Slashdot Mirror
OpenBSD Team Cleaning Up OpenSSL
First time accepted submitter Iarwain Ben-adar (2393286) writes "The OpenBSD has started a cleanup of their in-tree OpenSSL library. Improvements include removing "exploit mitigation countermeasures", fixing bugs, removal of questionable entropy additions, and many more. If you support the effort of these guys who are responsible for the venerable OpenSSH library, consider a donation to the OpenBSD Foundation. Maybe someday we'll see a 'portable' version of this new OpenSSL fork. Or not."
Yes, Theo has a bad temper and is not filtering carefully enough what he says, but his heart is in the right place, and he's a fucking great leader. I don't mind one bit his bad temper, because it usually hits those that really deserve it. And on the other hand, he's one of the most effective open source leaders.
I think my CC number got stolen.
Obviously since OpenBSD is running their fork of OpenSSL 0.9.8 which essentially doesn't have this exploit, this is just a shameless plug.
But having an OpenBSD vetted OpenSSL 1.0.1g+ for Ubuntu, now that would be something!
If they're doing a large-scale refactoring, a regression test suite is really advisable (in addition to static code analysis) to ensure that they don't create new, subtle bugs while removing things that might look like crud. Does anyone know how good their test coverage is?
Koans and fables for the software engineer
$30,949 is how much the OpenBSD Foundation received in donations in 2013. That has to get fixed as their expenses were $54,914 and only a one-time transfer from an old account covered the deficit.
The community that depends on OpenSSH, OpenNTPD and the like needs to figure out how to support these projects.
Personally I'd like to see the Foundation offer targeted donations to specific projects with a percentage (~20% perhaps) going into the general operations fund. I bet there are a bunch of people who would throw a hundred bucks at OpenSSH but would be concerned that a general donation would go to some odd thing Theo is doing (whether that be fair or not).
And if "Fixing OpenSSL" were one of the donation options, then hold on to your hats - I think we're all in agreement on this. We do know that the folks currently working on the projects are paid by others but if the Foundation can get enough money to offset expenses then it could actually do some development work and possibly finally take care of some sorely-neglected tasks on a few of these codebases.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I have little doubt that the OpenBSD team will significantly improve the code.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
We also have a comment from the FreeBSD developer Poul-Henning Kamp.
He starts by saying "The OpenSSL software package is around 300,000 lines of code, which means there are probably around 299 bugs still there, now that the Heartbleed bug — which allowed pretty much anybody to retrieve internal state to which they should normally not have access — has been fixed." After that he notes that we need to ensure that the compiler correctly translates the high-level language to machine instructions. Later Kamp rants a bit about the craziness of CAs in general — would you trust "TÜRKTRUST BLG LETM VE BLM GÜVENL HZMETLER A.."? Then he lists some bullet points about things that are wrong in OpenSSL:
- The code is a mess
- Documentation is misleading
- The defaults are deceptive
- No central architectural authority
- 6,740 goto statements
- Inline assembly code
- Multiple different coding styles
- Obscure use of macro preprocessors
- Inconsistent naming conventions
- Far too many selections and options
- Unexplained dead code
- Misleading and incoherent comments
"And it's nobody's fault. No one was ever truly in charge of OpenSSL, it just sort of became the default landfill for prototypes of cryptographic inventions, and since it had everything cryptographic under the sun (somewhere , if you could find out how to use it), it also became the default source of cryptographic functionality. [...] We need a well-designed API, as simple as possible to make it hard for people to use it incorrectly. And we need multiple independent quality implementations of that API, so that if one turns out to be crap, people can switch to a better one in a matter of hours."
Ted Unangst wrote a good article called "analysis of openssl freelist reuse"
His analysis:
it's a very good read.
Trolling is a art,
C is a perfectly safe language if used properly. Not to mention that it is as ubiquitous as it can possibly get without sacrificing portability.
Removal of ancient MacOS, Netware, OS/2, VMS and Windows build junk
Removal of “bugs” directory, benchmarks, INSTALL files, and shared library goo for lame platforms
Ripping out some windows-specific cruft
Removal of various wrappers for things like sockets, snprintf, opendir, etc. to actually expose real return values
There's no doubt that OpenSSL needs work, but they seem to be needlessly combining actual security review with "break every platform that I don't like." At a minimum, anyone else trying to benefit from this will need to unravel the worthwhile security changes from the petty OS wars crap.
What about it? If you want a Go implementation, then go do it.
They are not using Go because they want portable code that can run on all the hardware platforms they support. Go does not support all of those platforms.
... And ran faster ...
You can safely write something like OpenSSL in C/C++, hence the fact that OpenBSD exists with the namesake that it has earned (secure).
And what do you think Go is written in? Magic pixie dust?
Go ahead, do it. The OpenBSD people are actually doing something, instead of only being busy talking about it.
Every so called "safer" language (than C) is also less efficient. For OpenSSL, we need maximum efficiency/speed in big data scenarios, and in cases where hardware acceleration is asked for. Playing with Go, Java & Co. is a no-go here. Plus, C can be just as safe, when used properly and when code is properly audited and screened. The problem with Heartbleed was that auditing took way too long to materialize and to catch up. A bug in a, say, Go version of OpenSSL would have probably taken just as long to get discovered, if auditing happens so seldom.
cpghost at Cordula's Web.
How about Ada?
And all these vaunted "safer languages" are written in... C.
All languages are safe if used "properly".
The trick is being resilient against the occasional mistake, and C does that really poorly.
Apparently you didn't read the second news item on the OpenBSD news site, where they reached their 2014 funding goal of $150,000 last week.
So if C is so bad why should we trust the languages that are implemented in it? You do realize that most of these "safe" languages are written in C, right?
While it might be nice to use a safe(r) language, can't we at least have a compile option in C that adds bounds checking?
And while you're at it, how about making it impossible to execute code that isn't in the code segment and write protecting the code segment.
C is a perfectly safe language if used properly.
As safe as juggling very long, very, very greasy sharp knives while skating on very thin ice...
"I don't know, therefore Aliens" Wafflebox1
Should they not be getting some tax funding??? This is so ironic projects like this that if they fail can take down the next every company that uses these projects pays taxes should tax money not be given with out any strings like no nsa back doors or the sort but rather make sure all bugs are taken care of? To many companies profit from ssl yet the project that maintains it is on very week standings.
I read that as discarding stuff for Windows 98, 2000, and other ancient platforms that have fallen almost entirely from use, and certainly outside the pool of what's tested: A good thing.
The first step to cleaning up the code is getting it into a state where you're not leaving crap in place because 'It's for something I don't understand.'
That's what got us in the current OpenSSL mess in the first place.
Additionally, once the core code is cleaned up you can always follow the changelogs and merge the legacy stuff back in (assuming they're using git, or another VCS with a good git check(in/out) module.)
Honestly anyone still running any of those OSes is probably running a 0.9 series library and thus wasn't vulnerable to this bug to begin with. Who knows how many of those alternate paths even still worked anymore.
I'm wishing there was a "+1 troll" option for moderation.
The
It's a fork specifically for OpenBSD. Why would they keep support for other OSes?
I agree that if they were trying to create a general replacement fork of OpenSSL, that those would be bad things, but for what they're trying to do, these are good decisions. They're trying to improve OpenBSD's security - OpenSSL is a big attack surface, and they're trying to make it smaller by removing the things they don't need.
This will complicate things both ways, going forward. Updates to OpenSSL might be harder to integrate with OpenBSD's fork (if it becomes an actual independent product, can we call it OpenOpenSSL? Or Open^2SSL?), if it touches upon the altered parts. Likewise, anyone trying to merge an Open^2SSL fix into OpenSSL might have difficulty. I expect that if OpenBSD's fork of OpenSSL becomes a separate project, one or the other will die off, simply due to all that duplicated effort.
What I expect to happen in that case is that Open^2SSH will maintain compatibility with all the platforms OpenSSH or OpenSMTPD (which are OpenBSD projects) support - pretty much any Unix-like environment, including Linux, BSD, OS X, Cygwin, and most proprietary Unices. If there's enough desire for support for other platforms, a second fork might happen to maintain them, but I honestly doubt it (Mac OS 9? Really?).
And yet you'll trust languages implemented in it?
I think the point is to have as little code as possible, and to have no code that isn't covered by their tests. Both of which are excellent ideas if you want to write secure code.
That is complete BS. code is insecure because the coders suck. Language makes no difference. In a "safe" language, the bigs are just harder to find.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Have you read the OpenSSL code base? A lot of what appears inside an #ifdef WIN32 is complete garbage and in most cases you'd be fine with the normal libc stuff the Unix version gets.
Only for those of small skill. Those people should stay away from any security-critical code anyways.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
It's not remotely about petty OS wars. Complexity is bad for security, mmkay? If you want a newer version of openssl for OS/2, netware, or pre OSX MacOS, I'd really like to know what exactly you are doing. Dropping those platforms is the right thing.
I'll give you ubiquitous and portable, but C is not remotely a "perfectly safe" language. That's a ridiculous claim.
You do know that the difference is that if this was closed source, we would just have heard about it a lot later, right?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
First: Many languages are largely or even entirely self-hosted in terms of compiler and/or runtime. This means that if they provide, say, better type safety than C, those benefits carry over to the portions of the language that are self-hosted.
Second: the directness of the problem. It's easy for a C program to allow a very direct exploit, e.g. Heartbeat. I'm not saying easy to find, or that you'll necessarily get what you want to see every time, but the bug itself is about as simple as you can possibly get. If your language runtime has a bug instead, it's much more likely to be a very indirect one, because now not only do you likely have to cause a specific behavior in the program itself, but that behavior has to trip up the runtime in a way that causes that bug to lead to something bad. This isn't really fair to say this, but consider the Heartbeat vulnerability: to have the same thing happen in a safe language, not only would the program have to have the potential for a bug (unchecked input) but you'd also have to trick the runtime into dropping its bounds check.
Sure, it's not guaranteed to cure all ills, and runtimes can have bugs. But at the same time... it dramatically raises the bar.
Indeed. Most coders just add more code when they run into an issue. That is a problem for normal code, but it is death for anything security-critical.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
The OpenBSD has started
The OpenBSD cometh.
I understand that Karpeles (of Mt.Gox fame) wrote his own SSHD using PHP. Let's use that! :-)
http://falkvinge.net/2014/03/1...
Koans and fables for the software engineer
Or simply support and use the GnuTLS!
both have their own set of problems, but at least now you have the a alternative.
Higuita
If your language runtime has a bug instead, it's much more likely to be a very indirect one, because now not only do you likely have to cause a specific behavior in the program itself, but that behavior has to trip up the runtime in a way that causes that bug to lead to something bad.
Yeah and? Has that stopped all the exploits of the Flash runtime and the Sun/Oracle JVM? Nope. In fact, those two are among the most exploited pieces of userspace software on the OS.
I checked the CVS comments last night; pretty sure they are working off 1.0.1g. Based on the commit comments they are breaking it into pieces (using the crypto functionality of OpenBSD not OpenSSL) as well as ditching all the code that is intended to make it work on other systems. It looks like the final product will be integrated in the base - not portable.
That's extremely difficult to do for C. People trying to do that has resulted in multiple PhD theses and no one still has a perfect solution. If you actually want that, then use CCured, which is probably as close as it gets.
I'm pretty sure that's how things are now, though I could be wrong. Non-writable code has been around for ages, and non-executable data was the whole NX/DEP from a decade ago. I think that's pretty ubiquitous now. (I guess I've almost always heard of NX protecting the stack, but I assume you'd mark heap & static pages NX too.)
And thay changes things, how? C++ allows all the same "unsafe" things as C does. Have you ever used C++ before?
It is a good point in a backhanded way. If Microsoft's code had been the root cause, there would be a hatestorm of immense proportions. Since it's open source, the overall attitude has been, "oops! it's okay, they can fix it,it's an honest mistake!" and few people even bat an eye about how bad the code really is and how few people it took to really screw it up. It's a double standard.
I think this is a dumb argument. Let's divide up problems into "memory errors" and "logic errors", where we broadly interpret "memory errors" as "errors your language or runtime won't let you make."
This means that if you program in C, you have to deal with memory errors and whatever logic errors you make in C. If you program in another, safe, language, you no longer have to worry about memory errors and only have to worry about logic errors in that language.
That means that unless you can argue that you'll make more logic errors in your safe language, you've already won.
Furthermore, because in C you have to spend time and effort making sure you're not susceptable to memory errors, that takes time and effort away from looking for other errors. Not only that, but automated tools have a harder time dealing with C than they do with many safe languages, which means you have less tool support.
And that's not even getting into more esoteric languages where you can encode non-trivial proofs into the type system and have the compiler prove correctness with respect to certain properties.
Bullshit. clang is written in C++ which has a _much_ safer type system.
It's a fork specifically for OpenBSD. Why would they keep support for other OSes?
You only fork when you want to put distance between the original; there is nothing stopping them from making changes/"improvements" to the original OpenSSL project except for scope constraint (i.e. if they just want OpenBSD to be secure) or ego. Either one stinks of selfishness. I cant criticize them directly since they are still doing all of their work for "free" and are publishing it freely, but it has to be pointed out that they are choosing the greater of two evils.
Their theory is that they need an SSL system for OpenBSD. They're not trying to build it for other platforms, and the extra code adds complexity (and can contain vulnerabilities) so they're not going to maintain it. They're cutting out unnecessary cruft. That cruft may be needed for some users, but OpenBSD doesn't have any use for OS/2 support.
Not a sentence!
The OpenBSD project has some history of being funded by the American federal government (perhaps indirectly, as there was some sort of university involved).
To summarize, that ended rather poorly.
The project is officially headquartered in Canada, home of Theo (project lead) and also someone else with ties to the University of Alberta (which is probably related to why University of Alberta has benefited from early use of anti-spam techniques in OpenBSD, and why University of Alberta is a distribution site, hosting the main website last time I checked).
A lot of the government funding that I hear about comes from an organization like the NSF, which is the (American) National Science Foundation. I don't hear about nearly as much funding from the Canadian national government. Then again, I am American, so that makes it a bit less surprising if I'm more familiar with programs that involve the American government. (It is quite possible that Canada does do more than what I am aware.)
Coincidentally, they're also the two applications that are internet-facing the most. Oh wait, that's not a coincidence at all. If you put C into that role, and let your browser download and run C programs, the result would make Java and Flash look like Fort Knox.
(NaCl isn't C, I will point out, and is closer to a better Java implementation than it is to compiling and running C.)
The ancient garbage needs to go. If the platform is effectively dead and the developers can't test against it, delete the code its time for the lazy/cheap to upgrade it they want support/improvements.
That changes everything. All the crazy memory and resource management code that is inherent to C programs can be replaced by a clean lifetime management. RAII is the magic word. And yes I have programmed in both and have come to the conclusion: Correctly written C++ is way way less error prone. The OpenSSL error would have never happened in an idiosyncratic C++ program (as opposed to a program written by people with C habits). Unfortunately learning C++ is very hard for C programmers - it takes years to pick up the correct habits.
No. We all love to hate on OpenSSL because it's a pile of poo.
There are vested interests who make a living because they have write permissions to OpenSSL and they can charge companies to do it and the barrier to entry to others is really high because it's a undocumented, over complex pile of source.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
Actually, a certain amount of effort is required to understand code. Depending on how the language provides its interfaces, the abstract and logical ways in which people think and which programmatic processes normally flow based on how people envision them are either simple to interpret (for humans) or immensely complex to interpret.
Because of this, one language may have an advantage over another in terms of both speed of program implementation and frequency of defects. Fewer objects for programmers to track, and more objects are more naturally understood, thus less mental effort required to ensure correct code, and fewer cases where multiple visual validations by different people will produce the same corner case where incorrect code is incorrectly interpreted as correct.
Support my political activism on Patreon.
As I understand it, one reason that security-related code is best done in low level languages is that the implementer has absolute control over sensitive data.
For example, consider an server which acquires a passphrase from the client for authentication purposes. If your implementation language is C, you can receive that passphrase into a char array on the stack, use it, and zero it out immediately. Poof, gone in microseconds.
But let's say you used some language which dynamically allocates memory for all strings and garbage-collects them when they go out of scope. It's "safer" in one respect, because it prevents the developer from having to do their own memory management. But auto-growing strings (and lists) often work via some invisible sleight-of-hand whereby the string's data is copied to new memory once it grows enough to fill its original underlying buffer. This can happen several times as you concatenate more characters onto the end of that string. So as you read it a long passphrase into a dynamically-growing string, little now-unused copies of the prefixes are being put back on the heap all the time, completely outside your control. If that daemon dumps core and you inspect the dumpfile, you might see something like "correct-horse-battery-sta". Marry that to the log of IP connections, and boom, you can make an educated guess at what Randall Munroe's passphrase is.
Koans and fables for the software engineer
I will weaken this statement a little bit. I assert it's closer to a better Java implementation than it is to a standard industrial C implementation. You could make a C implementation more like NaCl's, but depending on how you look at it (1) it would still make Java and Flash look like Fort Knox because it doesn't even try to protect against Heartbleed-like vulnerabilities, or (2) it would satisfy the constraints of "a safe language", but no one really uses them and I don't know of any industrial compilers that implement NaCl-style protections for standalone programs.
Show me an OS with more than 1% market that has a kernel and network stack that is not written in C/C++.
$30,949 is how much the OpenBSD Foundation received in donations in 2013.
That's about $29,000 more than OpenSSL receives every year, and still $22,000 more than they received this month when the entire world realized that they had been freeloading and scrambled to make themselves look good by making one-time donations.
I can't say for Flash, but most of the headline Java bugs related to the web start API's / DLL's which are actually outside of the core JVM sandbox (though there were a few in-sandbox flaws which were patched as well). You could say the same thing if there were gaping holes in Jlaunch, or Oracle's JVM API, etc.. The only difference is that web start for better or worse is included in the standard JRE release.
You don't hear about the countless exploits possible in java based server code, considering that basically everything entering a socket on the server is already in JVM, hence not likely to be exploited unless the site developer made some serious flaws themselves.
Bye!
Indeed. If there are still a significant-enough number of OS/2 users out there to warrant OpenSSL upgrades, then someone will fill the need. But we all know there isn't enough users of these old OSs to actually warrant ancient code being maintained.
The world's burning. Moped Jesus spotted on I50. Details at 11.
The Flash runtime lacks bounds checking for its SWF file parser/interpreter, and they can't really fix it all because of back-compat issues, this is probably what 99% of the on-going flash exploits are.
The JVM exploits in the browser are due to the sandboxing implementation, which is supposed to suppress java code that requests certain operations on the OS, not due to runtime exploits (GC, code generator, etc). I've yet to see one JVM-related exploit on a JVM running on the server.
Yes, Theo has a bad temper
That rant would be epic. But seriously, the login doesn't even work. Showing stories doesn't work. There's no post new message button. There's only a reply to button. How do we disable this crap? I see the "click here to return to the Classic version of Slashdot" link has been disabled. I guess too many people were using it. How do I disable it so I can login again?
Your analysis gets it wrong. With so called "safe" languages people are less vigilinte because they can get away with being lazy and not really understanding what is going on. With C you have to be hypervigilinte and know your stuff, which are two very good qualities for a programmer to have.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Given the number of bugs (security and otherwise) in so many applications, there must be 10 metric trainloads of "small skill" programmers out there.
"I don't know, therefore Aliens" Wafflebox1
How can you be sure?
Something like this might have been avoided completely, as the company might have had more structured leadership (and thus better communication and code architecture). Alternatively the bug might have been fixed much earlier, as the company might have had more resources for good code audits than open source (which relies on donations).
That would be a reasonable question to ask, if you were totally ignorant about how a compiler or interpreter works.
It's like saying C isn't garbage collected, so any language implemented on top of it can't be, either.
With something as big and messy as crufty as OpenSSL, there probably isn't a sane way to approach the problem of decrapifying it that doesn't involve first stripping it down to the minimum.The OpenBSD devs aren't Windows devs, Apple Devs, or Linux Devs. There is no "greater evil" in making something more secure in less time for your own platform when contorting themselves to maintain compatiility keeps junk that slows them in their task to the point they don't every get to the clean secure rewrite.
they are choosing the greater of two evils.
No.
Eventually supporting too many screwy and ancient systems starts to cause just so many problems that it is really, really hard to write solid, well tested, clear code. The heartbleed bug was exactly a result of this. Because of supporting so many screwy platforms, they couldn't even rely on having malloc() work well. That means they had their own malloc implementation working from internal memory pools. Had they not, they would have benefited from the modern mmap() based implementations and you'd have got a segfault rather than a dump of the process memory.
Supporting especially really old systems means having reimplementations of things which ought to be outside the scope of OpenSSL. Then you have to decide whether to always use the reimplementation or switch on demand between the custom one and the system one and whether or not to have some sort of quirk/bug correction.
This sort of stuff starts to add up and lead to a maintainance nightmare.
What OpenBSD are doing: throwing out all the accumulated crud and keeping the good parts is a fine way to proceed. It will almost certainly be portable to the other BSDs, OSX and Linux since they provide similar low level facilities. I doubt a port back to Windows would be hard because modern windows provides enough sane facilities that it's generally not too bad for heavily algorithmic code like this.
Basically there's no way for them to get started except to first rationalise the code base and then audit it.
SJW n. One who posts facts.
I must have missed it. When did the OpenSSL team use illegal and immoral businesses practices to coherce or trick people into having to pay money for their software? You see. That's the difference in a nutshell. If you offer someone something for free they tend to be more forgiving of flaws than if you force them or trick them into buying it.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
I only used Go as an example of a somewhat safer (type checking, bounds checking, etc) language.
I never said I want a Go implementation, in fact I alluded to the fact that Go can't even build shared libraries.
Otherwise known as "the only sane way to simulate exceptions in C". Seriously. Read up on how "goto" is used in low-level code bases such as OS kernels, instead of citing some vague memory of a 1960s paper without understanding its criticisms.
People who don't use goto for error handling in C more often than not either have incorrect error handling or way too much error-prone duplication of resource cleanup code. It makes sense to very strictly warn newbies away from goto, much in the same sense that you warn them from multithreading. You don't want them used as a universal hammer for every nail in the code. At some point though, people need to jump off the bandwagon and learn to respect, not fear, these things that actually have some very compelling uses.
There's no doubt that OpenSSL needs work, but they seem to be needlessly combining actual security review with "break every platform that I don't like." At a minimum, anyone else trying to benefit from this will need to unravel the worthwhile security changes from the petty OS wars crap.
I don't see this as a problem. Since OpenBSD is working on their own, for-themselves, branch, they can fix it any way they want. If they do a good job (as expected), the OpenSSL project can then backport their fixes into their project and integrate it to their hearts' content.k (If they chose not to, someone else can chose to fork and do it, and the two versions can fight it out for acceptance.)
This is how it works in the Bazzaar.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
The single heartbleed vulnerability awakened people to actually take a deep look into the OpenSSL code. Where were all the "eyeballs" before that? Now we are in a position where suddenly the whole OpenSSL code needs massive rearchitecturing. It just makes me cringe when I think what other OSS projects possibly have similar serious problems, possibly in mission critical components. It's starting to be quite obvious that there is not enough people to actually take a look under the hood and say, hey this quite crusty code and needs fixing.
I find the open development process of software to be extremely interesting, but am not scared to point out possible flaws in it. So should be no one else.
Maybe it's time to realize that OpenSSL has become obsolute. For me it's totally unacceptable that even now the documentation is [STILL INCOMPLETE]. Instead of wasting time with cleaning up a pile of dirt, use that time to start supporting PolarSSL in all your applications. Its code is clean and it is well documented. Once you give PolarSSL a try, I'm sure you will wonder why the hell you were using OpenSSL all that time.
It doesn't have to be like this. All we need to do is make sure we keep talking.
And yet you'll trust languages implemented in it?
Why do you presume that of me?
(Back in the day, languages bootstrapped themselves. Now GOML!)
"I don't know, therefore Aliens" Wafflebox1
There's no doubt that OpenSSL needs work, but they seem to be needlessly combining actual security review with "break every platform that I don't like." At a minimum, anyone else trying to benefit from this will need to unravel the worthwhile security changes from the petty OS wars crap.
They are fixing OpenSSL for their own needs, probably with little or no expectation of use on other projects.
They did the same thing with SSH: they took the original SSH code, forked last open source copy before it went closed source, and created OpenSSH. Then a "portable" variant was created to run it on non-OpenBSD systems--which basically everyone else now runs.
I'm guessing the same will happen here: clean up the original and then at some point someone may make it portable.
With C you have to be hypervigilinte
And yet the vast majority of C programmers... are not hypervigilant.
"I don't know, therefore Aliens" Wafflebox1
Every so called "safer" language (than C) is also less efficient.
Depending on what you're doing. Compiled languages without pointers (such as Fortran and Pascal) are usually much faster for mathematical tasks, since side effects are so few (essentially concerning globals only), the compiler can much more easily automatically vectorise, reorder, factorise and unroll code. They also happen to be more safe, since you cannot simply tell the computer to write at a memory address, buffers can be bounds checked and so no overflows or underflows.
Problem is, they generally suck for IO, which is why they aren't used for SSL. Still, you should qualify where they are less efficient.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
Not anymore, they are written in their own language!
It's a fork specifically for OpenBSD. Why would they keep support for other OSes?
You only fork when you want to put distance between the original; there is nothing stopping them from making changes/"improvements" to the original OpenSSL project except for scope constraint (i.e. if they just want OpenBSD to be secure) or ego. [...]
A third option: you feel the upstream folks are incompetent and don't want to bother with trying to get them to see your way.
I think it's a bit of #1 and #3.
FTFY. Let's not single C out as if it is the exception to the rule.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
That changes everything. All the crazy memory and resource management code that is inherent to C programs can be replaced by a clean lifetime management. RAII is the magic word. And yes I have programmed in both and have come to the conclusion: Correctly written C++ is way way less error prone. The OpenSSL error would have never happened in an idiosyncratic C++ program (as opposed to a program written by people with C habits). Unfortunately learning C++ is very hard for C programmers - it takes years to pick up the correct habits.
"idiosyncratic"--I don't think that word means what you think it means.
Surely some (back)porting will take place if those patches are useful for the original branch as well. The pursuit of code clarity(tm) is good when things get muddy and hearts are bleeding.
Comment removed based on user account deletion
All programmers(c programmers) create bugs(logic or memory bugs), aka Heartbleed bug...
Juggling very long, very, very greasy sharp knives while skating on very thin ice is only unsafe for those of small skill, too.
Let's not single C out as if it is the exception to the rule.
While true, this thread is about whether or not C is or can be a safe language.
"I don't know, therefore Aliens" Wafflebox1
You've posted this in several threads. I don't understand why you think this is a good argument.
If they end up stripping it down to a minimal library with the core functionality, cleaning up the public interface (e.g. exported functions), and making it easy to create your own OS-specific wrapper around it, then they are actually doing something that should have been done in the first place. If they do it right, it will become much more popular (and most likely more light-weight and secure) than the current OpenSSL project.
> But let's say you used some language which dynamically allocates memory for all strings and garbage-collects them when they go out of scope. It's "safer" in one respect, because it prevents the developer from having to do their own memory management.
You can still use a char array in Java and fill it with blanks after use. This will be similar to a char array in C only with bounds checking. It will get garbage collected some time later but this does not matter since sensitive data will already be overwritten after you are done with it.
For example, consider an server which acquires a passphrase from the client for authentication purposes. If your implementation language is C, you can receive that passphrase into a char array on the stack, use it, and zero it out immediately. Poof, gone in microseconds. But let's say you used some language which dynamically allocates memory for all strings and garbage-collects them when they go out of scope. (...)
That would be true if high level languages only offered the default implementation but usually they have a special implementation like SecureString in .NET, it'll let you do the exact same thing. For bonus points it'll also encrypt the data in memory in case you have to keep it around a little while, sure it's a bit of security through obscurity but it won't be trivial to find with a memory dump. The issue is more that people who aren't aware of the issues won't ever think to look for or use these classes, but they're available.
Live today, because you never know what tomorrow brings
one reason that security-related code is best done in low level languages is that the implementer has absolute control over sensitive data. For example, consider an server which acquires a passphrase from the client for authentication purposes. If your implementation language is C, you can receive that passphrase into a char array on the stack, use it, and zero it out immediately.
That scenario actually explains why security-related code is best done in MANAGED languages using something like SecureString
http://msdn.microsoft.com/en-u... -- this way, you still have API control to zero it out immediately, but you also benefit from the fact that you can make it ReadOnly, the fact that it's encrypted, the fact that it was authored by someone who's more expert in security than you and has had more eyes to review it than your ad-hoc solution.
So if C is so bad why should we trust the languages that are implemented in it? You do realize that most of these "safe" languages are written in C, right?
I'm just going to link to a previous comment where I answered the same question.
TLDR: Languages aren't "written in" anything, and the language the compiler is written in has no bearing on the capabilities of the language it compiles. (We're all Turing complete here.)
If C-programmers make secure programs 85% of the time, it's pretty safe to make something with.
It's not safe to make everything with.
It's like how desks and other furniture will have rounded edges and corners instead of sharp points. Sure, you trust adults not to bump into inanimate objects around the office and hurt themselves, but would you bet on it never happening?
...you can receive that passphrase into a char array on the stack, use it, and zero it out immediately. Poof, gone in microseconds.
Only if you've set that part of your stack to locked. Otherwise it could get paged out to disk. Thanks to the fun of timing on computers, the amount of actual time that passes between "receive [into memory]" and "zero out" is arbitrarily long.
They should clean up all the "Open" projects like OpenOffice and OpenWindows.
Issues like that are why real, bulletproof security is incredibly hard. At least with low-level languages, you're close enough to the machine to at least be able to think about such things, and maybe even do something about them.
Koans and fables for the software engineer
I've not liked some of the things I've heard from Mr. de Raadt in the past because they seemed to be less fact than emotion, but in this case Theo has redeemed himself in a big way.
Like it or not, OpenSSL is now one of the most important pieces of software in the world. OpenSSL protects people's bank account numbers, credit card numbers, medical records, and employment records. OpenSSL protects corporate and government secrets (hopefully in combination with other defensive tactics). OpenSSL is not used for all encrypted network sockets, but it is widespread, to say the least.
de Raadt and his team are stripping OpenSSL down to its bare minimum. That is exactly what we all need. When someone's device creates an encrypted HTTP connection to another device, you want that functionality to work perfectly. That is the vast majority of use cases, and that most important use of OpenSSL failed in a spectacular fashion.
You don't care about being able to build OpenSSL on anything right now except OpenBSD. That is the platform de Raadt's team will be using for testing. You don't care about high-performance wrappers. Computers are lightning fast now, have gigantic amounts of memory, and network speeds are phenomenal compared to the requirements of using an HTTPS connection. OpenSSL today does not want for any system resource, even on a telephone or an embedded platform.
You don't need a platform on which to perform experiments in cryptography. OpenSSL was being used by scientists and mathematicians and the NSA to test new ideas. That is not an appropriate use for the mainline OpenSSL distribution.
Once de Raadt's team is finished, one or more of the hundreds of thousands of Windows programmers can spend a few weeks re-adding their build architecture and necessary wrappers for the latest versions of Windows and some Linux people can do the minor porting on that platform.
Perhaps the original OpenSSL can be relegated back to the laboratory. If you've ever used the OpenSSL command line programs, it feels like you're working with test tubes and bunsen burners. From what I've read of the code, it is no better.
For starters I am by no means an expert in programming. I know enough to be dangerous, and to serve my own personal projects. :) )
A while back a programmer friend of mine was guiding me in programming. Back then I wrote some C code, and in a error handling routine, I used the dreaded GOTO statement.
Boy did this unleash his complete wrath. He could talk about nothing else afterwards.
I was berated, screamed at, told I will never be a good programmer. I should give up now. GOTO's are the tools of a lazy ignorant and bad programmers. I am the worst programmer ever.. On and On. Any programmer that uses GOTO is a bad bad lazy programmer.
I then grepped through Linux kernel sources, and showed him that I found over 200 uses of GOTO's. He of course said they are not real programmers and they are just hacks, are lazy and stupid..... On and On...
So out of curiosity about the OpenSSL bug the other day, I looked at the sources, and low and behold, GOTO's everywhere.
I was shocked. Was this very important software written by hacks? Lazy, bad programmers? No wonder the serious security flaw..
Is GOTO the gold standard of a bad lazy programmer?
So I must ask you guys.. What's the deal? (needless to say I don't use them anymore
No it isn't because that is a stupid question. C is a language, and like all languages it is never "safe" unless you know what you are doing. Also, like all languages I have encountered, it is "safe" if you do know what you are doing. There is no such thing as a "safe" or unsafe language; only safe and unsafe programmers.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
You shouldn't really put OpenSSH and OpenNTPD in the same sentence... 2k http://qa.debian.org/popcon.ph... vs. 65k http://qa.debian.org/popcon.ph...
Agreed, in Java using a char[] still gives you some safety -- the fact that Java has primitives like byte and byte[] also let you mix high- and low-level code. But other languages may not give you that ability to get down-and-dirty with the machine.
Also, as another poster on this thread has observed, paging makes things even more complicated. If you can't prevent that char[]'s block of memory from getting swapped out to disk, then in theory there's an attack vector. C may let you avoid that scenario.
Koans and fables for the software engineer
And thay changes things, how? C++ allows all the same "unsafe" things as C does. Have you ever used C++ before?
Since C++ is a superset of standard C, yes, you can write the same kind of unsafe code in C++ that you would in C. And indeed many programmers do this.
But C++ gives you the tools to automatically catch various kinds of errors and memory leaks. If you use class destructors correctly, you can ensure that an object is automatically closed properly when it goes out of scope. There are a lot of standard classes such as smart pointers that are specifically designed with this kind of programming in mind. It's not 100% foolproof but it is a lot more reliable than having to remember to do it all manually in C (or C masquerading as C++).
Allows, yes. Deprecates, too. And it does offer safe alternatives for those dangerous constructs.
For instance, my C++ Standard Library offers iterators that reliably crash on read overflows, unlike C's pointers. That would have directly prevented HeartBleed. It's even safer than guard pages which may not crash on small read overflows. This isn't some rare expensive implementation, it's a free one used by thousands of developers every day.
If your implementation language is C, you can receive that passphrase into a char array on the stack, use it, and zero it out immediately. Poof, gone in microseconds.
Or the compiler might helpfully optimize out your buffer clear : http://www.viva64.com/en/d/020...
Or in general: http://www.viva64.com/en/b/017...
There's just a ton of landmines to avoid while coding in C. Including the tools themselves.
Reducing the attack surface is worthwhile, even if it isn't perfect. More importantly, implementing a language's runtime in C is a very different case from implementing a language's compiler in C. Also, why use C? You could implement your language in Rust or some other safe language.
Targeted donations are great and all, but I think corporations that NEED this security layer should step up. Banks for example - oh hell, the clearly don't give a crap if they can cry to Congress for a bailout.
If I were Zuckerburg, I'd go big and throw in 50 million for a rewrite effort. The publicity alone would be gold. Facebook could brag for years how they take their user's information and privacy seriously enough to pay. God, they already spent billions on a photo sharing app and VR glasses, 50 million would be round off in comparison.
There is no such thing as a "safe" or unsafe language; only safe and unsafe programmers.
Sigh.
It's a good god damned harder to introduce an array index out-of-bounds error in Ada, PL/1, Pascal, BASIC and COBOL than in C.
Why? Because the RTLs in those languages check for out-of-bounds errors.
Thus, those languages, while not perfectly safe (nothing can be), are manifestly safer than C.
"I don't know, therefore Aliens" Wafflebox1
I agree that ripping out platforms they don't care about is not the maximally altruistic path; but is the delta between the altruistic path and the more altruistic path really 'selfishness'? That just seems to strain the definition a bit...
I think we need an OS written entirely in Java...
Get your own free personal location tracker
They also just don't have much in the way of resources, so even things that are doable from a software engineering standpoint may well be impractical from an available man-hours standpoint, and pretty much anything is probably taking time away from some other aspect of OpenBSD development.
the fact that it was authored by someone who's more expert in security than you and has had more eyes to review it than your ad-hoc solution.
You may be right. Still... isn't that what most people were thinking when they used OpenSSL? It's a bad idea to roll your own crypto, we all know that, but we assumed that OpenSSL was written by people who understood security and that lots of eyes made bugs shallow. Turns out, that was completely wrong: OpenSSL was written by poorly trained monkeys, and however many eyes may have been scanning it, it obviously wasn't enough.
You said: Here's the thing: OpenBSD is a hobby OS. Ha Ha.
That's funny. Some of the most prestigious companies and organizations on the planet use OpenBSD for a number of tasks. I've worked for three myself where OpenBSD figures prominently. Of the three I've worked for, one is the largest ISP in the US, another an IT consulting firm with a very specialized IT security knowledge whose clients demand only the very best, whose own infrastructure must be protected at all costs. OpenBSD is no joke, no hobbyist OS. BSD in general, while not getting anything near the popularity or mention of Linux, is far and away a better server choice than Linux in most areas, even more recently moving into the embedded space, especially OpenBSD and NetBSD. BSD is freaking stable. Short of a hardware failure, I've never had a BSD server go down for anything other than routine maintenance, and even this is infrequent.
OpenBSD isn't fancy, it's not pretty, it gets no real limelight, but it does an incredible job as a firewall, Webserver, gateway, you name it. Were I to run my own company, it would be BSD in the server room and Linux on the desktop. I've been working with and around BSD for the better part of 20 years. There is nothing hobby-like about it.
Bullshit. Tell that to the robot arm that is crashing down on your skull because the code to stop it was blocked by the GC (excepting ADA, which has other dangers, I'm sure)
Again, the biggest problem you have is not having any idea what you are talking about, and going on and on trying to quantify a language using qualatative terms.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Well, there's also nothing stopping OpenSSL from pulling in the changes made in OpenBSD. And they'd certainly better if any of them have any smarts at all.
But C++ gives you the tools to automatically catch various kinds of errors and memory leaks. If you use class destructors correctly, you can ensure that an object is automatically closed properly when it goes out of scope. There are a lot of standard classes such as smart pointers that are specifically designed with this kind of programming in mind. It's not 100% foolproof but it is a lot more reliable than having to remember to do it all manually in C (or C masquerading as C++).
None of these would have stopped the Heartbleed bug.
d00d, you've just moved the goalposts. you're assuming that correctly written just follows
from using c++. this is just bad code, why do you think the author would have written
better code in c?
$30,949 is how much the OpenBSD Foundation received in donations in 2013.
And yet... I heard OpenSSL itself gets at most $2000 in a typical year. Despite tens of thousands of banks, retailers, hardware manufacturers, software manufacturers, all relying on their code in a security critical fashion to support their business activities. The MOST the OpenSSL project gets in contributions is a mere shilling?
And no real support for high quality code review, maintenance, and release management. Just support for adding feature bloat.
What are you rambling about? OpenSSL is not produced by the OpenBSD Foundation, it's produced by the OpenSSL foundation, a completely separate entity for which OpenBSD has no involvement at all. Sounds like you just saw the word "Open" and assumed they were connected... hint: they're not - an de Raadt has precisely no responsibility for whatever happens with the OpenSSL base tree.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Real security is very hard. But really, real [lots of things in programming] are very hard if you want them done right. It's certainly possible for a higher-level language to expose the capabilities necessary to do things right. But if they don't, then it's a bad situation.
I never saw a C program with a remote file inclusion bug or a C code injection bug caused by an eval().
Pretty much all the errors caused by C fall into two buckets: reading an improper memory location and writing an improper memory location (including double-free'ing an invalid memory address).
As long as you can be certain to avoid those two conditions, C is just as safe as other languages. There are ways you can design your C programs, and rules you can follow which make it unlikely for you to include such errors.
For non-trivial programs, there are plenty of advantages of managing your own memory: which you cannot do in other languages such as Python or Java.
The other languages' use of garbage collection results in great space and runtime inefficiencies.
What's wrong with the OpenSSH code? Are you foolishly conflating OpenSSH and OpenSSL, and claiming that de Raadt is somehow responsible for OpenSSL?
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Isn't OS-X written in ObjectiveC - at least the parts that are not FreeBSD or XNU?
Because of supporting so many screwy platforms, they couldn't even rely on having malloc() work well. That means they had their own malloc implementation working from internal memory pools. Had they not, they would have benefited from the modern mmap() based implementations and you'd have got a segfault rather than a dump of the process memory.
At the very least they should have looked for a third-party one that's used at many other places (e.g., tcmalloc, jemalloc).
It's hard to be good at everything in the modern world: the OpenSSL folks should focus on security, and leverage the work of virtual memory experts where needed.
BSDs are estimated to be about 1.0% of all servers on the Internet (as of February 2014, sorry don't have current numbers), OpenBSD a portion of that, FreeBSD a bigger portion.
Hmm, how many folks are running Juniper? (They're running FreeBSD-based system.) Also: EMC Isilon and NetApp. Spectrum Logic? Who's running Force 10 (i.e., NetBSD)?
How many folks are running OpenSSH? How about using bcrypt?
If no one ends up using "OpenOpenSSL": oh well. But if the OpenBSD folks can fork OpenSSL (like they did with SSH) and turn it into another OpenSSH, then I say it's worth some encouragement.
> Since C++ is a superset of standard C
Bzzt, wrong. C++ and C are different languages. C support things that C++ does and vise versa. They do have a common heritage, which is why they are very similar.
While it might be nice to use a safe(r) language, can't we at least have a compile option in C that adds bounds checking?
Not really for the general case.
In a normal C compiler when a pointer is passed from one function to another, stored in a field of a structure, stored in a global variable etc no information about the start and end of the memory block it points to is stored/passed along with it.
In theory you could have a C compiler that used extended pointers which stored start and end information along with the pointer itself. In practice however such a C compiler would have several issues that would prevent it being widely used. Firstly it would be ABI incompatible with the standard C compiler, so you'd either have to build your whole OS and every app with this compiler or keep two paralell libraries sets. Secondly it would break assumptions that a lot of code makes about the size of pointers and their convertibility to/from intergers. Thirdly it would massively increase memory use.
There have been partial solutions for special cases which provide special versions of system functions that are commonly used in an unsafe manner then modify calls to those functions for the cases where the compiler does know the buffer size (e.g. because the buffer is a local variable) but they are far from a perfect fix.
.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
They didn't remove any current platforms, only obsolete ones, or code specific to some platform.
> It's a fork specifically for OpenBSD. Why would they keep support for other OSes?
I don't think it is an OpenBSD fork. It is a cleanup, the resulting library will be available on every current system, like, say OpenSSH.
I expect the upstream library to die, and everyone will use the OpenBSD version.
The problem is that it isn't clear from Theo's statement if they are dropping support just for old platforms, or if they are dropping Win32/64 and MacOS support as well.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
My tough guess here is something like valgrind would have helped. Yeah, even though you have the limits of true brk() allocation bundles, valgrind operates more at a byte level. Valgrind in this case would have been useless, because of the custom allocator code.
if you write code that requires a "caching" allocator so much that you break with normal malloc()/free(), you're doing something wrong. If you're doing it in high impact security code, you really should stop everything else and fix what you're doing wrong.
And thus another decade long slashdot argument turns out to be an elementary lexical oversight.
"Yes, Theo has a bad temper and is not filtering carefully enough what he says, but his heart is in the right place, and he's a fucking great leader. I don't mind one bit his bad temper, because it usually hits those that really deserve it. And on the other hand, he's one of the most effective open source leaders."
:)
That's called damning with faint praise
Seriously, just start over:
1. coherent API
2. modular code
3. discard obsolete / deprecated junk
4. profit!
People trusted OpenSSL because the FOSS community zealots have been implying for years that open source is always better than closed source. That itself is a trick. They're more forgiving because it isn't Microsoft. Even Google or Apple would've gotten a free pass.
When OpenBSD forked from NetBSD, they fixed many bugs, and fixes were backported in NetBSD. Fixing OpenSSL bugs will benefit everyone, if OpenSSL people are reasonable enough to tick the fixes.
You conveniently skipped Windows there.
I don't know the specifics of what was removed. Maybe it was only to support Windows 9x/ME, or NT 3.x or even Win16. But if it was needed for modern versions of Windows, then this is remotely about petty OS wars.
Banks don't use OpenSSL. They use FIPS certified alternatives. Look at the lists that have been produced of potentially compromised servers, and try to find a bank in there.
It's easy to make petty comments while others are busy doing the work.
OpenSSL folks have recently said they are maxed out. And they have security problems sitting in their bug tracker for YEARS. What is the point?
It's a fork. And it will be usable by any modern unix variant, not just OpenBSD
The stuff that is being cut out isn't just for "other platforms". It's absolutely fucking ancient, and in many cases, probably hasn't even been _compiled_ any time in the last decade.
Or about $900,000 less than OpenSSL receives in paid development work each year.
And if they were using a FIPS certified version of OpenSSL, they would still be compromised. FIPS means....nothing in this context.
Just because no bank was on the list does NOT mean that they were not vulnerable, just that they have too much to lose by admitting it.
OpenSSL is not FIPS certified. Most banks are using NSS, which is.
[Citation needed]
In my experience, this might be true if you start talking about performance. It becomes easy to create and discord oodles of objects on the heap unnecessarily or whatever.
But I don't find myself becoming less vigilant when I'm working in a more abstract language. I find myself thinking more about the problem and less about implementation details.
I'd argue that's bad too. (Some sample evidence: Linux kernel buffer overflow (2013). Linux KVM buffer overflow (2013). Remote Linux buffer overflow that could potentially lead to arbitrary code execution (2014). Integer overflow seemingly leading to buffer overflow in FreeBSD (2013). Windows 8 double free vulnerability (2014). etc.) There needs to be a small kernel of code that is in something very low-level, but honestly most of what is in current OS "kernels" (and I don't think that term applies to a piece of software with tens of millions of lines of code) doesn't have to be. Java isn't the right thing and maybe you don't even want something GC'd, but I also think C isn't either.
You could simply optimize it to use plain sockets without encryption (Since OpenSSL leaks your keys anyway). At least you won't have the illusion of security. Plus it will be much much faster and you wont have to play the revoke all your certificates game.
It can also send your private keys in microseconds. Fantastic!
Lets be honest here for a second. C code is hard to formally prove and verify. Also C is very verbose and error prone compared to most functional languages. Writing tons of hard to understand highly error prone code is much more serious an issue than keeping keys for a few more microseconds don't you think? I think that instead of making giant libraries that support everything and run very fast we should start with the goal of making simple and secure library that is designed especially to be easily verified. Seriously what is the point of having a crypto library with even a single critical flaw? It's highly likely that OpenSSL has many of these types of flaws. When we have something that works properly we can start thinking about making it fast without losing the security. I am afraid C is just another textbook example of premature optimization.
That was attempted. JavaOS was a disaster and finally discontinued in 2003.
Bounds checking? c++ supports that
...Let's divide up problems into "memory errors" and "logic errors", where we broadly interpret "memory errors" as "errors your language or runtime won't let you make."
...
Furthermore, because in C you have to spend time and effort making sure you're not susceptable to memory errors, that takes time and effort away from looking for other errors...
While I broadly agree with your argument, I have to point out that the heartbleed exploit was due to the OpenSSL devs forgoing the system's malloc implementation and rolling their own abstraction for performance reasons. In effect they bypassed the system's protection, so arguing that removing the need for manual memory management would make code safer (it would) is irrelevant to the heartbleed exploit.
In this instance, had they been using Java or similar, it is likely that they would have still rolled their own for performance reasons, thereby still bypassing the languages protections.
I'm a minority race. Save your vitriol for white people.
If your language runtime has a bug instead, it's much more likely to be a very indirect one, because now not only do you likely have to cause a specific behavior in the program itself, but that behavior has to trip up the runtime in a way that causes that bug to lead to something bad.
Yeah and? Has that stopped all the exploits of the Flash runtime and the Sun/Oracle JVM? Nope. In fact, those two are among the most exploited pieces of userspace software on the OS.
How the fuck can everyone misunderstand this? Every time this topic comes up, almost everyone fails to get it.
If you were writing programs in Flash or Java and those programs received data from the internet, those programs would be less exploitable because they were written in a high-level language. However, that's not what people usually do with Flash and Java. They use Flash and Java to run programs they've downloaded from the internet, which means they're left to the security of Flash and Java which are written in C.
Honestly, I don't know why I'm even trying. I'm 100% certain that everyone is going to entirely misunderstand what I've just said.
Look, people. Try to understand: These are two different concepts:
1. It's hard to exploit programs written in high-level languages like Flash and Java.
2. It's easy to exploit high-level language interpreters written in low-level languages like C.
I shall now prepare to be down-modded as a troll, as that seems to be the usual response to someone saying something that everyone else is so incapable of understanding that they assume they must simply be trying to cause an argument.
The tech press hasn't been overly forgiving, those paid to report on business and ms related tech have used this as a stick with which to beat open source and linux, ignoring the fact that the openness of the code isn't what caused the bug in the first place, it just happened not to make this particular bug a shallow one on this occasion. Scroll up and you'll see trolls harping on about myths of bug-free code because of open source practices, everyone with half a brain realises that such expectations are incredibly stupid, these myths are fabricated by those who are, even in this day and age, scared by free software.
That idea does not work: In practice most programmers always create the most complex code they can. Hence code comprehension complexity is solely dependent on programmer skill. The other thing why this idea is flawed is that a good coder encapsulates complexity so that you do not have to "track more objects" in some languages.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Most programmers these days are "small skill". I blame IDEs and languages that coddle them and let "small skill" people produce something resembling code without understanding what they are doing. http://blog.codinghorror.com/t... is an eye-opener.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Yes, but for them _anything_ is unsafe.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
You obviously have never reviewed security critical "closed" code. I have. It is routinely a lot worse than the open code, exactly because almost nobody looks at it.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
No. No it wasn't. The Heartbleed exploit was a classic buffer overread bug that would have been prevented by any language with bounds checking.
On OpenBSD only (for some definitions of only), this bug would have been rendered harder to exploit because of OpenBSD's hardened allocator. An additional problem was OpenSSL's custom allocator and their lack of testing with the system one. Had they not done that, it would have been much harder to exploit on OpenBSD -- but only OpenBSD would have been helped (again, for some definitions of only), and the root cause of the Heartbleed bug was still there.
No. No it wasn't. The Heartbleed exploit was a classic buffer overread bug that would have been prevented by any language with bounds checking.
[Any language with bounds-checking protection] that would likely have been bypassed by the dev-team due to performance reasons. Seriously, for performance reasons this dev-team bypassed malloc of all things; do you really want to assert that they wouldn't have bypassed a bounds-checker?
In my previous post I thought I made this bit clear; it was not that there was protection on some platforms, it was that they bypassed all platform allocators in favour of their own. That's the bug right there. Everything else, like overruns, overreading, etc is a result of that decision. I cannot believe that, with a different language, they would have made a different decision
I'm a minority race. Save your vitriol for white people.
Frama-C found it.
The caching allocator was irrelevant to the heartbleed bug.
Support my political activism on Patreon.
Somebody has to write the back-end code; and you're arguing on one side that poor programmers will fuck up anyway, and on the other side that good programmers will fight the language paradigm (and make some jumble of weird shit like C++ std.cout operator overloading "to reduce complexity" so nobody can read and understand their code).
Support my political activism on Patreon.
You're an idiot.
Not with memcpy you can't.
How would they have bypassed the bounds-checker? About the only way would have been to say int[] all_my_programs_data = new int[1000000000] and then write an interpreter for their own language that uses that array as its data store!
Let's take the example from XKCD: "HAT (500 letters)". To read past the end of the "HAT", they would have had to manually copy that string to some communal store, like all_my_programs_data, and then read past the end. Aside from completely ignoring the language runtime and implementing your own on top, in a language with enforced bounds checking you would not have been able to read past the end of "HAT"!
I've only clicked on your reply a couple minutes ago, but aside from "change the language runtime to no longer enforce bounds checks", I literally cannot think of any other way you would bypass a language's bounds checks.
No it isn't! It's almost entirely orthogonal!
The OpenBSD malloc that they bypassed makes exploits of already compromised programs harder; that's why Theo refers to "exploit mitigation". If OpenSSL didn't have the overread to begin with, the fact that they replaced malloc would be a questionable decision but wouldn't have led to any exploit. And even with a hardened allocator (or most hardened allocators, anyway), the exploit is still there, it's just much harder to get anywhere near as much confidential information.
That's the only way that they aren't orthogonal: the two mistakes reinforce each other on OpenBSD. In all other respects, they are completely independent.
That's why he said forking in-house.
Where is reading comprehension hiding these days?
So parent post was hiddin in the filter. Saw GP and Yours. Just wanted to apologize for being abrasive. I'm the ass.
I'd be curious to know how Rust and D stack up, efficiency-wise.
But you have the experience with, and therefore the understand of, the issues. You wouldn't have that if you started with a "safer" language and stayed there, as would be the case if everybody "just used safer languages"..
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Switch OpenBSD from the BSD license to GNU GPL v3. Make BSD licensing for donors only, with - of course - a restrictive clause that you can only use BSD licensing if you've donated. I'll admit it's an on-your-honor system, but it will scare most corporations.
GNU GPL v3 is free-enough for most people, and those who need free-er terms can pony up.
I'm perfectly cool with dropping MacOS support. If they make it not work on MacOSX, I'll be annoyed. There's a difference there, although it may not be obvious.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
If you are certain to avoid memory management problems in C, you're not using much of the memory facilities. It's really easy to get memory management wrong in C.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Unless the language is portable to all platforms it's useless for a portable library. And none of those "safe" langauges are portable as C.
C++ is safer than C, and just as fast.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
The closest thing I know is to write in C++, use library containers instead of arrays, and use the bounds-checked calls. There is no frickin' way you're going to make raw pointers safe and bounds-checked in general. I suspect it's equivalent to the Halting Problem, but haven't done the work to check. The only possible approach is to have a strict discipline, which is much easier to do in C++.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
With higher-level languages, you can make language constructs that enforce things like that. If you have a set of rules about locking memory pages and zeroing out data, you're going to miss something sometime. If you have a language construct that does it, you won't miss things. If you have to write your own, you'll be able to test it and prove correctness once, and guarantee not making those mistakes 238 times.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Dropping support for these platforms means getting rid of a lot of files/code/ifs/etc. Less code is easier to review. Better reviewed code has more chances of bugs being caught in time.
Looking at the diffs in tech@, is seems they're dropping DOS, WIN16 and WIN32. I've no idea if there was any WIN64 specific code, but yes, it seem's windows in general is being stripped.
yes we can, they are both projects of The OpenBSD Project:
http://en.wikipedia.org/wiki/O...
I don't see that as damning at all. I see that as a great leader.
Are you even aware of the article you are reading? OpenBSD is forking OpenSSL and calling it LibreSSL.
OpenBSD is responsible for LibreSSL. Which will be in base for OpenBSD 5.6
Are you even aware of the post I was responding to? (Hint: the answer is clearly no. I suggest reading up before shooting off).
Assertion from post I replied to: "Theo has ultimate responsibility for everything that happens with OpenSSL, including Heartbleed"
Response from my post: "OpenBSD has nothing to do with OpenSSL, and [Theo] de Raadt has no responsibility for whatever happens with the OpenSSL base tree"
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".