Slashdot Mirror
OpenSSL Cleanup: Hundreds of Commits In a Week
New submitter CrAlt (3208) writes with this news snipped from BSD news stalwart undeadly.org: "After the news of heartbleed broke early last week, the OpenBSD team dove in and started axing it up into shape. Leading this effort are Ted Unangst (tedu@) and Miod Vallat (miod@), who are head-to-head on a pure commit count basis with both having around 50 commits in this part of the tree in the week since Ted's first commit in this area. They are followed closely by Joel Sing (jsing@) who is systematically going through every nook and cranny and applying some basic KNF. Next in line are Theo de Raadt (deraadt@) and Bob Beck (beck@) who've been both doing a lot of cleanup, ripping out weird layers of abstraction for standard system or library calls. ... All combined, there've been over 250 commits cleaning up OpenSSL. In one week.'"
You can check out the stats, in progress.
Well, I would think that this is mostly to do with publicity. Once someone calls your software into question in a very public light, you will be more willing to go through your project with a fine toothed comb and clean up all that old cruft you've been meaning to clear out.
This is not a sign of inherent insecurity, but one of obvious house cleaning.
"Freedom in the USA is not the ability to do what you want. It is the ability to stop others from doing what THEY want"
Are they sure the weird code isn't meant to fix weird bugs?
Who's been reviewing these 250 commits for even more bugs?
Lotta work,good reason, good job guys.
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
Thanks editors.
KNF - Kernel Normal Form
Because "over 250 commits" in a week by a third party to a mature security product suggests either a superhuman level of understanding or that they're going to miss a lot of the implications of their changes.
From what I understood earlier, this will be a fork of the official OpenSSL release, or will all these patches be incorporated in "generic" OpenSSL and not just the OpenBSD implementation?
I was promised a flying car. Where is my flying car?
Right now, I think the team is mostly focused on having "something usable" in OpenBSD and I doubt they care too much about anything else outside their scope.
Having said that - forking OpenSSL to something usable and burning the remains with fire is a great idea, however there is considerable risk that the rush will cause new bugs - even though right now those commits have been mostly pulling out old crap.
Fixing the beast is going to take a long while and several things will need to happen:
- Upstream hurry to put more crap into the RFC needs to cease for a while. We don't need more features at the moment, we need stability and security.
- Funding. The project needs to be funded somehow. I think a model similar to Linux Foundation might work - as long as they find a suitable project leads. But major players need to agree on this - and that's easier said than done (who will even pull them to the table?)
- Project team. Together with funding, we need a stable project team. Writing good crypto code in C, is bloody hard, so the team needs to be on the ball - all the time. And the modus operandi should be "refuse features, increase quality". Requires a strong Project Lead.
- Patience.. fixing it is a long process, so you can't go into it hastily. You need to start somewhere (and here I applaud the OpenBSD team), but to get it done, assuming that above is in place - expect 1-3 years of effort.
I do not care if there are 50 or 250 or 5000 commits. I want 1 that makes it secure. If anything, these commits will open a new insecurity, because they are so numerous.
And if there are that many, would a new start not be better?
Don't fight for your country, if your country does not fight for you.
This must be one of the most ridiculous Slashdot stories ever!
Most of these commits are coding style "fixes": Example.
Just again proof that these OpenBSD guys are nothing but a bunch of bigmouths. Incidently, the bug in OpenSSH ca. 10 years ago was the only time a machine of mine goot rooted.
Without looking at the code or the commits, I'm guessing that one man's weird layers of abstraction are another man's portability requirements...
The article doesn't make it completely clear that this doesn't have much to do with the fixing problems in OpenSSL.
Commits to the true OpenSSL source can be seen through the web interface at https://github.com/openssl/ope.... What the article is talking about is tidying up the version that is built in to OpenBSD. Not that that isn't worthwhile work, but it's unlikely to fix many hidden problems in OpenSSL itself, unless the OpenBSD devs find something and hand it back to the upstream.
OpenSSL is on the list of projects scanned by Coverity.
I wonder why exactly Coverity did not catch the heartbleed bug. Most likely, the scan wasn't set up to deal with OpenSSL's use of it's own internal heap management routines. That's something that I would have thought should be fixed right away.
For a handful of developers to just "run through the code" and fix everything that easily? And do it quickly, without introducing other bugs?
I am not a developer, but I can remember writing software whether for BASIC, Pascal or Perl and going back to fix or extend something and seeing stuff and saying "Why did I do it that way?" and making changes that I'm not honestly sure were "improvements" except for they seemed like improvements at the time even though they may have created new bugs.
I don't know anything about the internals of OpenSSL so maybe it is that easy, but it makes me wonder why it hasn't been done before. But I suspect it is complex and having a lot of people committing changes all at once seems like it runs the risk of working a cross-purposes without a lot of coordination (which, maybe they have).
...but throw accusations and insults about monkeys and too hard focus on security - while still being happy someone else is doing the good work.
Code fixes are all fine and well but where the real thought needs to be going is how to verify these protocols. The basic problem with security is that "working" doesn't mean "secure". Most people focus on testing for "working" and given the bugs that have shown up in OpenSSL and its cousin in the last month or so, the problem is not that they don't work (that is, interoperate and transmit data) but that they have corner cases and API holes that are major security concerns. Some real thought needs to be put into the testing of secure systems and how to verify that they not only "work" but are actually secure.
If Apple has taught us anything, it's that bad coding style can cause a lot of problems. Clean up your desk before you work buddy.
I'm going to ignore the comment about the bug in OpenSSH because you obviously weren't running it on OpenBSD; but rather one of the distro-maintained packages that are so souped up in "patches".
What's the tag for the NSA guy charged with putting holes back in? I'd like to follow how he's doing it.
Seriously, it took 2 years to find the big one after it was committed. How much vetting have each of these 250 commits undergone? Who's watching the watchers?
"National Security is the chief cause of national insecurity." - Celine's First Law
A Tumblr site popped up a few days ago called OpenSSL Valhalla Rampage. The blogger there is going through all the commits and posting the juicy funny comments there. This includes killing... and rekilling... VMS support (which reminds me of Maxim 37: there is no such thing as overkill...), stripping out now-stupid abstractions and optimizations of the unoptimizables, and more.
--
# Canmephians for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.net";
were introduced with all these commits?
which one of the patches is the new NSA subversion?
Snowden and Manning are heroes.
just a simple thank you to all the coders out there who donate of their skills and time to produce this and other very important software, for free folks! Thank You for making the world a better place
It's not good that there is this much that can and should be changed.
It's not good that a fundamental project like this seems to not have had this kind of code audit before.
It's not good that the massive rush to update has likely resulted in a 'new' version being widely deployed with bugs (see above).
It's not good that security testing clearly hasn't been done before, and now there is a lot of churn... which will need to be tested also.
It's not good that people will say the above falsifies one of the fundamental arguments for OpenSource.
It's not good that the newly deployed versions have the bugs Theo and team are fixing, and the commits point at the bugs like a bullseye.
Of course, if it wasn't open, it could not be fixed. That doesn't excuse the state it is in. Massive Fail.
how after the event of Heartbleed the open-source community actually give a damn about contributing to their favourite OSS project is when the realization hits home that what they got for free, put nothing into, and take everything away from may not be foolproof in the immediate short-term - then, they suddenly start to care about the projects.
Why can't there be actions like this every day for all projects, the "I'll fix it when it finally breaks" attitude is damaging and does about as much good as companies like Microsoft. A real shame this only happens when something happens which might take their free lunch away from them.
Maybe I'm too old now to be current, but wtf is up will all the @ signs? I.e. beck@, etc? Is it the first part of their email address? If so, why do we need their email addresses in the article?
Seriously, could they screw the pooch any harder than they are right now?
Hundreds of commits, after just *DAYS* of testing? I've never seen a faster or more reckless release cycle for code changes, ever.
This just tells me they are putting in hundreds of basically untested code changes, which is what got us into this mess in the first place.
OpenSSL is dead to me now.
Quantity doesn't equal quality
I've been on this planet for four decades and I've never heard this idiom before.
It is most annoying trying to hunt bugs while wading thru massive diffs caused by formatting changes.
Deal with that later.
I am very small, utmostly microscopic.
I'd feel better if this was an article about the rigorous testing regime being applied to OpenSSL...
See also:
So far as all the "won't this introduce more bugs than it fixes" comments go, this is a recurring argument I have at work. I am of the "clean as you go", "refactor now" school.
Everyone else says "If it works don't fix it"(IIWDFI), "don't rock the boat" etc.
Heartbleed is what happens when the IIWDFI attitude wins. Bugs lurk under layers of cruft, simple changes become nightmares of wading through a lava flow of wrappers around hacks around bodges.
Whenever anyone says IIWDFI, remind them that testing can only find a small proportion of possible bugs, so if you can't see whether it has bugs or not by reading the code, then no matter how many test cases it passes, it DOESN'T WORK.
"Coverity used to, and perhaps still do, run scans of OpenSSL, which we
had (have?) access to. I used to look at them and fix relevant ones,
but got irritated with the false positive level in the end.
If Coverity were interested in fixing their bugs, I might get
interested in looking at their reports again.[1]"
Having used Coverity in a commercial setting, he's absolutely incorrrect: Coverity flags *icredibly subte* problems, which you may have to think about for a while before you figure out why the construct is FUBAR. The false positive rate is incredibly low. I mean, astonishingly low, really.
[1]http://openssl.6102.n7.nabble.com/Coverity-coverage-of-OpenSSL-td42651.html
With all the other tripe on this thread, I thought it necessary to say this loud and clear:
Hey OpenSSL Contributors - thanks for your hard work on OpenSSL, and thanks for the hard work under this spotlight cleaning this up.
Any serious software engineer with a career behind them has worked on projects with great source code, bad source code, and everything in between. It sounds like OpenSSL is a typical project with tons of legacy code where dealing with legacy is lower priority than dealing with the future. Subtracting out all the ideological debate and conspiracy theories, please realize there are plenty of 'less noisy' people out there who appreciate everything you're doing. And even more who would appreciate it if they understood the situation.
Its now time for companies who depend on OpenSSL (and other projects) to realize that Open Source software can lower their development costs, but some of that savings needs to be put back into the process or we will all suffer from "the tragedy of the Commons".
Our modern malady is to look at methods, not histories.
Great software comes from great leadership and good-to-great talent. But mostly, it involves someone having a good idea and following it through.
Sometimes, that's a single programmer (Bill Atkinson). Most commonly, it's a group that needs a leader.
The quality of that leader then determines the quality of the product. But both industry and open source find this idea terrifying.
Industry would prefer to avoid this and promote exchangeable, replaceable cogs to the position of program/project manager. These people tend to be aggressive and thoughtless and produce gunk software.
Open source would prefer to avoid it because the big secret in open source is that people do what they want to do, not what needs doing. This is why products usually have the "fun, interesting parts" done but lag behind in the stuff no one finds thrilling, including finishing the boring parts of the code, debugging, documentation, etc.
Leadership is essential. The difference is that in open source, you can't fire people, so you can't tell them what to do.
Futurist Traditionalism
Whatever they do to OpenSSL, please don't leave it to one or a few people. Doesn't make much sense to me, to trust just a few people, if it is supposed to be open source.
> Will the fork get a new name? OpenerSSL?
"WHO CARES!
This is not about a fancy name.
This is about realizing belatedly that code we thought of good quality was not even decent, and ended up becoming too complex and unmaintainable.
So now we are hurrying to remove everything in the way of exposing the concrete guts of the code, fixing the bad practices inherited from the way we were doing security 15+ years ago, and making sure we do not break basic functionality in the process.
We have a good six weeks of work ahead of thus, simply doing this.
Then will come a second time, when we can add the few features we deem desirable, and work on spotting and fixing bugs. Then we'll need to concentrate on getting a new OpenBSD release out of the door.
Only after that, and if the above work succeeds, will we be able to consider making standalone releases of this new OpenSSL flavour, and consider working on a portable version for the other Unix-like operating systems out there.
We don't need a name for this right now.
We don't need a name for this in two weeks from now.
We don't need a name for this in two months from now."
This type of attitude is why I respect the OpenBSD team.
http://undeadly.org/cgi?action=article&sid=20140418063443&pid=3
Open source should not imply free programmers. OpenSSL can start at $40 per hour. Please volunteer to pay them.
It's of course never going to happen but, why not ditch it completely and start anew with two goals:
1) Make sure that the internal coding is consistent and clean. OpenSSL is the most horrible code I have ever seen, other than intentionally obfuscated code.
2) Come up with a simpler API. The OpenSSL API for SSL/TLS unnecessarily exposes way too many aspects of the SSL/TLS protocols to the application programmer. Also, unify the APIs to access cryptographic services. There are way too many of them, mutually incompatible.
This is of course never going to happen, because of the many applications already developed for OpenSSL out there. But it is lamentable that the bulk of the security infrastructure of the Internet depends on this piece of crap that is OpenSSL.
That won't introduce any new bugs, nosiree, Bob.
Now do the same to all the other important components of the OSS server software stack.
and the nsa secretly.. gets to put new code in.
and the nsa secretly gets.... to put new code in..
and the nsa..... secretly gets to put new code in...
and... the nsa secretly gets to put new code in
A previous "fix" of OpenSSL left it more insecure than it was. Just be sure to understand what you are modifying, and why even an "obvious" error was appropiate there. I suppose that also xkcd is relevant here too.
Not OpenVMS, VMS. The hacks aren't even needed on OpenVMS. I'm sure it's no longer true but OpenVMS used to have better POSIX compliance than linux.
Pet peeve of mine when developers make style change thinking they are accomplishing anything worthwhile. By quantity most changes are BS to scratch itch of obsessive compulsives.
Others such as removal of jems like:
Could be seen as progress except to accomplish it look at all extra code, memory allocation and new exception checks required to pull it off. The new code in aggregate not much better and no less complex.
Then in the same commit they just invoke asprintf as if it is no big deal with no attempt to provide compatibility for number of target platforms lacking it. This code won't even compile here anymore.
This commit is really amusing is a8d4234ebc7fd70a8e5cf34da650a6a1f89f4568
You can't make this shit up... description "ReadFile() and GetStdHandle() are not very POSIX."
These functions were ONLY used for win32 targets.
Their solution was to use read and write which won't even compile on win32...so the only target platform where those functions would ever be used is now broken....because why?
More totally unnecessary breakage of code for platforms they simply don't care about.
And this "OPENSSL_gmtime() is really just gmtime_r(); ok guenther"
More wholly unnecessary and useless breakage of platforms the committer personally does not care about. See crypto/o_time.c
Hubris in comments speak for themselves:
"remove FIPS mode support. people who require FIPS can buy something that
meets their needs, but dumping it in here only penalizes the rest of us."
Cuz not setting OPENSSL_FIPS macros is simply not enough for an obsessive compulsive.
At this point I'm done...there is no serious attempt to make OpenSSL more secure only nitpicking things you personally either don't understand or don't like.
They really aren't changing too much, they are just getting rid of crap ternary operations replacing:
result = a > b ? x : y;
with
if(a>b){
result=x;
}
else{
result=y;
}
It uses up a bit more room when you are reading it (but exactly the same amount of space both on disk and in memory and runs just as fast), but is wildly more readable, especially if you are doing more than just checking to see if value a is larger than value b. There is also dead code, many stale (old / obsolete / depricated) functions, long unfixed bugs, poor style (no indentation, poor naming conventions, weird unnecessary pointer arithmetic, unnecessary obfuscation where none would be better, functions repeated, and in general kruft. I realise that 370,000 lines of code is a lot to wade through, but they have described their work as 'carpet bombing the code' before going in and doing more subtle changes. So far its mostly housekeeping (and there is a *lot* that needs to be done, but given a few more weeks, I see it getting a thorough overhaul and more substantial cleanups). 250 commits on 370,000 lines of code might not sound like a lot, but some commits can affect 50 or more lines of code at a whack, especially if its housekeeping.
This whole thing is a non-sequitur. I am speaking of the methods required to make quality software, which involves leadership and the talent (to a degree) of the people involved. It was not a jeremiad against open source software or closed source software; it's an observation about the need they have in common for strong, clear leadership.
Futurist Traditionalism
Not trying to contradict your point, but I think this is where the need for leadership comes in: choosing what gets done and who does it. If open source could allocate its resources more efficiently, it could do a lot better.
This, by the way, is the exact same problem found in closed-source for-pay software projects. If leadership is sloppy, everyone does what they're comfortable doing, which is usually reinventing wheels and making the "fun" parts of the code work while the other parts are wobbly.
Can you expand on this?
Futurist Traditionalism
That, and that originally Linux had a semi-fascist leader in Linus Torvalds.
Having corporate pressure on Open Source has generally seemed to improve it, but there are other projects into which money was dumped and results were less than inspiring.
Take OpenOffice. If it were a workable piece of software, it would have dominated offices across the world already. And yet...
Futurist Traditionalism
Great Leaders of the North Korean type come about because the people are so afraid of centralized power and capitalism that they support ideologues who promise equality and deliver instead Total Control.
Futurist Traditionalism
Didn't that make a mockery of all the "many eyes" arguments oft touted in favor of Open Source?
Nope. Once the bug was noticed it was fixed very quickly: i.e. it was a shallow bug. If you think than phrase means OSS is bug free, you have misunderstood it.
The quote is often misunderstood, its hyperbole. It illustrates a point nicely but in reality few users are developers and few developers are qualified readers.
More importantly the bug was not discovered by eyeballs on source code. The techniques used seem to be the same applied to proprietary closed source code. They were testing the binary.
"“We developed a product called Safeguard, which automatically tests things like encryption and authentication,” Chartier said. “We started testing the product on our own infrastructure, which uses Open SSL. And that’s how we found the bug.”"
http://readwrite.com/2014/04/1...
hearbeats just exposed their faulty malloc replacement.
Heartbleed had nothing to do with their malloc replacement (at least not directly [*] ).
Heartbleed is just a very basic case of missing nested bound checking. (They check bounds for the heartbeat request it self, but fail to check is the super structure containing the hearthbeet - i.e.: the packet - passes the bound checks too. XKCD's explanation is actually spot-on: it's more or less equivalent to forgetting to check if the requested number of caracter doesn't exceed the size of the speachbubble).
This is not caused, by memory allocation system. This is caused by several factor, among which the fact that heartbeat are a very stupid design to begin with.
(Reasons:
- there are already other better way to keep a connection alive
- totally free payload and payload-size are a bad idea (why not simply use a fixed size 32 or 64 bits ID) ?
- specifying the payload's size is stupid, because there's already a size limit: the packet itself. Now instead there are 2 sizes to check and such redundant work often leads to errors as it happened with heartbleed)
But TLS/SSL are very convoluted, to the point that someone might ask if these standards aren't designed on purpose so someone could fuck them up. It's almost a long series of "exploit-bait" engineered into standards.
---
[*] : instead of concentrating on replacing malloc, they could concentrate on replacing another part, namely designing buffer-types that contain buffer-size and are automatically bound-checked.
So heartbleed has something to do with their in-house memory management, in that they lost the opportunity to bake automatic bound checking into their custom memory manager.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
What annoys me is that - with all due respect - the companies which embed openssl in their products could have done a review of the code for quality.
According to TFA (or even the summary), that's actually the whole point of this:
OpenSSL is currently an over complicated tangled ball of mess (though in small part this is due to the contrived SSL standard itself).
Doing code reviews on this kind of monster would be really difficult, even for a wiling company.
The point of this mass commits is to make openssl much simplier, by stripping out useless/corner case/deprecated code, and produce something whose code review could finally be within the reach of non cybernetically-augmented human being.
these 250 commits are only phase 1 of the project. phase 2 is actually doing the code review itself.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
SSL/TLS is one of the things I don't care about speed on.
TLS library maintainers not caring about speed is part of what leads web site operators to use HTTPS for login and payment pages and redirect all other hits to HTTP.<cough>Slashdot</cough> This leaves the session cookie wide open for anyone to clone with tools like Firesheep.
If they go straight, they'd call their fork OpenOpenSSL. :-)
they either do it, or they leave. Isn't that how working for a company works?
Having sent in a few patches for openssl (missing sanity checks, unsafe constructs, and the like) and receiving no response from the people who maintain it, I'd say more power to the OpenBSD people who want to fix stuff, rather than letting it sit there. :)
You can also track the changes in a somewhat friendlier format using FreshBSD. Full commit messages (up to a point) upfront, more useful Atom feed, breakdown by committer etc.
Counting success by number of commits and pitting programmers against each other in a race to make as many changes to the code as possible in the shortest space of time: what could possibly go wrong?
I think this code, like network drivers, is probably super nuanced, super critical to many systems, and all changes should be small and managed with extreme bureaucracy. This refactoring makes me nervous..
This is NOT OpenSSL they are working on, this is a private fork of OpenSSL that is intended for OpenBSD only.
They are taking big hatchets to interoperability code to simplify it, with the sole intent of targeting it at OpenBSD.
This is the walled garden approach to improving the software, only OpenBSD will have the *new* OpenSSL and it will be a non-compatible fork of the old OpenSSL.
I understand their personal motivations, but everyone has to understand that this does not make the OpenSSL ecosystem safer, it only makes the OpenBSD specific port of OpenSSL safer. The rest of the world will still be subject to any vulnerabilities and shortcomings in the code, because they are not intent on contributing this code back to OpenSSL.
That said, someone will have to further backport these changes into the baseline OpenSSL, eliminating all of the commits that remove interoperability.
a platform didn't have unistd back then
Windows without Cygwin still lacked unistd.h last time I checked.
Reading their comments makes me want to install OpenBSD for more of my machines down the road. These guys seem to be thinking the right way about things.
Say I need to administer a server from home, from the home of a relative that I visit every other weekend, occasionally from public Wi-Fi in a restaurant or library, and rarely from public Wi-Fi in a hotel in another state. Other than opening the server's SSH or HTTPS administration port to the Internet, what other method would you recommend for me to log in and do work from all of those places?
| Leadership is essential. The difference is that in open source, you can't fire people, so you can't tell them what to do.
Open source doesn't have to be unpaid. Though often it is.
While you're absolutely correct, let's face it: OpenSSL should never have been focused on speed or even being feature-packed. If the OpenSSL contributors and maintainers had been more security conscious in the first place, this may have never happened.
Sure, all software has bugs; we humans aren't perfect as programmers or as cryptographers. What we should never do is use that as an excuse when it comes to light after decades of sloppy coding.
It's in the OpenBSD team's hands now. Personally, I'd be thrilled if OpenBSD's fork became the de facto standard of SSL libraries simply because I know it'd be an order of magnitude more trustworthy than the crufty monolith I've had to deal with in the past.
It's like Twitter, only backward, in the same sense that BASIC string variables are like shell, Perl, or PHP variables, only backward.
The OpenSSL code was probably written back in the Win9x days when you really did need to do things completely different on Windows. Now that the industry-standard functions are supported
I was under the impression that fork() was still broken outside Cygwin.
They use OpenCVS. Shit's tight, yo.
doing it in reverse isn't a problem.
Yeah, my wife is like that, too.
We'll see if they can get the original OpenSSL project leaders to accept their changes, or whether they'll end up with their own fork of the project.
And while OpenSSL isn't an OpenBSD project (unlike OpenSSH), it's a tool that OpenBSD uses.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
SSL has two parts that take a lot of time - key exchange using public-key technology, which just depends on the number of connections, and data encryption, which takes time proportional to the amount of data encrypted. Until the last few years, the key exchange time dominated, because public-key operations are slow and most use of SSL was for encrypting passwords, credit card numbers, or other very small chunks of data. It was pulling teeth to get a lot of sites to use SSL at all (though the whole Certificate Authority system is a lot to blame for that), and it was pulling teeth to get a lot of sites to encrypt more than just your login and credit card data (such as the whole page that asks for your login.)
Do you think speed doesn't matter any more, now that lots of sites are running with the CPU relatively idle? How many SSL connections do you use where the server has bothered to turn on PFS, the Perfect Forward Secrecy stuff that does a one-time Diffie-Hellman exchange? (Appallingly few.) How many sites do you connect to that are using 2048-bit public-key or longer? (Some, but hardly most.) It's still about performance.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
So? Apple was smart enough to move off of OpenSSL and started telling developers to do so in 2007. iOS doesn't support it. Apple's new frameworks are the reason OS X and iOS are not susceptible to this, unless someone intentionally installs OpenSSL from Ports or other 3rd party add-ons which applications installed require using it. I'm thinking FreeBSD will be modeling OS X's solution sooner, rather than later.
While you are correct (for now), you're not thinking far enough ahead. I reckon a year or two down the road there will be a portable version of this library just like what happened with OpenSSH when they forked SSH for themselves. ie OpenBSD becomes the new upstream for libssl rather than the existing OpenSSL team.
There is a reasonable chance the portable version of the fork could eventually end up taking over from OpenSSL by default on the other BSDs and some Linux distros.
Do you know how many of the interop code paths are untested, totally irrelevant on any modern system, and probably broken? Do you understand that when the OpenBSD developers review, clean up, and change the surrounding code, the ifdeffed code parts that cannot be tested on OpenBSD will detoriate further and break even more than they are broken already? Do you know that there is a better way to port software to crappy OSen than making critical sections a ghastly jungle of #ifdef? That code really needed to go. It would only get in the way otherwise. Once the code base is cleaned up, it shouldn't be too difficult to take it make a -portable version to run it on other OSes. Believe it or not, they do not need or have that many nonportable OS-specific things in crypto code. At least one bug discovered on OpenBSD (after heartbleed) has already made it to other systems with OpenSSL. So quit spreading bullshit about the OpenSSL ecosystem not becoming any safer.
Let's let TOM speak shall we:
"I'm having great conversations on this site with one of my alias accounts" - by Tom (822) on Monday April 07, 2014 @02:29PM (#46686259) Homepage
FROM -> http://slashdot.org/comments.p...
APK
P.S.=> Tom *tried* to libel me & failed after I destroyed him in a technical debate on hosts files... result?
Tom ended up "eating his words" here http://slashdot.org/comments.p... spiced with "the bitter taste of SELF-defeat" + HIS FOOT IN HIS MOUTH
... apk
Wow the talk is way different than if this was a Microsoft error. It's like a whole different world.
They should rewrite it from scratch, 'fixing' crappy code is never a good idea.
I completely disagree, are you only motived by other people? "otherwise people won't have any reason to try, because the penalty for failure is barely noticeable." How 'bout instead, I do things and do them well because I care to bother doing them - if you're going to do something, do it right, but realize mistakes will happen. Being interested and applied to a task can, and probably should be fully self motivated for the best results. I don't need people yelling at me because I missed their mark.
Linus Torvalds said the OpenBSD developers were "m*sturbating monkeys" because their primary focus is security and safe code.
"...And how many bugs and vulnerabilities will they put in with such high volume of commits in such short time?.."
I take it that "khchung" is not a supporter of Linux then. In Linux the devs focus on rewriting large parts all the time, adding new features as fast as possible. The Linux code is replaced all the time with new code, very high turnover. Linus Torvalds said that "Linux has no design, and will never have one. Linux evolves like nature who tries out different designs all the time, and ultimately evolved humans. This is superior to design". This leads to new code in Linux all the time, as everything is rewritten all the time. And new code is buggy. This is the reason Linux v4.0 will have no features added, instead it will be bug fix release.
On the other hand, BSD developers focus on stability and design and clean code. BSD might now have the newest feature, but the code is mature and stable. And audited all the time. With high code turnover, there is no point of proper audit, because as soon you have audited, that part is rewritten.
Yup, that is indeed what's missing inside something like openssl.
Throw in a secure compare in way that doesn't cause confusion (i.e.: avoid's openssl's CRYPTO_memcmp vs OPENSSL_memcmp. If you really need the later, call it something unambiguous like "leaky_memcmp"), and bound checked substring copy, and you have basically covered all needs of a crypto library.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Okay perhaps I've misinterpreted the initial state.
I've understood it as "Heartbleed is an exemple of bug provoked by their malloc replacement"
(which is wrong. heartbleed is caused by a buffer overrun in an unchecked pointer manipulation. malloc isn't the cause).
Not as "the investigation of the heartbleed bug has showed that their malloc replacement is bad"
(which is indeed correct: their malloc replacement prevents using secure feature that would be able to detect problems like heartbleed. In "openssl valhalla rampage"'s own terms they have "exploit mitigiation"-mitigiations.)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Not fixing things fast enough, kids: http://pastebin.com/qPxR9BRv