Slashdot Mirror
D-Link Accidentally Publishes Private Code Signing Keys
New submitter bartvbl writes: As part of the GPL license, D-Link makes its firmware source code available for many of its devices. When looking through the files I accidentally stumbled upon 4 different private keys used for code signing. Only one — the one belonging to D-Link itself — was still valid at the time. I have successfully used this key to sign an executable as D-Link. A Dutch news site published the full story (translated to english with Google Translate).
You can't be serious....
Palm, meet forehead.
I see this happening all the time at my workplace, and the reason behind most is files getting inadvertedly swept into the whatever code repository and then becoming publicly visible, or even worse, compiled into the product and going unnoticed for a long time. A lot of effort, and rigorous testing procedures, are in place to chase for issues like this. As to why so often - because keys are actually code, in an obfuscated text form. They are executed, that string is actually a mathematical function, so both before and after that innocuous state that looks like ---RSA--- etc they are version controlled, compiled tested.
They revoked the keys in question in some time in September.
But if you disconnect the machine from the internet, or otherwise block the connection to the server that provides revocation information, will the Windows system still see an executable signed with the revoked key as valid?
I'm not an expert. Genuinely asking.
It's surprisingly common for someone to accidentally publish their private signing key.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
Surely the GPL requires all the source code required to build the supplied binary.
Looks to me like the GPL requires those signing keys to be published if the source cannot be built into a running program without them.
so that only manufacturer-signed firmwares will run on them. i guess that won't work very well.
When something this egregious happens, it's indicative of poor security practices and lack of concern across the board -- It's not just some one-off mistake. D-Link's code is in control of routing all the packets in many homes and offices. They don't take this responsibility seriously.
The "D" stands for "D'OH!"
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
if you disconnect the machine from the internet, or otherwise block the connection to the server that provides revocation information, will the Windows system still see an executable signed with the revoked key as valid?
Yes, that is exactly how it works. To give an example of how weak this security control is, Google Chrome no longer even bothers, ignoring revocation lists completely.
If you distribute GPL software which you got from someone else, you may only do so under the GPL license. Section 3 of the GPLv2 says:
----
3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable source code
-----
In other words, you may distribute the binary only if you also distribute the complete source (or offer to).
It also defines "the complete source code", still in section 3:
----
For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
----
Google Chrome no longer even bothers, ignoring revocation lists completely.
That's not quite what your article says. It says that google stopped checking with the cecurity authority using the Online Certificate Status Protocol. However, the article also says that chrome replaced that with a local list of revoked certificates that can be updated without restarting the browser. So, chrome still does keep track of revoked certificates.
Yes, because using Chrome without the net is a truly wonderful experience.
Yeah, because a locally cached list is anywhere near as accurate as checking each cert as it is used. In fact, there are plenty of sites with bad certs that work just fine in Chrome because they aren't on the list.
Except when you're second?
Yeah, because a locally cached list is anywhere near as accurate as checking each cert as it is used. In fact, there are plenty of sites with bad certs that work just fine in Chrome because they aren't on the list.
But who would ever visit one of those sites?
Give out a key that everyone can use to sign their code and flag up when that key is the one on the signed binary. The factory set one can be signed with a different key before installation.
Users can use their own firmware, system is out of the box as secure as any other router, GPL is complied with.
Job done.
Another step to help keep it secure is have it only firmware updatable if a switch on the device physically there is set. Switch off? Can't update the firmware.
I'll leave the company name out (mostly to protect my source B-) )
This was in the early part of the cycle of:
- A handful of companies made graphics accelerator chips..
- A BUNCH of new companies also made graphics accelerator chips.
- There was a shakeout and only a few survived - not necessarily many - or any - of the original handful.
The company in question was one of the original few.
The hardware was good. But much of the performance advantages were due to some good algorithms in the driver, which were applicable to other good, bad, or moderate capability hardware, rather than depending on special features of the company's product.
As with many Silicon Valley companies, where the value added was so high that the administration could be utterly wacky or clueless and the company would still survive for years, this one had some managers make some dumb decisions.
One dumb decision was to try to save money by limiting the personnel to one new floppy disk per month. So the developers kept reusing the disks they had, when they shouldn't.
As a result, the golden master for an object-only release of the driver was built on a used disk, which had once held the complete sources of the driver in question. Apparently the "reformat" process used didn't overwrite the sectors - but the manufacturing process that cloned the golden master DID copy those sectors.
A customer tried an undelete utility and found almost the entire source code. Oops!
This news got out. Over the next couple years the great algorithms went from being a valuable trade secret (much of the company's "secret sauce") to a de facto industry standard.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I find their full bodied and unrestrained support for open source commendable.
Someone who doesn't know of the problem, obviously. You know, like most users on the Internet. CRLSet is a good supplement but not a replacement.
Say a website is compromised and the dns points to a server using the stolen certificate (or a fake but trusted cert, or many other circumstances). Barring special action by chromium community or Google, it would be hours after being noticed by the admin and revoked by the CA before they are protected. Anyone using OCSP is protected IMMEDIATELY. This doesn't even get to the part where the CRLset isn't exhaustive or include all the CAs recognized by the browser.
This isn't to say that OCSP is perfect but it is better than Chromium's approach on average. Again, and again, developers sacrifice security for speed and this is just another example.
That company's name didn't start with an 'R' by any chance did it? If so, I may have known some of the people you're describing...and by association, you!
I'd just like to point out, before Dlink get too much criticism, that there are many companies that avoid this situation by violating the terms of the GPL by not making the source code available or even displaying the terms of the license.
Ok, Dlink made a mistake, however I think it is a good thing that they being sincere to the terms of the license. Well done Dlink, they will fix the problem and I will be happy to buy their products over other vendors who violate the terms of the GPL.
My ism, it's full of beliefs.
This is the item described as purchased with the signing keys in the source.
http://www.dlink.com/uk/en/home-solutions/view/network-cameras/dcs-5020l-pan-tilt-day-night-network-camera
Yep, that is a woops but unless your home is surrounded by a bunch of advanced ninja hackers in catsuits looking to plot the Grand Jewel Heist.... this shit isn't even an issue. It's great that somebody was able to notice an error since it is open source.
What happens? The gadget tweaks who bought this and updated the firmware can easily re-install it.
BUT... why is this a dramatic front page Slashdot "news" story? Looking I already can see Windows shills crying "oh hohohoho that's open source for you" not even knowing their ass from a hole in the ground. They are among first commenters too. It is immediate and expected.
If leaving the keys in there was a legit accident I bet it only happens once by that person. If it was intentional, well I think you can count on it 1,000,000 times so keep auditing open source code out there all you coding wizards. Microsoft goes to great lengths trying to discredit open source, as if it isn't obvious the whole world is running on Linux right now from Android phones to 97% of the world's supercomputers to governments to the International Space Station.
Windows 10 is without refute entirely closed source global spyware right this second. All of it. Every single install of Windows 10 is a keystroke logging packet sniffing phone-home-to-mother-ship pwned operating system. It's not like oh it's just a couple telemetries either. Everything possibly tracked is tracked. And they deem acceptance of their new privacy agreement as permission to read all of your files at their discretion. Isn't it oh so magically delicious that they backported their snoopware to Windows 7/8/8.1 if you were ridiculous enough to take their latest updates.
http://tech.slashdot.org/comments.pl?sid=8000075&cid=50511399
http://tech.slashdot.org/comments.pl?sid=7988275&cid=50500123
Matrox?
>One dumb decision was to try to save money by limiting the personnel to one new floppy disk per month
Wow, this has got to be one of the most hilarious cases of "penny-wise, pound-foolish" I've ever heard.
Floppy disks were cheap, even back then! They were practically a drop in the ocean when it comes to the budget of even small companies. What were these managers thinking?
Well, that's what revocation is for. I'd rather applaud them for their openness with code than tar and feather them for something correctable.
Floppy disks were cheap, even back then! They were practically a drop in the ocean when it comes to the budget of even small companies. What were these managers thinking?
They also organized groups of developers and QA people to be sure the lights in the bathrooms were turned off. Compare the cost of the time of a highly trained and highly paid (pre-H1-B flood) engineer spent on checking a bathroom light to the cost of leaving it on even over a weekend. Then think of the time spent by the lot of them in the meeting where management presented this bright idea and trained them in it. (While you're at it, think about what happens to the light, freshly shut off for the night, when the janitors arrive in the early evening.)
That one wasn't peculiar to this company, but happened to a lot of them. There was a fad going for it among management organizations at the time. Apparently the idea was to raise morale by getting the workers to feel like they were doing something to help the company. (Probably started by some clueless management consultant who thought that engineers were dumber than rocks - or at least dumber than pointy-haired bosses.)
Of course what it actually did was convince the engineers that the company was in deep financial trouble and the executive suite was too stupid to fix it and were making it worse with their counter-productive thrashing. Morale went through the floor and the talent started job-hunting elsewhere.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Isn't there OCSP stapling now https://en.wikipedia.org/wiki/OCSP_stapling ?
.. Nth reconnection for HTTPS to the webserver.
The HTTPS webserver asks the OCSP server for a signed by CA & timestamped message every few hours to validate the certificate serial it is using is still valid (i.e. the certificate has not been revoked by CA).
The HTTPS webserver then provides this extra bit of signed information to the browser during the TLS handshake.
So now the load on the OCSP scales better (by website, not by all web users), has minimal latency impact (just the extra bytes in the handshake), no out-of-band communication from browser to OCSP server is needed at all.
Hopefully when SPDY or HTTP/2.0 is running even the bytes in the handshake can be reduced to nothing by higher reuse of a single TCP connection to multiplex and also if the client has a recent TLS sessionID that is represented to the server. You'd think they can optimize the extra bytes away and speed up the handshake for the 2nd
In the case of PC software though I would expect there to be multiple channels for getting OCSP data and only one channel needs to work to validate firmware/driver is still usable. But I'm sure there are other issues with invalidating important drivers for graphics/network that would be more like a nag screen every day to get you to reinstall driver.
D-Link is really expensive brother if anyone try crack the Private Code Signing Keys via internet. So, US Government have to punish them all. But D-Link Private Code Signing Keys is so easy to crack and then after hack the code. If anyone want to secure home forever. So try this : http://www.locksmithsinscottsd...