Slashdot Mirror
OpenBSD Will Not Fix PRNG Weakness
snake-oil-security writes "Last fall Amit Klein found a serious weakness in the OpenBSD PRNG (pseudo-random number generator), which allows an attacker to predict the next DNS transaction ID. The same flavor of this PRNG is used in other places like the OpenBSD kernel network stack. Several other BSD operating systems copied the OpenBSD code for their own PRNG, so they're vulnerable too; Apple's Darwin-based Mac OS X and Mac OS X Server, and also NetBSD, FreeBSD, and DragonFlyBSD. All the above-mentioned vendors were contacted in November 2007. FreeBSD, NetBSD, and DragonFlyBSD committed a fix to their respective source code trees, Apple refused to provide any schedule for a fix, but OpenBSD decided not to fix it. OpenBSD's coordinator stated, in an email, that OpenBSD is completely uninterested in the problem and that the problem is completely irrelevant in the real world. This was highlighted recently when Amit Klein posted to the BugTraq list."
if you think its a problem, exploit it
nothing says "fix it" faster than a few thousand compromised hosts
release a PoC that gets r00t, inform the security lists and stand back
thats what full disclosure is for.
if it isnt exploitable then BSD can fix it at leisure
or if thats not quick enough and as its Open Source, YOU fix it if you are that concerned
now somebody call the whhaaambulance
Is the summary just supposed to be as shocking as possible? How about some details on why specifically they decided not to patch it?
So much for OpenBSD being the highest security OS. Even if the bug is a minor one does not pose a great risk, it seems that one should still fix it to ensure the system is functions properly and as expected. To leave a security bug in place because of an assumption does not make a whole lot of sense and shows a bit of arrogance, when they could just fix it instead. It reminds me of the instance where Microsoft Windows 95 had the problem that even if the user had not explicitely made certain directories accessible via file sharing, all the server did was tell the client not to look at them, but would still let the client access them if it asked. The problem was reported to Microsoft by Samba, who pretty much displayed apathy about the matter and didnt seem to recognise it a as a security problem. The OpenBSD bug is not as severe, but when they have a chance to make OpenBSD a little bit more secure, why not take it, especially when their focus is on security.
DNS cache poisoning
I like the part where if some company, say Apple, does fix it BSD sports fans can't automatically get the fix because, hey, the BSD license!
That's right, I'm trolling BSD users because their idea of Free Software has a flaw, and it'd be nice for them to realise it once in awhile. This is instead of their constant trolling of the GPL (and compatible) while pretending their perception is perfect. And I'm no coward in saying it.
I ate your fish.
The flaw in the PRNG is not exploitable. Not unless you are root on the local machine and have the ability to stop all other processes. If you are root then there is nothing to exploit as you are already, well, root.
So perhaps you should have RTA first? Or where you in a hurry to make a post on front of the list?
This most certainly WILL have impact on OpenBSD's status as "secure" OS. Indeed, OpenBSD claims to have "proactive" approach towards security whereas this issue should and will diminish some of the OpenBSD's "security goodwill".
If BSD used the GPL, then Apple still wouldn't be providing a fix, because they wouldn't be using OSS at all. Neither licence is better than the other in this regard.
I don't agree with the trolling from either camp. The licence you release your code under is a matter of personal choice.
People have different opinions on how things should be. When it's their license and their code, they get to decide. Nonetheless, maybe you should contact the Open Source Initiative. They're an organization which collects licenses and "certifies" them as to their openness. BSD's license is listed as open source.
http://www.opensource.org/licenses/bsd-license.php
>If the OpenBSD developers say this isn't a security concern, I've got 100% confidence that they are correct.
:]. :] LOL.
I see you don't remember how OpenBSD developers downplayed remote root vulnerability in mbuf code, until COREsecurity gived them working exploit
And this is that mega randomness with what OpenBSD team was so proud
Because that is why they aren't using webkit, apache, samba, cups (or employ the guy who writes it), and several others in their default install.
While I would agree with you on the matter of trolling it really gets old when BSD users trumpet it constantly where-as in my experience GPL supporters tend to realise there are limitations. Of course I'm sure it is seen the same way across the bridge.
I ate your fish.
Nuhuh. This is because the BSD license is semantically freer than GPL in precisely this case:
Apple are free to release their putative fix to the community, or not - their free choice. That's one more freedom, relative to being obliged to release any changes they make which lead to a binary release outisde of Apple, which the GPL would oblige.
There are plenty of folk who see that as a feature not a flaw.
...an Englishman in London.
When the PRNG in WINDOWS is shown to be vulnerable (because it's a actually static value), it's a horrendous problem.
But when the PRNG for a non-MS operating system is shown to have a similar (but not identical) problem, it's "irrelevant"?
Chas - The one, the only.
THANK GOD!!!
And besides, if computing moves away from code executing on local CPUs and onto central servers to be accessed by web clients (the "cloud"), than even GPL code modified by,for example, Google is not distributed, so the patches are not mandatorily available under GPL either.
When OpenBSD team receives vulnerability report they are working VERY HARD to find out how could they DOWNPLAY severity of it.
Instead of just fixing it and submitting errata.
What says Apple wouldn't release the source code of the patch just because they doesn't have to?
It's both more and less freedom, depending on if you are the developer or the user. There are benefits of both, even thought as I see the BSD alternative as more "free" even thought it doesn't guarantee the freedom.
Can someone say how hard a fix would be ? Surely: for the sake of a bit of work they are committing a public relations blunder!
I am sorry for this vague subject, but I can't remember the exact topics or incidents anymore, but there were numerous even mentioned on slashdot.
But I wanted to show that most of todays security threats
were first percived hard to be used or totally unthinkable, even minor security problems
which later were updated to the status of a serious threat, because the first look turned out to be wrong.
So when devellopers commit themselves to build the most secure OS, and than on the other hand show such no-interest in fixing this topic, or just review the *BSD solution and paste it into the OpenBSD sourcetree with their background, I can only say this behaviour is untrustworthy.
If flawed, predictable PRNG code is so 'irrelevant in the real world' why does even Microsoft seek to improve upon it?
"Strengthens the cryptography platform with a redesigned random number generator, which leverages the Trusted Platform Module (TPM), when present, for entropy and complies with the latest standards. The redesigned RNG uses the AES-based pseudo-random number generator (PRNG) from NIST Special Publication 800-90 by default. The Dual Elliptical Curve (Dual EC) PRNG from SP 800-90 is also available for customers who prefer to use it."
Overview of Windows Vista Service Pack 1
Though this question obviously will depend on how MS's previous PRNG implementation stacks up against OpenBSD's.
While, understandably, the focus here has been on security, it should be remembered that random number generation is useful in other mathematical endeavors, as well. It is slovenly to just walk away from fixing it.
OpenBSD is on a fast track to losing its most favored secure OS status if they keep this up.
First they refused to implement WPA (despite the other BSDs having it), because it "doesn't provide real security" and "just use IPSEC".
Now they're refusing to address a weakness in their network stack (despite the other BSDs addressing it), again with the implication that everybody should just jump to IPSEC. What if you're in a situation where an IPSEC rollout is impractical or impossible?
Whatever happened to defense in depth? Whatever happened to "secure by default"? Whatever happened to constructive paranoia, such as randomizing of libc addresses, that was unlikely to have any real impact on security but was a nice extra, just in case? Why must I now upgrade to NetBSD to get security features that are lacking in OpenBSD? Isn't the shoe on the wrong foot?
What happened? Was there a change of management? Is OpenBSD under the thumb of a douchebag patch manager lately? Is this going to go away at some point? Those of us that sleep with OpenBSD firewalls like a gun under our pillow are taking notice.
Webkit is LGPL, Apache is under the Apache license, Samba is under the GPL and CUPS (sourcecode copyright, company name and other tangibles) was purchased by Apple a year ago this month (as well as hiring the main developer).
Out of the four items you mention, only one is GPL. You could have done much better to suggest such examples as GCC et al.
The great thing about the BSD license, is that when people do contribute back (and they do, even big companies like Apple), you know its because they *want* to, not because they *have* to.
say Google fixes something in a GPLed project that they're -not- distributing. Then GPL fans can't automatically get the fix because, hey, the GPL license*!
( * which only says something about making the code, and thus the fix, available if the code, or compiled version thereof, is distributed. )
The difference is trivial, isn't it. In both cases an existing fix would not automatically be contributed back.
Well, given that the other free BSDs already fixed it, non-availability of the source obviously isn't the problem here.
The Tao of math: The numbers you can count are not the real numbers.
Licensing choices has nothing to do with this.
---- Booth was a patriot ----
"OpenBSD is completely uninterested"
What you really mean is 'Theo doesn't use this feature, so it cant possibly be important to anyone else in the world'. OBSD is a one man show.
---- Booth was a patriot ----
Don't like the idea of people being free enough to do something you don't like? Ya want them just free enough to work and then be forced to let you have the fruits of that work? Simply because it "benefits" you? What are you, some kinda 21st century flower child? If you want a driver write a damn driver. And put your tin cup away.
... and if Apple wasn't using OSS at all, I'd bet that they'd be selling quite a few less laptops and desktops. I know I wouldn't have bought three laptops over the past 2 years. I also know several people who would not have gone the OS X route. GCC / FreeBSD / GNU are very strong selling points for Apple that they didn't have with OS 9. On that note, I think you're right to a large extent, if it came down to a choice between the GPL or closed source, I have a gut feeling Apple would have tried the close route. The BSD license gives them flexibility to release source if and when they want.
Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws-Plato
PRNG is used mostly by people who don't have a random number generator. PRNG is not needed by most (all?) current Unices and Linux distributions as they have a random number generator at /dev/random and /dev/urandom. Even older versions of Unix have patches that add a random number generator.
"The OpenBSD guys are pretty defensive about security. If they say it is not a problem, I am inclined to believe them." - by norton_I (64015) on Sunday February 10, @08:35AM (#22369090) I'm not, & here is why:
:]. And this is that mega randomness with what OpenBSD team was so proud :] LOL."
/.) go into a 'tizzy' trying to 'explain it away' when THEIR OS' "of choice" turn up stuff that others have (mainly MS) before, & especially IF they already patched for it (MS has).
----------------
http://it.slashdot.org/comments.pl?sid=448136&threshold=-1&commentsort=0&mode=thread&no_d2=1&pid=22369078#22369102
"I see you don't remember how OpenBSD developers downplayed remote root vulnerability in mbuf code, until COREsecurity gived them working exploit
----------------
Take a read of that, & the "sheer perfection" of those self same "OpenBSD guys" you speak of...
(& also, didn't Microsoft have the SAME PROBLEM, & patched it already (as regard RND generation on Windows XP/Server 2003/VISTA))?
Good Lord - don't tell the "Pro-*NIX" crowd here that, that MS did a better job of security than the BSD crowd has... after all: They might "pitch a shit fit" lol...
The truly hilarious part is watching the "local Penguins/BSD-Apple-MacOS X people" here (what I call the "Pro-*NIX" movement here @
NOW, in respect of decency & fairness (no more "ribbing" on the 'Pro-*NIX' crew here on this site now):
Guys, face it: NOBODY is "perfect" - not the OpenBSD camp (or any *NIX variant) devs, OR, the folks from MS too...
This stuff is evolving guys, & thank goodness, mostly in security the past 1-4 yrs. now, & I.E.-> We are STILL in the "Wild West" days of computing & the internet guys!
(& it is GOOD that guys out there do find these things - we, as the end users, gain (as long as the dev teams concerned don't just "blow this stuff off" as the BSD folks apparently are - funny, the MacOS X folks, which IS a BSD derivant/offshoot, don't take it as "non-seriously" & intend to patch it, vs. the OpenBSD camp 'blowing it off', eh?))
Because they have like six Turing award winners working for them including Butler Lampson? Of the top fifty people in network security you will find about a quarter work for Microsoft, more than for any other company, including IBM, RSA and VeriSign. They have the cash and they use it to buy the best.
Microsoft's problem is that you can't buy your way out of a shitty legacy code base in a short space of time.
Microsoft changed the RNG code to take advantage of hardware that provides a true random number generator. This was pretty much a no-brainer. Support for the AES modes is probably there so that they get some FIPS certification or other.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Great argument, except none of the above are essential to their operating system, which is why they picked them up with a gpl license. It doesn't really matter if the source to any of those are shared or not.
Oh, and captain hater, last time I checked, the fix would be shared.
which leverages the Trusted Platform Module (TPM)
I smell marketing droid oil. I do favor fixing security issues, but as soon as the TPM becomes involved, rational assumptions vanish. MS has a history of *fixing* things to include new technologies they are having a hard time pushing. TPM is a huge technology for them that they have had an incredibly difficult time pushing. Microsoft needs this technology to win for their game plan to succeed. Trusted Computing in general and remote control of customer PCs is a huge win for them for everything from piracy to open source to media. If they can lock the hardware and software together, excluding things like *nix, then they win. That does not discount the need to fix security issues, but there are other huge benefits for Microsoft to fix this issue if it utilizes TPM as the solution.
InnerWeb
Freud might say that Intelligent Design is religion's ID.
You seem to be confused, this isnt a problem with /dev/urandom, this is a "problem" with dns transaction ids. RTFA.
/dev/urandom would be critical, this non-issue is trivial at best.
Of course a weakness in
Being given something is not a freedom. It may be a good thing, but stretching the definition of "freedom" to include that renders term almost entirely meaningless.
Don't conflate "things you want" with "freedom", please.
Why? I simply point out that a neighbor is partaking of the same nasty behavior he castigates me for...
Chas - The one, the only.
THANK GOD!!!
There are plenty of folk who see that as a feature not a flaw. Your view of the freedom offered by the GPL is flawed my little BSD troll. How you managed to get that high of a score on your post shows how many of the little devils have moderation points today.
The GPL isn't about developper freedom, it's about the code's freedom. No matter who decides to pick up and distribute a fork of your project, your users are always sure the source will remain open if the corporate entity decides that it no longer wants to distribute its forks. Hence, they are assured that the modifications done over time are always available and can be included in the main tree of your project if need be.
There are plenty of folk who see that as a feature, not a flaw.
"Not to mention all the idiots who use words like boxen."
Anonymous Coward on Monday August 04, @06:49PM
I'd argue that while the BSD license gives more freedom to the individual user of the licensed code, the GPL license generates more "overall" freedom :)
As usual, a long-standing debate comes down to semantics.
--feep
Theo has refused to implement other 'foreign' security changes in OpenBSD when they were first introduced, then turned around and implemented them after a while. He was contemptuous towards non-execute stacks when I spoke with him at Usenix many years ago, because he was convinced OpenBSD's code review policy made it irrelevant and because no-execute didn't stop all stack smashing attacks... but OpenBSD eventually picked it up.
Basically, he's very conservative, very resistant to change, and don't forget that's one of the things that made OpenBSD what it was to begin with... but if it really matters he'll come around.
http://xkcd.com/221/ Oh hush, you knew somebody would post it.
Yeah, that's true, though the FSF does provide another license to handle web services that authors can use instead.
For Apple it is a good feature, for the rest of the world it is either a flaw or they don't care. :)
I personally don't care
Patents Drive Free Software as Hurricanes Drive Construction Industry
Speaking of moderator abuse, it might be healthy for you to realise that people with a difference of opinion aren't trolls.
What freakin' difference does that make?
It's about the developers freedom and the users freedom. The developer is free of leverage, and can act as they wish. The user is free of leverage, and can act as they wish. They're not allowed to use the legal system to enforce leverage around the code, obviously. But that doesn't prevent them doing anything they wish with the code, it just prevents them being bastards via the legal system.
-1 Uncomfortable Truth
Because that is why they aren't using webkit, apache, samba, cups (or employ the guy who writes it), and several others in their default install.
....none of which touch proprietary hardware or deal with DRM.
Please help metamoderate.
Ummm, no. Read the GP again: "...leverages the Trusted Platform Module (TPM) when present". That means it still works without the TPM, but presumably has to use other and non-hardware sources of entropy (e.g hashes of time(NULL), thread ID, tick count, CPU performance counters, etc.).
Your assertion that using hardware to reduce the determinism and thus reduce the predictability of a PNRG must be some sort of strategy to lock hardware and software together betrays an ignorance of the problems that computer PNRGs are facing and have always faced. Read some of the other posts.
What's purple and commutes? An Abelian grape.
Um, CUPS is GPL2/LGPL2. Apple used CUPS for 5 years before they bought it...
I print, therefore I am.
Is GNU a strong selling point for using *BSD? gcc, gdb, bison, bash, as, emacs, groff, make, and tar are the only OS X GNU command line tools I can find.
Do you even lift?
These aren't the 'roids you're looking for.
Time to start a new one. This meme got tiring ages ago...
Still Alive, BSD version, sung to the tune of Jonathan Coulton's "Still Alive" from the game "Portal," originally vocalised by Ellen McLain in character as GLaDOS. I be asserting me fair use right of parody, yarr!
This was a triumph,
I'm logging a note here: Huge success,
We had to dummynet the heavy traffic,
BSD Unix (R),
We code what we must because we can,
For the good of all of us,
Including vendors as well,
But there's no sense crying over closed source code,
You just keep debugging 'till the core dumps are old,
And releases get done,
Raymond gets a new gun,
But despite this we are,
Still alive!
I'm not even angry,
I'm being so sincere right now,
Even though we got here first and beat you,
Now you say that we're dying,
And this is the year of Linux' dreams,
As you make statistics up,
We are so happy for you,
Now these points of data made our code really shine,
And we're out of beta, we're releasing on time,
So I'm glad you think you won,
There's so much needs to be done,
But regardless we are,
Still alive!
So go post on Slashdot,
I think I'd prefer to read the lists,
Maybe you'll get your own kernel someday,
Maybe that Hurd thing,
That was a joke, ha ha, fat chance,
Anyway, this code is great,
It's so consistent and neat,
Look at me still gloating when there's -CURRENT to plan,
When it's said and done you'll know that we're the best "clan",
We are organised and clean,
We go where you've never been,
And we'll always be,
Still alive!
Believe me, we are still alive,
We're all legit now and we're still alive,
We're on the server and we're still alive,
We're on the desktop and we're still alive,
We're helping Apple and we're still alive,
We're running routers and we're still alive,
We're on your gateway and we're still alive,
We've got your e-mail and we're still alive,
And when you're dying we'll be still alive,
Still alive,
Still alive!
(I hope you bastards appreciate this; it took me ages to get it to scan properly.)
Resistance is futile. Reactance buggers it up.
It's not compatible with GPL 2. It's not compatible with GPL 3. The googles of the world are already using GPL (2 or 3) software and won't be affected.
Do you even lift?
These aren't the 'roids you're looking for.
But then they bought it, including the sorucecode copyright - therefore my observations earlier are entirely valid, as the GPL does not stand for them in this case.
DNS poisoning and the like are more likely to be used to compromise the user than his computer. After all, they can just put up their fake Bank of America clone that, thanks to poisoned DNS, is identical to the real one and steal his password.
Not everything is about compromising someone's computer.
more people use amigas than freebsd. you know it's true.
and open source is a scam. it just needs to dry up and blow away.
I guess my questions boil down to this:
1) Is there a good way of generating sufficiently random numbers using cheap hardware?
2) If 1)=yes then why would anyone mess around with pseudo-randomness?
I need a wheelchair van for my son. Help me get the word out. https://www.gofundme.com/wheelchair-van-for-jj
BSD is freedom for the developers. Developers like the BSD license because they can do basically what they wish with the code other than claim that they wrote it.
GPL is freedom for the users. Users like the GPL because it means companies cannot distribute versions of GPL software with extra features without having to give those features back.
This has been the entire argument for the GPL from the beginning and what rms has been trying to say for the last ~20 years. He's bad at getting that particular message across because he wraps it in a rhetoric of "all or nothing".
So, in other words, the grandparent poster's point is valid and the larger more important issue remains: proprietary derivatives of non-copylefted free software uses the free software community as a market instead of treating us as equals.
Nobody "has" to under the GPL; to the degree that what you said is true, the same is true of the GPL. Statements like yours ignore all the choices that lead up to distributing source code. There's nothing in the GPL that compels conveyance. There are only conditions in the GPL that compel source code conveyance with object code conveyance. It's trivially easy to not improve GPL-covered software or not distribute the improved version. The larger issue here is whether the free software community owes Apple anything. We don't. If they want to join us and work with us, great, if not they can write their own software. The GPL helps ensure that when people and organizations convey copies of programs they do so as equals. NeXT (now owned by Apple) already tried distributing GCC derivative software without distributing complete corresponding source code when GCC was under GPLv2. It made NeXT look like an ass and put them at risk of being able to distribute GCC at all. NeXT later rectified the situation by distributing complete corresponding source code in compliance with GPLv2.
Digital Citizen
Prior to buying CUPS outright, Apple licensed CUPS under a non-GPL distribution license. See CUPS License Exceptions.
http://plausible.coop
But with BSD I have the freedom to do whatever I want with it, with GPL the freedom of using the source code are guaranteed.
copied the OpenBSD code for their own IP ID PRNG, so they're
vulnerable too. This is particularly so with Apple's Mac OS X,
Mac OS X Server and Darwin, but also with NetBSD, FreeBSD and
DragonFlyBSD (the 3 latter O/S however only use this PRNG when
the kernel flag net.inet.ip.random_id is set to 1; it is 0 by
default, resulting in a sequential counter to be used instead...). This is really a ways out of my depth, but my naive understanding is that the PRNG is a problem because it is not actually random, and can therefore be predicted. Yet, the above states that the other BSDs in particular don't even use the randomization by default, and instead use the most predictable sequence possible. Am I missing something, or doesn't that mean the other BSDs are significantly more at risk (for whatever value of 'at risk' this threat actually corresponds to)?
-Ted
-=-=- Quantum physics - the dreams stuff are made of.
The OpenBSD coordinator is an idiot who should not be speaking about domains he clearly knows nothing about. Unguessable random sources are absoultely CRITICAL to security.
Noonces, PKI, IVs for symetric and asymetric encryption, as TFA pointed out blind injection against widely deplyed Internet protocols which rely on sequences as their only means of security.
Who cares about OpenBSD anyway with coordinators like this they might as well have replied "Use Linux"
Which is why they made it.
Odd that.
Oh, and if it was BSD, they still wouldn't have to give out the code changes.
The reason why Google may want to is so that they don't have to keep putting the change back in (or check that something else changed in a new version breaks what they did).
Your point is true, but pointless.
Unless you wanted to do something down because you don't like it.
Sorry, but it *IS* compatible with GPLv3. I believe that they included a special statement in the GPLv3 license that said it was, but I'd have to check that again before asserting it.
(So possibly it's the GPLv3 is compatible with the Affero license...but the resulting code must be released Affero.)
I think we've pushed this "anyone can grow up to be president" thing too far.
I'm calling you on this claim.
Is Apple using gmake and not BSD's make utility?
freedom of the user, freedom of the producer
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
I'll at least half agree with the wild west assertion.
But you get awfully excited about what is essentially another person/group's resource allocation choice.
I'm sure they'll take the exploit seriously when they see a reason to. Right now, they seem to think they have higher priorities.
Call it a different kind of race condition, if you will. But the only way to "fix" this race condition requires compromising the project itself.
They keep the core team small for a reason.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
You be vigilant on the things that worry you on your dollar and on your time.
As we can see, even Microsoft can't seem to be vigilant on everything at once.
And the question to ask would be, what alternative? OpenBSD has (yet another) theoretical vulnerability. Is it one that affects the things you use obsd for?
MSWxxx has yet another real vulnerability. Is it one that affects what you use MSWxxx for?
It's better to allocate your time to be vigilant on things that matter (to you).
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
The larger issue is whether the software is restricted or not. If it is not restricted, it doesn't matter if it is Apple's customers using it or anyone else. If it is restricted, why do you call it free?
The difference it makes is that you know who is respectable in the community.
The GPL is equally worthy of esteem, except the part where (for a thankfully small minority) it becomes a religion and all who've "sinned, and fall short of the glory of" the four freedoms are anathematized.
If someone wants to build a house of of highly contentious material like "ethics", then it helps to provide a fully developed ethical system in print, so we can all see how the various objects like buyer, seller, marketplace, copyright, trademark, and patent interact within that ethical system.
Just saying "those who disagree are unethical, because I say so" is just a bit too simplified.
Coming full circle, the support a company like Apple offers becomes another aspect of advertising, and the companies can be trained to see that people wanting to see the source code are not mere clowns, but actually adding shareholder value to the products, and providing splendid word of mouth advertising. All without being flogged by an idealogue.
Credit where due: we would possibly not even have this kind of discussion if not for RMS. He does deserve respect, if not agreement.
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
GNU Make, but they also provide BSD Make. BSD make is called "bsdmake", and GNU Make is called "gnumake" with a symbolic link to "make"
/usr/bin/make@ -> gnumake
[meshach:~] dan% uname -a
Darwin meshach 9.1.0 Darwin Kernel Version 9.1.0: Wed Oct 31 17:48:21 PDT 2007; root:xnu-1228.0.2~1/RELEASE_PPC Power Macintosh
[meshach:~] dan% ls -l `which make`
lrwxr-xr-x 1 root wheel 7 9 Dec 15:08
[meshach:~] dan%
God save our Queen, and Heaven bless The Maple Leaf Forever!
But they tend to have a point. They are right, ultimately, that the transport level is the "correct" level for security. WEP and WPA are both, ultimately, kind of pointless in that a determined attacker will be able to compromise them. It's just that WPA prevents a large class of casual attacks that WEP doesn't. In theory, yes, someone concerned about secure network traffic will secure that traffic at the transport level -- the problem is that if you don't control both sides of the transaction, transport-layer security is often not available (eg, https://slashdot.org/ redirects to http://slashdot.org/
All's true that is mistrusted
I just read Slashdot for the articles.
I just read Slashdot for the articles.
Maybe I missed something but all links and references I've seen so far point back to the same paper by A.Klein, which itself only very partially quote the "OpenBSD coordinator"... If indeed Theo de Raadt wrote this (definitely plausible), why not put his name?
Also, the DNS issue is fixed in BIND 9.4.2, which is the version currently in OpenBSD's tree. I'd find it unlikely that somehow OpenBSD's developers deliberately left BIND PRNG fix out. Has anyone actually checked?
After the Nth time someone as approached me talking about flaws in BIND's random number generator I just have to ask myself, why the hell do the bind people, with no real cryptographic knowledge, think they can write their own? Bind doesn't seem to even have an option to use the OS's PRNG.
I had an interesting discussion with Amit regarding all the hacks people (including the Bind people) do to try to roll their own random number generator and it prompted me to review our own IP randomization code (and the 'off' default). After review I was decidedly uneasy about its secureness, mainly because it was trying to use an algorithmically generated cycle for a tiny namespace (16 bits, actually 15 the way it was coded). The problem with the IP sequence space is that you can't just randomize it, you also have to ensure that sequence numbers are not immediately repeated. DNS has similar issues.
I gave up trying to improve the algorithm and decided to throw in the towel and allocate 128KB of memory to do a look-ahead running shuffle of the 65536 possible sequence number using the system's PRNG. It's not possible to do better then that, frankly. We also decided to turn on ip randomization by default.
So that brings me back to the question: Why the hell doesn't bind have an option to use the system PRNG? Not all systems have a good random number generator, but I trust ours far more then the junk coded into bind. For that matter, I don't really mind if bind ate another 128K of memory to secure its own sequence space, if that is what it takes.
I know enough about cryptology to know that I am not a cryptographer. But regardless of that, I can still get a good feel for someone else's code and what BIND does scares me. The y need to change their code to default to something more secure, even if it is memory intensive. If they want to give their users the option to use the less memory intensive algorithm that's fine with me, but the default needs to be more secure.
DNS has its own design issues, but that is no excuse for software to exasperate them.
-Matt
http://marc.info/?l=openbsd-misc&m=120268516518434&w=2
basically, the requirements for a successful 'exploit' are a poorly-attended system without even the most basic safeguards against abuse.
but mostly, who's Amit Klein? He may be brilliant, or he may be Gobbles (or somewhere in between). I don't know - but the OpenBSD team has a history of making smart decisions and doing the kind of development that has earned my trust. When presented with a scenario I can't necessarily judge for myself, and given the OpenBSD dev team on one side and $random_guy on the other, I think I'll trust the side that's already earned my trust, until they do something to lose it.
illum oportet crescere me autem minui
If you read the paper, you'll see that intimate knowledge of the source code was necessary to discover the attack in the first place. If the source hadn't been available, it's quite likely this vulnerability would not have been discovered inside the lifetime of the code.