Slashdot Mirror

While we're at it: Congress helps terrorism too, by legalizing spam. Is there anything better than a constant flow of junk, to defeat NSA's traffic analysis?

Next time Darl will be talking to the President about how spammers use that damned Linux to spread their stuff. With tightly controlled UNIX(tm) (or Windows(tm)), spammers would be tracked down with spyware. With open code, Gov't doesn't stand a chance...

What you want is out there. In a real world scenario, especially with constantly changing desktop machines, it is a nightmare to administrate.

I should know, I give talks about it. It's a great system. I don't think it'll work for the desktop machine of JDoe@aol.com, ever.

I was sure the submitter meant the NSA but looking at the story it really was NASA.

Are they going to be sharing this info with the Martian Immigration Service?

What if the "random" words were actually a hidden communications channel?

One known method of defeating traffic analysis is to send a continuous stream of junk from random locations to random destinations, and, at the right moment, insert the real payload into the random stream.

The constant stream of spam, esp. when combined with this seemingly random gibberish set of words, is a great way to hide real communication from traffic analysis.

If the NSA were to effectively do traffic analysis on a worldwide scale, they will have to monitor an enormous amount of spam, and this could even amount to a DDoS of their surveilliance software.

So, Mr. Ashcroft: Spammers are (helping) terrorists! Wouldn't it be time to change your CAN spam law to a CANNOT spam law (just to be sure) and start prosecuting those criminal enemy combatants?

And who knows? Napster-NG (new generation) could be also build on top of that great anti-traffic-analysis spam network. RIAA sheriffs, are you there?

• UML
• ipsec
• ebtables & bridge-netfilter
• robert love's preemptable patch
• LSM-hooks (which make not everybody happy:grsecurity, RSBAC
• LS-module SE-linux
• filesystem-encryption
• apci 2.5 backports
• Kernel .config
• DVB-support

They must have beaten up Linus to get all those accepted ...

/graf0z.

No, but Google has. Found me this link.

Interesting stuff.

NSA's program was called the Undergraduate Training Program, but is now the Stokes Educational Training Program. I know someone who's in the program, and it's a pretty good deal. Pays for school, gives you a job when you get out, and you have summer jobs throughout school. Now it's for more than just people who are good at math as well.

One of these talking points is to license software developers and make them accountable for security breaches.

It seems to really prevent all possible security breaches, you need to prove that the program is correct first - I don't know of many entities that even try to prove their programs. I have heard of a few telecom infrastructure programs, but remember the big SS7 outage caused by one tech some years ago? The SS7 code is probably better "audited" than most code but would that outage have been construed as a "security breach"? - Yes, after the lawyers were done with it.

What about how quickly the world changes after a program is released? You use the best encryption technology of the day, you prove your programs correct, not just audit the code or use "good" software engineering/management methodologies. But you used DES (back in the day) or MD5 more recently, then MD5crack comes along or quantum computing and suddenly you are responsible for a "security breach" because of some exploit that didn't exist when you created the program.

That is nuts, who would want to sign up for that?

Besides DJB does anyone even have the balls to reward people for finding security problems? Or even advertise security as a feature? OpenBSD (yeah, I know its dead, blah, blah, blah), pureftpd, NSA Linux
I expect not many others, because people expect code to have security issues.

Since security is such a big concern now (and in the past), I would think that people who wanted to show off their programming prowess would be bragging about how secure their code is. But no one does, that I know of - why? because its just damn hard to be sure that the code is perfect - which is what is required to prevent all possible security problems. So where are all these people with the big security cahones going to come from?

Can a program be proven correct for all inputs?
If it isn't stateless then can each permutation of state and input be proven?
Are all the protocols used by the program verified?

The impossibility of preventing security breaches seem to make this kind of government action more likely. Burn the witches!! They hexed our computers, and were seen in the woods cavorting with unaudited code fragments!

Scary secret foreign goverment agency putting software on my computer. Damn how dare they. How can I ever check out what it does? Don't worry. I broke into their computers and liberated the source from their cluthces!

So the US goverment is already distributing OS software. If you look into SELinux you will find it an intrestting idea and a very usefull addition for machines not 100% under your control.

Scary secret foreign goverment agency putting software on my computer. Damn how dare they. How can I ever check out what it does? Don't worry. I broke into their computers and liberated the source from their cluthces!

So the US goverment is already distributing OS software. If you look into SELinux you will find it an intrestting idea and a very usefull addition for machines not 100% under your control.

If you live around Washington, or are visiting the area, you might also be interesting in seeing the National Cryptological Museum near the NSA headquarters in Fort Meade, MD. More information is available here.

As soon as you get government involved, OS becomes political, and influenced by political forces.

Government is already involved. It's the government that issues copyrights and patents. The government funded the ARPANET, and funds endeavors like SELinux.

I wonder who will be the first China?, Russia?, or the USA? We'll find out on Cryptome now won't we...

I just spent the last 3 days trying to get the SELinux extensions, courtesy of the NSA installed on a Fedora Core 1 system.

I eventually gave up. However, the SELinux extensions were merged into the 2.6 kernel and it's apparently the plan of Fedora/Red Hat to put it into Fedora Core 2 sometime later this spring.

I, for one, can't wait.

It will be a long time before many government departments dealing with "sensative" information even consider open source.

References:

1. Classification guidelines
2. More info on FOUO
3. Document marking guidelines
4. EO 12958, which gives the authority to classify information

You should remember that the men and women who defend this country do so largely without public knowledge of their activities and methods, for obvious reasons. They do so often at the expense of an orderly family life, friends they can confide in, and even their lives. They have strict rules by which they must follow, and make obligations which last them for the rest of their lives, even if they leave public service. A polygraph from time to time means nothing to them, nor did it to me when I was an applicant. If you're going to criticize polygraphs, or the people that take them, go right ahead, but please give some privacy to the hiring process for people who are out there risking their lives on your behalf.

If you feel that I'm a government shill, I invite you to apply for a position at the NSA, CIA, or DIA. It doesn't even have to be in Operations. I know for a fact that the government is looking for highly talented people like you.

But how much of this is really news? Our very own Canadian intelligence folks describe themselves as "...an organization with secrets to protect, not a secret organization." They provide detailed information on what's involved if you want to join them. The CIA have a detailed employment FAQ Try the GCHQ recruitment page.

If you click on Employment Opprtunities at the NSA, you get a blank window (at least in my version of Mozilla). The web version of invisible ink, perhaps?

...laura

I seriously hope you are kidding.

I didn't say it was good- I said it was widely practiced. And it is. Walk into any classified military research facility, and there's posters every 3 meters reminding you to change passwords every 60 days (alternating with reminders not to let anyone follow you through a keycarded door).

Forced expiry is so prevalent that I didn't want to come out against it, because the concensus is that it's really needed.

The only advantage I can see to it is that it reduces the time window open for an attack by a patient, resourceful enemy. If passwords never, ever change, then any compromised password is a permanent hole (as long as the attacker doesn't jump the gun and get caught exploiting it). If passwords are your only defense, then your network is transparent forever. Expiry at least bounds that, so a lucky glance at a post-it isn't the end-all of intrusion.

At least, that must be the thinking, or why else does the NSA require it? (PDF, flip to page 8: "Users should be forced to change their passwords regularly")

(Also, if you have a dual password+SecurID or password+biometric system, then a non-expiring password gives attackers much more time to work on physically circumventing the other element of protection)

Answer: My understanding is PaX would have preventented the integer overflow that comprimised kernel memory: the kernel would have paniced, never returning from the call. propolice prevents buffer overflows with stack guarding techniques introduced at compile time. Add grsecurity or selinux then you have a hardened system.

This may not catch 100% of the exploits but it's a solid start in the right direction.

For example, if the kernel verifies the binaries it runs using digital signatures, then it can refuse to run unsigned binaries.

It's also possible to use SELinux. With this module you can in details give permissions to any object in the system. A web server would not be able for example to run /bin/sh ... it would be blocked by the kernel. It's also possible to tell what syscalls are allowed for a program.

-SELinux - security above all else

SELinux is not a distribution, it is a Role-Based Mandatory Access Control project for Linux (the kernel). It is mostly just kernel and a few tools. If you go to the Download page for 2.6 you will see the patched kernel and related userland tools.

-SELinux - security above all else

SELinux is not a distribution, it is a Role-Based Mandatory Access Control project for Linux (the kernel). It is mostly just kernel and a few tools. If you go to the Download page for 2.6 you will see the patched kernel and related userland tools.

For some reason, i don't take closure that the NSA's version of Linux is going into stock kernels, even if it is open sourece :(

I thought NSA was still involved in the form of SELinux. They seem to be patching against 2.6 as of October.

Yes, and a quick search of "nsa linux" shows this, so I'm not sure how effective that anti-GPL and anti-Linux lobbying campaign was.

"I personally think it will never happen. Remember the past stories about the NSA using and giving away software for linux?"

You mean exactly like Security-Enhanced Linux, which is sitting right at nsa.gov, and given away completely free?

Ok, what else?

Actually, there already is a Tinfoil Hat linux. It's a bootable single-floppy distro for gpg-signing and/or wiping files.

The NSA's version is called SE-Linux, for Security Enhanced Linux. It has a "strong, flexible mandatory access control architecture incorporated into the major subsystems of the kernel. The system provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements. This allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications." Or some such.

If you really need security and don't think running Bastille-linux is going to be enough, then ACLs a la SE-Linux might be the way to go. I suppose no OS is truly secure, but it's hard to imagine even talented crackers getting very far against it.

Steve from Debian Security Audit project says this occurred due to a password goofup so this doesn't necessarily apply here but it easily could have:

Machine as important as these should be running some sort of Mandatory Access Control system like SE Linux. I have done an evaluation of all of the root exploits I could find over the last few years and SE Linux would have prevented every one of them because the MAC system prevents unauthorized priviledge escalations. You can test drive my SE Linux box by telnetting (not ssh) to selinux.copilotconsulting.com with user root and password root.

There are various other methods currently being researched, typing speeds/patterns is the main one that could be used here but its not really reliable enough currently. For a major project like debian implementing some kind of smartcards wouldn't be beyond the realms of possibility (or budget anymore).

It is possible to limit break-ins like this using one of the various sets of ACL's around.

I'm not sure I agree with the point that "its not about the OS being secure".....well the OS has users, who tend to do things like write their passwords down, lose them or get themselves socially engineered. A truly secure OS should take this into account and have appropriate measures to limit the damage such a user could do.

when a M$ compromise comes to light

You mean, "when Microsoft have no choice but to annouce a break-in". With the loss of share price such announcements would cause don't you think they'd just keep them quiet? The problem is that Joe Public, and Joe Ceo both think this means that they are more secure because CNN doesn't carry stories about them being hacked. This is a problem with society, not open or closed source.

The vast majority of break-ins are through misconfiguration or human error. Gentoo, OpenBSD, nor anything else, can prevent these factors.
Try SELinux. A Misconfiguration in even a highly priviliged application will not lead to a system compromise, provided an appropriate security policy is in place...and an appropriate security policy is easy to write with the tools from tresys

NSA Kids page? WTF??

Mommy, I want to be a spook when I grow up.

Wow, $4,000 per pair? That seems awfully high, but I'd imagine there are many legitimate uses of such technology, that may interest people to shell out that much cash. For instance, credit card authorization, police communication, and drug trafficking come to mind. I work for the second-largest supplier of solid-gold cell phones and pagers, which are often used by celebrities and collectively engaged urban businessmen, and I could certainly see where many of our clients would have use for this kind of device.

I am a little concerned, though, that this kind of technology might fall into the wrong hands. For instance, have the manufacturers considered the applications for which terrorists might use these? I hardly think that the NAH6 would like to see their products used to slaughter innocent Americans, or even Amsterdaminians. Encryption is certainly a worthwhile tool, but I think it's far more likely to be exploited by the wicked than the virtuous, as it's the bad guys who've got something to hind.

Perhaps I would be more supportive of NAH6 if they were to provide a backdoor for the NSA, FBI, CBS and the ALF. These organizations, then, could catch evil-doers in the act before they can inflict massive damage to our American way of life. Truly, the only way to secure our liberty is government supervision of the most invasive sort.

The other reason was SuSE and Mandrake, both European and not from the United States.

SuSE and Mandrake are produced by European vendors, but the software they ship is truly international.

However you're right: a strong selling point in convincing the public sector in EU-land to switch to Linux is that revenues will flow back into the EU rather than outside.

Another important point is that the US are being currently perceived in large parts of Europe, but also in many third world countries as, how should I put it, acting rather strangely w.r.t. human rights and abidance by [intl.] laws. Please don't get me wrong here: this is not my personal opinion, but it is very widespread out there.

The general scepticism against US policy translates in (most often) irrational fears about "spyware." M$ had presumably a record of cooperating with the NSA, helping them install backdoors in M$'s crypto libraries: CCC press release (sorry, only in german). It may be true or not, the result is that people, especially outside the US, feal uneasy about installing software from companies they don't trust, which obey a government they may not always agree with.

China is a good example of this, with their RedLinux. Then again, their government won't even trust "european" distros, so they forked their own project. Then again, why not?

Last but not least, the most important aspect is simply technical excellence, or at least availability. Consider the use of FreeBSD among ISPs worldwide: there is no noticeable difference by region, and we're not afraid to use this system, even if it originated from Berkeley :). For the job at hand, there is simply no alternative; and it's fun to use too. The same about Cisco: We wouldn't dream of using something else in our backbones, just because we could find a small european router manufacturer. There is no reasonable technical alternative out there, and we're happy with our routers as they are.

Good words. While the person you were commenting to was a bit over the top, if you're willing to use your eyes to read, I'll touch just a few scant details about Linux that you might not be aware of.

I'm not promising a comprehensive overview -- you'd get borred looking through Windows at a similar level *if* Windows had this level of detail and it simply doesn't. That might sound arrogant. Maybe it is...see for yourself.

Even if [Windows XP] doesn't have the drivers all I have to do is to pop in the driver disk and all is taken care of.

Linux distributions typically include modules ('drivers') to support all hardware; no need for a driver disk, and no need to compile a kernel like days of old. Like Windows, some advanced features can be added by getting specific upgraded drivers or -- as is common with scanners -- using a non-kernel driver package that is typically installed by default.

Point: Needing to tweak or add modules is the exception not the rule. 5 years ago, yes, it was the rule, and back then I did it...5 years ago.

All those modules plus the kernel weigh in at about ~26MB (pre-made, binary, not customized). The ~26MB breaks down like this: ~22MB for ~750 modules plus a couple more meg for the kernel. Each module that supports hardware tends to support multiple models of similar devices -- for example there are 11 categories of radio hardware supported alone.

A fraction of the modules are for non-hardware specific support. That support covers a wide variety of features from not so booring file systems (including encrypted and network distributed) through to advanced features like the NSA's own security enhacements -- yep *that* National Security Agency.

Each module is tuned to the kernel and the processor it's used on; ia32, ia64, or any of the dozen other non-x86-Intel-style processors.

Hmmm.. you haven't heard of Winamp, (and several other equally good free players) have you?

The point with this is that with Windows, you get so little. A stock Windows setup compared to a stock Linux distribution are amazingly different. XMMS (a fork of Winamp BTW) is included automatically with most distributions, as are CD and DVD burners, integrated into the file browser. Office software, vector graphics editors, TV tuner programs...the list goes on, and nearly all of it is installed by default and ready to use. No searching. No looking. No asking around. There. Installed. Done. The biggest problem is the awesome quantity and quality, though most of that is being handled by careful layout of the 'start' menu just to make it easier to find.

One example of the quality and features common to Linux desktop applications: The CD and DVD burner software included with most current Linux distributions.

Sure, you can close your eyes and believe whatever you want to. You are free to use whatever works for you and so are others.

Agreed. Closing your eyes would be a bad thing.

Which is exactly what these guys did for this document. Maybe they know something about security?

Which is exactly what these guys did for this document. Maybe they know something about security?

Goodness knows we can't have googlebots archiving all of those top-secret/confidential web pages at the whitehouse. I guess we'll just have to live with the top-secret info that has already been archived.

What's that? Oh, all of the real top-secret stuff is at the NSA website?

Never mind then.

Alaska's favorite scientific instrument

Actually, yes. The NSA has its own linux distro here (previously submitted to /. but, of course, thrown away).

I haven't gotten a chance to run it yet, but it looks pretty decent.

[offtopic]All you genius slashdotters out there, the NSA has a slew of scholarships for very smart people. I'm shooting for one, and you can, too! For more information, go to the NSA website, or to your local college jobfair![/offtopic]

Actually, yes. The NSA has its own linux distro here (previously submitted to /. but, of course, thrown away).

I haven't gotten a chance to run it yet, but it looks pretty decent.

[offtopic]All you genius slashdotters out there, the NSA has a slew of scholarships for very smart people. I'm shooting for one, and you can, too! For more information, go to the NSA website, or to your local college jobfair![/offtopic]

I can't believe the number of replies that think you are trolling and have never heard of SE-Linux.
Yes, that is a National Security Agency link I just put there.

http://www.trl.ibm.com/projects/security/ssp/

"GCC extension for protecting applications from stack-smashing attacks"

Btw, this is not a case of 'unsafe' functions at all.

May I also point that programming mistakes become vulnerabilities in most of the situations only because of platform limitation. Even for 'insecure' platforms (like x86 :D), selinux and grsecurity implement some nice protection mechanisms.

Programming errors are supposed to make a program crash. The system should make sure this happens.

Why not just merge SELinux with Linux?

SELinux is about mandatory access controls and control policy enforcement. See the SELinux FAQ for more info about SE Linux.

Sebek (now version 2) is an kernel level logger. It does not stop users from doing anything. In fact if it did, that would make it useless for its primary job, as a tool for building HoneyNets, an controlled network of systems designed to be compromised by attackers, and the methods (and related) studied by security geeks.

Does SCO believe that they own SE Linux?
And just how are they going to stop the NSA from using it, or force them to reveal just how many copies are running?

"SELinux"

Don't forget about the military's IT department. The NSA employs tens of thousands of mathematicians and computer scientists. For the world's most secretive organization, the NSA's webpage is remarkably forthright about what they do -- protect American IT and aquire the IT of others.

SELinux? If you describe a useful tool, please link as well for those of thus who may be interested...

Ask and ye shall receive.

Selinux is the NSA's linux distro, with extra security features like acls based on US security clearances and such. Pretty cool, though I have not tried it personally.

The world for a long time considered racism perfectly normal. While america was fighting to save the world from oppression and bring freedom to all of mankind, it was perfectly normal for blacks to be lynched back home.

To right this wrong some extreme measures had to be taken. Black childeren had to be escorted to school by a huge force. Wasn't this unfair? White kids did not get such an escort to school not even those who were bullied.

Yes it was "unfair" this threated black and whites differently but to right one extreme injustice an other extreme had to be used as a countermeasure.

Same goes for possitive discrimination. Sure it is unfair to hire a person of one race over the other. But is/was neccasry to right a wrong.

That is sadly the case of the world. The longer and more extreme a wrong is allowed to go on the more extreme the countermeasure must be.

If a child commits the minor act of say vandalizing a road sign that the countermeasure can be a simple and light punishment to counter the crime. But if this does not take place and the child goes on to vandalize then the needed correction needs to become thougher and thougher.

So MS has established itself as the dominant Desktop leader. It has driven the competition away often illegally, or is there really anyone here who thinks MS was the innocent party in the recent BeOS story? If this had been corrected early on, say OS/2 had been succesfull then little would needed to be done. Perhaps a small slap on the wrist. A goverment contract to say equip schools with a good mix so not everyone is weened on MS and all would be well. This did not take place.

No company can hope to compete with MS anymore. Not just in terms of money, look at the gamecube x-box battle where MS is just losing money and can afford it, but because MS does not fight fair. It controls the PC makers, OEM deals, and it controls the exchange of information through office.

So how is anyone going to compete? The only ones who can are goverments. They got the money, MS may be huge for a company but compared with countries it is small fries. And they got the agenda. The current MS monopoly is not exactly the best situation for the citizens of these countries. Responsible goverments should always make sure companies do not harm the intrest of their citizens. Remember its is citizens that make a countrie not companies. Well at least they do outside the US.

So my point is that this is simply the only way to break the current stalemate. Try to remember that for the rest of the world the company is not holy and funding MS is not smart business.

As for your comment on linux being to technical, that is certainly true. And who do think has the kind of money and resources and long term intrest to change that?

As for conflict of intrests. There are none. It is not in asias intrest to allow MS to control the desktop. Remember asia countries got to be fair to their own people. Not to foreign companies. It worked great for US.

A private finance competion is simply no linger possible. It has been tried and MS has used its size and unfair business practives to kill every attempt. Now they are facing opposition they can not bully. Excuse me while I smirk.

How soon you've forgotten about _NSAKEY.

For you non-USians, NSA stands for No Such Agency.

A significant cybersecurity improvement over the next decade will be found in enhancing our ability to find and eliminate malicious code in large software applications. Beyond the matter of simply eliminating coding errors, this capability must find malicious software routines that are designed to morph and burrow into critical applications in an attempt to hide. There is little coordinated effort today to develop tools and techniques to examine effectively and efficiently either source or executable software. I believe that this problem is significant enough to warrant a considerable effort coordinated by a truly National Software Assurance Center. This center should have representatives from academia, industry, federal government, national laboratories and the national security community all working together and sharing techniques to solve this growing threat.

Personally I would stop using machines if it were possible to have some form of monitoring of my actions without my authorization. Aside from that it's not a secret that the NSA has been accused of corporate espionage, so I would hope large corporations would think twice about giving them any form of say when it comes to codes for commercial software.

The government has already done a lot of work in this area and their are many people that know linux and it's limitations and advantages.

Basicly RPM's suck. I doubt (I hope) that our government is that stupid to just use publicly supplied rpms. (and that goes against their paranoid nature). They may use Redhat stuff, but only from the company. They will pick something for the standardization.

A good example is selinux. This is a highly specialised and very hardcore addition to the stock linux kernel to allow each proccess to be completely seperate from the rest of the OS. So if you comprimise one service with a root exploit you still would be completely isolated from the rest of the OS. There are even test versions out on the internet that allow people to log as ROOT with no password. It's not a trick and it uses normal applicationsm everything operates using a modified kernel and special apps and a very complicated sets of rules. This was created by the NSA in order to produce the most secure operating systems in the world.

Some people in the government know what they are doing, however it's unknown if the rest of the crappy corrupt government will listen to them. The stock market still depends alot on MS's money it reinvests into other companies as it slowly buys the rest of the market out. This move away from MS could hurt many many peoples investments and retirement funds. If the government stays with MS mostly they can get hacked and create severe security problems in the most sensitive areas, if they run away from MS then it could have ramifications that will hurt a lot of people. (and not just rich fools, but also their employees and local economies that depend on the rich people's successes at running a productive business). It can be a lose lose situation unless handled correctly. A persons lively hood is their life, you have to be carefull.

Shit like that is why the government should have the least amount of power possible. Nobodies perfect and if you put a small group of people in charge of a large group, the large group always lose, even if everybody means well. People are barely able to take care of their own lives, much less take care of everybody's elses, too!