Slashdot Mirror
$1.2M DARPA Contract for FreeBSD Security
NAI Labs has been awarded a $1.2 million contract for FreeBSD security development. The main focus for this contract is to develop the TrustedBSD security extentions. The name of the project is CBOSS, (Community Based Open Source Initiative), led by Robert Watson and Lee Badger, and such developers as Kirk McKusick, Poul-Henning Kamp, Jonathan Lemon, and Eivind Eklund will work on it as subcontractors. I am excited over the news; the press release can be found at NAI Labs' CBOSS website.
Dunno, Microsoft seems to like it when BSD-licensed code is done by research institutions (such as universities, or, apparently, NAI Labs). Didn't Balmer (or someone) post about a "life cycle" for computer science stuff, we're it's developed under funded research at a university, goes open source, and is then integrated into the main stream? (that's what happened with the BSD IP stack, among other things, which Microsoft now admits they use).
NOT!
>There is nothing wrong with selling your software, but open-source is a great
>way to make best use of public money since the public benefits as well as the
>goverment agency.
I would only agree to that if the license was public domain. The problem with others
(gpl etc..) is that its not really that free. Sure you can get to it, see it,
but not use it however you like. Governments using GPL code would have to release their
application code to be compliant with the license, I don't think so. I think anything
other than public domain is not free. I think government should not fund any endeavor under
any other license than public domain.
So you make remarks like "holes in ships", and add in no actual content - looks like a troll here, only this one likes OpenBSD instead of linux.
Anyways, exactly how many FreeBSD base system exploits have you seen in the last few years? Probably 2 or 3. The same is true for OpenBSD, they just keep that ridiculous claim up on their web page because the base system OpenBSD ROOT EXPLOITS happen to have been local exploits, or in features that are turned off by default (read: ftpd). People think OpenBSD is oh-so-secure because of Theo's ability to trim the base system down to nothing (geez, procfs doesn't even come mounted be default), and then his ability to hype. The big exploits come from the software you use to actually do things - web servers, databases, etc - very few modern exploits are the fault of the base system.
So, install OpenBSD on your box and put it on the net, and it will be secure. Until you put the software you need on it, and then it will be "just as insecure" as FreeBSD, which is a very manipulative statement.
How long before Linus and his Merry Hacks start to suck in the TrustedBSD code and stamp it with their crappy "GPL" license.
Hell, anything that works in Linux is a rip from BSD, even Slashdot's own slashnet servers run on FreeBSD. Linux wasn't up to the task.
Cute troll... As a member of the BSD development team, I'd be happy to point out that: a) BSD doesn't have kernel pthread support, they use a Schedular Activation-based model in FreeBSD 5, and a user thread model in FreeBSD 4. b) They don't make people sign NDA's. Amazing how one person can fit so many useful technical words into a comment and have the result being so warped from reality.
Actually, it seems more likely the government is getting a great deal: by making the results open source, they'll get great technology transfer, and the developers do this stuff as volunteers anyway, so they're dedicated to doing it right, and will work outside their normal work day if they need to. It's hard to imagine a better pool of workers :-).
OK people who think it should be OpenBSD and not FreeBSD, you have to understand some basic concepts before you even talk.
/much/ differently then OpenBSD,
/features/. For example FreeBSD has kernel secure levels (-1, 0, 1 etc) that you can set to decide how secure you would like your kernel to operate, for example on higher security levels you can not open up /dev/mem or /dev/kmem for writing and other things, while on lower security levels you can do pretty much what a regulat OpenBSD or NetBSD can do by default.
/very slowly/ and carefully, they are adding TrustedBSD extentions, much improved SMP support (fine grained locking), and Kernel threads all at the same time, so they have to be careful and think before acting/commiting,
FreeBSD approaches security
OpenBSD audits their code and tries to remove every single bug before they release, they also improve cryptography preformance and support alot of ccrypto accelerated hardware, as well as basing much of their security on strong cryptography
FreeBSD, on the other hand looks for bugs and tried to eliminate them of course, but it is not it's main focus, and it is not its appraoch to security. What they do is have alot of security
Second off, Robert Watson (the guy who started TrustedBSD) is a core FreeBSD developer, and his chief job as a FreeBSD developer is security. OpenBSD has their ideas that they put into their OS, and this was just one of FreeBSD's idea's, he decided it would be nice to give FreeBSD Trusted OS extentions so he started developing it, he said many times on the TrustedBSD website that he was a FreeBSD developer and this project was a FreeBSD project, he said he is trying to make it as portable as possible and OpenBSD might be able to adopt it if they choose, but they have showed signed that they do not want to go this route with OpenBSD
So basicly the only reason the TrustedBSD might seem like a seperate project is because they are merging it into the FreeBSD kenrel
TrustedBSD never had a chance at being used on OpenBSD since it was started by a FreeBSD core team member who was in charge of FreeBSD security, and because it was a FreeBSD project all along
So FreeBSD will continue to take the security appraoch of fixing as much bugs as is practical to them, they will probably not spend years going through code looking for bugs like OpenBSD but they will add advanced security features
OpenBSD will probably continue along the same development model they are now with security in the Base system
As far as the port system goes you can't expect FreeBSD to secure every port, there are more than 5,500 piece of 3rd party software in the ports! if you think the program in unsecure don't install it
thanks
-Lional Will
Arrr! I've been trolled!
Anyway, if you have some Public Domain OS in mind, I'd love to hear about it. The BSD license is just about as close to Public Domain as you can get, with the only major restriction being that you can't simply grab the code and claim you wrote it (under the assumption that the other party has never heard of the code before).
So you have to give credit to the people who wrote the code (and not even in your advertising, just in the code itself). What more do you want?
Down that path lies madness. On the other hand, the road to hell is paved with melting snowballs.
I read the internet for the articles.
$500/line of code?
$2000/compile?
Gotta love the government dole!
Just kidding. I think this is a good thing that can only enhance the impact of open source software.
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
Eivind.
Doubting the existence of evolution is like doubting the existence of China: It just shows that you're uninformed.
My question is how is this really different from sudo? I have always thought that the root account (if only used by a very select few) was a good idea. Which security system do you trust more, the one with fewer more restrictive rules, or the one with more rules. It seems to me that as the number of rules increases, the possibility of someone being allowed to do something they shouldn't increases. See Dr. Strangelove.
JET Program: see Japan, meet intere
Yes. Definitely a commie. ;-)
There was a slash dot article around usenix time saying that openbsd got some money too.
Not even Fortran programmers?
the government should take advantage of and improve public property whenever possible
That's why they're using a BSD licensed OS and not a GPL licensed OS, BTW
"Trusted" is just marketing language and has no official definition. The official definitions, at least for the US government, can be found in the NSA/NCSC rainbow books.
Mea navis aericumbens anguillis abundat
http://www.trustedbsd.com/ TrustedBSD The link was broken when I tried to click it. This is the correct one.
-Tom
--
send all spam to theotherwhitemeat@ropine.com
Hi!
> hope that theyroll that code back into
> FreeBSD for all of us civvies to use
I work on the CBOSS project, and that's the plan - we want to integrate the good stuff CBOSS produces directly into FreeBSD for everyone to use.
- Tim Fraser
--
--
Victor Danilchenko
The thing of it is, even OpenBSD does not really have MAC support. You must have fine grained mandatory access control abilities for all parts of an OS if you want it to be secure, and to work well in a security-centric environment. even NT does this (to what level is debatable, of course. :)
I've been watching the various projects looking to develop MAC support for *BSD and I'm glad to see the TrustedBSD project actually going somewhere. I received the announce from them just a few minutes ago, oddly enough- slashdot beat me to seeing it even from them. wow.
Robert Watson knows his stuff, though, so this looks promising. I know I'm looking forward to seeing what they come up with; this seems like a much more sensible development strategy for the DoD, as opposed to funding GPL technologies that leave them hamstrung with distribution and reselling issues. I hope to see more projects like this, and hope that they roll that code back into FreeBSD for all of us civvies to use.
EOM
... anyone with a machine using little endian to write to ...
So what? Everyone knows that no important data is stored on little endian machines!
(man, where did that quote come from anyway, I can't find it with google).
I wonder why they did not take OpenBSD as the starting point in the first place? After all, what good is some fance capability if you have not audited the framework to start with.
Kinda doubt it. BSD networking works.
(Although the Windows millenium ftp client does carry a 1983 BSD copyright.)
The solution under TrustedBSD is to delegate the root responsibilities to various executables. I'm not sure what this solves if root still has access to these new executables. Any ideas on how this will be accomplished?
The main idea is that you'll have a capability (for example) that says "this user can bind to ports numbered lower than 1024" and all executables that require such privileges will be only executable by that user (or some group, or whatever). If you make enough capabilities at a fine-grained level, then you'll be able to limit root's all-knowing, all-seeing power. Obviously this capability isn't a big one, but it's the only one I can quickly recall.
-sugarescent
Well the TrustedBSD extensions are FreeBSD based, Robert Watson is a FreeBSD developer so this makes sense.
this space for rent
Information about the contributors to SELinux is here. Briefly, the NSA seems to be doing the bulk of the kernel work, while NAI, Secure Computing Corporation, and MITRE are working on utilities, MACs, and policy configurations.
NAILabs is actually the old TIS Labs, i.e. the guys who brought us the Firewall Toolkit (when Marcis Ranum was there). They're pretty much a separate group from what I understand. My old boss works there...
er -- by partitioning scheme, I mean the parceling out of root capabilities to a number of user accounts, each of which is responsible for (and capable of) only a portion of what we think of as root activities, along with the notion of chroot jail to limit file system visibility.
:)
I should read more carefully
Even with sudo, if (by some means, a root kit, say) someone obtains a root shell, the system is at that moment totally vulnerable.
The idea behind the partitioning setup is that each exploit only grants access to a *part* of the system -- specifically the parts that the particular rootlet has access to. Using chroot for servers even partitions the file system limiting visibility to data.
IMHO the idea is a good one. It doesn't even make systems more difficult to setup/administer, if well done.
MS uses the BSD IP stack? I don't think that's any more than a rumor. Can you provide a reference to back that up?
--jb
Hello?
You have "signed an NDA with the BSD dev team"?
How can you sign an NDA with a "core" (note: "core", not "dev") team, for an OS which is open source? That does not make any sense.
What on earth are you talking about? BSD/OS? FreeBSD? Open/NetBSD?
Finally, if there was such a thing as "a longjump right into the kernel" with "full root privileges", this thing would be all over Bugtraq right now... This is BSD, after all. Not some closed-source OS.
I think you may have a little bit of explaining to do...
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Does NAI labs have any connection to Bill Nye the Science Guy? If so, will we soon hear about The FreeBSD OS of Science on PBS?
The shareholder is always right.
I appreciate your comments and the astuteness of your hostility. Would you please explain to me or point me in the right direction of the articles you read to learn about Trusted Operating System features.
And yes, like most things....I did read it somewhere. The world is what has been presented to you, and that was as far as I had taken my own personal search for secure BSD distributions.
I probably won't get a reply...so while i'm waiting on nothing i'll begin researching that string of acronyms you presented to me. Thanks for at least giving me a place to start.
http://tf2.digitaljedi.com
Funny how DARPA also recently sent a some cash to the OpenBSD camp. With all the buzz of finux recently getting NSA developers to do some Trusted code, It seems interesting to take note of the goverment push to open source alternatives.
/. a few years ago where reasearchers at Los Alimos national lab (www.lanl.gov) used the Linux Kernel to create a distributedd parrell-processing computer named Avilon. This thing is used to model atomic reactions (very high computations.)
Think of it this way, The US goverment might pay Microsoft, Novel, Sun, and IBM (amongst others) some huge contracts for way more than a measly 1.2 Million Dollars (US).
I can recall an artical on
The researchers noted in their press releasse that if they had used Compaqs Tru64 Unix, it would have cost them several million dollarts, where the hardware for that project was just under a measly 200K.
To me, this singnifies a shift in goverment policy. -J
It isn't a lie if you belive it.
Community /.
Based
Open
Source
Initiative (Where is the stupid 'S'???)
Spelling almost as good as
FYI securelevels/fileflags were invented by 4.4BSD - not FreeBSD - and *every* "still living" BSD does have them.
YABA --- Yet Another Bad Analogy
Buying a Dell computer is equivalent to dropping the soap in a prison shower.
This will hopefully help in several areas, especially insecure third-party applications in the ports collection. Quite often the FreeBSD security team sends out warnings about some ports that have a root compromise but is they implement Manditory Access Controls in a Trusted OS, that should cut back on that big time.
0 50 9.html
.NET to FreeBSD and that if Oracle releases their Oracle client software for FreeBSD, others would follow. It is a solid platform that works very well. The best thing about FreeBSD project is that it is lead by developers, not number crunchers who push out beta code into consumer releases. Perhaps FreeBSD will start getting more credit on it's merits and rise above the buzz that popularized Linux.
Does anyone know much about all of this? From what I have read before, you can limit access of an application using control lists, but since I have never worked on a system with this feature I have no idea what it can do.
Good read...
http://www.securityportal.com/closet/closet2001
Anybody have an opinion on whether corporations would find FreeBSD to be more viable after these features are in the system?
I believe that if Microsoft actually follows through with porting
Linux is also a good OS, but when you have companies like Corel and others packaging any half-baked software projects into the distribution you end up with a dis-jointed environment. The opposite is true for MacOS X. Apple took some Open Source (FreeBSD, OpenSSH, etc) and packaged it with code that they wrote (Aqua, Quartz, NetInfo) to create a complete system.
The fact that Apple should be able to incorporate most of the changes to FreeBSD into Darwin/MacOS X is good news. Apple should add some money to the pot to help take it a little further, perhaps add more more developers and reduce the time it takes to complete some key features.
Brennan Stehling - http://brennan.offwhite.net/blog/
So I was wondering.. Why was it again that they are security "extensions" and not committed directly into FreeBSD? Wouldn't it be wise to develop FreeBSD itself instead of leaving it to the dogs?
Ah. I see. TrustedBSD claims to have its fingers into too many pieces of code to justify integrating into core FreeBSD. Does no one use CVS branching and merging? Lame!
RIGHT. It's not like BSD is going to have the largest desktop install base of any UNIX in the next several months because of the roll out of OS X. Lack of implemented featurers != dieing. You see the BSD market shrinking, developers running away, etc, then you give us a call.
F-bacher
James Tiberius Kirk: "Spock, the women on your planet are logical. No other planet in the galaxy can make that claim."
You can tell that it's a mistake in the title - no one writes 12. million. He just hit his 2 before his period. 12 million would be a lot cooler, but they'll take 1.2 million, I'm sure.
F-bacher
James Tiberius Kirk: "Spock, the women on your planet are logical. No other planet in the galaxy can make that claim."
Read the article...
1.2 Million...
http://www.masturbateforpeace.com/
If this is opensource and the derivitive worked is protected as such how will this affect Micro$oft's new initiative against open source? Should we assume that they will lag behind in security (as they have proven in their networked history) because they are unwilling to comply with the open nature of the license???
This is some pretty cool stuff. Hopefully Open and
Net BSD will be able to take some of these
improvements too. I run a webserver on an
OpenBSD box, and with their model of "Secure by
default" combined with the ability to finally
not run apache as a root, this makes me real
happy. Why? Because I'm not the best PHP
developer out there, and have been responsible
for more than my fair share of holes in an
otherwise secure box for too long.
Lemure, wtf! Don't you mean Lemur?
- List of gems to find at -1
- *BSD is Dead
- *Linux is Dead (*?)
- First Post
- Hot Grits (Decremented)
- Natalie Portman Naked (Decremented)
Hrmm... this list seems to be shorter than usual.... Well as always I thought I might point out the the "*BSD is Dying post" is the EXACT SAME TEXT as it always is. Do your modding... I don't have karma anywaysRemove *your pants* to send me email.
Is NA going to own the patent of the softwares (whatever that is)? Then again, what is the point?
12 million or 1.2 million? There is quite a difference. I wonder how much of this will fall back down to already ultra-secure BSD versions, such as OpenBSD and NetBSD?
/. is a commercial entity. goto slashdot.com
Mr. Praline : 'Ello. I wish to register a complaint.
Mr. Praline : 'Ello, Miss?
Owner : (turning around, very angry) What do you mean, "miss"?
Mr. Praline : I'm sorry, I have a cold.
Mr. Praline : I wish to make a complaint!
Owner : (hurriedly) Sorry, we're closin' for lunch...!
Mr. Praline : Never mind that, my lad. I wish to complain about this troll, what I purchased not half an hour ago from this very boutique.
Owner : Oh yes, the, ah, the BSD is dead... What's, ah... W-what's wrong with it?
Mr. Praline : I'll tell you what's wrong with it, my lad. It's dead, that's what's wrong with it.
Owner : No, no, 'e's ah... he's resting.
Mr. Praline : Look, matey, I know a dead troll when I see one, and I'm looking at one right now.
Owner : No no, h-he's not dead, he's, he's restin'!
Mr. Praline : Restin'?
Owner : Y-yeah, restin.' Remarkable troll, the BSD is dead, isn't it, eh? Beautiful plumage!
Mr. Praline : The plumage don't enter into it. It's stone dead!
Owner : Nononono, no, no! 'E's resting!
Mr. Praline : All right then, if he's resting, I'll wake him up!
(shouting at the cage)
'Ello, Polly! Mister Troll! I've got a lovely fresh cuttle fish for you if you wake up, Mr. Troll...
(owner hits the cage)
Owner : There, he moved!
Mr. Praline : No, he didn't, that was you pushing the cage!
Owner : I never!!
Mr. Praline : Yes, you did!
Owner : I never, never....
(He pulls the troll out of the cage and screams into its ear.)
Mr. Praline : 'ELLO POLLAAAAAAAY! POLL-EE! POLLY TROLL! WAKE UP!
(He bangs its head against the store counter, horribly hard.)
TESTIIIING! TESTIIIING! THIS IS YOUR NINE-O' CLOCK ALARM CALL!
(He does it again, harder.)
POLL-EEEEEEE!
(He tosses it up in the air and watches it plummet to the floor. Longish pause.)
Now that's what I call a dead troll.
Owner : No, no.... No, he's stunned.
Mr. Praline : STUNNED?
Owner : Yeah! You stunned him, just as he was wakin' up! BSD is deads stun easily, major.
Mr. Praline : Look my lad, I've had just about enough of this. That troll is definitely deceased, and when I bought it not half an hour ago, you assured me that its total lack of movement was due to it being tired and shagged out after a long squawk.
Owner : Well, he's... he's, ah... probably pining for the fjords.
(Praline looks angrily back and forth, stuttering.)
Mr. Praline : PININ' for the FJORDS? What kind of talk is that? Look, why did he fall flat on his back the moment I got 'im home?
Owner : The BSD is dead prefers kippin' on its back! Remarkable troll, isn't it, guv, eh? Lovely plumage!
Mr. Praline : (coldly) Look, I took the liberty of examining that troll when I got it home, and I discovered the only reason that it had been sitting on its perch in the first place was that it had been NAILED there.
(pause)
Owner : Well, of course it was nailed there! If I hadn't nailed that troll down, it would have nuzzled up to those bars, bent 'em apart with its little pecker, and VOOM!
Mr. Praline : "VOOM?"
(Praline puts the cage down and take the troll into his hands.)
Mr. Praline : Look matey, this troll wouldn't "voom" if you put four thousand volts through it! It's bleedin' demised!
Owner : It's not! I-It's pining!
Mr. Praline : It's not pinin,' it's passed on! This parrot is no more! It has ceased to be! It's expired and gone to meet its maker! This is a late troll! It's a stiff! Bereft of life, it rests in peace! If you hadn't nailed him to the perch he would be pushing up the daisies! Its metabolical processes are of interest only to historians! It's hopped the twig! It's shuffled off this mortal coil! It's run down the curtain and joined the choir invisible! This.... is an EX-TROLL!
(pause)
Owner : Well, I'd better replace it, then.
(He disappears behind the counter.)
Mr. Praline : (turning to camera) If you want to get anything done in this country you've got to complain 'til you're blue in the mouth.
(The owner returns.)
Owner : Sorry guv, we're fresh out of trolls.
Mr. Praline : I see. I see, I get the picture.
Owner : (quietly) I-I've got a slug.
(pause)
Mr. Praline : (sweet as sugar) Does it talk?
Owner : Not really, no.
Mr. Praline : Well, it's SCARCELY A BLOODY REPLACEMENT then, IS IT?
Owner : Listen, I'll tell you what, tell you what, if you go to my brother's pet shop in Bolton, he'll replace your troll for you.
Mr. Praline : Bolton, eh?
Owner : Yeah.
Mr. Praline : All right.
(He leaves.)
You give the right to modify /etc/passwd to the passwd program instead of giving it to the user 'root'.
/etc/passwd, it can't even if it has root privileges.
/etc/passwd without the passwd program. That means whatever he does, it will get logged - he of course can't delete the log files even if you have a log rotating program doing cleanups, only the log rotation program can do that etc.
If you then run a daemon as root, and someone finds an exploit in it allowing them to trick it to modify
Even if the hacker finds a root exploit in the daemon, and thus has a root shell, he can't modify
The BSDL is a whole lot better than GPL, but PD is what it should be.
Did you ever notice that the BSD license, assuming you using the 2 clause one, grants all the freedoms of public domain software except that you have to include copyright notice. I think all government work should be released under BSD like licenses becase it allows all to benifit from it, just requiring them to give credit.
--- Justin Dearing http://www.justaprogrammer.net/ We're just programmers.
It sounds really good, except that you have to consider which "public" the US Government needs to protect and benefit.
It seems to me (correct me if I'm wrong) that the US has a higher than average concentration of IP related to computer software. Releasing new code under BSD, GPL, whatever "free"/"open" license they decide to use would dilute that concentration (by making more available to the less concentrated economies), possibly making the US economy not as stable. This may be one reason why politicians are reluctant to support open source software development with public money.
Not that I expect an AC to check for replies, but the point is, a corporation can take the software at no cost, but if they develop proprietary software on top of that we run the risk of having their value-added version of public goods supplant our public version of the software in popular usage. I realize that they have added value and deserve compensation for same, but there is no reason they should be allowed to build a proprietary product on top of public work, thereby obscuring all of the public portions of that same work.
I do not have a signature
I think the government should be able to use GPL (especially if there is a GPL piece of software they would like to work with). The original post brought up the point about the government using public money to develop a public resource and likened this to the public parks-- where public money goes to make sure the public has a place to go and do recreational stuff. The only way a corporation can prevent the public from using the park is to buy the park
The problem with a BSD-ish license is that it allows a private corporation to take advantage of a public resource without any compensation to the public. The libertarians (especially those tools that think corporations deserve the same rights as people) will argue that the corporation has theoretically paid taxes and therefore has as much right to the public resource as it needs. But when/if a corporation takes that public good and uses it to further their private development (and does not pass along the public resource in the same form they received it), then they have been given a freebie at the expense of society.
If we are going to give away public resources, we should be aware of it. And personally I'm against it. The GPL makes certain that a public resource remains a public resource, to which all users have the same right of access.
I do not have a signature
Oh, so you're one of these research really sucks, we should all make some big nasty hack instead sort of arse-crack? I mean, I don't exactly know how DARPA grants work, but I know that there are other expenses than pure salaries. Does travel expenses or hardware expenses mean anything to you? Besides, it is pretty common to secure ones back by saying something like: ``Ok, we'll probably manage to pull this off, but will likely discover that there still are some unresolved issues that we might need to work on in the future (of course, if you would like to give us more funding at that time, we would be very thankful).'' Mentioning something like this in an application or press release doesn't really cost very much.
I've got no problem with Microsoft selling to Coke or Ford or whomever, but I think the government should take advantage of and improve public property whenever possible. This is the IP equivelent of public parks that everyone can enjoy and share. Instead of using our taxes to further the causes of private companies, we can use our taxes to improve software for everyone.
Uninnovate - Only the finest in engineering.
Well, maybe if it's just a Tribes2 server I guess, but STILL... roflmao.
This is a superb troll. Someone mod it as such.
End of lesson. You may press the button.
For everyone who thinks that they should have used OpenBSD, let me give you a heads up. Whenever you see the work "Trusted" in front of an OS name, it means that that version has been officially certified secure both in design and code audits. Trusted is the highest level of security available and is the only type of OS used for high security work. (Think FBI and CIA) Another example besides TrustedBSD is Trusted Solaris.
As for FreeBSD being the base for TrustedBSD, my understanding is that TrustedBSD was started by a branch of the FreeBSD team as thus used FreeBSD. Ok, enough shameless karma horing for today.
Javascript + Nintendo DSi = DSiCade
Gee, thats funny, last I checked you could get OpenBSD for only $30 ;)
---------------
they didnt necessarily reject them, they just decided to go with BSD authentication instead, which looks a lot better.
---------------
That sounds a lot like "we're going to work on the easy problems and start writing proposals for more grants."
I've worked on some DARPA grants. "Researchers" seem to expend at least as much effort catering to their project managers and trying to line up their next grant as they do actually taking on the project.
1.2M / 7people / 1.5 years = ~114K per person per year.
It looks like they paid paid their salaries (congrats). I hope they spend more time working on security problems than trying to figure out where the next big DOD grant is.
The same company that makes the windows anti virus software?
Why is it everytime I boot my machine the 'virus shield' program is asking to locate the DNS server? This program has no reason to get online.
Of course I could look at the source, but then they'd find me and throw me in jail for 0wning them.
Oh, and the network associates whose ftp site is out in the open for any kid that wants full registered flagship software? It's been like that for hmmm... 3 or 4 years now. I'm not going to check though : )
Get your Unix fortune now!
It's a shame because you can pick FreeBSD on the shelf at Best Buy and Staples.
Maybe if it hit Wal-Mart it'll bounce back.
Get your Unix fortune now!
Sounds a lot like the way BeOS does things [capabilities]. Too bad that system's going the way of the dinosaurs...
Yeah right, conspiracy... funny.
There isn't much like the scent of a fresh harddisk
Unfortunately in Microsoft's eyes, thats all Open Source code... look I'll be the first to admit that the GPL is a cancer, virus, etc. That IS how it is meant to be used, giving the progammer some control over something that would otherwise be uncontrolable. I program, and I release my work under the GPL (sorta)... granted these aren't major commercial programs but thats not the point. The point is I don't mind if someone messes with my source code or if they try to make money off of my programs. However what I do mind is that I have no control over my own code, so decidely so I make it so noone has full control over my code, ever. GPL'd code can be commericial, but I wouldn't reccommend it just yet.
can't sleep slashdot will eat me
whoa... sorry... That came out wildly messy... I apologize. What I meant to get at was that Microsoft does infact dislike Open Source example 1, example 2. They dislike the GPL, and I'd imagine no matter how much you elitest shmucks like to disagree they dislike the BSD licences. The only license microsoft likes is its own... get that straight. This isn't a bad thing, hell Microsoft has always been more of a company than software maker.
can't sleep slashdot will eat me
BSD, Linux... we may be different boats but its still the same ocean. So as a linux advocate, anytime something good happens for BSD or any other Open Source initiative its good for the community. And lets face it, this contract is huge for the community... not so much as in oh, well damn the government is going to fund FreeBSD, but as in the govt is going to fund an Open Source project. This is just another step down the road to general public acceptence... what will all of microsoft's FUD matter if Open Source (Linux and BSD) have the Fed, media and hundreds of thousands of brilliant programmers behind it?
can't sleep slashdot will eat me
We implemented MAC (mandatory access controls) in a modified BSD/OS kernel for the Sidewinder Internet Firewall (Secure Computing) product - we adapted a scheme called "Type Enforcement" from earlier work. In essence it is just MAC capabilities and classifications with a very fine grained definition (Sidewinder ultimately had several hundred types).
In the TE - a principle (generally a unix process but occasionally a packet or device) has it's identity checked against the type of the object it is accessing. One of the privleges is the ability to change the identity and there is a state table of allowed changes - so as mentioned earlier, one key element is that most privlege changes are one way (typically from more to less). Each subsystem had it's own set of types so there was a virtual sandbox for each piece. Psuedo-objects were referenced for things like port numbers - so that a MAC could say things like telnetd can only listen on TCP port 23, but can't connect() at all or listen on other ports.
We went a step further an implemented totally seperate protocol stacks for inside versus outside so that we could give different privleges to an inside telnetd (such as allowing elevation to administrative privlege) verus and outside one.
The only form of privlege elevation was a trusted login - which had to be at the console. Even this login didn't acquire full privlege - there was a special diagnostic kernel that had full privlege (but no external networking) that could be used.
Key points we discovered over the years. One - lack of real root makes you make your software much more robust. If you have to bring down the box to get at certain privleged files you better be pretty stable. The second was how sloppy Unix software is at needing (or at least letting itself be able) to write willy nilly around the world. Without a doubt the hardest part was getting all of the userland subsystems like mail, web, login, logging, etc. to function within their mandatory little sandboxes. It was amazing how much software was sloppy - opening files that need to be read-only as writable, etc. Granted this was 7-8 years ago and things have definitely gotten better - but it still was scary.
The curious can look at U.S. patents 5,864,683 and 6,219,707. There is the usual crap in there but wade past the claims and read the description and there is good discussion as to the nature of MAC and TE and the types of attacks they help protect against.
On the plus side Unix is relatively easy to secure in this fashion. File access and network is relatively well isolated. Biggest risk is "aliasing" - different vectors that might bypass the in-kernel access checks such as mmap()ing files, inherting file handles, etc.
In general having this functionality available in open software cant help but be a good thing.
--
Mark
Interesting, while looking at this page, I noticed a link for SELinux / NSALinux. Apparently NAI is the developer of this distro? The page at NAI with information concerning their involvement with SELinux / NSALinux may be found here.
Perhaps this distro is not as 'corrupt' or biased as initially thought.
"There ought to be limits to freedom"
We've seen quite a few of them listed in the blurb, but my favorite one is still Matt Dillon.
What a multi-talented guy.
In the introduction white paper section II.b (Fine-grained System Capabilities), they describe the root account as being a significat source of risk (if you're rooted, you're owned). The solution under TrustedBSD is to delegate the root responsibilities to various executables. I'm not sure what this solves if root still has access to these new executables. Any ideas on how this will be accomplished?
UNIX *is* user-friendly. Its just more selective on who its friends are. --Scott Adams
I have been following the BSD developments for some time and I want to tell them congratualtions. I owe my coding success to them and I have met great success with my company, Algorithims Unlimited Ltd. using the secure methods of BSD. I hope to someday meet with the developers who write such beautifull code to discuss with them maybe some job opportunitues. Again, thank you BSD adn thanks you Slashdot for giving me this beuatiful website to talk to programmers all over the world.
-- R Tasnumi