214 Times in 189 Posts
Default

Regarding ITAR, Damien Miller (djm@) is the developer who responded publicly:
Quote:
We have never allowed US citizens or foreign citizens working in the US
to hack on crypto code...
And I found reference to this at pcmag.com. The quote came from tech@.

(Like Marsh Ray, Larry Seltzer misunderstood the ITAR rules. Damien referred to Niels Provos making trips to Canada, but did not explicitly state that Damien is a German citizen, or that he was not employed by a US company. AFAIK, Damien is now at Google.)
Reply With Quote
Old 21st December 2010
Oliver_H's Avatar
Oliver_H Oliver_H is offline
Real Name: Oliver Herold
UNIX lover
 
Join Date: May 2008
Location: Germany
Posts: 429
Thanked 26 Times in 22 Posts
Default

@jggimi no need to search arround, just read the postings in this thread and you'll find the reference you're looking for:

http://marc.info/?l=openbsd-tech&m=129237675106730&w=2

However, the best way to follow the information: just follow the mailinglists as I do.
__________________
use UNIX or die :-)
Reply With Quote
Old 21st December 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,709
Thanked 214 Times in 189 Posts
Default

Yes, I know, and I do. I'd seen it twice.
Reply With Quote
Old 21st December 2010
backrow backrow is offline
Real Name: Anthony J. Bentley
Shell Scout
 
Join Date: Jul 2009
Location: Albuquerque, NM
Posts: 116
Thanked 10 Times in 4 Posts
Default

For those who might not be keeping up with tech@:

Kurt Knochner (who is not a developer) posted about his own audit of the IPSEC code; in response, Theo posted some more information on the situation.
Quote:
At the moment my beliefs are somewhat along these lines:
  1. NETSEC, as a company, was in that peculiar near-DC business of accepting contracts to do security and anti-security work from parts of the government.
  2. For context: 1999-2001 was a period where lots of US govt departments pushed the boundaries, because crypto was moved from DOD to Commerce so that it could be exported "subject to some limits"; the result was that crypto use by private interests was set to explode, and thus many justifications, not just technologies, were being invented to let the US Govt continue wiretapping (they have always been addicted to it).
  3. Gregory Perry did work at NETSEC, and interviewed and hired Jason just out of school; by the time Jason started working there Perry had been "evicted" from the company, for reasons unknown.
  4. Jason did not work on cryptography specifically since he was mostly a device driver author, but did touch the ipsec layer because that layer does IPCOMP as well. Meaning he touched the data-flow sides of this code, not the algorithms.
  5. After Jason left, Angelos (who had been working on the ipsec stack already for 4 years or so, for he was the ARCHITECT and primary developer of the IPSEC stack) accepted a contract at NETSEC and (while travelling around the world) wrote the crypto layer that permits our ipsec stack to hand-off requests to the drivers that Jason worked on. That crypto layer contained the half-assed insecure idea of half-IV that the US govt was pushing at that time. Soon after his contract was over this was ripped out. Soon after this the CBC oracle problem became known as well in published papers, and ipsec/crypto moved towards random IV generation (probably not viable before this, since we had lacked a high-quality speedy PRNG... arc4random). I do not believe that either of these two problems, or other problems not yet spotted, are a result of clear malice. So far the issues we are digging up are a function of the time in history.
  6. Both Jason and Angelos wrote much code in many areas that we all rely on. Daily. Outside the ipsec stack. I forwarded the allegation which mentions them, but I will continue to find it hard to point my own fingers at them. Go read my original mail for points (a) - (c).
  7. I believe that NETSEC was probably contracted to write backdoors as alleged.
  8. If those were written, I don't believe they made it into our tree. They might have been deployed as their own product.
  9. If such NETSEC projects exists, I don't know if Jason, Angelos or others knew or participated in such NETSEC projects.
  10. If Jason and Angelos knew NETSEC was in that business, I wish they had told me. The project and I might have adjusted ourself to the situation in some way; don't know exactly how. With this view, I do not find Jason's mail to be fully transparent.
  11. I am happy that people are taking the opportunity to audit an important part of the tree which many had assumed -- for far too long -- to be safe as it is.

> where would you start auditing the code? It's just too much.

Actually, it is a very small part of the tree. If we all do our part,
it will get better. It still won't be perfect. It is just too big. But
we've proven that if we start nibbling at a source tree looking for small
bugs or unclear things which need improvement, the results always eventually
pay off. So I can't suggest any specific place to start.

> Now, as I have started with it, I will continue to do so, at least
> with the crypto code and PRNG code.

After you sent out your mail, at least 10 people went and studied this
code. I've already found a small bug in a totally different side of
the random subsystem, and am looking at cleaning up a truly ugly function.

That is the best process we can hope for.

> > But looked at from the half-glass-full side, it is refreshing to see
> > people trying!
>
> :-)
>
> BTW: iTWire mentions, that two bugs have been found in the crypto
> code. Where can I find details on those bugs?
>
> http://www.itwire.com/opinion-and-an...e-audit-begins

These are the first two bugs which were found. The first one relates
to the CBC oracle problem mentioned earlier (it got fixed by angelos
in the software crypto stack, but the same problem was ignored in all
the drivers jason maintained. Neither Jason nor Angelos were working for
NETSEC at that time, so I think this was just an accident. Pretty serious
accident).

CVSROOT: /cvs
Module name: src
Changes by: mikeb@cvs.openbsd.org 2010/12/15 16:34:23

Modified files:
sys/arch/amd64/amd64: aesni.c via.c
sys/arch/i386/i386: via.c
sys/arch/i386/pci: glxsb.c
sys/dev/pci : hifn7751.c hifn7751var.h safe.c safevar.h
ubsec.c ubsecvar.h

Log message:
Bring CBC oracle attack countermeasure from r1.32 of cryptosoft.c to
the hardware crypto accelerator land. This fixes aes-ni, via xcrypt,
glxsb(4), hifn(4), safe(4) and ubsec(4) drivers.

Original commit message by angelos:

Don't keep the last blocksize-bytes of ciphertext for use as the next
plaintext's IV, in CBC mode. Use arc4random() to acquire fresh IVs per
message.

with and ok deraadt, ok markus, djm


CVSROOT: /cvs
Module name: src
Changes by: jsg@cvs.openbsd.org 2010/12/16 09:56:08

Modified files:
sys/crypto : cryptodev.h
lib/libssl/src/crypto/engine: hw_cryptodev.c

Log message:
move CRYPTO_VIAC3_MAX out of cryptodev.h and into the only
file it will be used from.

requested by/ok mikeb@


Other more recent commits have come out of this as well. Just go
look at the Changelog ..
__________________
Many thanks to the forum regulars who put time and effort into helping others solve their problems.
Reply With Quote
Old 24th December 2010
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Thanked 112 Times in 104 Posts
Default

The problem with sneaking something into GCC, is you have to maintain it and keep other people from breaking it.
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need Help Please About IPsec wong_baru FreeBSD Security 2 21st June 2010 08:00 AM
Securing wifi networks with ipsec/ssh and openbsd Oko OpenBSD Security 4 16th April 2009 07:32 AM
openBSD IPSEC gateway w/WINDOWS XP roadwarrior s2scott OpenBSD Security 7 13th January 2009 11:01 AM
Ipsec freebsd openbsd failure kasse OpenBSD General 3 31st December 2008 01:42 AM
IPsec on openbsd hitete OpenBSD Installation and Upgrading 1 12th July 2008 01:57 AM


All times are GMT. The time now is 04:00 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick