Slashdot Mirror
Google Forks OpenSSL, Announces BoringSSL
An anonymous reader writes Two months after OpenBSD's LibReSSL was announced, Adam Langley introduces Google's own fork of OpenSSL, called BoringSSL. "[As] Android, Chrome and other products have started to need some subset of these [OpenSSL] patches, things have grown very complex. The effort involved in keeping all these patches (and there are more than 70 at the moment) straight across multiple code bases is getting to be too much. So we're switching models to one where we import changes from OpenSSL rather than rebasing on top of them. The result of that will start to appear in the Chromium repository soon and, over time, we hope to use it in Android and internally too." First reactions are generally positive. Theo de Raadt comments, "Choice is good!!."
Just what I needed this Saturday, the announcement of yet another implementation of SSL by people I do not to trust
oh joy, oh rapture, etc. etc. etc.
A huge part of the problem with OpenSSL is the attitude that anyone but the "Anointed Few" are discouraged from getting involved with security research or the development of cryptographic software.
I know we're all familiar with the common saying, "Never roll your own crypto!" It's this attitude that drives good people away from even just analysing existing crypto code. Nobody wants to feel the unrelenting wrath of the security community toward outsiders, especially if you happen to find a flaw with something they created.
How will Google avoid this aspect of the problem? Fixing the software bugs are one thing, but the bugs within the community itself are probably far harder to fix.
I was about to write a witty reply to your comment, however the result would not have been interesting, tedious to read, dull, monotonous, repetitive, unrelieved, unvaried, unimaginative, uneventful, characterless, featureless, colorless, lifeless, insipid, uninteresting, unexciting, uninspiring, unstimulating, uninvolving, unreadable, unwatchable, jejune, flat, bland, dry, stale, tired, banal, lackluster, stodgy, vapid, monochrome, dreary, humdrum, mundane, mind-numbing, wearisome, tiring, tiresome, irksome, trying, frustrating, informaldeadly, ho-hum, dullsville, dull as dishwater, plain-vanilla and as boring as a one-man play.
Get free satoshi (Bitcoin) and Dogecoins
Google forking OpenSSL into their own brand of NSA friendly, privacy snooping SSL. Why not just help the OpenSSL folks strengthen an already great product and assist in regression testing and validation as well? No grow your own and fragment the community you say?
Harrison's Postulate - "For every action there is an equal and opposite criticism"
BoringSSL is a great name and directly addresses what got OpenSSL into trouble most recently, implementing a new protocol parameter based on a student's idea for a degree thesis. Innovation for innovation's sake, that was. Hurriedly applied for some reason.
And it's not something a website would "use," if you mean a high level protocol akin to "https." It's a library to implement common standards.
Bugs weren't missed in mainline openSSL. Bugs were logged, sat around for years, and didn't get fixed.
The project management and software engineering practices for openSSL were/are simply not acceptable.
The code is salvageable. The people and processes that allowed the code to get that way are not.
"This code under new management"
My opinions are my own, and do not necessarily represent those of my employer.
Google makes a lot of money on your data. They mine the crap out of your email. Their CEO has said privacy online is silly since if you've done nothing wrong you have nothing to hide. Summed up: they're indifferent to your sense of privacy. But trust Google to protect it's own interests. It wants to control access to this data. They'll be happy to comply with government requests for data, but on their own terms, and not by willfully subverting the security itself and leaving the door wide open. Being the doorkeeper makes them powerful. Being a doormat is not in their interest.
Compare email (you can choose your provider, but regardless, you can email anyone) vs. social networking (if you choose Facebook and your friend is the one person on Google+, you're out of luck)
That's one of the reasons why I have email, jabber, and sms (and webrtc), but no social network.
For those having a hard time understanding the naming convention,
Boring: Not flashy, not exciting, not experimental, not sexy. Performs as expected.
In other words, exactly how I want my security libraries, my databases, and the other critical infrastructure that runs the planet to be described as. Boring is good. A choice between boring Plain Jane and Simple Sally? Even better. Thank you.
they call it BoringSSL because it contains a backdoor tunneling protocol.
First reactions are generally positive. Theo de Raadt comments, "Choice is good!!."
The name "BoringSSL."
I am finding extreme difficulty in liking this name choice. What was Google thinking? Am I alone?
It's not "What was Google thinking?", it's "What was Adam Langley thinking?". As for what he was thinking, it's pretty simple: Fundamental security components like SSL/TLS should be very, very boring. They're not a place for innovation and experimentation, they're not a place for clever code that demonstrates the author's virtuosity (assuming there is any such place, outside of Obfuscated C contests). They're not a place for exploration of how the C preprocessor can be used to automatically generate much of the codebase (which is something that OpenSSL has done). They're where you want very simple, straightforward, boring implementations of industry best practice algorithms and protocols.
When it comes to security, boring is good.
As Langley said in his blog post, the name is aspirational. But it is his goal, to produce a security library which is completely boring. And it's a good thing.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
So where is the heartbleed bug report that was ignored?
OpenSSL Gets Patch for 4-Year-Old Flaw
That one had a public CVE sitting for 4 years while nobody took the responsibility to fix it.
Without FIPS certification system engineers won't be able to include BoringSSL in US-government facing applications, since doing so will disqualify them from procurement lists. Since US gov't is largest consumer of cryptographic products in the North American market, BoringSSL must certify or stay irrelevant.
To put it bluntly, heartbleed was exciting and in security, exciting is bad.
If I have been able to see further than others, it is because I bought a pair of binoculars.
Actually this isn't silly. Intel has compromised CPU instruction set due to NSA influence (whether that was via a secret order or just because they bend over when asked is unknown). Just look at what this Google engineer said:
https://plus.google.com/+Theod...
So given the option of getting a back door inserted in the SSL protocol used by a huge chunk of the world - the NSA will try to corrupt it.
If served with a secret order, from a secret court on the desire of the NSA for "national security" reasons with orders to, of course keep it secret, Google would have no choice but to comply. The fact that it'll be open source would allow for the possibility of it getting caught (but only the possibility), and I doubt that would keep the NSA from trying to corrupt all 3 SSL protocols as they are being reworked currently. JMHO...
LibreSSL maintains API and ABI compatibility with OpenSSL, so you can upgrade your encryption without rewriting all of your applications. That's one reason that people in general use LibreSSL rather than something completely different. Also, it's on its way to becoming the most thoroughly audited SSL/TLS library in the world.
Google doesn't mind recompiling their software, so they need only API compatibility, not ABI compatibility.