Slashdot Mirror

← Back to Stories (view on slashdot.org)

LibreSSL Unaffected By DROWN

Posted by timothy on from the waterproof dept.

serviscope_minor writes: The OpenBSD people forked and heavily cleaned up OpenSSL to create LibreSSL due to dissatisfaction with the maintainance of OpenSSL, culminating in the heartbleed bug. The emphasis has been on cleaning up the code and improving security, which includes removing things such as SSL2 which has fundamental security flaws. As a result, LibreSSL is not affected by the DROWN bug. LibreSSL is largely compatible with OpenSSL. The main exceptions are in the cases where programs use insecure functions removed from libreSSL, or require bug compatiblity with OpenSSL.

60 comments

  1. See what happens when you rm -frv *_old.c by Anonymous Coward · · Score: 3, Insightful

    Removing old code is the best feeling in the world - it's kind of like spring cleaning!

  2. Another Fine Reason... by Anonymous Coward · · Score: 2, Interesting

    I abandoned Linux in favor of OpenBSD earlier this year. I'm tired of how spread thin Linux developers on some projects have become and/or how complacent. My needs are minimal albeit specialized, so I need developers who actually care about code quality. Theo and team most certainly care about code quality. I've given up a little in the transition to BSD, but the stability, predictability, and ease of use have won me over. I started looking at OpenBSD seriously in 2001, but never made the jump. Better late than never...

    1. Re:Another Fine Reason... by Anonymous Coward · · Score: 1, Insightful

      The perpetual drive to bring Linux "to the desktop" and to compete with much more visually polished OS's such as MacOS and Windows has caused Linux devs to abandon the original project priorities and go chasing shiny things and add too much bloat, because somebody somewhere things that is what people care about. Linux shouldn't be about trying to catch up to or compete with the commercial OS, it should be about making sure it does what it is good at flawlessly and securely. Security concerns are only going to increase as we move forward and more and more of our lives and data are connected to the internet.

    2. Re:Another Fine Reason... by mlw4428 · · Score: 4, Insightful

      The team working on OpenSSL is not the same team working on Linux. This is like being upset because the Photoshop team is thin on resources so you dump Windows. It's, frankly, a stupid thing to think.

    3. Re:Another Fine Reason... by Anonymous Coward · · Score: 2, Interesting

      OP here... You miss my gist. Linux and attending userland software, of which OpenSSL is but one, are having massive quality control issues compared with the BSDs. I've been a Linux user on the server and desktop since the mid 90s. I've administered BSD servers since 2000. In 2001, I considered moving my personal requirements over the Linux, as I mentioned above, but never pulled the trigger. A host of things has made me re-think my position: systemd, the Debian developers debacles, general Balkanization of Linux streams of thought on things that really do affect the direction of the kernel and various distros. It's all become too much. I want what I stated above: stability, predictability, and ease of use. OpenBSD and FreeBSD give me this, and after years of working with FreeBSD on servers, I admire the robustness and simplicity of administration compared to Linux. I chose OpenBSD for myself because of OpenBSD's fantastic laptop support for things like wireless chipsets, suspend, etc. I also like their more rapid development model (every 6 months).

    4. Re:Another Fine Reason... by Bengie · · Score: 1

      Not the same team, but part of the same community and mindset that enables such poor quality code to exist.

      *I use "Linux" to mean the Linux community, and not the kernel, which is of decent standards.

    5. Re:Another Fine Reason... by mlw4428 · · Score: 2

      Wait? What community? The Linux one? So are the LibreSSL guys not part of the Linux community anymore? What about the PolarSSL guys? The "Linux community" deals with Linux and arguably each distro is a subset of that community. The third-party packages (or rather the developers of those packages) aren't. At best they just work with the Linux community when needed (testing, getting the updates shipped, etc).

    6. Re:Another Fine Reason... by Anonymous Coward · · Score: 0

      So are the LibreSSL guys not part of the Linux community anymore?

      LibreSSL is developed by the OpenBSD guys which makes them part of the BSD community and part of the open source community.

    7. Re:Another Fine Reason... by shawn2772 · · Score: 1

      So are the LibreSSL guys not part of the Linux community anymore?

      I don't know that I'd say that OpenSSL is part of the Linux community, but LibreSSL definitely is not, since it's developed by the OpenBSD team.

    8. Re:Another Fine Reason... by gwolf · · Score: 2

      You say, original project priorities?
      As a Debian Developer, I can assure you, there are no original project priorities to speak of.
      Each one of us has their own priorities. The nice and happy thing is that many of those priorities have huge areas of overlap, so our common prioritarial prerequisites are a *very* large area.
      Add more, more people to the mix — Everybody in this boat needs a stable, reliable, fast, friendly operating system, with a decent package management software that can empower each of us to scratch our personal itches.
      Very few people have my very specific itch, and that's the reason some of my packages are maintained by myself only.
      If you were to see my work environment, you will recognize this particular developer is nowhere near the "shiny things" or "bloated environments", and my environment is quite typical to others I've seen at DebConfs. Of course, I also see lots of GNOMEs, and there's no reason to deny an important reason for GNOME to be default is because many people like it and care for it enough to keep it in good shape.

    9. Re: Another Fine Reason... by Anonymous Coward · · Score: 0

      You lost me at FreeBSD. FreeBSD developers chase complicated optimizations nearly as much as Linux kernel developers, likewise neglecting to spend time simplifying code. You can see this in the code.

      I've been using OpenBSD for servers since 2000. But OpenBSD doesn't support anything newer than 802.11(b). I would think WiFi would be the last reason to use OpenBSD unless you live in a box in a forest where distance and channel contention is 0.

    10. Re: Another Fine Reason... by Anonymous Coward · · Score: 0

      That is not true. OpenBSD supports 802.11g and has for some time now. 802.11n support should be out in the next release in May.

  3. Why is this newsworthy? by Anonymous Coward · · Score: 1, Insightful

    `Why is this newsworthy? "This just in: software without a feature doesn't have vulnerability related to said feature."

    1. Re:Why is this newsworthy? by Anonymous Coward · · Score: 0

      Because slashdot.

    2. Re:Why is this newsworthy? by Anonymous Coward · · Score: 1, Interesting

      I found it informative. You're just mad the OpenBSD people produce better code.

    3. Re:Why is this newsworthy? by bluefoxlucid · · Score: 1, Informative

      They don't produce better code. LibreSSL is not vulnerable because LibreSSL is OpenSSL with SSLv2 turned off; they just deleted a feature. You can't compile it in, whereas on OpenSSL you have the option to run without SSLv2.

      OpenBSD LibreSSL is largely OpenSSL, and the part that has the vulnerability was *removed* rather than fixed. You might as well say a fork of Firefox has better code because it has no JavaScript engine and thus isn't vulnerable to Spidermonkey bugs.

      --
      Support my political activism on Patreon.
    4. Re: Why is this newsworthy? by Anonymous Coward · · Score: 4, Insightful

      Removing support for an inherently broken and insecure feature is tantamount to writing better code.

    5. Re:Why is this newsworthy? by Anonymous Coward · · Score: 0

      You might as well say a fork of Firefox has better code because it has no JavaScript engine and thus isn't vulnerable to Spidermonkey bugs.

      You're not helping your case.

    6. Re:Why is this newsworthy? by Anonymous Coward · · Score: 1

      I would vociferously argue that, in fact, OpenBSD does produce superior code as a rule. Look at OpenBSD, OpenSSH, or any of the other software titles Theo and team write and support and compare those to Linux, or Gnome, or any other project. Theo and his guys care deeply about code auditing, something most Linux and Linux userland software devs regularly pass over or simply don't care.

    7. Re: Why is this newsworthy? by Anonymous Coward · · Score: 0

      I have old gear where the management interface can only be used using SSLv2. I guess LibreSSL is broken then.

    8. Re:Why is this newsworthy? by Anonymous Coward · · Score: 0

      No, he's right. The fact that OpenBSD proved to be better than Linux should be as newsworthy as "water is wet."

    9. Re: Why is this newsworthy? by Anonymous Coward · · Score: 2, Funny

      No, it means you need to use broken, insecure, obsolete software to manage your broken, insecure, obsolete hardware.

    10. Re:Why is this newsworthy? by ralphsiegler · · Score: 1

      OpenBSD team does produce better and new SSL code, you should research before asserting nonsense https://en.wikipedia.org/wiki/...

    11. Re:Why is this newsworthy? by stooo · · Score: 1

      >> LibreSSL is OpenSSL with SSLv2 turned off
      No. it isn't that.
      It's a complete rework and cleanup of much of the codebase

      --
      aaaaaaa
    12. Re:Why is this newsworthy? by Chris+Mattern · · Score: 1

      More accurately: "Software without an inherently vulnerable feature doesn't have vulnerability related to said feature."

    13. Re:Why is this newsworthy? by greenfruitsalad · · Score: 1

      better at the substantially limited range and scope of functions. i've tried switching to BSD several times over the last 15 years. apart from speed of networking and (recently) ZFS, pretty much everything else was significantly poorer than its gnu/linux alternative. starting with gnu tools (vs bsd tools), drivers and ending with virtualisation, desktop software and clustering. unless i was building a firewall or a router, gnu/linux was the better option.

    14. Re:Why is this newsworthy? by Anonymous Coward · · Score: 0

      If you think glibc is better than libc, you aren't too bright.

    15. Re:Why is this newsworthy? by bluefoxlucid · · Score: 1

      More clearly: In this case, it doesn't have the DROWN vulnerability because they deleted the SSLv2 protocol code. They did *not* improve the SSLv2 protocol code.

      --
      Support my political activism on Patreon.
    16. Re:Why is this newsworthy? by bluefoxlucid · · Score: 1

      More clearly: LibreSSL is immune to DROWN because they removed--not improved--the SSLv2 protocol handling code.

      Wikipedia says LibreSSL's "better SSL code" is mostly code pruning, with a close second being breaking and then fixing OpenSSL cross-platform portability. If you check the actual LibreSSL repositories, you'll notice an extreme minority of LibreSSL changes--by code volume and by actual commits--are code clean-up, and an even smaller minority are actual defect repair. Mostly, it's gutting.

      --
      Support my political activism on Patreon.
  4. USE OPENBSD IF YOU WANT SECURE SERVERS by Anonymous Coward · · Score: -1

    EOM

    1. Re:USE OPENBSD IF YOU WANT SECURE SERVERS by Aethedor · · Score: 1, Offtopic

      Use any other OS if you want to post messages without capitals.

      --
      It doesn't have to be like this. All we need to do is make sure we keep talking.
    2. re:use openbsd if you want secure servers by Anonymous Coward · · Score: 0, Offtopic

      good grief, why would you want to use an os that can't use capital letters/ that seems really stupid.

    3. Re: re:use openbsd if you want secure servers by Anonymous Coward · · Score: 0

      Ask yourself that.

  5. Same for BoringSSL by shawn2772 · · Score: 3, Informative

    BoringSSL is Google's internal fork of OpenSSL (though it's open source). It also removed all support for SSLv2 some time ago. Or, more accurately, it the SSLv2 implementation was never added to it.

    https://www.imperialviolet.org/2015/10/17/boringssl.html

    1. Re:Same for BoringSSL by serviscope_minor · · Score: 2

      BoringSSL is Google's internal fork of OpenSSL (though it's open source). It also removed all support for SSLv2 some time ago. Or, more accurately, it the SSLv2 implementation was never added to it.

      I don't quite follow: if it was a fork it would have come with SSLv2 since OpenSSL comes with it. How can it have not been added in the first place?

      --
      SJW n. One who posts facts.
    2. Re:Same for BoringSSL by Anonymous Coward · · Score: 0

      Well I don't actually know (and it would be trivial to Google it), but it's possible the first commit of the fork was a giant spring cleaning?

    3. Re:Same for BoringSSL by Anonymous Coward · · Score: 0, Flamebait

      Who gives a fuck about an OpenSSL fork from a privacy hating ad company which collaborates with the NSA and FBI.

    4. Re:Same for BoringSSL by shawn2772 · · Score: 3, Informative

      BoringSSL is Google's internal fork of OpenSSL (though it's open source). It also removed all support for SSLv2 some time ago. Or, more accurately, it the SSLv2 implementation was never added to it.

      I don't quite follow: if it was a fork it would have come with SSLv2 since OpenSSL comes with it. How can it have not been added in the first place?

      From the blog post that I linked:

      Generally when people say “forking” they mean that they took a copy of the code and started landing patches independently of the original source. That's not what we did with BoringSSL. Rather than start with a copy, I started with an empty directory and went through OpenSSL function-by-function, reformatting, cleaning up (sometimes discarding) and documenting each one.

      However, Adam did say that the SSL code was handled a bit differently, it was copied then incrementally improved, and the improvements included removing SSLv2 support. So my claim that SSLv2 was never added to BoringSSL was wrong. It was copied over from OpenSSL, then removed.

  6. OpenVMS by ArchieBunker · · Score: 2

    OpenVMS is not case sensitive. For critical applications I'd pick it over Linux any day.

    --
    Only the State obtains its revenue by coercion. - Murray Rothbard
    1. re:openvms by Anonymous Coward · · Score: 0

      but you can still use capital letters with openvms/

    2. Re:OpenVMS by greenfruitsalad · · Score: 1

      i don't think you would. btw, are we talking about ODS-2 or ODS-5 file naming?

  7. Neither is OpenSSL by Anonymous Coward · · Score: 0

    Isn't SSL2 totally obsolete?

    Captcha: enabled

  8. Please stop by WaffleMonster · · Score: 4, Insightful

    It's 2016.. If your in any way affected by SSLv2 + export ciphers and you still feel compelled to blame it on the TLS stack - please do everyone a favor and find a new line of work.

    1. Re:Please stop by illtud · · Score: 1

      But this attack works on OpenSSL with all SSLv2 ciphers removed, does it not? You need the fixed version with the capability to use SSLv2 ciphers removed, it wasn't fixable by configuration, from what I've understood.

    2. Re:Please stop by Bite+The+Pillow · · Score: 1

      It's 2016.. If your in any way affected by SSLv2 + export ciphers and you still feel compelled to blame it on the TLS stack - please do everyone a favor and find a new line of work.

      Fuck you. My employer's IoT trash cans are not flashable, and all of my skills are janitorial in nature. That's like telling a cancer patient to find another lung.

  9. Who the f*** cares about LibreSSL by Anonymous Coward · · Score: 0

    ... and neither is dummySSL distribution 4.3.2, or boringSSL distrubution 2.2.2, and so on.

  10. Narcissist much? by Anonymous Coward · · Score: -1

    "LibreSSL Unaffected By DROWN"

    Even the title wreaks of an attempt at relevancy. Why is this even news?

    "The OpenBSD people forked and heavily cleaned up OpenSSL to create LibreSSL due to dissatisfaction with the maintainance of OpenSSL, culminating in the heartbleed bug."

    Translation: The lone overworked maintainer of OpenSSL and his one overworked assistant were swamped trying to keep OpenSSL working on multiple platforms, legacy systems, and the like without breaking the internets; so, we swiped their code, removed all the multi-platform and legacy code, snarked at the codebase that is damn near 20 years old, and now feel smugly superior for doing so.

    So instead of putting effort into fixing the existing codebase and lending manpower to a vastly understaffed project that is highly critical for most network security, we swiped the existing code, put our 'best people' on it, and made LibreSSL and are still looking for that relevance.

    Oh -- and don't forget to toot your own horn when a backwards compatibility feature had a bug you don't since backwards compatibility was one of the first things you stripped out of the codebase.

    SMH

    1. Re:Narcissist much? by Anonymous Coward · · Score: 0

      SSLv2 badly broken. Come again, kthxbye.

    2. Re:Narcissist much? by Anonymous Coward · · Score: 0

      Oh, look it's the Jelly monster! Why you so Jelly?

    3. Re:Narcissist much? by Bengie · · Score: 1

      Fixing OpenSSL is a futile endeavor of polishing crap. Some things can only be fixed by being taken out back.

  11. whipslash, can you deal with the mod abuse? by Anonymous Coward · · Score: 0, Offtopic

    whipslash, the parent comment is at -1, and I think it's a perfect example of how bad modding here hurts the discussion.

    Of the 20 comments currently here, it's one of the most insightful and informative.

    It's obviously relevant, as the submission is all about how code maintained by the OpenBSD devs is free from a serious flaw that affected so many Linux distros.

    Yet despite it being one of the best comments posted so far, I have to go out of my way to browse at -1 to see it!

    Meanwhile, somebody else totally misunderstood what the parent comment says, and went off on a tangent about Photoshop and Windows. Yet that comment, despite being wrong and adding nothing of value, is currently at +4!

    An excellent comment like the parent comment shouldn't be hidden just because it expresses an idea that conflicts with the twisted world view of some Linux fanatics who happen to have mod points here.

    Both the -1 modding of the parent and the +4 modding of the other irrelevant comment indicate serious mod abuse is going on here. The best content is suppressed and harder to read, while the junk comments are shoved in our faces.

    Bad modding like we see in these cases really hurts the Slashdot experience. It's even worse than the shitty videos. At least those are easy to ignore. The mod abuse, however, is much harder to overlook, given how good comments are hidden and shitty comments are shown instead.

    1. Re:whipslash, can you deal with the mod abuse? by Anonymous Coward · · Score: 0

      That's ok, try posting anything with a conservative viewpoint. I don't even bother to login anymore since even posts that had nothing to do with politics got regularly down-modded.

    2. Re:whipslash, can you deal with the mod abuse? by Anonymous Coward · · Score: 0

      Idiocracy rules dude.

  12. Way to miss the point! by Anonymous Coward · · Score: 3, Insightful

    You missed the point, and so did the idiots who upmodded you.

    It doesn't matter who originally wrote the code.

    What matters is that so many Linux distro maintainers included the broken OpenSSL code in their distros, which directly affected the users of these Linux distros.

    Yet the OpenBSD maintainers, who clearly care far more about security than the Linux distro maintainers do, went out of their way to clean up and secure the broken OpenSSL code, and so OpenBSD users aren't affected by this serious flaw.

    That's the point the GP was making: Linux distro maintainers will subject their users to any old shitty code. The OpenBSD maintainers, on the other hand, are far more cautious and don't put their users in the bad position that the Linux distro maintainers do.

    This incident shows that we can trust OpenBSD, and that we just can't trust most Linux distros.

    1. Re:Way to miss the point! by Anonymous Coward · · Score: -1

      >Linux distro maintainers will subject their users to any old shitty code

      Not just any "old shitty code", but "government-paid-for-compromised-code!"

    2. Re:Way to miss the point! by Anonymous Coward · · Score: 0

      I'm not sure that anyone is arguing that linux is more secure than OpenBSD. A lot of applications had already disabled SSLv2 anyway. To me, the unusual thing about this was that one application with SSLv2 enabled could make another application that didn't have it enabled vulnerable if they used the same private key. This is more of an argument that you should use different private keys for different applications so that if your email server is compromised in such a way to reveal the private key, then your web server is not similarly compromised. Maybe we should have learned that with heartbleed. Part of this is also tied up with the fact that getting a valid SSL certificate is generally far more expensive than it should be.

    3. Re:Way to miss the point! by CoderJoe · · Score: 1

      And what library did OpenBSD use for SSL/TLS before LibreSSL? Oh wait, it was that same OpenSSL as Linux, until Heartbleed caused them to fork the project and clean it up.

  13. Slashdot Moderation is Off The Hook by Anonymous Coward · · Score: 0

    There is no way this should be modded as Troll. Linux fanboys run amok...

  14. Does *every* exposed SSL port use LibreSSL? by Anonymous Coward · · Score: 0

    DROWN is an attack on your private key using SSLv2 to compromise TLS.

    So even if your webserver uses LibreSSL, your private key could be exposed by your email server built with OpenSSL, or by your SSH server or ...
    Once the private key is partially compromised, LibreSSL will not protect you

    You need to test all exposed SSL ports and ensure that SSLv2 is disabled *everywhere*.

  15. Any sane configuration is unaffected by manu0601 · · Score: 1

    Any sane SSL configuration explicitly disable SSLv2 (and SSLv3) and is therefore not vulnerable to DROWN.