Slashdot Mirror
Ask Slashdot: Linux Security, In Light of NSA Crypto-Subverting Attacks?
New submitter deepdive writes "I have a basic question: What is the privacy/security health of the Linux kernel (and indeed other FOSS OSes) given all the recent stories about the NSA going in and deliberately subverting various parts of the privacy/security sub-systems? Basically, can one still sleep soundly thinking that the most recent latest/greatest Ubuntu/OpenSUSE/what-have-you distro she/he downloaded is still pretty safe?"
I think there's even a law for this kind of reply...
The big worry is not building from source, but builds delivered by companies like Ubuntu, which you have absolutely no guarantee are actually built from the same source that they publish. Ditto Microsquishy, iOS, Android, et. al.
The big concern is back doors built into distributed binaries.
I do not fail; I succeed at finding out what does not work.
Short of writing it all yourself, I think OpenBSD is as close as you will find to a useful OS you can trust.
i never understood why people go for AES. clearly, if NSA recommends it, in my view it is something to be avoided (i personally go for twofish instead). in ubuntu, ecryptfs uses aes by default, so i would not trust that.
You can sleep soundly if your computer is off and/or unplugged. Otherwise, you should always be on your guard.
Keep your confidential data behind multiple levels of protection, and preferentially disconnected when you are not using it. Never trust anything that is marketed at 100% safe. There will always be bugs to be exploited, if nothing else.
A healthy level of paranoia is the best security tool...
morcego
You have to trust the integrity of Linus and the core developers.
If any of them let in such major flaws they would be found out fairly quickly... and that would destroy the reputation of the subsystem leader, and he would be removed.
Having the entire subsystem subverted would cause bigger problems.. but more likely the entire subsystem would be reverted. This has happened in the past, most recently, the entire changes made for Android were rejected en-mass. Only small, internally compatible changes were accepted, and these went through the usual analysis, and (rather severe) modifications to make them compatible.
It is possible that this is part of the reason IPsec has never been accepted in the kernel networking code.
You can not add security, later.
In Unix systems, there’s a program named “login“. login is the code that takes your username and password, verifies that the password you gave is the correct one for the username you gave, and if so, logs you in to the system.
For debugging purposes, Thompson put a back-door into “login”. The way he did it was by modifying the C compiler. He took the code pattern for password verification, and embedded it into the C compiler, so that when it saw that pattern, it would actually generate code
that accepted either the correct password for the username, or Thompson’s special debugging password. In pseudo-Python:
def compile(code):
if (looksLikeLoginCode(code)):
generateLoginWithBackDoor()
else:
compileNormally(code)
With that in the C compiler, any time that anyone compiles login,
the code generated by the compiler will include Ritchie’s back door.
Now comes the really clever part. Obviously, if anyone saw code like what’s in that
example, they’d throw a fit. That’s insanely insecure, and any manager who saw that would immediately demand that it be removed. So, how can you keep the back door, but get rid of the danger of someone noticing it in the source code for the C compiler? You hack the C compiler itself:
def compile(code):
if (looksLikeLoginCode(code)):
generateLoginWithBackDoor(code)
elif (looksLikeCompilerCode(code)):
generateCompilerWithBackDoorDetection(code)
else:
compileNormally(code)
What happens here is that you modify the C compiler code so that when it compiles itelf, it inserts the back-door code. So now when the C compiler compiles login, it will insert the back door code; and when it compiles
the C compiler, it will insert the code that inserts the code into both login and the C compiler.
Now, you compile the C compiler with itself – getting a C compiler that includes the back-door generation code explicitly. Then you delete the back-door code from the C compiler source. But it’s in the binary. So when you use that binary to produce a new version of the compiler from the source, it will insert the back-door code into
the new version.
So you’ve now got a C compiler that inserts back-door code when it compiles itself – and that code appears nowhere in the source code of the compiler. It did exist in the code at one point – but then it got deleted. But because the C compiler is written in C, and always compiled with itself, that means thats each successive new version of the C compiler will pass along the back-door – and it will continue to appear in both login and in the C compiler, without any trace in the source code of either.
http://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a/
"Flyin' in just a sweet place,
Never been known to fail..."
or "Privacy" anymore. Perhaps there hasn't been for the last decade or so. We just didn't know at the time. ---- Enjoy your 21st Century. As long as people fail to defend their basic rights, there will not be such a thing as "security" or "privacy" again. My 2 Cents...
Why did the chicken cross the road? Because Elon Musk put an AI chip in its head.
There was recently a bit of a kerfuffle over RdRand.
Matt Mackall, kernel hacker and Mercurial lead dev, quit Linux development two years ago because Linus insulted him repeatedly. Linus called Matt a paranoid idiot because Matt would not allow RdRand into the kernel, because it was an Intel CPU instruction for random numbers that could not be audited. Linus thought Matt's paranoia was unwarranted and wanted RdRand due to improved performance. Recently Theodore T'so has undone most of the damage, but call RdRand still exist in Linux. I do not understand exactly if there are lingering issues or not.
It's sad but you can't trust any mainstream Linux distro created by a US company, and you likely can't trust any created in other countries either. I'm not saying that as a pro-windows troll because you can trust MS's efforts even less.
I believe you can trust OpenBSD totally but it lacks many of the features and much of the convenience of the main Linux distros. It is rock solid and utterly secure though, and the man pages are actually better than any Linux distro I've ever seen.
The possibly bigger problem is that no matter what OS you use you can't trust SSL's broken certificate system either because the public certificate authorities are corruptible. And before someone says create your own CA, sure, for internal sites, but you can't do that for someone else's website.
If the powers that be had their way, you would do nothing but lie in your bed with the sheets pulled up around your chin, your eyes darting left and right. Nice life you have there. It would be a shame if something... happened to it.
Meanwhile, if you care about keeping your data private, don't use encryption and think that you can just trust it all to keep it hidden. Your data might be safe, it might not. Be smarter. Learn from baseball players. They keep their signals safe, and they don't even need a computer to do it.
It's possible the NSA did something bad to the code, but it's not likely and it won't last.
For the "not likely" part, code accepted into Linux projects tends to be reviewed. The NSA can't be too obvious about any backdoors or holes they try to put in, or at least one of the reviewers is going to go "Hey, WTF is this? That's not right. Fix it.". and the change will be rejected. That's even more true with the kernel itself where changes go through multiple levels of review before being accepted and the people doing the reviewing pretty much know their stuff. My bet would be that the only thing that might get through would be subtle and exotic modifications to the crypto algorithms themselves to render them less secure than they ought to be.
And that brings us to the "not going to last" part. Now that the NSA's trickery is known, the crypto experts are going to be looking at crypto implementations. And all the source code for Linux projects is right there to look at. If a weakness were introduced, it's going to be visible to the experts and it'll get fixed.
That leaves only the standard external points of attack: the NSA getting CAs to issue it valid certificates with false subjects so they can impersonate sites and servers, encryption standards that permit "null" (no encryption) as a valid encryption option allowing the NSA to tweak servers to disable encryption entirely, that sort of thing. There's no technical solution to those, but they're easier to monitor for.
The NSA doesn't really need to have backdoors written into the systems, they have a lot of exploits in their bag of tricks that they've bought or found. Unfortunately the NSA only needs to find one exploit, but truly secure systems we need to find and fix them all :/
Every encryption protocol you use has been sabotaged to be readable by them. You dont really think they will try 200 trillion keys to break your stream do you?
No. They modified the protocols, (to make them more secure) and of course never explained the changes. They just mandated it.
Even the almighty NSA with it's insanely high budget can't crack all the encryption. But it does make me wonder if I should avoid everything they recommend.
I suspect the NSA has developed custom hardware for the more common encryption types. Custom hardware was shown to work extremely well on DES by deep crack. http://en.wikipedia.org/wiki/EFF_DES_cracker
The big concern is back doors built into distributed binaries.
And what about the hardware? And how can you be sure the compilers aren't putting a little something extra into the binaries. There are so many places for NSA malware to hide it's scary. Could be in the BIOS, could be in the keyboard or graphics firmware, could be in the kernel placed there by a malicious compiler. Could be added to the kernel if some other trojan horse is allowed to run. And just because the kernel, etc. are open source doesn't mean they have perfect security. The operating system is incredibly complex, and all it takes is one flaw in one piece of code with root privileges (or without if a local privilege escalation vulnerability exists anywhere on the system, which it surely does), and that can be exploited to deliver a payload into the kernel (or BIOS, or something else). Really, if the NSA wants to see what you're doing on your Linux system, rest assured, they can.
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
No, but there's no reason to think that Linux is worse than anything else, and it's probably easier to fix.
If I were Linus I'd be putting together a small team of people who have been with Linux for years to begin assessing things. From Gilmour's posting it seems clear that IPsec and VPN functionality will need major change. Other things to audit include crypto libraries, both in Linux and the browsers, and the random number generators.
But certainly some examination of SELinux and other portions are also needed.
I don't see how anyone can answer the original question without doing some serious assessment. However I'm a bit skpetical whether this problem can actually be fixed at all. We don't know what things have been subverted, and what level of access the NSA and their equivalents in other countries have had to be code and algorithm design. They probably have access to more resources than the Linux community does.
I would not be surprised if visionaries and leaders of the computer industry, including FOSS, turn out to be generals, admirals and colonels. And that the leading technological companies are just the departments of the single organization.
We are being told - and some of us suspected as much for a very long time - that the NSA &Co track everything we do, and have the ability de-encrypt much of what we think is secure; whether through brute force, exploits, backdoors, or corporate collusion.
Surely we should also assume that there are other criminal and/or hacker groups with the resources or skills to gain similar access? Another case of "once they know it can be done, you can't turn back."
I honestly believe that we're finally at the point where the reasonable assumption is that nothing is secure, and that you should act accordingly.
Three Squirrels
I think that depends on what keeps you up at night.
In one of the earlier stories today there was a post making all sorts of claims about compromised software, bad actors, and pointing to this paper: A Cryptographic Evaluation of IPsec. I wonder if anyone bothered to read it?
IPsec was a great disappointment to us. Given the quality of the people that worked on it and the time that was spent on it, we expected a much better result. We are not alone in this opinion; from various discussions with the people involved, we learned that virtually nobody is satised with the process or the result. The development of IPsec seems to have been burdened by the committee process that it was forced to use, and it shows in the results. Even with all the serious critisisms that we have on IPsec, it is probably the best IP security protocol available at the moment. We have looked at other, functionally similar, protocols in the past (including PPTP [SM98, SM99]) in much the same manner as we have looked at IPsec. None of these protocols come anywhere near their target, but the others manage to miss the mark by a wider margin than IPsec.
I even saw calls for the equivalent of mole hunts in the opens source software world. What could possibly go wrong?
Criminals, vandals, and spies have been targeting computers for a very long time. Various types of security problems have been known for 40 years or more, yet they either persist or are reimplemented in interesting new ways with new systems. People make a lot of mistakes in writing software, and managing their systems and sites, and yet the internet overall works reasonably well. Of course it still has boatloads of problems, including both security and privacy issues.
Frankly I think you have much more to worry about from unpatched buggy software, poor configuration, unmonitored logs, lack of firewalls, crackers or vandals, and the usual problems sites have than from a US national intelligence agency. That is assuming you and 10 of your closes friends from Afghanistan aren't planning to plant bombs in shopping malls, or try to steal the blueprints for the new antitank missiles. Something to keep in mind is that their resources are limited, and they have more important things to do unless you make yourself important for them to look at. If you make yourself important for them to look, a "secure" computer won't stop them. You should probably worry more about ordinary criminal hackers, vandals, and automated probe / hack attacks.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
Hmmm - all of a sudden this looks interesting again:
http://news.cnet.com/8301-31921_3-20025767-281.html
No one will bother with unencrypted text as it will be assumed to have nothing interesting. If a computer scanning your text and forgetting it bothers you, hide the real text inside other boring text. Obscurity by tedium.
Yes, it's "pretty safe". It's not absolutely safe or guaranteed to be safe. But if your other alternative is a hidden-source OS, especially one in US jurisdiction, then OSS is "pretty safe."
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Don't forget that there are concerns in the hardware as well. Are you using NVIDIA chip, a ATI chip, a non-atheros wireless chip, a non-HP printer (and even if it is HP in many cases), etc. All these things have non-free code where shit hides. Then there is also Chrome, Adobe Flash, Adobe Reader, Skype, and a number of other non-free components in most distributions. You have to be really careful. You may want to check out Trisquel. It's based on Ubuntu, compiled from scratch, patched for free software reasons, and some privacy related ones.
Digitial Forensics for Prosecutors presentation suggests Truecrypt has a backdoor.
http://www.techarp.com/showarticle.aspx?artno=770&pgno=0
10000 laptops are stolen at airports every year. Presumably, they are off when that happens.
The NSA is not your problem; you are not important enough to be a target. When thinking about security, thieves are your problem. Theft happens, and happens often. Your computer is far more likely to get stolen than to be inflitrated by the NSA. And the solution is to encrypt your hard drive. Without encryption the thief will have access to everything you normally access from the computer - like your bank account. You wouldn't want that, would you? Today's CPUs all have AESNI support, so there is no excuse for not encrypting your laptop's hard drive. Do it today and get some financial peace of mind.
Absolute Anonymity is a weapon of mass destruction and will never be allowed by any government.
Who said that?
-- Prepared at the direction of, or to be sent to Legal Counsel, in anticipation of litigation. Attorney Client Pri
I'm sure they go beyond that. I'm picturing full-length PCI cards with thirty-two cores each, packed sixteen to a 2U box, and a warehouse full of them. All running at 3GHz. Crypto-cracking needs crazy amounts of processing power, but very little network communications. If you wanted to, you could network them all on 10baseT.
And a watercooling system - because the smaller the facility is from the outside, the less any potential opponents will estimate your capabilities to be. Plus it'd be cheaper than trying to air-cool something like that, even on hot/cold aisles.
The good news is that for linux, this can, in theory, be audited.
For Windows...no. Not a hope. None. At all. Likewise OSX.
Which means that any and every government that might possibly have any future dispute with the US is, right now, going over all their Windows servers and desktops in the military. diplomatic and intelligence services to see how much they can replace.
It'll take months just to write up the reports, and months more to run through the political commitees, and even then it'll be very undiplomatic to openly admit the reason for the switch - but in a year or so, I think we are going to see a lot of governments decide that linux is more 'cost effective' in sensitive roles.
they destroyed my trust in anything, i dont trust any operating system and software anymore, i dont trust the internet or any encryption method, the US Govt and all its elements have been proven to be a criminal gang of fascist kleptocratic totalitarian warmongering pigs.
Politics is Treachery, Religion is Brainwashing
Everyone on this thread is concerned with the possibility of nsa backdoors code but from my understanding the attack is much more insidious and the consequences much more severe than just a backdoor that only the nsa could use. By hiring most of the wrolds talent in cryptography and then deliberately having them design algortihms and code that is not as secure as it could be, or it should be then are they not only leaving everyone open to attack just by the NSA but from anyone else as well.
Define 'safe'.
http://qubes-os.org/trac/wiki/QubesArchitecture
Compartmentalize the high-risk parts of the OS (like network and X11) into separate VMs that each get access to only the hardware they need via the IOMMU.
Then you make it easy to use the hypervisor to graphically create separate color-coded domains: personal info, banking etc. go into one domain; work-related stuff into another; general browsing and other higher-risk stuff go into a third. The app windows from each of these "app domains" appears with the corresponding border color.
If your network stack becomes compromised, the infection goes away when you reset the netVM or reboot the system. Same goes for the display, and for the disposable app VMs. Theoretically, nothing should be able to touch your Dom0 hypervisor or your other domains... or at least that task becomes extremely difficult for an attacker.
You need certain late-model systems to take advantage of these security features, though.
you are not important enough to be a target.
Wrong. You may become important in the future. So you are important enough to target. They are collecting data on everyone, and holding on to it. They just might not be actively going through all the data from everyone (or they might be, if they have enough computing power). But if it's recorded it doesn't really matter if they do it today or in 20 years. They've got you. "If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him." --Richelieu
Seven puppies were harmed during the making of this post.
http://vimeo.com/18279777
http://cr.yp.to/talks/2010.12.28/slides.pdf
(Bernstein on Elliptical curve cryptography.)
Need Mercedes parts ?
Seriously, the NSA will help protect you from anyone but themselves. As long as the NSA has nothing to do on your box, they will do their utmost to prevent foreign intelligence, hackers and other mischievous individuals gaining entrance to the average Linux distribution. Even if they do have something to do on your box, they'll still try to keep others out. Now if you want to hide your stuff from the NSA, you will have to do a bit more than just run an up to date linux distribution. It doesn't really matter what you run, they will probably have researched it, or it will be so small that it will be hard to find useful applications for it....
I was promised a flying car. Where is my flying car?
Correction: Only some Atom chips have AESNI. Not all models. That's an issue with netbooks, where processor speed can easily become a bottleneck.
I'd like to find a more recent report of what they found.
Yes it will be fun as diplomats spin up their international story telling skills on their embassy equipment and create believable plots.
Their intelligence services will sit back waiting for the first hint of their work to drop into the press.
Domestic spying is now "Benign Information Gathering"
Politics is expensive and risky. Deals done, groups supported and experts have pasts. Over time you have a lot of exstaff who just know too much and might be tempted to talk to the press or write a book without that expected 30-50 year gap.
That ability to get to the publisher in time existed till the early 1980's
Its really just a keyword hunt for past and existing projects to save embarrassment and legal issues.
Better to find the press/staff/political activism/conscience before it is published and do a deal or have your spin ready.
Domestic spying is now "Benign Information Gathering"
I have always been an Advocate of using Serpent over Rinjdael, which eventually became AES, simply because Serpent's higher security level was never in doubt; Rinjdael was chosen primarily because it is faster. However, in light of all this news, I think People should jump ship to Serpent on principle.
improving a single ASIC design for breaking it.
On the other hand, computer technology and cryptography have advanced to the point where crypto-algos are so complex that it would require more than the universe' worth of energy for exhaustively brute-force the whole key-space (or at least we're quickly approaching this point).
Currently, breaking crypto isn't done by trying to built faster machine to make more brute-force tries pers nanosecond. Instead it's done:
- by circumventing the crypto: breaking the software it self so generate broken cryptography (remember the broker SSL keygen in Debian making relatively predictible keys?) or having exploits leading to leaks of plaintext before encryption.
- by finding flaws in the algorithm itself: finding weakpoints so that you don't actually have to scan the whole key space in brute force, but instead have only a reduced set of possible way to break it, thus making it feasible before universe heat death.
we should be using hundreds of different algorithms.
On the other hand you should be using algorithms which have been thoroughly studied and examined by the academics and for which we have a high level of confidence that the maths are sound and no shortcut could be developped.
And you should implementation which have been throughly reviewed against bugs.
Using a dozen of well done encryption algo could be a good idea.
Moving to the thousands: you dilute the amount of eyeball looking for bugs and thus have a higher risk that some algo or implementation haven't been reviewed enough and might actually be flawed.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
10000 laptops are stolen at airports every year. Presumably, they are off when that happens.
The NSA is not your problem; you are not important enough to be a target. When thinking about security, thieves are your problem. Theft happens, and happens often. Your computer is far more likely to get stolen than to be inflitrated by the NSA. And the solution is to encrypt your hard drive. Without encryption the thief will have access to everything you normally access from the computer - like your bank account. You wouldn't want that, would you? Today's CPUs all have AESNI support, so there is no excuse for not encrypting your laptop's hard drive. Do it today and get some financial peace of mind.
Ok, I till give you the-best-secure-computer-is-the-one-off-locked-in-a-safe-in-the-bottom-of-a-salt-mine award. However, everyone is currently on the NSA radar. If not for terrorism for some other reason, so to say that you are more likely to lose data to theft than the NSA is impossible to prove. Encryption won't get your laptop back from a thief. Even if they can't get at the data you're still without data or a computer. How is that financial piece of mind? Mod parent down for lack of critical thinking.
Even the almighty NSA with it's insanely high budget can't crack all the encryption.
If you're an American you better hope that's *NOT* true and hope that we get them off spying domestically. So to rebut, yes they can (remember hardware is only part of the encryption breaking; smart people with better algorithms is another piece). If it exists they have broken it.
Isn't the compiler software?
And doesn't the compiler target an architecture?
And isn't that architecture rife with microcode you never see?
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
Nonsense. IPSec was killed by them by making it weak and complicated, true. (Which counts as a severe attack on critical infrastructure in my book and makes them a lot more immoral and dangerous than any terrorist organization.) But to read most messages, they just have to compromise SSL certificates and they likely have done that for all commercial certificate providers by cooperation, coercion and plain old criminal hacking. Any expert knows that self-signed certificates have been a lot more secure for a long time now.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I have reviewed some, and what a terrible, terrible collection of beginner's mistakes it was. This is not the NSA having god-like powers. This is most commercial software being incredible bad with regard to security. Add to that the broken, NSA compromised SSL CA system, and you get the current claims, all without any backdoors in OSes (no, not even Windows).
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
...perhaps it is time to dust off my old Apple II?
Probably submerged mineral oil cooling since water cooling 16 pci cards might be difficult.
The reason you can boot from a raid card or network is because the BIOS loads and runs BIOS modules from those cards. You may be familiar with the Linux kernel, where most of the functionallity is in modules that become part of the kernel. BIOS is the same. One differentiator between a server motherboard and a consumer one is how much BIOS memory it has, to load modules from many different pieces of hardware. I have one machine with at least four different pieces of hardware that include BIOS. MOST of the BIOS on that machine didn't come with the motherboard.
For the Linux kernel, that's how development is done already, for quality control and bloat reduction. Nobody can commit by themselves, it takes at least three people to get a change into mainline. Each developer has their own copy of the tree into which changes are pulled, so they can see all changes that are made, and who made them.
For each part of the kernel, there are a number of people particularly interested in that bit who watch it and work on it. For example, the people making NAS and SAN devices and services keep a close eye on the storage subsystems. Myself, I watch the cm storage stack generally, more specifically LVM, and even more specifically snapshots. There are a few dozen people around the world with special interest in that particular part of the code. No backdoors will come in without some of us spotting it. What COULD happen is that some code could come in that isn't quite as secure as it could be.
It just so happens that I'm a security professional who uses advanced Linux storage systems for a security product called Clonebox, so that's at least one security professional closely watching that part of the code. Thousands of others watch the other parts.
It's convenient that a lot of the development is done by companies like Netapp, Amazon (S3) and Google. You can bet that when Amazon submits code, Netapp and Google are looking closely at it. When RedHat submits something, Canonical will point out any reasons it shouldn't be accepted.
No matter how safe you think something is, you should always assume someone else has broken it. That is, don't do anything with your computer that you don't want the NSA to see.
but fairly unlikely, at least not in the way you describe, with a "specific command sequence". 1) its at too low a level to be really useful as a backdoor, not without the help of backdoor software higher up, but then what's the point? there are already many "backdoor"-like ways to gain privileges as long as the software is there to support them, 2) it would have to be designed to NOT slow the CPU down or take up obvious chip real estate... the CPU biz is so competitive that any extra overhead of either type would make that chip less competitive in the market.
Don't blame me, I voted for Kodos.
When RedHat submits something, Canonical will point out any reasons it shouldn't be accepted.
I had a good laugh when I read this.
Red Hat employs hundreds of software engineers, contributing a lot to the entire Linux ecosystem. Canonical's resources in terms of code contribution are laughable in comparison and being a streamlined business Cacnonical has few, if any, resources to review third party code. They are happy to ride along, but the number of people at Canonical who actually write and read code outside the shiny UI field are hardly those with the expertise to review low level kernel code.
Over the years the NSA has contributed what seemed like positive things to computer security in general, and Linux specifically. They have helped correct some algorithms to make them more secure, and implemented things like SELinux.
However, now that their other actions and intentions have been starkly revealed, any and all things the NSA does (and has done) are now cast into steep doubt. Which is unfortunately because the NSA has a lot of really smart cryptographers and mathematicians that could greatly contribute to information security.
Now, however, their ability to contribute in any positive way to the open source community, or even to the industry at large, is gone forever. No one will trust them again. A sad loss for them, but also a potential loss for everyone. Nothing will quite be the same from here on out. And in the long run, without the help of smart, honest mathematicians and cryptographers, our security across the board will suffer. It's not the the revelations caused the damage, but that the NSA sabotaged things. Shame on them. Kudos to Snowden for helping us learn the extent of the damage.
The binary releases for Ubuntu or any other Linux should be compiled from scratch (including compiling the compiler) by many trusted people (not a one company) and then the binary code should be compared. NSA will definitely want to hire the people that are responsible for creating binary distributions for Linuxes, as their secret agents. So we should make sure there are many of them and they are of high morality.
No, the NSA has pretty much blacklisted not just Open BSD, but all the BSD's over Theo's opposition to them. So if one is paranoid about the NSA, just go w/ any one of the BSDs, they simply don't touch it. And since they don't support BSD devs, one can be sure that BSD devs don't build in any back doors for them.
The perfect GNU CPU would be a VLIW CPU. The FSF could try & get the HDLs from whoever owns the VLIW core of Transmeta's Crusoe, and put them under GPL3. Then they could try working w/ a fab on creating a CPU based on this - not the x86 part, mind you, just the VLIW core.
From that point, they could create their own VLIW CPUs every time, and since it's a pure VLIW and not EPIC/RISC, all programs would have to be recompiled every time a new CPU is out. The FSF can also work to ensure that there are no backdoors or anything, and then also work on getting their 'Libre-Linux' or HURD on this platform. For compiler, they'd have the good ole GCC. Sounds so hunky dory - they should try it.
Being one of those liberal hippies you seem to be attempting to blame for "Republican Military-Industrial Complex Elitism As Usual" let me speak on our behalf:
No. Mr. O does not speak for me. Mr. O is just another "Republican Moderate" in allegedly liberal clothing [if he had been a *real* liberal he would have gotten us the "Single Provider" [aka Socialist} version of healthcare like all reasonable western countries have rather than the Capitalist "bend over, here's the bill" Romney-care.
I do not support Mr. Obama and his Republican backers in regards to spying and their violation of privacy and free speech. I have to ask tho': Is your memory so short? The NSA making war on the American People has nothing to do with a particular politician... I'm sure that if Romney-bama had won it would be exactly the same [except Snowdon might have gotten a drone strike] Don't you get it? Or are you just one of those who can't think any further that "the wise words" of Limbaugh, Beck, or Hanity? All that has happened is Obama has become Bush III. [or should we say Nixon IV? All this stuff began under Bush II and probably even Bush I [since he was an ex Director CIA]....
Our allegedly two party system is actually two faces of the same 1% Capitalists -- who believe that lying, cheating, stealing, and sticking their nose in to the lives of the proles is acceptable to their comfort... after all they aren't snooping on each other are they? -- Except to get what they want... Which is how Mr O. has become "a Liberal that Joe McCarthy could love"(TM)... How many of our "Freedom loving" Republicans or Or "I am a rugged individualist Tea DoucheBagger" are actually saying "this is "wrong and I'm writing veto proof legislation to kill the spying"? Where is the Republican or conservative Congressional censure? Look! There IS none! Most of your Conservative friends are cheering this on... Welcome to the Barry Goldwarter 1984...
Just wait till the morals proctors get a hold on this stuff then we'll have the Scarlett Alphabet of offenses against the state
Mister O. does not make laws. Congress does. Where is your outrage at the violation of the constitution? Why aren't you throttling your Congress with questions like: Where does it say in the constitution there is a guarantee to the government that "State Secrets" is a free pass to tyranny or violating the constitution? You see? Everything your "Douchebag Conservative Establishment (TM)" [including Limbaugh, Beck, & Hanity} has ever said about us Socialist-leaning Hippies is wrong...
Hippies never started any wars... Hippies never napalmed anyone [United States in South Vietnam], nor released Sarin gas [Syria & Iraq]... Hippies don't chop off people's heads for moral infractions [Saudi Arabia anyone?] nor encourage lying [Most governments]... Hippies don't condone nor control drone assassination teams [The CIA]... Your Duly Elected Washington Representatives don't speak for us at all... All of the lying Corporation Bought Representatives of our Congress as well as the secondary Legislative branch call the Supreme Court are no one we would call friend... Nor the current POTUS nor any of the potential future ones... as they are all bought and paid for by all of the corporations you know and love...
by the way... Hippies don't like corporations... but the corporations love people that they can lead around by the noses... like maybe some of your congress persons or you since you seem to be fixed on the wrong Villain in this skit....
In the future please remember our motto-- Make Love, Not War!
If you don't like what America has become, I advise you, as we hippies were advised by the conservatives and red-necked Southern Good Ol' Boys way back when: "America, Love it or Leave it!"
Mineral oil has its own issues - long-term it damages capacitors. Water doesn't seem too impractical: Use those mini GPU blocks on the cracker chips. Each rack gets it's own pump and heat exchanger at the top, and hot/cold manifold pipes to plug the cracker boxes in to. Then each rack in turn hooks in to the big coolant pipes leading up to the fans on the roof, cunningly disguised as air conditioning machines. From the outside, it could look just like a warehouse.
Why not just rent the CPUs from a cloud provider with an encrypted private line to the locak NSA data center and hide it in plain sight?
you are not important enough to be a target Tell that to 1930's Europeans!
If you only look at the diffs, you won't notice a change which they'll spread out over a couple of months.
New things are always on the horizon
Rebuild from the ground up. It's the only way to be sure.
I predict a huge increase in use of BitBake.
I am very small, utmostly microscopic.
The suspicions surrounding Truecrypt have never been fully explained.
I am very small, utmostly microscopic.
The US government certainly is.
http://www.darpa.mil/Our_Work/MTO/Programs/Trusted_Integrated_Circuits_(TRUST).aspx
Every wonder why National Semiconductor (now TI I guess) runs a FAB at Fort Meade?
http://www.trustedfoundryprogram.org/
I am very small, utmostly microscopic.
If you have any type of social networking account (Facebook, Twitter, Reddit, Pinterest, etc...) then you gave up on your privacy long before the NSA had access to anything. Hell 60% of the FB accounts are fake government accounts anyway. I myself have nothing to hide and the government can read my email, text messages, instant messages, snail mail, all they want. Let them knock themselves out as I don't care. They have been reading your personal data for over a decade (Patriot Act saw to that). This is all old news and there's nothing to see here.
The day Microsoft creates a product that doesn't suck, it will be known as the Microsoft Vaccuum Cleaner!
I disagree with 1, because with an exploit like that any software can become your backdoor.
eg: You want to hack a mail server. You take a look at it with a quick profile and determine it's (hypothetically) a Windows 2003 server running Exchange. It's a big company, so you can be confident this is a 64-bit OS. So you craft your attack email: The trigger sequence, followed by a payload. You know this is running Windows 64-bit, so you can pick a payload accordingly. It'll run with the permissions of the first process to access the data: The network card driver. So all you need is a payload designed to run as Windows 64-bit 2003 kernel mode code, with the function of obtaining and executing the real malware that gives you control.
Because custom crypto-specialised cracker chips would be many orders of magnitude faster than general-purpose CPUs.
The good old days, when we hand-compiled our own cmpilers.
Look, if you're reading this news site, and you didn't know that security can only be meaningfully assessed against a threat and that an accurate model of this threat is required in order to assess it and propose countermeasures, you're not going to bring much to this conversation except noob blather.
The observation you appear to be missing is that *both* adversaries in a crypto war have cost-benefit tradeoffs to make. Backdooring a crypto product is cheap, and very valuable. Expect it. The NSA black-bagging your hardware is expensive. If you've never been to an environmental protest, you're not worth this to them. The NSA pwning your router, apparently, is a capability they hope to automatically acquire this year -- expect that.
/. -- the Free Republic of technology.
Either way, that's kind of a strange thing to say about an organization that claims to have completed an awesome new cryptanalytic capability in 2011, after which (according to the black budget leaks) CCP's Microelectronics program shrunk by a factor of six over the next two years... and that slide with that little red box...
/. -- the Free Republic of technology.
Apt Richelieu quote. They are collecting data on every person, but how much is a function of the person (or the data). Consistent sympathizers with incumbent power are uninteresting and not really worth the bandwidth. Sympathizers with any power other than the regime are interesting.
/. -- the Free Republic of technology.
Being one of those liberal hippies you seem to be attempting to blame for "Republican Military-Industrial Complex Elitism As Usual" let me speak on our behalf:
No. Mr. O does not speak for me. Mr. O is just another "Republican Moderate" in allegedly liberal clothing [if he had been a *real* liberal he would have gotten us the "Single Provider" [aka Socialist} version of healthcare like all reasonable western countries have rather than the Capitalist "bend over, here's the bill" Romney-care.
I think that a government that is likely to give you socialist healthcare is also not likely one that is going to disband an agency like the NSA, mainly because it's not one to disband any agency. (If the situation here in Europe can be any indicator.) The "perfect" laissez-faire society would be the one without an NSA. Now granted there is no such thing in the real world and it would just mean going over that civil vs. economic liberty thing again. But still. Hiding away talented mathematicians and engineers like that is just a waste of taxpayer money.
Do you consider *nix be more secure than Win 7? Given the recent leaks about these data collection efforts... Which OS would you say has the most integrity from a privacy prospective? All these stories on /. lately are starting to make me wonder if I should... 1. Always disconnect system's, from the network, when not actively being used. This could lead to issues by not being connected to receive patches & etcetera.
2. Build virtual machines offline and maintaine offline and reverting back to my, somewhat trusted, offline maintained VM images (using snapshots or similar)
Any other ideas, advice or opinion's would be greatly appericated.
/.
I would posit based on what we read in Ken Thompson's attack that the following can be traced back to Godel's problem: Can a secure system be build on systems that have tools that verify their own security? And for the practical minds, is it feasible / possible to trust any system as a starting base for a secure system and build over that? I have never thought about this this way, but I feel we might have hit security theory's rock bottom. Cheers!
From Wikipedia:
Popular choices for the group G in discrete logarithm cryptography are the cyclic groups (Zp)× (e.g. ElGamal encryption, Diffie–Hellman key exchange, and the Digital Signature Algorithm) and cyclic subgroups of elliptic curves over finite fields (see elliptic curve cryptography).
I don't know if that covers all of the widely-available EC algorithms.
Binary blobs are bad, m'kay. No argument there. However, IO-MMUs like VT-d, which is used by Core i* processors, seem to be a pretty strong protection. The approach is simple and therefore should be robust, and it directly handles the root issue, rather than trying to band-aid the symptom as Microsoft Security Essentials and similar do.
It is my understanding that DMA address space is assigned at runtime, but it's allocated at boot time, meaning a device can't gain access to memory not allocated for DMA at boot time. Memory management isn't "my thing", though, the storage stack is, and to some extent early boot is my thing. What you're talking about is handled by the memory management people.
You have a point, Red Hat does a LOT more development than Canonical, so maybe that's not the best example.
Offhand, I don't know what the BEST example is. I think you get the point, though. I've just been reading about the different options for caching disk devices on Flash and I noticed the three developers of different implementations, and the fans of the three implementations, assisted in pointing out weaknesses in competing implementations.
Ah, so the NSA doesn't have root access to kernel.org's servers? If they've tweaked the compilers they use to generate the source in the way Thompson suggests, nobody except the tweakers would ever know. You could scan the source from top to bottom and never see anything wrong.
Go to Heaven for the climate, Hell for the company -- Mark Twain
Issues originating from kernel.org can and have been seen and fixed because each of the thousands of developers has their own copy and sees all changes. An attacker would need root access to everybody's desktops, or at least they'd need to know who might be interested in that area of the kernel and root those developers machines.
Knock, knock, ...
The clincher is at the end of the "Computer Forensics for Prosecutors" document. This is not quite the evidence for a Truecrypt back door!
Guess who's coming to dinner for Part 2 and 3?
From the Computer Forensics for Prosecutors pdf, page 17:
"Detective Stu Pitt will take over for Part 2:
and,
"Tomorrow, Detective Laughlin Foo will conduct Part 3"
No, encryption won't get your data back, that's what backups are for. Encryption does mean that the thief cannot skim your passwords and whatnot before fencing your computer at the local pawnshop. You might not have the data anymore but no one else should be able to get it either.