OpenBSD crypto and NSA/Bruce Schneier

classic Classic list List threaded Threaded
17 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenBSD crypto and NSA/Bruce Schneier

Jiri B-2
Hi all,

I don't understand very much technical details of this topic,
neither I want to troll, but my curiousity is if OpenBSD devs
follow Bruce Schneier arguments and whole topic and if they
have done, do or will do some re-evaluation of crypto in OpenBSD
to minimalize being vulnerable to describe attacks.

http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html

j.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Peter Nicolai Mathias Hansteen
On Wed, Sep 11, 2013 at 03:26:07AM -0400, Jiri B wrote:
 
> I don't understand very much technical details of this topic,
> neither I want to troll, but my curiousity is if OpenBSD devs
> follow Bruce Schneier arguments and whole topic and if they
> have done, do or will do some re-evaluation of crypto in OpenBSD
> to minimalize being vulnerable to describe attacks.
>
> http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html

Re-evaluation and auditing is very much a part of the general OpenBSD
development process (see eg http://www.openbsd.org/goals.html and
http://www.openbsd.org/security.html, with links therein) already,
but I wouldn't be surprised if recent revelations lead to more activity
on that front. On a related note, I quite enjoyed reading FreeBSD
developer Colin Percival's take on the various revelations and claims:
http://www.daemonology.net/blog/2013-09-10-I-might-be-a-spook.html

- Peter
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Martin Schröder
In reply to this post by Jiri B-2
2013/9/11 Jiri B <[hidden email]>:
> neither I want to troll, but my curiousity is if OpenBSD devs
> follow Bruce Schneier arguments and whole topic and if they
> have done, do or will do some re-evaluation of crypto in OpenBSD
> to minimalize being vulnerable to describe attacks.

The monkeys will probably keep on masturbating. :-)

>http://article.gmane.org/gmane.linux.kernel/706950

Best
     Martin

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Marc Espie-2
In reply to this post by Peter Nicolai Mathias Hansteen
On Wed, Sep 11, 2013 at 09:58:12AM +0200, Peter N. M. Hansteen wrote:
> Re-evaluation and auditing is very much a part of the general OpenBSD
> development process (see eg http://www.openbsd.org/goals.html and
> http://www.openbsd.org/security.html, with links therein) already,
> but I wouldn't be surprised if recent revelations lead to more activity
> on that front. On a related note, I quite enjoyed reading FreeBSD
> developer Colin Percival's take on the various revelations and claims:
> http://www.daemonology.net/blog/2013-09-10-I-might-be-a-spook.html

I'm not sure there will be that much more activity.

First, we had several "scares" in the past already, and we're perpetually
paranoid, so... business as usual.

Second, low hanging fruit.

There's so much crappy software and hardware out there that you have to be
REALLY paranoid to think the NSA would target us. I mean, come on, there
are BROADSIDE BARNS in
- windows
- iOS
- linux

why bother with us ? people are most generally NOT careful. So, hey, what
if you can't break in OpenBSD ? you've got all kinds of access to people's
web activity, cellphone records, credit card records, hospital records,
whatever.

If there's one thing that's sure, it's that there is exactly ZERO security
in administration's infrastructures in general.

Yes, some of them do care. But most of them don't care enough. And there
are IDIOTS everywhere.

I suspect the NSA spooks are good hackers. And so they're lazy.  The challenge
is extracting useful information from TB of unencrypted traffic and broken
encryptions.  Breaking secure encryption ? sure... you think it's going to
give you new data ? think again...

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Martin Schröder
2013/9/11 Marc Espie <[hidden email]>:
> Second, low hanging fruit.
>
> There's so much crappy software and hardware out there that you have to be
> REALLY paranoid to think the NSA would target us. I mean, come on, there

You think openssh isn't a valuable target?
You think openbsd isn't used in commercial firewall/vpn appliances?

Think again.

Best
     Martin

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Marc Espie-2
On Wed, Sep 11, 2013 at 10:49:46AM +0200, Martin Schröder wrote:
> 2013/9/11 Marc Espie <[hidden email]>:
> > Second, low hanging fruit.
> >
> > There's so much crappy software and hardware out there that you have to be
> > REALLY paranoid to think the NSA would target us. I mean, come on, there
>
> You think openssh isn't a valuable target?

portable openssh relies on posix interfaces. Corrupt the interfaces, and
you have a broken openssh.  Remember the one bug in openssh, the one that
was mitigated by privsep, but where linux couldn't get the mitigation because
their privsep was broken ?

> You think openbsd isn't used in commercial firewall/vpn appliances?

So buy the guys building commercial appliances. This being BSD, it doesn't
have to be opensource. It's much simpler to corrupt the derivative product,
and ways less dangerous.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Rudolf Leitgeb
In reply to this post by Marc Espie-2
> Second, low hanging fruit.

Contrary to what some hysterical reports may claim, and some violations
of rules aside, NSA is mostly after bad guys, some of which know quite
well what they are doing. These bad guys will not necessarily be kind
enough to present NSA with unpatched Windows desktops.

> why bother with us ? people are most generally NOT careful. So, hey,
> what if you can't break in OpenBSD ?

This is not a marketing operation run by NSA which can claim success if
they catch the 90% dumbest. Quite to the contrary, they should be most
interested in the most sophisticated ones, and why wouldn't bad guys
use OpenBSD if they had the impression it was more secure?


As I have mentioned before: what good is perfect security in an OS if you
have no control over the hardware? Put some back doors into the CPU or the
networking hardware and OpenSSH will fall. There is really no point in
trying to outwit three letter agencies with our laptops.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Indunil Jayasooriya
> As I have mentioned before: what good is perfect security in an OS if you
> have no control over the hardware? Put some back doors into the CPU or the
> networking hardware and OpenSSH will fall. There is really no point in
> trying to outwit three letter agencies with our laptops.
>
>

Both good and bad things exist in the world. It is the way of the world.
It  is quite normal. It is the True Nature of the world.  Intention (
volition ) to add protection (security) is the WISE man's characteristic.
So this wise man is always protected. He will win his life.








--
Thank you
Indunil Jayasooriya
http://www.theravadanet.net/
http://www.siyabas.lk/sinhala_how_to_install.html   -  Download Sinhala
Fonts

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

josef.winger
In reply to this post by Rudolf Leitgeb
> Gesendet: Mittwoch, 11. September 2013 um 11:42 Uhr
> Von: "Rudolf Leitgeb" <[hidden email]>
> An: [hidden email]
> Cc: [hidden email]
> Betreff: Re: OpenBSD crypto and NSA/Bruce Schneier
>
> > Second, low hanging fruit.
>
> Contrary to what some hysterical reports may claim, and some violations
> of rules aside, NSA is mostly after bad guys, some of which know quite
> well what they are doing. These bad guys will not necessarily be kind
> enough to present NSA with unpatched Windows desktops.

I think that is not true. What they (and others) are after are
CORRELATIONS, as much correlation as one can get. Thats because from
a Bayesian POV causality it isn't really needed to understand beaviour
if you have enough correlation.

Social Science becomes obsolete, if enough correlation is gathered.
See for example http://www.wired.com/science/discoveries/magazine/16-07/pb_theory

That paper really sounds strange on a first sight, but with big data, it is
anoter situation.

So back on topic, even if they are after the 'bad guys' they are by getting
as much data i.e.correlations as they can get...




>
> > why bother with us ? people are most generally NOT careful. So, hey,
> > what if you can't break in OpenBSD ?
>
> This is not a marketing operation run by NSA which can claim success if
> they catch the 90% dumbest. Quite to the contrary, they should be most
> interested in the most sophisticated ones, and why wouldn't bad guys
> use OpenBSD if they had the impression it was more secure?

No they want it all, because much data is better than any behaviour theory
can be, just because you don't have tomake assumptions.

>
>
> As I have mentioned before: what good is perfect security in an OS if you
> have no control over the hardware? Put some back doors into the CPU or the
> networking hardware and OpenSSH will fall. There is really no point in
> trying to outwit three letter agencies with our laptops.
>

Do you have any example for that? I mean the hardware needs software
to run, not? So you say that there a cases where there is firmware
that makes the hardware do things we can not control or encapsulate?

After all, we could change to hardware that does not have theses things.


Another think is, that today mathematically proven correct (aka zero-bug)
software is more and more faseable. See te guys from seL4..
Ok it is still a bit future, but soner or later we will become able to
proof our algorithms; at least partly...

/jo

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

John Long-4
In reply to this post by Martin Schröder
On Wed, Sep 11, 2013 at 10:49:46AM +0200, Martin Schr?der wrote:
> 2013/9/11 Marc Espie <[hidden email]>:
> > Second, low hanging fruit.
> >
> > There's so much crappy software and hardware out there that you have to be
> > REALLY paranoid to think the NSA would target us. I mean, come on, there
>
> You think openssh isn't a valuable target?

You think they need to target protocols? There are much easier ways of doing
things. Strong crypto works if you do all the management stuff. Most people
have no idea what's involved with that. Like Espie says there's plenty low
hanging fruit. If you're somebody they want to know about the methods they
use don't have anything to do with technology.

> You think openbsd isn't used in commercial firewall/vpn appliances?

You think that government doesn't cultivate "healthy" relationships with
"security" product vendors that makes whatever protocol or OS they claim to
run irrelevant? Do you really believe they only got google, yahoo, gmx,
msn/hotmail/aol/skype to open up their services but not router and vpn and
appliance vendors? Don't be so naive... any company that has an office in
the U.S. that wants to stay in business is going to bend over. How many
Lavabit stories did we read about where somebody had the integrity to say NO
and lose his ass? Exactly one. Guess what happened to the rest.

You want security, run OpenBSD on a Chinese router or SBC or fab your own
chips and build your own hardware. And stay the hell off the net.

> Think again.

Your turn.

/jl

--
ASCII ribbon campaign ( ) Powered by Lemote Fuloong
 against HTML e-mail   X  Loongson MIPS and OpenBSD
   and proprietary    / \    http://www.mutt.org
     attachments     /   \  Code Blue or Go Home!
 Encrypted email preferred  PGP Key 2048R/DA65BC04

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Zoran Kolic-4
In reply to this post by Jiri B-2
> After all, we could change to hardware that does not have theses things.

I'd like to hear more about this.

                                  Zoran

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

Reyk Floeter-2
In reply to this post by John Long-4
On Wed, Sep 11, 2013 at 02:00:38PM +0000, John Long wrote:
> You want security, run OpenBSD on a Chinese router or SBC or fab your own
> chips and build your own hardware. And stay the hell off the net.
>

Sorry for posting the following link, but this reminds me of an
incredibly bad movie: http://www.dragondaymovie.com/ ;-)

reyk

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

polken
In reply to this post by John Long-4
full agree with John look gov its gov they have the power to do things, they
have the money to do it, they have the law protecting them and if all of this
its not enough they have people that can close  your business if u dont
cooperate so go to china or any other country that are not going to cooperate
build your own devices, and software with strong crypto and no security
problems and maybe u will have a good channel to check out  your facebook or
chat with grandma

> Date: Wed, 11 Sep 2013 14:00:38 +0000
> From: [hidden email]
> To: [hidden email]
> Subject: Re: OpenBSD crypto and NSA/Bruce Schneier
>
> On Wed, Sep 11, 2013 at 10:49:46AM +0200, Martin Schr?der wrote:
> > 2013/9/11 Marc Espie <[hidden email]>:
> > > Second, low hanging fruit.
> > >
> > > There's so much crappy software and hardware out there that you have to
be
> > > REALLY paranoid to think the NSA would target us. I mean, come on,
there
> >
> > You think openssh isn't a valuable target?
>
> You think they need to target protocols? There are much easier ways of
doing

> things. Strong crypto works if you do all the management stuff. Most people
> have no idea what's involved with that. Like Espie says there's plenty low
> hanging fruit. If you're somebody they want to know about the methods they
> use don't have anything to do with technology.
>
> > You think openbsd isn't used in commercial firewall/vpn appliances?
>
> You think that government doesn't cultivate "healthy" relationships with
> "security" product vendors that makes whatever protocol or OS they claim to
> run irrelevant? Do you really believe they only got google, yahoo, gmx,
> msn/hotmail/aol/skype to open up their services but not router and vpn and
> appliance vendors? Don't be so naive... any company that has an office in
> the U.S. that wants to stay in business is going to bend over. How many
> Lavabit stories did we read about where somebody had the integrity to say
NO

> and lose his ass? Exactly one. Guess what happened to the rest.
>
> You want security, run OpenBSD on a Chinese router or SBC or fab your own
> chips and build your own hardware. And stay the hell off the net.
>
> > Think again.
>
> Your turn.
>
> /jl
>
> --
> ASCII ribbon campaign ( ) Powered by Lemote Fuloong
>  against HTML e-mail   X  Loongson MIPS and OpenBSD
>    and proprietary    / \    http://www.mutt.org
>      attachments     /   \  Code Blue or Go Home!
>  Encrypted email preferred  PGP Key 2048R/DA65BC04

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

bofh-6
In reply to this post by Peter Nicolai Mathias Hansteen
On Wed, Sep 11, 2013 at 3:58 AM, Peter N. M. Hansteen <[hidden email]>wrote:

> on that front. On a related note, I quite enjoyed reading FreeBSD
> developer Colin Percival's take on the various revelations and claims:
> http://www.daemonology.net/blog/2013-09-10-I-might-be-a-spook.html


Isn't that classic reverse psychology though?! :P


--
http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
"This officer's men seem to follow him merely out of idle curiosity."  --
Sandhurst officer cadet evaluation.
"Securing an environment of Windows platforms from abuse - external or
internal - is akin to trying to install sprinklers in a fireworks factory
where smoking on the job is permitted."  -- Gene Spafford
learn french:  http://www.youtube.com/watch?v=30v_g83VHK4

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

David Eisner-2
In reply to this post by John Long-4
On Wed, Sep 11, 2013 at 10:00 AM, John Long <[hidden email]> wrote:

>
> You think they need to target protocols? There are much easier ways of
> doing
> things. Strong crypto works if you do all the management stuff. Most people
> have no idea what's involved with that. Like Espie says there's plenty low
> hanging fruit. If you're somebody they want to know about the methods they
> use don't have anything to do with technology.
>
>
There's more than one threat model, though. Here are two:

1. "They" are targeting a specific individual or a small group. In that
case, protecting your electronic communications is going to be difficult.
They'll get around the crypto if they need to.

2. "They" are dipping their net into a fiber optic stream and fishing
(automated search) for interesting traffic.

Targeting protocols would be attractive to them for threat model 2, even if
they can handle threat model 1. And even in the case of threat model 1, a
vulnerable protocol makes their job cheaper, in terms of both money and
risk.

-David

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

gwes-2
In reply to this post by Rudolf Leitgeb
On 09/11/2013 05:42 AM, Rudolf Leitgeb wrote:

>> Second, low hanging fruit.
> Contrary to what some hysterical reports may claim, and some violations
> of rules aside, NSA is mostly after bad guys, some of which know quite
> well what they are doing. These bad guys will not necessarily be kind
> enough to present NSA with unpatched Windows desktops.
>
>> why bother with us ? people are most generally NOT careful. So, hey,
>> what if you can't break in OpenBSD ?
> This is not a marketing operation run by NSA which can claim success if
> they catch the 90% dumbest. Quite to the contrary, they should be most
> interested in the most sophisticated ones, and why wouldn't bad guys
> use OpenBSD if they had the impression it was more secure?
>
>
> As I have mentioned before: what good is perfect security in an OS if you
> have no control over the hardware? Put some back doors into the CPU or the
> networking hardware and OpenSSH will fall. There is really no point in
> trying to outwit three letter agencies with our laptops.
Disk drives are (presumably) trivial to take over. They have firmware
and mechanisms to
use alternate physical blocks for a given logical block.

Scenario:

Reset - request for block 0 within a timeout window - substitute
alternate boot
record & subsequent interesting code. Modern drives contain enough spare
sectors
to have acomplete software universe hidden in them.

no reset or timeout - request for block 0 -return "good" data

Very hard to detect without a reasonably high level of suspicion and
a properly set up test jig.

The conditions for substituting "interesting" data could be made
arbitrarily complexand/or sophisticated, including scanning data
read and written for patterns.

Almost anything with microcodeor firmware can be subverted with
very few traces. That means network interfaces, CPUs, disk controllers,
USB interfaces, .....

Oh yes - cars & trucks.

Geoff Steckel

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD crypto and NSA/Bruce Schneier

David Eisner-2
On Wed, Sep 11, 2013 at 2:56 PM, Geoff Steckel <[hidden email]> wrote:

> Disk drives are (presumably) trivial to take over. They have firmware
> and mechanisms to
> use alternate physical blocks for a given logical block.
>


You're absolutely correct, and this is not theoretical: (page navigation is
in the links on the right):

  http://spritesmods.com/?art=hddhack&page=1

His proof-of-concept (for a remotely-compromised HD on a web server)
involves requesting a URL with a trigger string in it. When the URL gets
written to the web server's log file, the HD firmware sees this and arms
itself. Now, when /etc/shadow is next read, the firmware adds a hidden
account to it.

-David