Microsoft: As of October, 1024-Bit Certs Are the New Minimum

way2trivial writes with this snippet from Information Week about a warning from Microsoft reminding Windows administrators that an update scheduled for October 9th will require a higher standard for digital certificates. "That warning comes as Microsoft prepares to release an automatic security update for Windows on Oct. 9, 2012, that will make longer key lengths mandatory for all digital certificates that touch Windows systems. ... Internet Explorer won't be able to access any website secured using an RSA digital certificate with a key length of less than 1,024 bits. ActiveX controls might be blocked, users might not be able to install applications, and Outlook 2010 won't be able to encrypt or digitally sign emails, or communicate with an Exchange server for SSL/TLS communications."

Happy Sunday from the Golden Girls!

Thank you for being a friend
Traveled down the road and back again
Your heart is true, you're a pal and a cosmonaut.

And if you threw a party
Invited everyone you knew
You would see the biggest gift would be from me
And the card attached would say, thank you for being a friend.

Re:Happy Sunday from the Golden Girls!

[JuiceWagon]

cosmonaut?

Re:Happy Sunday from the Golden Girls!

[Norwell+Bob]

LOL, I believe the actual lyric is "confidante".

First!

First!

Re:First!

Ha! Beat by some little old ladies!

Close update backdoor instead

If MS are really interested in everybody's security why don't they close the Windows Update backdoor instead?

Re:Close update backdoor instead

Windows Update backdoor

[citation needed]

Re:Close update backdoor instead

Go here: http://www.kb.cert.org/vuls/html/search/

Type 'Windows XP' in to the search box.

Re:Close update backdoor instead

Lots of bugs, nothing related to WU..

Why 1024?

[fsck1nhippies]

System have the ability to go further, why not make 2048 the minimum? Does anyone know why 1024 was selected? I would guess it has to do with some backwards compatibility with something. Some of the issuers are making it next to impossible to go below 2048.

Re:Why 1024?

[Penguinisto]

Thinking much the same thing here as well. Even a CA like GoDaddy won't take anything smaller than a 2k cert key.

Most SSL certs we cook up have a 2048 minimum anyway, and some certs we use have a standard of at least 4096 (I work in the banking/financial industry, so we're used to using the bigger keys).

I'm thinking that they stuck with 1024 because most IIS 7.x (Win2k8 Server) allows for a minimum 1024 key size when making CSRs, and (maybe? can't remember) the really old crap (IIS5 or 4?) won't interpret anything bigger, which means enterprises with those old installs will scream bloody murder if they have to re-key but can't meet minimum length.

Re:Why 1024?

I'm thinking that they stuck with 1024 because

They stuck with 1024 because they want to pretend to be secure without actually having to be secure. A ton of money is made by the PC "security" industry surrounding Windows. Can't do anything that might jeopardize the legion of people who refuse to recommend anything else lest it put them out of a job.

Re:Why 1024?

[SCPRedMage]

Probably because they didn't want to break a greater number of certs.

Re:Why 1024?

[Jane+Q.+Public]

"Does anyone know why 1024 was selected?"

But one has to wonder why Microsoft is doing the selection.

I'm not Microsoft-bashing here, but if I had an old cert on a site somewhere, there is no way in hell I would update it just to be compatible with Internet Explorer. Let Explorer users do without. I don't care in the slightest.

Re:Why 1024?

[fsck1nhippies]

Sorry, I don't see the difference between breaking 1 and 10. It is the same BS email message the will send to the issuers.

Re:Why 1024?

[fsck1nhippies]

Your comment would have good merit, if we were asking why the global standard was not raised to something higher. This was from microsoft, and regarding their operating systems. If I may add to your original post, "Why are we not pushing the standard high enough to force MS to comply?"

You push a political edge with your comments that I am not quite comfortable answering. I will let someone else start that conversation.

Re:Why 1024?

[jrumney]

1024 was selected because this will not affect any US corporations, who always used 1024 bit certificates. Lower bit lengths were only ever offered because US export law would not allow high strength encryption products to be exported from the US, so MS and others shipped a lot of crippled copies of Windows NT, 95, 98 and maybe even Windows 2000 to customers outside the US.

Re:Why 1024?

then the would have to be updated too

Re:Why 1024?

[bloodhawk]

because in many environments 1024 are still quite commonly used, especially in scenarios where cost of encryption for 2048 is a factor. Breaking the rare place that uses less than 1024 is probably ok, breaking the MANY that still use 1024 would have huge repercussions. while 1024 is not long enough to be considered completely secure, it is still good enough for many scenarios.

Re:Why 1024?

[fsck1nhippies]

I am sorry to tell you that Certs are predominately used to secure communication between two points. They can be used for authentication of executables as well as users, and microsoft is pushing this requirement(gradually). To suggest that the selection of certificate bit length is to "pretend" that the are secure is crazy. Can you give an example of how this has been used in the past?

Re:Why 1024?

[fsck1nhippies]

I definitely understand the "huge repercussions" part as it would affect many. Can you please describe the financial aspect of the move, as I am not seeing a big impact on the surface.

Re:Why 1024?

[fsck1nhippies]

By your comment I will assume an exclusion of foreign companies...With that said, I can't understand how the increase in bit lenght requirements would specifically affect a company over a drawn out period. We cut user certs for 90 days, and code publishing certs for 180. I know that may not be the norm, but how many companies cut any of them for more than 3 years?

Re:Why 1024?

[Xacid]

Read up on the history of PGP. The answer to that will become clear.

Re:Why 1024?

[smash]

Because NSA / CIA haven't cracked 2048 bit yet, silly.

Re:Why 1024?

[Jane+Q.+Public]

"You push a political edge with your comments that I am not quite comfortable answering. I will let someone else start that conversation."

You read far more into my comment than I actually wrote.

There's nothing "political" about it. If I had an old site with an old certificate, I simply would not be motivated to upgrade it just for the benefit of the user of one browser. I could say the same about Chrome or Safari or Firefox.

Now, if several browsers imposed that restriction, I might be inclined to upgrade.

Re:Why 1024?

With this latest failure from Microsoft you will get your examples soon enough I fear.

Re:Why 1024?

[fast+turtle]

smart/feature phones

There's your biggest drawback to the 1k keysize. How many of them can handle more then that? Simply put, it's the U.S. Telco's that aren't able to handle anything larger as everyone else offers phones that can handle 2k+ certs.

Re:Why 1024?

[fsck1nhippies]

Now that is a pretty good reason! Thanks!

Re:Why 1024?

[fsck1nhippies]

The political comment was based on the the opening presented to go on a political rant. The similarities with our(US for me) current climate are quite obvious and very tempting.

Your site with the old cert will expire in less than three years from the second I post this comment. This is not something that is happening tomorrow. Your post implies that you would not "upgrade" for the benefit of one user. Why not?

Are you saying that you refuse to adopt a standard that progresses the security of our current computing environment? Because Safari does not support it??? I don't get it... Sorry.

Re:Why 1024?

[yuhong]

On Win2000, US lifted export restrictions only one month after Win2000 RTMed in Dec 1999, so MS had to ship the high encryption pack on a floppy disk inside the Win2000 package in addition to making it available for download. SP2 finally built it in.

Re:Why 1024?

[fsck1nhippies]

hahahaha, best answer yet. If I had mod points, I would transfer ownership of slashdot to you!

Re:Why 1024?

[viperidaenz]

I don't know about you, but I went to school. I see a factor of 10 between 1 and 10.
Have a look at http://en.wikipedia.org/wiki/Birthday_problem A group of just 23 people is required to get a 50% probability two people will have the same birthday, despite there being 366 different days in the year. 57 for 99% probability. That equates to 6.3% change, hits 50% probability and 15.5% hits 99%.

If moving to 2048bits makes 15% of the certs in use invalid, the vast majority of your users will be effected.

Re:Why 1024?

[viperidaenz]

If you want to cut 40% of the internet users off from your content, that's your prerogative.

Re:Why 1024?

[fsck1nhippies]

I was implying that the required number of responses for one affected group as one and the number of responses to ten or even more as still being one! The response would be " we warned you over a year ago that we would be updating the minimum cert length to more than 1024, You can fix the error your clients see by updating your issued certs to meet these minimum requirements"

I saw the difference between 1 and 10 as 0.

Re:Why 1024?

I am sorry to tell you that Certs are predominately used to secure communication between two points.

And Certs have Retsin for fresh clean breath!

Sorry, I had to....

Re:Why 1024?

[viperidaenz]

That would be good if you had a definitive list of all effected users and their up to date contact details and their permission to contact them for business purposes (some countries have laws against that).
Rattling the same response to every user you calls you up is still going to cost in terms of call centre resources.

Re:Why 1024?

[Jane+Q.+Public]

"The political comment was based on the the opening presented to go on a political rant. The similarities with our(US for me) current climate are quite obvious and very tempting."

Again, you are reading more into it than actually exists. Sure I wrote "Microsoft", but that is just because Microsoft happens to be the one doing it. It could just as easily have been some other browser.

"Your site with the old cert will expire in less than three years from the second I post this comment. This is not something that is happening tomorrow. Your post implies that you would not "upgrade" for the benefit of one user. Why not?"

That's two different issues. So (A) who cares? That's a completely separate issue, and it IS, as you say, 3 years. (B) Because if it's an old site that I have not bothered upgrading to this point, I probably don't care that much about it to support a particular browser anyway.

"Are you saying that you refuse to adopt a standard that progresses the security of our current computing environment?"

Of course not. Where did I actually state anything even remotely like that?

Re:Why 1024?

[betterunixthanunix]

So you are going to tell one of your biggest customers, "We told you over a year ago that you had to replace those hardware modules, so why did you not do it?"

It is easy for Microsoft to phase out 768 bit keys; hardly anyone uses them these days. 1024 bit keys are a completely different story; they are widespread, popular, and it is going to be expensive to replace them all. For over a decade, 1024 bits has been the default, and during that time a lot of systems were deployed, including a lot of hardware modules. Some of those systems have the key-length set in stone, and some of those systems are hard to replace (imagine taking a mission critical system down to upgrade your key length -- try selling that one to management).

1024 bit is deprecated, but it is not going to be gone any time soon. There is just too much friction, and too little understanding of why key lengths should be increased.

Re:Why 1024?

[Jane+Q.+Public]

"If you want to cut 40% of the internet users off from your content, that's your prerogative."

Yes, indeed it is. But it could be 30%, or 20%, or whatever, if it were some browser other than Explorer. The only reason I mentioned Explorer at all is because it is Microsoft doing this.

But I don't agree with companies using coercive tactics to push a standard THEY decided THEY like. I don't particularly care what standard that is.

Re:Why 1024?

[blowdart]

A bunch of hardware (think Cisco routers, load balancers, etc.) only generate CSRs with 1024bit keys.

Re:Why 1024?

[MobileTatsu-NJG]

A ton of money is made by the PC "security" industry surrounding Windows.

Why would Microsoft support an industry that they don't make money from that actually makes their product look bad?

Re:Why 1024?

[Firethorn]

From reading on the issue, the problem isn't fresh keys, it's older programs and hardware that can't handle anything greater than 1024. Not all of them have the option to handle 2048+. So we have to wait until those are replaced before breaking support for them.

Re:Why 1024?

"1024 bits is more than enough for anybody."

Re:Why 1024?

[bloodhawk]

when I say cost, cost is not always in financial terms (they I suppose these do have financial impacts too). processing 2048 bit encryption is more expensive processor wise than 1024 bit. Higher bit keys mean you are sacrificing performance/CPU/battery in order to utilise better security, The more SSL negotiations you require in your device/app/webpage etc the higher this cost is. if better security isn't required then that sacrifice may not be worth while in some scenarios.

Re:Why 1024?

I'm not Microsoft-bashing here

Get the hell off /. then!

Jeeezhus some people have got no idea what it's all about

Re:Why 1024?

But this is Microsoft here. They love breaking things for no reason, why wouldn't they break more certs for an actual reason?

Re:Why 1024?

[aaarrrgggh]

Bigger keys in banking? Why do we still have the 14 bit pin codes then...

Re:Why 1024?

Because you have only three chances to correctly input a pint number. That means there is a 3/1000 chance your brute-force attempt is succesfull; or you'd have to steal about 330 ATM cards in order to withdraw money from someone's account, which is rather difficult to pull off without the bank noticing.

If you manage to refractor a 1024-bit prime number, though, you can obtain the bank's private key and impersonate that bank in transactions; meaning you could deal massive damage and steal millions.

Re:Why 1024?

For the same reason you don't carry a vault in your pocket. 14 bits is enough to protect the $10^3 moving out of your ATM account, but something better is called for when processing $10^9 interbank transactions.

Re:Why 1024?

[jafiwam]

System have the ability to go further, why not make 2048 the minimum? Does anyone know why 1024 was selected? I would guess it has to do with some backwards compatibility with something. Some of the issuers are making it next to impossible to go below 2048.

There is an embedded VPN device (hardware box) that is so old it won't take certs longer than 1024 where I work. I assume a lot of other companies are in the same boat, expensive or simply not made anymore bits of infrastructure using tech that was envisioned as "enough". Stuff that came out during the tech-boom is even worse, where the assumption every company was loaded with cash to spend on IT stuff was sorta true.

I bought a 3 year cert last time around for the device, and have about a year left before it's gotta get scrapped as "too old" despite working well enough for what it does.

Re:Why 1024?

[helix2301]

I agree the stronger the better especially with SSL cracking being the new wave.

Re:Why 1024?

[asdf7890]

Does anyone know why 1024 was selected?

Almost certainly due to the number of 1024 bit certs that are out there.

Most CA's won't sign anything smaller than 2048 bit now, and that has been the case for a year or few, but what about companies that paid an absolute fortune for five year "enhanced validation" certificates or have their own CA for internal use and signed many many keys smaller than 1024 some years ago.

From a security standpoint 2048 should really be the cut-off, as it is elsewhere, but from a practicality view that simply wouldn't wash with a chunk of their userbase who would be very vocal in making sure MS (rather than any lax certificate review/renewal policies at their end) get the blame for any inconvenience caused so they'll not make that jump for a while (i.e. until 1024 bit certs are practically extinct, as those smaller than 1024 are now).

Re:Why 1024?

Remind me not to hire you to work on any of my systems.

Re:Why 1024?

I'm intrigued, but I don't quite understand the point you're making. The bit strength of security certificates in the wild is not evenly distributed, so how does the birthday paradox apply?

Re:Why 1024?

[tqk]

I am sorry to tell you that Certs are predominately ...

Just an FYI:

(0) kiak /home/keeling_ dict predominately
No definitions found for "predominately"
(20) kiak /home/keeling_ dict predominantly
2 definitions found

From The Collaborative International Dictionary of English v.0.48 [gcide]:

    Predominantly \Pre*dom"i*nant*ly\, adv.
          In a predominant manner.
          [1913 Webster]

From WordNet (r) 3.0 (2006) [wn]:

    predominantly
            adv 1: much greater in number or influence; "the patients are
                          predominantly indigenous" [syn: {predominantly},
                          {preponderantly}]

Feel free to use it to look smarter than your boss when s/he misuses it.

Re:Why 1024?

[tqk]

A ton of money is made by the PC "security" industry surrounding Windows.

Why would Microsoft support an industry that they don't make money from that actually makes their product look bad?

I've been wondering that ever since I first heard of Windows malware. I have to assume either they think it makes them look good ("Oh look, my virus checker stopped an infection, yay!"), or they have no idea how to eliminate the problem (painted themselves into a corner) now that billions of copies of Windows are in the wild.

Re:Why 1024?

[operagost]

Maybe so thousands of small business don't have to plunk down $500-1000 of unbudgeted funds on a currently-unnecessary certificate renewal?

Re:Why 1024?

[aliquis]

Online banking with pin codes from a slip of paper.

Re:Why 1024?

[aliquis]

So we have to wait until those are replaced before breaking support for them.

And they wait with replacing until the software can't support what's needed.

See what I did there? =P

Re:Why 1024?

[tqk]

Rattling the same response to every user you calls you up is still going to cost in terms of call centre resources.

That's just depressing to even think of. There's this thing out there called the web and on it is a site called microsoft.com. I'll bet they even have a link to "News" there, maybe even "Search."

Sigh.

Re:Why 1024?

It is easy for Microsoft to phase out 768 bit keys; hardly anyone uses them these days. 1024 bit keys are a completely different story; they are widespread, popular, and it is going to be expensive to replace them all.

Since when has Microsoft cared about the customer's expenses? Do you remember when the executives' memos in the new version of Word could not be read by the underlings? A phone call to an underling, and suddenly everyone got a shiny new version of Word.

Re:Why 1024?

I've tested a dozen or so feature phones 5 years ago with 1024, 2048 and 4096 bit keys, and found no problems whatsoever. Among the phones tested back then were Nokia S40, SonyEricsson, Motorola Razer V3, Palm, Windows CE, Samsung and others. The primary focus of the test was to measure performance, and we found no significant difference between key lengths even over GSM/GPRS links.

Re:Why 1024?

FYI:
(note I am exaggerating certain numbers to get easier calculations; I'd say this presents a reasonable lower bound on currently available tech.)

A chosen prefix attack (on a 1024bit key) like the one done in Flame could be done in 2008 on roughly $100,000 worth of hardware (200 ps3s) in a reasonable timeframe (20 days)

a 2048 bit key is 2^32 times harder but computers have gotten about 16x faster at the same price point; given a 4B budget (roughly 2^16x more)...

The same attack against a 2048bit cert would take
20*2^32/2^4/2^16 = 20*2^12 = 81920 days > 224 years (ignoring future computational increases)

Even if the NSA/CIA have an algorithm that does 16x better than a 2008 chosen prefix attack it would still take 14 years to bypass the 2048bit key.

Regardless of whether it is 14 years or 224 years, we are still in the frame of time when it is better for the NSA/CIA to wait for computers to get more powerful before attempting to do this than to bother actually doing it. If it is only 14 years then it will be something to expect an attack on around 2020 (watch for a massive datacenter to be built in 2018 or so). More likely being around 224 years, we have at least until 2030 (expecting a 2^8x - 2^12x computational increase per $).

Re:Why 1024?

[KlomDark]

I'm thinking you must have "refractored" several "pints" there... *hic*

Re:Why 1024?

[jez9999]

Why 3 in 1000? 9^4 is more like 6500.

Re:Why 1024?

System have the ability to go further, why not make 2048 the minimum? Does anyone know why 1024 was selected? I would guess it has to do with some backwards compatibility with something. Some of the issuers are making it next to impossible to go below 2048.

It's Microsoft. 1024 should be enough for anybody.

Re:Why 1024?

[bWareiWare.co.uk]

1024 is much faster: ~x5 less operations. The is also an issue with larger keys (especially with chains) not fitting in the first packet.

More specifically Google still uses 1024 keys (despite the fact you and me can't even get them any more), so not supporting them may have been bigger news.

Re:Why 1024?

[viperidaenz]

Regardless of how much you advertise some kind of change, a significant number of people will still pick up the phone when something doesn't work.

Re:Why 1024?

Wouldn't the users be affected by the effected change?

Re:Why 1024?

[tqk]

Are you saying that you refuse to adopt a standard that progresses the security of our current computing environment? Because Safari does not support it??? I don't get it... Sorry.

I'll play.

"Are you saying that you refuse to adopt a standard that only purports to progress the abysmal security of our current computing environment, as far as Microsoft Operating Systems and its apps are concerned?"

Yup. If banks can do, and demand, 4096, why can't Microsoft up its game to protect its users and customers?

Honest to $DEITY, I'm not an Apple fanboi, but Apple saw the writing on the wall and made the jump from OS9 to OSX. Why hasn't Microsoft even attempted anything that forward thinking? How long will we have to put up with Microsoft's blinkered thinking as it relates to the basics of system security? Why isn't Microsoft malware obsolete yet? Why are we still suffering from the deluges of spam and malware from MS related botnets & etc?

Re:Why 1024?

[tqk]

If you want to cut 40% of the internet users off from your content, that's your prerogative.

This's nonsensical.

I don't have a great deal of respect for this cert system you guys use, but since you do, you ought to all be using it in the best way it can be used to protect both yourselves and the users who're relying on your securing of your systems.

You're damned right I care whether my online banking is secure, and if my bank's doing it wrong, you're damned right I'm going to be looking to transfer to one that does it right.

Secure, or convenient? Hmm. "What's the potential downside of convenient?" !@#$, I hate watching you people cheap out on the basics!

Re:Why 1024?

[Firethorn]

Hardware can last decades, true, but 'most' of it should be gone within a decade. Not breaking support will slow down adoption a touch, true. But it'll also reduce disruption, and the answer of some companies if MS DID break support would be to stop upgrading(IE no more $ for MS) or switch to an alternative for that function. It's about balance.

Reading up, it's like 8.4M CPU years to break a 1024 bit key. A touch high for expiring data of low marginal worth like your forum logon. You know the military and banking systems have darn well moved on though.

open source

[Hazel+Bergeron]

I don't really understand how anyone can care whether a closed source operating system is secure.

No matter how few people actually read through the Linux kernel code, it's sufficiently open that blatant backdoors are not going to be inserted. Why would I assume the same of Windows or (yet worse, because they have some quasi-religious thing going on) OS X?

Re:open source

Threat model. If Microsoft hacks you, then you sue. The government can get anything you have anyway, so need to hack you. This is how business people think. They don't think about how any backdoor can and will be found by (or just plain out sold to) the bad guys too.

Re:open source

[bloodhawk]

just because it is closed source doesn't mean people can't read the source. thousands of universities and government agencies and even other organisations have access to the source code for windows for development purposes, security evaluation purposes and research purposes.

Re:open source

[Hazel+Bergeron]

thousands

You sure?

How many students actually evaluate the source in any detail?

How many of those universities oversee the MS build servers?

I run Windows on some machines, but I assume that anyone with unfettered network access to the machine will be able to obtain whatever's on it. Don't you?

Re:open source

If Microsoft hacks you, then you sue.

a) if MS hacks you, you'd never know it b) they have lawyers that will have you run crying to your mommy.

The government can get anything you have anyway, so need to hack you.

You have way too much faith in the government's ability to gather information. Also, they have to convince a jury with whatever they have and "we're the government so we just know" will generally not cut it.

You are naive to think Windows isn't backdoored. Imagine you're MS and some 3 letter agency comes knocking with the justice department on speed dial. Do you really MS is going to say no? Do you think they did last time when they got miraculously let off?

Re:open source

just because it is closed source doesn't mean people can't read the source. thousands of universities and government agencies and even other organisations have access to the source code for windows for development purposes, security evaluation purposes and research purposes.

Do you actually think MS would be stupid enough to leave backdoors in the code they hand out? It's not like those universities or governments have access to MS' internal version control. All MS has to do is give a cleaned up version of the source and actually ship anything they like.

Re:open source

Do you oversee Red Hat's build servers? Did you oversee Debian's SSH build when they fucked it up?

Re:open source

[Crypto+Gnome]

Erm, I'm pretty sure he used the words "have access to" not "have actually audited".

Specifically meaning that in theory they could audit the code.

As opposed to Open Source where people don't just AUDIT code, they actually FIX bugs and security failures and submit the changes back to the origin.

Re:open source

Did you oversee Debian's SSH build when they fucked it up?

I did. I'm sorry, but that week the NSA check came late, so I wasn't able to make the compromises less obvious.

They paid up later.

Re:open source

With countless malware authors out there digging through the NT kernel with SICE and the like you'd assume that such a preexisting backdoor would've already been found and actively exploited in the wild, raw ASM dumps are just as good as source code would ever be if you know how to read them (yes, by that definition everything is open source).

Re:open source

(same AC)
Oh on the contrary, I'm sure Windows is backdoored. Probably multiple times by multiple agencies working for multiple governments, plus a few disgruntled employees looking to sell to the highest bidder. I'm just giving my best guess as to why PHBs don't care.

Thing is I suspect the same is true of Linux. Open source software is inherently more secure than the "trust us" closed source, but it's surprisingly easy to hide a few subtle vulns in plain sight. None has to be a complete back door, just enough to weaken this or that to let you slip in.

Re:open source

Do you oversee Red Hat's build servers? Did you oversee Debian's SSH build when they fucked it up?

Thanks for so clearly spelling out one of the great advantages of the Linux ecosystem. Namely, that a vulnerability in RedHat isn't necessarily a vulnerability in Debian so the damage doesn't propagate to the overall community of users. That's one of the great things about there being so much diversity and unique approaches to Linux. Again, thank you and I commend you on your evangelism of Linux. People need to know!

Re:open source

Thing is I suspect the same is true of Linux. Open source software is inherently more secure than the "trust us" closed source, but it's surprisingly easy to hide a few subtle vulns in plain sight.

I figure the main difference is that with Linux, you actually can go through it line by line even if you're a nobody whereas with Windows you can forget it. So, basically, if security is the most important thing to me I can go much further towards actually being secure than I ever can with Windows and closed source applications.

Re:open source

Speaking of quasi-religious nuts. FOSS is just as much a devotional as anything I've seen from Apple.

Re:open source

[mystikkman]

Not true when kernel.org itself gets hacked.

http://www.theregister.co.uk/2011/08/31/linux_kernel_security_breach/

Re:open source

[man_of_mr_e]

Nice weasel word there. Blatant. What makes you think that if there are backdoors in Windows they're blatent?

Think back to the AARD code, they went way out of their way to obfuscate it. Microsoft would not be so stupid as to put a well commented backdoor in there.

Of course, I'm sure someone will bring up the NSAKEY incident, which various security researches (such as Bruce Schneier) have dismissed as merely allowing the NSA to install their own key to be install for their internal systems without having to have MS sign it.

You do know that backdoors have been inserted into Linux distro's in the past, and some of them took a great deal of time to be discovered. Then of course, one never really knows if a security vulnerability is intentional or not (on any platform).

There have also been some near calls as well in the kernel itself. For instance, who remembers this doozy?

http://www.securityfocus.com/news/7388

Yes, it was caught, but not because of "many eyes". It was because the attacker chose to try to modify the version control file directly. Had it gone in by some other means, it may not have been caught at all.

Re:open source

With countless malware authors out there digging through the NT kernel with SICE and the like you'd assume that such a preexisting backdoor would've already been found and actively exploited in the wild

You'd think but then that also presumes that the source code that MS releases to their partners is the same code that ends up in the shipping products. If there are backdoors it is a virtual certainty that MS isn't going to bundle that code up and then start handing it out.

raw ASM dumps are just as good as source code would ever be if you know how to read them (yes, by that definition everything is open source)

To some very talented and bored people, yes ASM dumps are the same as source code. But those people are few and far between and to lesser hackers, there is a huge chasm between that dump and actual source with comments, etc.

With Linux, I know that the source code I just downloaded and looked through can easily be compiled and installed on my machine. With Windows and their source sharing program, you will never get enough of the product to actually compile a working OS so in order to run Windows, you have to blindly trust the already compiled version. Huge difference.

Re:open source

Could your cock sucking zealotry be any worse? Pathetic.

Re:open source

Not true when kernel.org itself gets hacked.

On the contrary. Which distros actually compiled and released a version of the kernel that was compiled from code downloaded during the window this attack was in effect? If you're running Debian then your kernel is anywhere from just now old to 2 years on the stable version. And if you're doing the right thing and using Ubuntu LTS releases instead of the beta interim stuff then it's the same deal. With Windows, there's only 2 releases to the mainstream. The server and the desktop versions. So whatever kernel MS builds, that's the one everybody uses. With Linux even with kernel.org getting hacked, you have a fighting chance but with Windows, you're done.

Re:open source

You do know that backdoors have been inserted into Linux distro's in the past, and some of them took a great deal of time to be discovered. Then of course, one never really knows if a security vulnerability is intentional or not (on any platform).

The difference is if you are that serious about security then with Linux you at least have the option of inspecting the code. With Windows you don't.

There have also been some near calls as well in the kernel itself. For instance, who remembers this doozy?

http://www.securityfocus.com/news/7388

Yes, it was caught, but not because of "many eyes". It was because the attacker chose to try to modify the version control file directly. Had it gone in by some other means, it may not have been caught at all.

So some hacker tries and fails to slip a backdoor into the kernel and you think this shows Linux as insecure? It shows the opposite. He got caught! But, in your case, talk about trying to "weasel". Pot, meet kettle.

Re:open source

[GigaplexNZ]

The website was hacked. The Linux source was not compromised.

Re:open source

[Zero__Kelvin]

"just because it is closed source doesn't mean people can't read the source. thousands of universities and government agencies and even other organisations have access to the source code for windows for development purposes, security evaluation purposes and research purposes."

They present a version of the source code. How do you know it is the version that ships with every OEM and in every COTS box?

Re:open source

[chentiangemalc]

Closed source doesn't prevent from disassembling windows functions or testing through a kernel debugger. Open source = easier to see find backdoors, easier to find security vulnerabilities. It's also easier to take legitimate code from the OS modify it maliciously and distribute the binary. In other words being open can work for you and against you. The good guys have an edge, but it's wiped out by edge bad guys get. Closed source it's harder to find backdoors and it's also harder to find security vulnerabilities.

Re:open source

[Rockoon]

But those people are few and far between and to lesser hackers, there is a huge chasm between that dump and actual source with comments, etc.

If you have respect for variable/function names and comments during code review, then you are a failure at code review. There is a difference between the reading of source code to derive what its expected/claiming to do, and the reading source code to derive what it actually does.

You are right not to trust closed source, but you fail in not extending that mistrust to open source. Faith is not a valid justification for trust.

Re:open source

[LordLimecat]

I don't really understand how anyone can care whether a closed source operating system is secure.

This is so much garbage.

Opensource systems have their share of holes, and the idea that there is a gigantic pool of people qualified to catch backdoors in something as relatively simple as a web browser-- let alone an OS-- is absurd. Just because you can look at the source doesnt mean you can do a remotely competent job of auditing it; and the idea that a single person could somehow audit hundreds of thousands of lines of code for security "on a whim" is even more absurd.

There are a lot of benefits to open source, but sometimes its advocates really stretch the imaginations with some of the claims and accusations they level against proprietary software.

it's sufficiently open that blatant backdoors are not going to be inserted.

So I suppose the whole potential IPSEC backdoor in freeBSD thing was just my imagination, then?

Youre talking nonsense. Consider that OpenSSL is widely considered a horrendously complex pile of spaghetti code, which I believe has had its share of security issues, and yet we still use it. Is it because we're lazy? No, its because sometimes some of this security stuff is phenomenally complicated, and it would take a horrendous number of man-hours from incredibly talented people to refactor or replace it.

One of the benefits of paid software is that, if theyre competent, they can devote a lot of time to it because they are paid. Im gonna go out on a limb here and say that one of the biggest helpers to good code in a lot of OSS projects are the paid volunteers, not the mere fact that its "open" as if that dash of pixie dust makes a project magically better.

Re:open source

[man_of_mr_e]

Your argument is that because the burglar slipped on the icy sidewalk and broke his neck, it proves your security system works as expected.

Re:open source

[LordLimecat]

a) if MS hacks you, you'd never know it

You assume that IT folks have no way of tracking what enters and leaves their networks. Maybe that is true in smaller networks, but any larger business with any kind of budget is going to have an edge firewall, and Im gonna go out on a limb and say its not Microsoft's firewall.

b) they have lawyers that will have you run crying to your mommy.

The idea that Microsoft could somehow win that kind of case through the simple merit of its lawyers is ridiculous. Big companies have been brought to unfavorable judgements before, and if the evidence is clear enough theyd probably just settle with you on very favorable terms.

Re:open source

[LordLimecat]

Youre basically trying to defend fragmentation as a good thing, because while some programs might not work across the myriad of versions, neither will the vulnerabilities.

I find this logic lacking.

Re:open source

does anyone on Slashdot even realise how stupid they look wearing their tin-foil hats?

Re:open source

[gagol]

Not true, I heard many people were able to download the source code since then ;-)

Re:open source

[smash]

There are plenty of people who download kernel code from mirror sites without checking the hash matches. The kernel code for OS X is open too. It's called darwin.

Re:open source

[gagol]

That is why you should use OpenBSD, as it has been and is continously audited for security, and it uses proactive crypto deployment everywhere it fits. That is why development is slower... Need bleeding edge or stable security? pick ONE.

Re:open source

[ultrasawblade]

The bored socially-outcase girlfriendless 13-year olds that find all the security vulnerabilities have the time, inclination, and imagination to find all the vulnerabilities whether the code is open or not.

A well maintained open source project tends to fix them quicker than every patch Tuesday, though.

Re:open source

[ultrasawblade]

Seriously, Pascal had it right with := being the assignment operator and = being the equality operator. Hard to confuse those two IMHO.

Re:open source

with the literally thousands of security researchers reverse engineering, fuzzing and generally prodding and poking around you would rapidly find them trumpeting to the world any such differences or backdoors. They already do this for every patch that comes out, detailing what is fixed and using it for attack tools.

Re:open source

[AK+Marc]

How many students actually evaluate the source in any detail?

The same number as true open source.

Re:open source

[viperidaenz]

I suppose you protect against SQL injection attacks by giving your tables weird names? If no one can guess it, no one can hack it! Security by obscurity all the way.

Re:open source

[viperidaenz]

Or submit vulnerabilities back to the origin. They even hold contests to hide the real intention of code.

Re:open source

if your security system involves ice machines, then yes.

Re:open source

Yes, it is entirely plausible for one person to read through the entire kernel source to ensure there are no back doors. When you are done in 3 years time, please let me know if you find any.

Re:open source

Not true when kernel.org itself gets hacked.

On the contrary. Which distros actually compiled and released a version of the kernel that was compiled from code downloaded during the window this attack was in effect? If you're running Debian then your kernel is anywhere from just now old to 2 years on the stable version. And if you're doing the right thing and using Ubuntu LTS releases instead of the beta interim stuff then it's the same deal. With Windows, there's only 2 releases to the mainstream. The server and the desktop versions. So whatever kernel MS builds, that's the one everybody uses. With Linux even with kernel.org getting hacked, you have a fighting chance but with Windows, you're done.

So you aren't concerned with the possibilities of an open source project being compromised, just how short the window of opportunity was for a specific attack (determined in retrospect)? That doesn't change anything.

Re:open source

[10101001+10101001]

Opensource systems have their share of holes, and the idea that there is a gigantic pool of people qualified to catch backdoors in something as relatively simple as a web browser-- let alone an OS-- is absurd.

It doesn't take "a gigantic pool of people qualified to catch backdoors" to fix software bugs. If it did, closed source projects would be inherently hoplessly doomed security wise. What it does take is a few or even just one qualified person to catch backdoors. For closed source, the lure of money is usually enough to hire qualified people to do the job, presuming the owner of the code cares to offer such a lure. For open source, the idea is that statistically, there's such a gigantic pool of people out there interested at all with the code that presumably a few qualified people will be in the lot and find the backdoors.

Just because you can look at the source doesnt mean you can do a remotely competent job of auditing it; and the idea that a single person could somehow audit hundreds of thousands of lines of code for security "on a whim" is even more absurd.

Not so much "on a whim", but there's been multiple security audits by researchers from different universities, often in testing automated code checkers. The same presumably happens against Windows code too, as MS offers access to source code to universities for presumably the same reason. Having said that, it's an actual known when it's done with Linux because there's no NDAs to hide any of the source or otherwise hold back the results from public scrutiny. And probably just as important, it might take a competent person to find the bug, but it often doesn't take a competent person to fix the bug--in part because often researchers spell out the fix. Yet, MS is the only one can fix their bugs--short of some potentially nasty reverse engineering--while there's a gigantic pool of people who can fix the open source bugs.

There are a lot of benefits to open source, but sometimes its advocates really stretch the imaginations with some of the claims and accusations they level against proprietary software.

Well, it's not much of an accusation to point out that Oracle and Adobe frequently learn of security vulnerabilities and seemingly sit on them for months or even years, with no reasonable possibility of anyone else offering a fix--again, short of some nasty reverse engineering. Meanwhile, as much as open source bugs have been discovered, announced, and a few times ignored, the barrier is a lot less as a point to fixing such bugs with open source--with some exceptions on the complexity of reproducing the needed build environment, at times.

So I suppose the whole potential IPSEC backdoor in freeBSD thing was just my imagination, then?

You mean OpenBSD? And you notice that it's still only potential-at least, AFAIK--with no code audit so far showing any evidence of a actual backdoor? Meanwhile, in Windows world, if one of the developers on the MS IPSEC code was paid by the FBI, would MS tell us about the potential IPSEC backdoor, would MS do a code audit, would we be aware of that code audit, and would MS bother telling us everything looks okay? You see, as horrible as the whole situation might be with the potential OpenBSD's IPSEC backdoor, the fact that we know about it gives us the option to audit the code or to outright avoid the code because we know of the potential threat. Meanwhile, it's much harder to trust that a corporation, which has a vested interest in keeping as quite as possible about potential vulnerabilities as it risks their bottom line, will be open about the risk to their customers. Sometimes they try to rationalize it within the scope of "responsible disclosure". But it's only really responsible if one presumes that (a) users must use the relevant code and (b) not revealing

Re:open source

"One of the benefits of paid software is that, if theyre competent, they can devote a lot of time to it because they are paid"

Untrue, the corps aim to make a profit, the actual security teams will be pared to a nubbin - oh sure, they can roll out roomfuls of security 'experts' who can talk the talk at the drop of a hat (or more likely at the drop of a $ bill) but the number of actual practicing security people in the big software corporations is very low - and I'd bet most of their time is spent on firefighting and customer support, not refactoring or fixing code.

Re:open source

[gman003]

Indeed. I have a copy of the Windows CE 6 source code (or perhaps partial source code - I haven't tried to compile it) on an external drive somewhere. When I graduated, I went through our MSDNAA site and grabbed everything that looked interesting.

I'd be violating all kinds of licenses if I were to release it, probably even if I read it at this point. But they don't exactly guard their source all that well.

Re:open source

[dbIII]

the idea that there is a gigantic pool of people qualified to catch backdoors in something as relatively simple as a web browser-- let alone an OS-- is absurd

It may sound absurd, but reality is sometimes like that. A large portion of the vast pool is called "students" and the more qualified deep end of that pool is called "graduate students", and many thousands are looking at open source software from all angles for their own benefit.

Re:open source

So, basically, if security is the most important thing to me I can go much further towards actually being secure than I ever can with Windows and closed source applications.

Can you actually do that? In your open source OS, going through the stack of code you are using and fully understanding it is an enormous task.

Re:open source

In one direction, yeah. Not hard to replace an assignment with an equality test, though.

Re:open source

Do people realize how stupid they sound when they use the phrase "tin-foil hat"?

Re:open source

If you are that serious about security, you don't bother with the source code because you don't trust that the compiler isn't compromised. Instead you just inspect the code that's actually running on your system (i.e. the compiled machine code). Since MS ships their compiled machine code, there's no reason you can't inspect it just as well. You can step through it with IDA Pro or your favorite debugger/disassembler.

An example of something you can't inspect is Google's source code (the part that runs on their servers). Another example is encrypted firmware blobs. Windows is not an example of something you can't inspect.

dom

Re:open source

[LordLimecat]

Your comment ignores the fact that Windows had strong ASLR before Linux did, and by all accounts its security is on par with or better than your average Linux distro.

Profit accounts for a lot, but profit requires selling product, which requires meeting customer demands. Having a product with a reputaiton for poor security tends to hurt demand, which means that good security can indeed come about in proprietary software.

but the number of actual practicing security people in the big software corporations is very low

You just ventured out of the realm of opinion, and made a statement of fact that requires some kind of source. On what basis do you make this claim? And by what logic do you say that there are more honest-to-goodness security gurus donating their time to "OSS" in general?

Its almost like you have disdain for anyone who would try to make a living off of their skills, like being PAID to be a good programmer or security expert was somehow a dirty thing.

Re:open source

[LordLimecat]

It might suprise you to know that having a graduate degree and being a good programmer can also net you a job at a company that produces proprietary software. The idea that programmers at Microsoft are all incompetent is partisanship of the most extreme kind; by all accounts it tends to be very competitive and there are truly good programmers there. Certainly noone would accuse Google of hiring slouches.

Re:open source

[steelfood]

That particular one came down to code standards and review. There's a reason why most coding standards explicitly disallow assignment inside a conditional structure. It's a security hole waiting to happen, just like null-terminated buffers or processing unsanitized input.

NASA's guidelines, for example, are fairly stringent. An attack would have to be very sophisticated, where the attacker would have to know the system fairly well, and insert seemingly-innocuous code in multiple places. It's harder to attack NASA because a lot of their systems are hidden behind obscurity and contractor diversification. That, and there's nothing to be gained by hacking them. Their standards exist more to prevent careless bugs from creeping in (which is really just a less-glamorous term for "security hole"). But for software like the Linux kernel where the system is completely transparent and then some, doing proper code reviews and strictly enforcing standards is absolutely necessary.

It's also a good reason to not trust binary blobs. But then again, nobody'd be dumb enough to mix their secure system with their gaming system, right?

Re:open source

The idea is that common elements pretty much have to be intentional and largely agreed upon. This naturally leads to slower overall development but greater stability.

This is not so much logic as it is philosophy. This is Linux in contrast to Windows/Mac (many Linux developers see the variety of different distributions to be overall positive), P2P file sharing in contrast to dedicated file hosting services, Bitcoin in contrast to traditional payment processors (the community is almost in complete agreement that independently developed clients improves the security of the network).

In the extreme case: Evolution in contrast to Intelligent Design. I certainly agree with you that neither one of these is evidently superior to the other, but evolution most certainly has the stability advantage.

Re:open source

Don't be ridiculous. An SQL injection vulnerability would not be a problem with the table names but in the application layer. This is a perfect example of an unintentional design flaw which would be shrugged off in a highly distributed software development environment but be the death knell for a massively centralised one.

Re:open source

[KDR_11k]

Disallowing assignments in conditions would work too.

Re:open source

If your security system forced the burglar to take slippery sidewalk what is hazardous.... then yeah!

Security systems are not 100% secure, their purpose is just to make sure that avarage joe's do not get in and professionals needs to find a harder way to do their thing.

Then you build up security system by implementing multiple layers and steps so instead just passing one security system at one point, you have multiple kind in multiple point between outside and items.
So instead just waltzing inside, snap what you want and get out under 3 minutes, you need to search perimeter from where you can penetrate, check what is not possible to do and then take first step and start again checking what is next security perimeter.

You clearly have never heard "Locks are meant for honest people" phrase. As locking something is not enough, there is always someone who get trough the lock and steal what is worth. But the idea of lock (IT security in this case) is to make it such, that honest people does not try to "peek" inside what is behind "closed door" because they know owner does not want them to look.

Closing the source isn't security, it is just a way to keep honest people (hackers) peeking your technic, while bad guys (crackers) will pass it in no time.

So instead trying to stop hackers finding problems and helping you, you throw away the most valuable help and you want to play alone with the crackers who does not tell you what they can and what did they do.

In security, it is better to lure burglars to place what is trap for them. Like in IT, you want to trick crackers to do a mistake what alarms you.

Re:open source

[Hazel+Bergeron]

Yes, but the brightest people won't choose to work at MS. Well, they might, but they'll be in MS research labs, not churning out Windows.

A competitive commercial environment does not gain you the best people - merely the people who thrive in a competitive commercial environment. And the people who just want capitalistic success are up there in finance, not dicking around as code monkeys.

The most intelligent people I knew from school are today either academic researchers or investment bankers. Anything else is compromise.

Re:open source

Yet Debian shipped for a long time with a broken (insecure) key generation code. Yes, this most probably wasn't an intentional backdoor (yet, who knows for sure?), but it shows that people reading the source code isn't sufficient (ironically, if nobody had read the source code at Debian, this specific bug wouldn't have been inserted).

Re:open source

[Hazel+Bergeron]

the idea that there is a gigantic pool of people qualified to catch backdoors in something as relatively simple as a web browser-- let alone an OS-- is absurd.

I think you're one of those stupid libertarians, so it'll be hard to argue with you as you assume everyone works only for money despite all evidence to the contrary. But there are lots of new eyes on Linux and the BSDs either as contributors or interested students, and they will be "qualified" to catch backdoors of varying subtlety. Indeed, various universities and government organisations and corporate and unaffiliated contributors report on potential problems in Linux all the time - even if you were to remove all the "altruistic" people you'd still have kernel developers employed by Red Hat etc. doing this job. So you have everything you get from closed source and more.

Just because you can look at the source doesnt mean you can do a remotely competent job of auditing it;

Duh really? There was me thinking everyone was equally competent or incompetent.

the idea that a single person could somehow audit hundreds of thousands of lines of code for security "on a whim" is even more absurd.

Indeed - this is one reason why closed source is never going to be as secure. The other is the need to trust a corporation when it says "yup, checked as secure and no backdoors added".

So I suppose the whole potential IPSEC backdoor in freeBSD [marc.info] thing was just my imagination, then?

That's it? A single allegation from 13 years ago? Seems like open source is doing really well, then.

Consider that OpenSSL is widely considered a horrendously complex pile of spaghetti code, which I believe has had its share of security issues, and yet we still use it. Is it because we're lazy? No, its because sometimes some of this security stuff is phenomenally complicated, and it would take a horrendous number of man-hours from incredibly talented people to refactor or replace it.

Indeed. Thank goodness it's audited from time to time and random people find bugs.

One of the benefits of paid software is that, if theyre competent, they can devote a lot of time to it because they are paid.

Highly competent people have enough time to earn a lot of money doing very little, and this gives them sufficient free time to code. But the less competent certainly benefit from having the opportunity to code during the day, no doubt. In this there is no difference between Linux as GPL software and Windows as closed source software, though.

Im gonna go out on a limb here and say that one of the biggest helpers to good code in a lot of OSS projects are the paid volunteers,

They are of course of benefit.

not the mere fact that its "open" as if that dash of pixie dust makes a project magically better.

"mere" "pixie dust" "magic" Your rhetorical skills are poor. Language like this doesn't actually make you more convincing, you know?

Face it: Linux has all the paid-eyes advantages of closed source development and more from being open source.

Re:open source

[Hazel+Bergeron]

Yeah, I used to compile my own kernel on my OS X machines. Insufficient, but better than nothing.

Re:open source

[Hazel+Bergeron]

It's possible to identify final contributions to the Linux kernel.

So, like I asked, how many at least report to MS on bugs in Windows source?

Re:open source

Build it and diff the binaries?

Re:open source

[AK+Marc]

The question was "evaluate" not "contribute to" And given the number of "I reported a bug to MS, and they were rude to me" submissions to this site, I'd say more than one.

Re:open source

[YttriumOxide]

Certainly noone would accuse Google of hiring slouches.

No, but I would accuse them of having hiring practices that discourage creativity (even if their employment practices promote it).

I interviewed with Google a little while back. Right at the start I told them I was not interested in the job they were offering as it's somewhat "below" what I currently do (and would require moving to a more expensive city for a similar level of pay as what I'm on now). They said they'd like to interview me anyway and perhaps after that offer me a job that would better fit my skills.

The short version is that after going through their rather long and drawn out process, involving mind-numbingly boring "solve this well known algorithm problem" questions, they offered me the job that I said I didn't want. After I turned them down, they then sent me a letter saying that "after consideration, we don't think you're a good match for Google".

Personally, I would've really liked to work there. But NOT as a code-monkey on their generic sites. I'm a pretty good developer (although by no means brilliant); but where I really shine is creating new things from scratch. I'm an ideas person with the technical aptitude to put the ideas in to practice. Their hiring process showed me very clearly that they had no interest in my creativity and only wanted someone who can churn code, find bugs, and patch systems to keep them running (all important; but not the only thing in the world; and definitely not for me).

Re:open source

[kasperd]

you'd assume that such a preexisting backdoor would've already been found and actively exploited in the wild

Just because you can find a backdoor doesn't mean you can use it. It as not hard to make a backdoor, that requires authentication. The only thing that is hard is to make a backdoor that is both secure and does not look like it was made deliberately.

Re:open source

[Zero__Kelvin]

That won't work. You don't know how they built, which compiler version they used, etc. A mismatch is almost 100% certain and in no way indicates that the same code base wasn't used to build it.

Re:open source

[LordLimecat]

I dont disagree with most of what you said, except the general implication that because some proprietary companies suck at security they all must.
Also,

You see, as horrible as the whole situation might be with the potential OpenBSD's IPSEC backdoor, the fact that we know about it gives us the option to audit the code or to outright avoid the code because we know of the potential threat.

Thats true, but youll note that if the accusations are correct (and I see no indication that anyone has actually done the audit, 2 years later), it took 10 years and then the backdoor was not even caught by OSS devs, it was revealed by an insider whose NDA expired.

Re:open source

[cyber-vandal]

I have recently discovered the benefits of open source by working on Microsoft Dynamics CRM. That is that if you have an enormously complex web app (CRM) you need the source to figure out what the issues are, unless you feel like spending hours on Google trying to debug "An unexpected error has occurred".

Sadly I do not have the source and so my job is made immeasurably more difficult because of it. I'm sure that the quality of any open source product would not necessarily be better, but if there are any issues with it, I can look at, step through and even change the code at will. CRM prevents me from doing this. Decompiling it helps somewhat but you need to find where the offending code is, and even then you can't see any of the variable values or the flow of the code.

Re:open source

[LordLimecat]

I think you're one of those stupid libertarians,

Youre free to think that, but you would be wrong. I do so enjoy ad hominems, though, I find they are a wonderful way to start a post.

so it'll be hard to argue with you as you assume everyone works only for money despite all evidence to the contrary

Everyone assumes things, but this is not something that I assume. You however seem to be making assumptions full steam. Your post isnt off to a good start.

and they will be "qualified" to catch backdoors of varying subtlety.

Read up on some of the articles like "Trusting trust", where one dev did a PoC corrupted compiler that would insert backdoor code into binaries when it saw certain strings. Students generally are not going to be qualified to catch something of that nature, or of the nature mentioned in the BSD IPSEC backdoor thing.

Indeed - this is one reason why closed source is never going to be as secure.

Generalizations generally make me uncomfortable, because they have a nasty tendency of failing. Both proprietary and non-proprietary softawre have their share of holes; with each you can find examples that are quite good, or quite bad security-wise. In a lot of ways for the last year or so Firefox remained at the BACK of the pack for security, with IE and Chrome being at the lead. Chromium is technically OSS (though chrome isnt quite the same), but IE is definitely not, and is considered a much harder target than firefox. You cant just compare two projects on the simple basis of "OSS or not?"

Seems like open source is doing really well, then.

You arent paying attention if you think thats the extent of "security blowups" in the OSS world. SSH keys being lost, root access to update domains, and of course the wonderful Debian SSH flaw requiring everyone to regenerate their keys all come to mind.

Youll note that with the SSH thing that lasted for quite some time, and was a rather simple bug IIRC (something got commented out), and yet it wasnt caught for years (early 2006 to late 2008).

But the less competent certainly benefit from having the opportunity to code during the day, no doubt. In this there is no difference between Linux as GPL software and Windows as closed source software, though.

So people who code as a job and work a full day are incompetent. Nice.

They are of course of benefit.

If memory serves, theyre one of the main contributors of "hard" stuff like drivers and SELinux.

Face it: Linux has all the paid-eyes advantages of closed source development and more from being open source.

Except for organizational issues, and the fact that your volunteers are generally paid by a third party who can cut the money stream at any time, yea.

Re:open source

[servant]

Yes, and they sign NDA's to get it. That even happened when AT&T's Bell Labs licensed UNIX to colleges back in the dark ages.

Re:open source

[10101001+10101001]

I dont disagree with most of what you said, except the general implication that because some proprietary companies suck at security they all must.

Sorry, that wasn't the intended implication. The intended implication was that proprietary companies can hire competent security folk, but they have to go out of their way to budget for it, a point most proprietary companies don't focus on. Of course, the truth is that in the open source world, the "many eyes" and "statistically....a few qualified people" only works if the project receives enough attention to have those many eyes. That still leaves the outliers, both in proprietary companies and small projects, where there is enough just good programming practices to mitigate most security risks.

Also,

You see, as horrible as the whole situation might be with the potential OpenBSD's IPSEC backdoor, the fact that we know about it gives us the option to audit the code or to outright avoid the code because we know of the potential threat.

Thats true, but youll note that if the accusations are correct (and I see no indication that anyone has actually done the audit, 2 years later), it took 10 years and then the backdoor was not even caught by OSS devs, it was revealed by an insider whose NDA expired.

To the contrary, OpenBSD code audit uncovers bugs, but no evidence of backdoor covers the point that an audit was done and while bugs were found--one nasty one at that--, that there was no evidence of an extant backdoor. Of course, a more useful question would be if there ever was a backdoor, and that sort of audit wasn't done, AFAIK--and I'd really love to see someone do that audit since I know I'm not qualified. But the original discussion was the probably of a blatant backdoor surviving. And even a less blatant one apparently couldn't survive in OpenBSD it would seem--unless the backdoor was explicitly removed by the backdoor inserter at some point. Of course, without evidence of there ever being a backdoor, it's really hard to use the whole OpenBSD IPSEC Backdoor as any sort of data point. :/

Re:open source

[LordLimecat]

The intended implication was that proprietary companies can hire competent security folk, but they have to go out of their way to budget for it, a point most proprietary companies don't focus on

Thats true, but the beauty of a (properly functioning) competitive market is, you can just avoid the sucky vendors, and they will generally disappear. OSS tends to not have that pressure-- although of course if the project is sucky and unpopular, its unlikely to be wellknown or have any kind of community.

Really, heres the difference youre looking at, and why I dont have this allergy to paid software. If Microsoft releases a crappy OS (bad security, or slow, or something else), there will be intense pressure on them to fix their ways; as a for-profit, publicly traded company, they very quickly run into issues if their product is unpopular.

On the other hand, when a project like AmaroK makes a crappy release (bad security, or they do a 2.0), the devs can tell everyone to go get stuffed (which, in fact, they did), because there is 0 market pressure on them.

Obviously the very large projects like Linux do have some degree of pressure; but at the end of the day, if Linus Torvalds wants to say "Ive decided to remove memory protection", he can do so, and its really no skin off of his back. The saving grace of course is that if you have a talented community (which may not be the case), they can fork it and though painful, you can transition to the fork.

I have a feeling that at least SOME of the people who seem to have this allergy havent had to deal with these kind of issues, but they do happen.

Re:open source

[10101001+10101001]

Thats true, but the beauty of a (properly functioning) competitive market is, you can just avoid the sucky vendors, and they will generally disappear.

The problem with that statement is the "properly functioning" modifier really leads your statement into "No True Scostman" territory. The simple fact is, it's a very frequent market failure that security or even just program stability takes a back seat to sufficient functionality or sufficient familiarity.

OSS tends to not have that pressure-- although of course if the project is sucky and unpopular, its unlikely to be wellknown or have any kind of community.

And OSS suffers the same issue as mentioned above, which explains why some huge projects still have massive security and stability problems. The general issue is that there's really little pressure involving the issue of security except in very isolated niches, like OpenBSD. And even there, OpenBSD's track record is really bad if you consider they basically define a crippled base install to claim any sort of real security.

Really, heres the difference youre looking at, and why I dont have this allergy to paid software. If Microsoft releases a crappy OS (bad security, or slow, or something else), there will be intense pressure on them to fix their ways; as a for-profit, publicly traded company, they very quickly run into issues if their product is unpopular.

Remind me again on just how unstable and insecure Windows was? And remind me again just how long until the Windows NT was adopted? And then further remind me how long it took before the Windows NT, the "robust" line, became actually remotely robust?

On the other hand, when a project like AmaroK makes a crappy release (bad security, or they do a 2.0), the devs can tell everyone to go get stuffed (which, in fact, they did), because there is 0 market pressure on them.

Who uses AmaroK again? I mean, I see your point to an extent, but AmaroK has virtually no "market share" to speak of in the first place so telling "everyone to go get stuffed" just doesn't mean a lot. If, on the other hand, Mozilla were to say something similar about Firefox, I'm almost certain that (a) a fork would start and (b) a good many distros would start using the fork. In fact, isn't that what happened with AmaroK, that distros switched to another media player? On the scale of whole distros, it's why there's Fedora and CentOS and Mandriva.

Obviously the very large projects like Linux do have some degree of pressure; but at the end of the day, if Linus Torvalds wants to say "Ive decided to remove memory protection", he can do so, and its really no skin off of his back. The saving grace of course is that if you have a talented community (which may not be the case), they can fork it and though painful, you can transition to the fork.

Well, that'd be sort of the point. Linus is the benevolent dictator, who helps guide inclusion of a lot of code by maintainers. Those maintainers themselves function as their own benevolent dictator upon their own section. If Linus, tomorrow, were to push something as extreme as "to remove memory protection", there's over ten people qualified to fork the Linux kernel--although due to trademarks, they'd have to call it something different. If Linus complained, it'd then be the community telling Linus to "get stuffed", since he already licensed his parts under the GPLv2 and can't rescind his code offer. So, part of what makes OSS work is the code licensing and part is how making the code tends to produce the very people capable of forking, if needed.

I have a feeling that at least SOME of the people who seem to have this allergy havent had to deal with these kind of issues, but they do happen.

The thing is, I really don't have a proprietary code allergy, per se. I certainly put

Re:open source

[LordLimecat]

And remind me again just how long until the Windows NT was adopted? And then further remind me how long it took before the Windows NT, the "robust" line, became actually remotely robust?

I mean, I guess thats kind of what I was talking about. Apparently the market cared less about that than some of the other features. Plus, lets remember that Linux wasnt some bastion of usability at that point from what I've read-- not that I can claim to be some guru computer historian. Market pressures caused MS to conform to market expectations, and they were successful (at least enough to gain monopoly status).

. If, on the other hand, Mozilla were to say something similar about Firefox, I'm almost certain that (a) a fork would start and (b) a good many distros would start using the fork

This does happen, and its not without a lot of grief. LibreOffice went relatively smoothly, but was in a bad place for a few months. AmaroK never really got fixed, and the replacements really didnt compare. Im not sure why it was never forked, but thats my point: You cant just expect Joe Random Dev to sit down and pick up a project like that and have everything continue as normal.

that distros switched to another media player

The distros are always switching media players; Im not sure anyone really understands the rationale, or whether there is one.

there's over ten people qualified to fork the Linux kernel--although due to trademarks, they'd have to call it something different.

And now you have massive chaos. Which of the 3 resulting forks to use? What about the kernel updates being pushed out from Linus? Whats the future of support for Linux look like?

This is where you realize, golly, its can be nice to have a single codebase, even when it does things as boneheaded as Metro. At least you only have ONE Metro to deal with, not 3.

since he already licensed his parts under the GPLv2 and can't rescind his code offer.

I believe he can relicense the parts of the code that are exclusively his, but I dont know whether that would be inherited by the forks, or whether their license "as forked" would continue. Doesnt really solve the whole "3 versions" issue that would occur, either way.

I certainly put more trust in an OS kernel and system libraries/utilities that is open source, in the same way I put more trust in an encryption system that has the minimal amount of obfuscation to function.

I dont know that I look at it that way, after the issues I've had with OSS projects and the sometimes spotty support. I love the idea, I love the price, I love the whole "I can download this and stuff it in a VM right now without any signup". But when it comes to a client wanting something, I am VERY hesitant, unless its a major distro (CentOS, Ubuntu Server) and / or has serious support options (pfSense, which for the record has impeccable support even if it is sometimes unstable).

But Ive definately had issues even with Fedora and Ubuntu, where its something like "whoops, our new release cripples E1000 NICs with a bad firmware", and there simply isnt the same kind of market pressure for someone to "do something" asap.

Ive also dealt with it from proprietary vendors ("sorry, we dont know what the problem is and we dont really care"), but at least there I can tell the client that the vendor isnt supporting it, rather than that "the vendor is some community and I have to wait 3 days for a response, and no there isnt a support queue".

So, I guess my point would be is, if I do have a proprietary software allergy, it's to proprietary security software

Not sure if youve ever done whole disk or volume encryption, but TrueCrypt is widely recognized as one of the best volume encryption solutions, especially for window with their WDE. Its also proprietary.
Likewise, PGP is

Re:open source

[10101001+10101001]

Not sure if youve ever done whole disk or volume encryption, but TrueCrypt is widely recognized as one of the best volume encryption solutions, especially for window with their WDE. Its also proprietary.

AFAIK, it's not really proprietary; it's just not "free" because it seems to be anti-commercial and put restrictions on things like forbidding obfuscating the source code.

Likewise, PGP is now (technically) proprietary, and AFAIK its still considered pretty decent (though its only a matter of time before Symantec ruins it).

Well, PGP certainly did have a reputation as being decent, as it was based upon the reputation of its creator and was specifically focused on the security of the information it encrypted. But, now that it's bought out, it sounds like you don't really trust it. Meanwhile, GPG doesn't suffer from this flaw, at least to the extent that while, yes, there might be n forks if the original community around it dissolves, it's rather likely that a few forks will be considered "good enough" based on the same point of reputation. This is, btw, why the chaos of forking usually resolves itself after a while; the "market pressure" of competing forks generally results in a few or only one really getting the focus to actually be considered the successor. That this might be "messy" is more a point that all sorts of market competition for dominance is messy.

Most strikingly, Security Essentials and Avast are both FAR superior antiviruses to ANY of the OSS AV solutions out there (moonsecure, ClamWin).

And that's probably because most OSS AV solutions focus first on protecting OSS systems which basically don't need AV because of their distribution system. AV solutions are, IMHO, a nasty hack, anyways. Since they fundamentally only work by constantly finding new viruses/malware and adding a signature to a database, it's basically a full-time job focused on every possible bad thing you could possibly do under the hope you find a counterpart malicious person and their malicious software. I'd probably have a lot more respect if this sort of fuzzing went towards fixing software. Instead, it's more like noticing that some piece of software is a sieve and creating a counterpart bit of software to put different shaped swatches of fabric in to prevent rats and roaches and whatever from coming in.

So, on the one hand, you're absolutely right. On the other hand, one could also point out that for years, in the 90s, Windows had some of the best proprietary system crash recovery software. In the OSS world, you'd just work on the point of the system not crashing and efforts to make crash recovery software would be closer to a pet project than a main consideration.

Only 10 years behind the times

Way to go Microsoft! As everyone moves to 2048 bit keys, let me be the first to welcome you to 2002.

Re:Only 10 years behind the times

[viperidaenz]

But nobody else has completely blocked 1024bit keys.

Re:Only 10 years behind the times

Have you tried to get a SSL cert recently? CA's are starting to deny CRs with private keys that aren't 2048 bits.

Re:Only 10 years behind the times

[betterunixthanunix]

As everyone moves to 2048 bit keys

1. The most common key length is 1024 bits, and that is not going to change for a while. Despite the fact that most popular software packages default to 2048 bits, the increased load on servers, the lack of any successful attack on 1024 bit RSA (except for implementation attacks), and the general effort required to replace a public key will mean that most people will not bother for many years to come. There is also a lot of hardware out there that was built with a 1024 bit maximum, and that hardware is going to be expensive to replace.
2. If you really want to get with the times, you should be talking about 3072 bit keys (roughly equivalent to AES-128), or you should be talking about ECC. If I had to guess, I would say that we will see elliptic curve systems become popular before 2048 bit RSA -- ECC has more promise in terms of efficiency and the security level you get per bit. Even the OpenPGP standard now includes ECC.

Re:Only 10 years behind the times

[DeathFromSomewhere]

It's a minimum, feel free to make your keys higher.

Re:Only 10 years behind the times

True. ECC is definitely the way forward. NSA has already switched all their systems to it and the DoD mandated that all systems must switch from conventional public keys to ECC by 2010 (2 years ago). Whit Diffie said that NSA insiders told him the same thing (i.e. they trust ECC more). This has lead some to speculate there is an unpublished (NSA discovered) weakness with RSA (a speculation which may have some merit according to James Bamford, who in his infamous Wired article claims NSA "made a huge breakthrough in cryptanalysis a few years ago." Bamford didn't give specifics because his contacts didn't give specifics, but it seems much more likely they have broken RSA than the much more difficult AES (breaking RSA would give you the keys to the AES kingdom since AES keys are protected by RSA in hybrid systems like PGP/SSL. Break RSA and you have access to the AES key underneath).

It's all speculation about RSA having flaws. Maybe NSA broke AES instead. Maybe they broke both. Maybe they have "broken" it in the sense of a novel side-channel attack. Maybe the insiders lied to Bamford for disinformation purposes. We don't know. Either way, ECC is better all around due to its reduced key size and at least as strong security. The problem is even though it is in the OpenPGP standard, it will not be in widespread use for many years yet. Werner Koch, the lead developer of GNUPG, says it will take many years for it to become widespread due to all the legacy systems, old software, people not upgrading, etc. There are many software implementations of OpenPGP, and not all of them will include ECC at the same rate. Plus lots of people have RSA keys with lots of signatures and they aren't going to want to go through all of those key signing parties again.

It could be worse

[kiriath]

We could've gotten notification a week or two after the update.

This is gonna be a pain in the butt though =\

On the bright side things will be more secure!

Re:It could be worse

We could've gotten notification a week or two after the update.

This is gonna be a pain in the butt though =\

On the bright side things will be more secure!

Uh, the term "more secure" is critically relevant to the OS/browser we're speaking of...careful.

Re:It could be worse

[betterunixthanunix]

In what way is this going to be a pain in the butt? Are there really that many people out there using less than 1024 bit in this day and age?

You would think that after the successful factoring of a 768 bit RSA modulus, whoever was still using less than 1024 bit would have fixed that. Frankly, 1024 bit should be considered too short for any new applications going forward, but that is still built in to quite a lot of packages.

Re:It could be worse

If public academics are breaking 768 bit RSA keys with a few clusters of home PC's, imagine what NSA is doing. I would say they can break 1024 bit keys (though probably with some work). I would say anything less than 2048 bit is suspect, at least if NSA is in your threat model. If you don't care about NSA snooping, then 1024 bit is surely adequate for a while to come.

There is a reason DoD completely ditched RSA keys in 2010 in favor of ECC. Coincidence? Maybe.

This was announced several months ago

[Meshach]

TechRepublic noted this a while ago and provided detailed instructions on how to work-around the issue.

Close Goate.cx instead

Wouldn't be much of an OS if it didn't have a reach-around.

Re:Close Goate.cx instead

With Microsoft products, it always more of a bend-over than a reach-around.

Re:Close Goate.cx instead

[cristiroma]

Obligatory: http://turbo.paulstamatiou.com/uploads/2007/03/outpost_firewall_review1.jpg

As usual MS still fucks it up

The rest of the industry is already moving to 2048 bit. Is it really so hard for MS to get their heads out of the sand and actually look at what's going on outside of Redmond for a change? It's ridiculous. Like the tail wagging the dog. Practically every single computing niche outside of the desktop is dominated by some form of Unix or Unix-like OS. From supercomputers, to cellphones and everything in between. When is MS going to stop being a drag on this industry? Damn, as much as Apple sucks, I think the world will be better off if everybody just stops using desktops and goes to iPads. A lot more secure too!

Re:As usual MS still fucks it up

[viperidaenz]

Test rest of the industry still support keys smaller than 1024 bits. Microsoft won't.

Oh phuque them!

[kurt555gs]

Just switch to Linux. Do you really need them telling you what you have to do?

Re:Oh phuque them!

Been a proud Linux user for 5 years now and have yet to get one infection of any kind. Before I switched over, the last straw was some kind of malware that would change all the links in search results to some advertiser page. I couldn't search for anything. I downloaded malware bytes on another computer and tried it to no avail. I visited forums and tried out at least 10 different sets of instructions and still my machine was broken. Then I remembered that cd I downloaded a few months before yet never tried out, Ubonto? No, Ubuntu! Yeah, that's what it's called. Installed it, it partitioned the drive in half between Windows and itself and I was off to the races. Worked so well that I ended up copying all of my documents over one by one until finally I realized that my Windows partition hadn't been used in over a month. Downloaded the GParted live CD and bye bye Windows. Best decision I ever made on my computer.

Re:Oh phuque them!

Just switch to Linux. Do you really need them telling you what you have to do?

You say that like it is simple. It isn't. There are people who expect their machines to work. They expect wireless, sleep, hibernate, 4G dongles, etc. to work in order to do business. They expect dock / undock with multiple large monitors to work. They have applications - thousands of them that they would have to re-write. If you think about it for all of 5 seconds you'd see that Linux either doesn't work well in many of these scenarios (it does on some machines, not so well on others) and the costs to switch would be enormous. Just switch. Jeez. How about you just switch your body's metabolism to run on tree bark? That would work just as well.

Re:Oh phuque them!

You say that like it is simple.

He never said it was simple just suggested it as an option.

There are people who expect their machines to work. They expect wireless, sleep, hibernate, 4G dongles, etc. to work in order to do business. They expect dock / undock with multiple large monitors to work.

Just like you wouldn't buy a computer with hardware that didn't work well with Windows, you shouldn't expect hardware not designed with Linux in mind to work well either. I have a Linux laptop I bought from http://system76.com/ and it does all of the things you mention perfectly. There is also the OSX option. I hear Macbooks do the stuff above pretty well.

Re:Oh phuque them!

[smash]

I've run Windows on the desktop (along with Linux and OS X) and have yet to get an infection on any OS since 2001. What's your point?

Muppet administrator = risk, regardless of OS.

Re:Oh phuque them!

[viperidaenz]

I don't recall seeing a MacBook dock anywhere that isn't simply a usb hub and displayport connector.

Re:Oh phuque them!

[petermgreen]

The apple thunderbolt cinema display is basically the apple equivilent of a dock. It connects to the mac with thunderbolt and magsafe. It then provides a thunderbolt port for chaining further displays (or hooking up other expensive thunderbolt perhipherals), 4x USB and 1xFW800 for your perhipherals and gigabit ethernet for connecting to your network.

I haven't used one myself though so I don't know how well it all works in practice.

Theoretical Access to MS Source Code

[Crypto+Gnome]

That many institutions have access to MS Source Code is kinda like instituting a needle-inna-haystack search.

Yes you might find a needle, but unless you're a needle-collector or perhaps a seamstress what in this universe d'you think you're gonna do with it?

At least with Open Source you can
(1) fix the problem with the code
(2) submit the code back to The Author
(3) expect that The Author will either accept the fix as is or perhaps integrate the solution with more elegance

Sure not *always* but the expectation would be more-often-than-not your fix (in one form or another) reaches the wider community of users.

Re:Theoretical Access to MS Source Code

[Electricity+Likes+Me]

That many institutions have access to MS Source Code is kinda like instituting a needle-inna-haystack search.

Yes you might find a needle, but unless you're a needle-collector or perhaps a seamstress what in this universe d'you think you're gonna do with it?

At least with Open Source you can
(1) fix the problem with the code
(2) submit the code back to The Author
(3) expect that The Author will either accept the fix as is or perhaps integrate the solution with more elegance

Sure not *always* but the expectation would be more-often-than-not your fix (in one form or another) reaches the wider community of users.

You also fork the code and encourage people to download the fixed version, or to use your patch against the official sources until the upstream realizes the significance.

Digging through a small patch to ensure it's not overtly malicious is actually pretty easy.

Re:Theoretical Access to MS Source Code

[viperidaenz]

With closed source you can leverage the SLA's between yourself and the vendor to make them do the hard work of fixing and testing the defects.

Re:Theoretical Access to MS Source Code

Its very funny to search bugs in a 3rd party software, when you clearly have pointed out to the customer that the fault is described in a bug of the 3rd party software. When you finally have found the reason for the bug, yes in the 3rd party software, and you are ready to explain it to the customer, they turn away and say, we are not intrested.

All guarded by SLAs.

Open source suffers from quasi-religious stuff too

[perpenso]

No matter how few people actually read through the Linux kernel code, it's sufficiently open that blatant backdoors are not going to be inserted.

Open source suffers from quasi-religious stuff too, as you just demonstrated with your claim. Ken Thompson, of Bell Labs and Unix and C fame - the "K" in K&R, demonstrates the insufficiency of being able to read the source code.
http://cm.bell-labs.com/who/ken/trust.html

Re:Open source suffers from quasi-religious stuff

The reason Thompson's backdoor is famous is because it was far from blatant.

IE is dying... and this isn't helping

Sounds like a great way to get people off IE, or fill up customer service inboxes for weeks. Madness!

Blant troll post

Really? Wow. Way to go and show your intellect.

Re:Open source suffers from quasi-religious stuff

But isn't that the point? Just imagine what you can hide in something as large as the Linux kernel or most modern programs.

This is a direct response to a real attack

There are multiple Microsoft keys with a size under 1024-bit out there in the wild, and certificate chains involving them they were used in state-sponsored attacks. It is therefore quite correct, and very necessary, of them to reject RSA keys with a crackable length. Keys up to 768 bits have been cracked publically.

What I'm mystified about is that 1024-bit RSA keys are still allowed as a baseline - honestly, those should all be phased out already and I haven't considered them safe enough for over half a decade now. While no-one has publically factored the RSA-1024 test vector, estimates in 2007 showed that it would indeed be possible, and tests proved positive - 5 years on, I expect it to be quite feasible to factor a 1024-bit RSA key now, particularly if you implemented parallel parts of the sieve in GPU shaders and used something like... oh, I don't know... the NSA's new Tesla-based supercomputer. And they're far from the only ones: Iran has either factored or swiped at least one 1024-bit key (honestly, either is plausible at this point).

This is why 2048-bit keys going onwards are all that's allowed by CAs (and were mandated from the beginning of the EV standard). In practice this has never been a problem - they'll work on any version of Windows which supports RSA at all. I remember using 4096-bit keys with Windows 95, and indeed I recall experimental builds of PGP happily using 16384-bit RSA keys (although they were, of course, slow as molasses).

Long-term you should probably think about moving to prime256v1 (secp256r1). That's got more juice than 3072-bit RSA, but it's vastly faster and much smaller. Alternatively, curve25519/ed25519, which are extraordinarily optimised binary curve algorithms with nice features such as being secure through the twist, and not needing a random source to create signatures.

Re:This is a direct response to a real attack

Blame idiotic US government export regulations for the 1024-bit figure.

Re:This is a direct response to a real attack

While no-one has publically factored the RSA-1024 test vector, estimates in 2007 showed that it would indeed be possible,

Yep. Back-of-the-envelope estimate is that it would cost a few hundred million $ US of energy, a few man-years of software engineering, and access to a really, really big cluster to find nullspace vectors of a large sparse matrix with a billion rows and columns. Not trivial, but not out of the realm of possibility. The 1024-bit challenge number from RSA may not be worth that much, but some other number may be.

Can we use zero-padding?

No one can factor my 1024-bit cert: 0x0000.....000F.

closed minds

[fm6]

Open source is great mechanism for finding security holes, but it's hardly the only mechanism. OK, Windows is probably not as secure as Linux, but it's not totally insecure either.

Hey, I live in an apartment that doesn't have the best security, but enough for the neighborhood in which I live. By your logic, I should either beef up security to the max (iron bars on the windows, install a CCTV, maybe get a pit bull) or just forget all about it and leave never lock the front door or window by the fire escape. Makes no sense

Who uses Internet Explorer?

[theRunicBard]

Wake up and smell the Firefox/Safari/Chrome grandma!

Re:Who uses Internet Explorer?

I believe Chrome uses the OS layer for SSL (on Windows at the very least)

The real K&R

[notdotcom.com]

The "K" of K&R is wrong.

"K" is Brian Kernighan. You know, the Brian Kernighan of "The C Programming Language" fame. He wrote a book or two. He's quite famous. Maybe you've heard of him.

Look it up.

Re:The real K&R

[perpenso]

The "K" of K&R is wrong.

Yeah, I actually know that. My 1st and 2nd editions of K&R are well used. I have no idea why I referred to Ken Thompson. I guess I was thinking about C compilers, hacking them, Ken Thompson's paper and had a major brain fart connecting the language and the book. Its quite embarrassing.

Re:The real K&R

That's okay, we all make mistakes sometimes.

Key length is the least of concerns for SSL

[js33]

There is an entire collection of root certs in your browser that are all trusted unconditionally. Hundreds of them, in fact. These root certs have signed thousands (who knows how many, really?) intermediate certs. All of these intermediate certs are trusted unconditionally to authenticate any SSL server whatsoever. It's pointless to have a key longer than the shortest intermediate cert key length in use anywhere. When you use SSL, you are trusting thousands of unknown parties with absolute cert-signing authority. SSL certificates are known to have been used for explicit man-in-the-middle purposes: Trustwave sold root certificate for surveillance. Sure they revoked that one key because of the bad publicity, but it's common industry practice. How is SSL hopelessly broken? Let us count the ways.

Re:Key length is the least of concerns for SSL

[daid303]

There are more keys in use then just for HTTPS.

Re:Key length is the least of concerns for SSL

[js33]

That is true. POP, IMAP, or SMTP and many other protocols are often run over SSL, too, but they're all going to use pretty much the same default certs as the browsers, unless you set up your own special-purpose authority, and then you have to distribute and install your custom root cert everywhere you want to use it without a good way to revoke it, and you still have the same basic problem that delegation is all-or-nothing without the ability to restrict signing authority to sub-domains, and consequently there is no way for x.509 to scale adequately to provide an assurance of security for more than a handful of certs signed by a single agreed-upon root.

What, they do?

There's a reason why most coding standards explicitly disallow assignment inside a conditional structure.

I've never heard of this. Are you actually trying to say that most coding standards disallow if(condition) { var = true; } else { var = false; }? Or do you actually mean variable declarations when you say assignments? Could you link to some coding standard that actually disallows this, so I could look into this a bit more?

Re:What, they do?

disallow:
if (a=b)
as a replacement for:
a=b;
if (a)

Why the goalpost shift into absurdity?

[dbIII]

Your post has nothing at all to do with mine apart from some sort of personal attack based on the assumption of extreme ignorance ("It might suprise you" followed by the fucking incredibly obvious) and some fallacious assumption that the above is in some way an attack on others ("that programmers at Microsoft are all incompetent is partisanship of the most extreme kind" - WTF? How do you find an accusation of incompetance in the two sentence post above?). Sorry limecat - it's coming off as insane as saying I must hate tigers because I like dogs. If you want to argue with voices in your head please do not commit the gross insult of pretending that I am one of them.

Fragmentation is a good thing

[aNonnyMouseCowered]

Up to a point fragmentation or variety is a good thing. And not just in software. In agriculture, if your field consists of only one crop, your goose is cooked if there's an outbreak of a plant disease. A country whose GDP comes from a single source, say oil or a single cash crop, is also more vulnerable to price fluctuations in the global market. A crash in the prices of that product would lead to a crash in the country's economy as well.

Too much fragmentation of course is bad. But as far as Linux, the major distros are quite few, namely, Ubuntu, Redhat, Fedora, Debian, and possibly Suse. It's their derivatives that give the impression of excessive fragmentation. Derivatives tend to be compatible with the mother distro at least as far as the installation of third party programs not in the main repository. A binary-only printer driver that can run in Ubuntu would be compatible with Linux Mint for example.

Custom Packages via WSUS will also be Affected

[bdam]

If you use a program like SCCM, SCE, EmminantWare/SolarWinds, Secunia, Local Update Publisher (plug: my OSS alternative), or any other similar program that allows you to publish your own packages through the WSUS system you will also need to worry about this. For some time the default certificate that gets created was 512 bits and will become invalid with this update. Check with your vendor to see what remedy they suggest. One of the recent updates to the WSUS API bumped this default cert creation to 2048 bits but that won't help existing users.

how to check?

[slashmydots]

I'm the head IT manager for this 50-person company so I'm stuck as the server administrator despite having about 12 weeks of MCSE training. Someone else set up our current self-signed certificate so I don't know the size or how to check. I do know they plopped the .cer file itself down on C: though, lol. So I opened it in notepad, pasted its main contents to Word, and ran a character count. It's 2092 total characters in size. I'm going to take a guess that that's a 2048 bit cert, right? So:
1. Am I correct in assuming that?
2. Is there a less stupid way of checking that in Server 03? :-P
3. I have no idea where our other server (exchange 03) keeps its cert or what size it would be expected to be by default. Anyone got some info on that?

Assignments in conditions

[tepples]

Disallowing assignments in conditions would work too.

A lot of C compilers already have compile-time options to warn when the outermost operator in an if or while condition is an assignment. This allows various idioms where conditions have side effects, such as pulling one pointer from an iterator function and then checking whether or not it's a null pointer terminator, while requiring the programmer to make his intent explicit.

if (x == 5) { } /* fine */
if (x = 5) { } /* compiler warning: = at top level */
if (5 = x) { } /* compiler error: left side of = is not an lvalue */
while (x = get_next(c)) { } /* compiler warning: = at top level */
while ((x = get_next(c)) != NULL) { } /* fine; intent made explicit */

Paying your dues

[tepples]

Their hiring process showed me very clearly that they had no interest in my creativity and only wanted someone who can churn code, find bugs, and patch systems to keep them running (all important; but not the only thing in the world; and definitely not for me).

I believe it's called "paying your dues", and I believe it's considered standard practice at most major companies.

Re:Paying your dues

[YttriumOxide]

Their hiring process showed me very clearly that they had no interest in my creativity and only wanted someone who can churn code, find bugs, and patch systems to keep them running (all important; but not the only thing in the world; and definitely not for me).

I believe it's called "paying your dues", and I believe it's considered standard practice at most major companies.

Actually, I'd say at most good companies, it's understood that someone with significant work experience behind them doesn't start again at the bottom... (especially when you're trying to lure them away from a job they're already quite happy in with no plans to leave)

Re:Paying your dues

[tepples]

I'd say at most good companies, it's understood that someone with significant work experience behind them doesn't start again at the bottom

Even if the work experience is in a different industry, such as accounting software vs. video games? I'm trying to figure out what you meant by "significant".

Re:Paying your dues

[YttriumOxide]

I'd say at most good companies, it's understood that someone with significant work experience behind them doesn't start again at the bottom

Even if the work experience is in a different industry, such as accounting software vs. video games?

Yes and no... depending on the actual work the person has done. I appreciate the vast differences between accounting software and video games of course; but I don't accept that someone who has spent ten years working on the networking code of accounting software would need to go in as a junior in the game industry - I'd put them mid-level working on network code in the games (the probationary period would determine if they really can do it or not). If they wanted to completely change over and start doing game AIs or something like that, then I'd probably put them a bit more junior, but that'd be their call.

I'm trying to figure out what you meant by "significant".

In my case, I'm a software developer and have been one for the last ten and a half years. Before that, I was primarily in third-level support kind of roles. Most recently (around a year and a bit now), I've become the senior developer / development supervisor at my company and spend a lot of my time discussing specifications; product planning and so forth in addition to managing my team and also writing code (still about 45% of my time). Even before I become the development supervisor, I still spent some time on product planning and specifications; just in a less formal degree than I do now.

The industry I work in is definitely not in Google's realm - I write software that deals with user management, scanning and printing for MFP devices. Quite different to Google; but my skills would transfer to some of their projects quite well and I think I could make significant contributions on fleshing out new projects also (Google always have new things in the pipeline).

Suffice to say, I don't actually care so much - I'm very happy where I am and I consider it their loss, not mine.

Multiple providers of SLAs for a FLOSS product

[tepples]

With closed source you can leverage the SLA's between yourself and the vendor

With closed source, there is only one provider of such SLAs for each product. With open source, you can leverage the competition among several companies that offer SLAs for a given open source platform. For example, one can choose Red Hat, Oracle, or Canonical to support a Linux deployment.

M$ can blow my Fish!

Eat that!

But will the 1K Certs come in Spearmint?

[Dubious+Maximus]

I'm not sure a kilobyte-strength Cert would be strong enough to freshen the breath of some of the people I've worked with...

Something's not right here...

[Puppet+Master]

According to GlobalSign (one of the largest CA's), they stopped issuing 1024bit keys back in 2010... The lowest encryption they (and most CA's) use now is 2048bits. https://www.globalsign.com/support/faq/sslfaq.php All orders placed from November 29th 2010 will only be accepted with a CSR key length of 2048 bits or higher. This is to fully comply with the National Institute of Standards and Technology Recommendations (NIST) and the mandatory requirements by Microsoft's Root Certificate Program to issue Certificates from a minimum of 2048 bits by January 1, 2011. Maybe it's related to the Y1969 bug :)