Slashdot Mirror

← Back to Stories (view on slashdot.org)

DARPA-Funded Linux Security Hub Withers

Posted by michael on from the unglamorous-work dept.

mAriuZ writes "Initially funded by a grant from the Pentagon's DARPA, the Sardonix project aspired to replace the Linux security review process with a public website that meticulously tracks which code has been audited for security holes, and by whom. As conceived by Crispin Cowan, Sardonix was to attract volunteer auditors by automatically ranking them according to the amount of code they've examined, and the number of security holes they've found. Auditors would lose points if a subsequent audit by someone else turned up bugs they missed. ... In the end, though, nobody showed up."

1 of 281 comments (clear)

  1. Re:Classic misdirection by corebreech · · Score: 1, Troll

    I would say this rather soundly addresses the concept of "getting root", wouldn't you?

    No, I wouldn't. I was using the term "getting root" as a slang for entering a system. We're dealing with semantics here. SELinux wants to say there is no root, but it really doesn't matter what they call it, there are still accounts and the same exploits that lead to the compromising of one acccount can cascade into the compromising of other accounts.

    the security of the parent system has absolutely nothing to do with the security of an isolated data stream

    Of course it does. Buffer-overflow exploit? Hello?

    I think what I needed to communicate better here is the method by which the NSA goes about discovering these exploits. Unless you are going to take the position that the NSA does not care about acquiring techniques to infiltrate computer systems, then you have to acknowledge that they are likely going to put a good deal of resources behind the problem.

    Now, if I were in charge of this project, and I had ready access to the kind of enormous CPU power at their disposal, the first thing I would do is prepare an emulator that would allow target OS's to be loaded and against which many cycles are spent looking for combinations of input that expose holes, like buffer-overflow, that provide access to a process. Once that exploit is catalogued, I can iteratively work from within that process looking for the exploit that allows for access to some other process via whatever IPC mechanism available. Provided that the resources are there, most (even if not all) available exploits could be catalogued, and methods of attack extrapolated. And I would have those resources since this project can be easily demonstrated to be in interests of national security.

    The toy understanding of security issues evident here and elsewhere really doesn't apply. We're not talking about defending a system against some script kiddie. It's a different class of problem altogther.

    There is also the fact that the NSA and DARPA don't have to work to compromise our security...

    It really comes down to whether or not you believe the NSA/DARPA would make this technology a priority. If you believe they would, that is, if you can appreciate the potential for intelligence gathering such a technique would yield, then I think you'd also have to agree that they probably wouldn't want to sit still and hope and wait for the RIAA/MPAA to do as you say.

    I mean, to me, *that* is what is implausible.

    --
    Is this truly the only Earth I can live on?