Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Linux Security, In Light of NSA Crypto-Subverting Attacks?

Posted by timothy on from the go-ask-theo-de-raadt dept.

New submitter deepdive writes "I have a basic question: What is the privacy/security health of the Linux kernel (and indeed other FOSS OSes) given all the recent stories about the NSA going in and deliberately subverting various parts of the privacy/security sub-systems? Basically, can one still sleep soundly thinking that the most recent latest/greatest Ubuntu/OpenSUSE/what-have-you distro she/he downloaded is still pretty safe?"

8 of 472 comments (clear)

  1. Ken Thompson, Anyone? by Jeremiah+Cornelius · · Score: 5, Interesting

    You can not add security, later.

    In Unix systems, there’s a program named “login“. login is the code that takes your username and password, verifies that the password you gave is the correct one for the username you gave, and if so, logs you in to the system.

    For debugging purposes, Thompson put a back-door into “login”. The way he did it was by modifying the C compiler. He took the code pattern for password verification, and embedded it into the C compiler, so that when it saw that pattern, it would actually generate code

    that accepted either the correct password for the username, or Thompson’s special debugging password. In pseudo-Python:

        def compile(code):
            if (looksLikeLoginCode(code)):
                generateLoginWithBackDoor()
            else:
                compileNormally(code)

    With that in the C compiler, any time that anyone compiles login,

    the code generated by the compiler will include Ritchie’s back door.

    Now comes the really clever part. Obviously, if anyone saw code like what’s in that

    example, they’d throw a fit. That’s insanely insecure, and any manager who saw that would immediately demand that it be removed. So, how can you keep the back door, but get rid of the danger of someone noticing it in the source code for the C compiler? You hack the C compiler itself:

        def compile(code):
            if (looksLikeLoginCode(code)):
                generateLoginWithBackDoor(code)
            elif (looksLikeCompilerCode(code)):
                generateCompilerWithBackDoorDetection(code)
            else:
                compileNormally(code)

    What happens here is that you modify the C compiler code so that when it compiles itelf, it inserts the back-door code. So now when the C compiler compiles login, it will insert the back door code; and when it compiles

    the C compiler, it will insert the code that inserts the code into both login and the C compiler.

    Now, you compile the C compiler with itself – getting a C compiler that includes the back-door generation code explicitly. Then you delete the back-door code from the C compiler source. But it’s in the binary. So when you use that binary to produce a new version of the compiler from the source, it will insert the back-door code into

    the new version.

    So you’ve now got a C compiler that inserts back-door code when it compiles itself – and that code appears nowhere in the source code of the compiler. It did exist in the code at one point – but then it got deleted. But because the C compiler is written in C, and always compiled with itself, that means thats each successive new version of the C compiler will pass along the back-door – and it will continue to appear in both login and in the C compiler, without any trace in the source code of either.

    http://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a/

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
    1. Re:Ken Thompson, Anyone? by Anachragnome · · Score: 5, Interesting

      "The moral is obvious. You can't trust code that you did not totally create yourself...."

      I agree, but that doesn't really help us in the real world--writing our own code doesn't reasonably work out for most people. So, what's the solution to your dismal conclusion? Ferret out those that cannot be trusted--doing so is the closest we will ever come to being able to "trust the code".

      So, how does one go about ferreting out those that cannot be trusted? The Occupy Movement had almost figured it out, but wandered around aimlessly with nobody to point a finger at when they should have been naming names.

      The NSA has made it clear that making connections--following the metadata--is often enough to get an investigation started. So why not do the same thing? Turn the whole thing around? Start focusing on their networks. I can suggest a good starting point--the entities that train the "Future Rulers of the World" club. The "Consulting Firms" that are really training and placing their own agents throughout the global community. These firms are the world's real leaders--they have vast funding and no real limitations to who and where they exert influence. In my opinion, they literally decide who runs the world.

      Pay close attention to the people associated with these firms, the inter-relatedness of the firms and the other organizations "Alumni" end up leading. Pay very close attention to the technologies involved and the governments involved.

      Look through the lists of people involved, start researching them and their connections...follow the connections and you start to see the underlying implications of such associations. I'm not just talking the CEO of Redhat (no, Linux is no more secure then Windows), but leaders of countries, including the US and Israel.

      http://en.wikipedia.org/wiki/Boston_Consulting_Group

      http://en.wikipedia.org/wiki/McKinsey_and_Company

      http://en.wikipedia.org/wiki/Bain_%26_Company

      THIS is the 1%. These are the perpetrators of NSA surveillance, to further their needs...NOT yours. People with connections to these firms need to be removed from any position of power, especially government. Their future actions need to be monitored by the rest of society, if for no other reason then to limit their power.

      As George Carlin once put it so well..."It's all just one big Club, and you are not in the fucking club."

    2. Re:Ken Thompson, Anyone? by Trax3001BBS · · Score: 5, Interesting

      Moral

      The moral is obvious. You can't trust code that you did not totally create yourself..... A well installed microcode bug will be almost impossible to detect.

      http://cm.bell-labs.com/who/ken/trust.html

      You and the submitter in on this one? As the answer is a resounding NO.

      A well installed microcode bug will be almost impossible to detect.

      For people like me that didn't know, microcode can also be known as firmware, bios update
      or "code in a device" http://en.wikipedia.org/wiki/Microcode

      Ken Thompson's Acknowledgment

      I first read of the possibility of such a Trojan horse in an Air Force critique (4) of the security of an early implementation of Multics.

      (4.) Karger, P.A., and Schell, R.R. Multics Security Evaluation: Vulnerability Analysis. ESD-TR-74-193, Vol II, June 1974, p 52.

      So in theory you can't even trust the code you write as your video card could change it.

      --
      If you aren't paranoid yet, just wait

    3. Re:Ken Thompson, Anyone? by ron_ivi · · Score: 5, Interesting

      Perhaps he's thinking to configure it so you only have to trust the Russian *or* US government. Dunno how it'd work for compute nodes --- but if you have 1 Russian Firewall in front of one US firewall in front of one Chinese firewall -- it seems you could set up a network where unless all 3 of them collude your combo-firewall is safe.

  2. nothing's safe, but there are obvious things to do by hedrick · · Score: 5, Interesting

    No, but there's no reason to think that Linux is worse than anything else, and it's probably easier to fix.

    If I were Linus I'd be putting together a small team of people who have been with Linux for years to begin assessing things. From Gilmour's posting it seems clear that IPsec and VPN functionality will need major change. Other things to audit include crypto libraries, both in Linux and the browsers, and the random number generators.

    But certainly some examination of SELinux and other portions are also needed.

    I don't see how anyone can answer the original question without doing some serious assessment. However I'm a bit skpetical whether this problem can actually be fixed at all. We don't know what things have been subverted, and what level of access the NSA and their equivalents in other countries have had to be code and algorithm design. They probably have access to more resources than the Linux community does.

  3. Re:Not much worry with a source build by SuricouRaven · · Score: 5, Interesting

    Backdooring a CPU wouldn't actually be that difficult. You'd need it to recognise a specific command sequence (128-bits long should do it) when reading memory to trigger the backdoor - that way you could activate it by sending a network packet, or reading external media, or routing traffic. And all the backdoor needs to do is run a simple 'set instruction pointer to immediately after this trigger.' It'd be impossible to defend against short of using an un-backdoored CPU to filter the trigger out, and even then it could be snuck through in an SSL session or a fragmented packet.

    And best of all, it would *never* be detected. The schematics for a CPU are practically impossible to reverse-engineer from the masks, and both schematics and masks are strictly internal company property. Plus the number of people who could understand them in enough detail to spot a backdoor without years of specialist study could probably fit in one conference hall.

  4. Re:Not much worry with a source build by budgenator · · Score: 5, Interesting

    One of our advanatages is that I'm sure the Russians don't want NSA backdoors in Linux, and the NSA doesn't want Russian backdoors in Linux and neither want Chinese Backdoors and simalarly the Chinese want neither NSA or Russian backdoors. After all of this "Spy vs. Spy" Linux is unlikely to have backdoors. If your requirements are great enough that unlikely isn't good enough your probably shit outa luck because nothing will be good enough for you.

    --
    Apocalypse Cancelled, Sorry, No Ticket Refunds
  5. Remember this? by Voline · · Score: 5, Interesting
    Remember this? In December 2010 there was a scandal when a developer who had previously worked on OpenBSD wrote to Theo de Raadt and claimed that the FBI had paid the company he had been working with at the time, NETSEC Inc (since absorbed by Verizon), to insert a backdoor into the OpenBSD IPSEC stack. They particularly pointed to two employees of NETSEC who had worked on OpenBSD's cryptograhpic code, Jason Wright and Angelos Keromytis. In typically open-source fashion, de Raadt published the letter on an OpenBSD mailing list. After the team began a code audit de Raadt wrote,

    "After Jason left, Angelos (who had been working on the ipsec stack alreadyfor 4 years or so, for he was the ARCHITECT and primary developer of the IPSEC stack) accepted a contract at NETSEC and (while travelling around the world) wrote the crypto layer that permits our ipsec stack to hand-off requests to the drivers that Jason worked on. That crypto layer contained the half-assed insecure idea of half-IV that the US govt was pushing at that time. Soon after his contract was over this was ripped out. ...

    "I believe that NETSEC was probably contracted to write backdoors as alleged."

    I'd like to find a more recent report of what they found.