[ale] China chooses FreeBSD as basis for secure OS

Michael H. Warfield mhw at WittsEnd.com
Wed Oct 13 22:52:50 EDT 2010


On Wed, 2010-10-13 at 14:08 -0400, Lightner, Jeff wrote:

> If it is in the source and you have people vetting the source it would
> extremely difficult.   I imagine China once they made their "hardened"
> version of BSD would be using upstream source rather than ports to do
> the updates if any.

You miss the entire point of the Thompson attack.

If it's in the compiler, it doesn't need to be in the sources.  It's
injected into the binaries in the form of the compiled binaries and the
source of the malicious code is the compiler, not the binaries.

If it's in the compiler, it doesn't need to be in the compiler sources.
It's propagated by compiling a compiler with a compromised compiler.

It's not any any source and, thus, not subject to being exposed by any
code audit or OpenSource examination.

Ken's work is a classical work and a seminal work in our field.  And
predates Linux by many years.  All security professionals should
certainly be aware of Ken's work.  But...  There are easier ways, than
Ken's, to compromise a Linux systems depending on if you want "user
level" or "superuser level".  Just none have achieved greater than unity
propagation ratio.  Hence, they die out.

Years ago, running some honeypots, I monitored numerous "***holes"
compromising a default Apache installation.  They got the "apache"
account and nothing else.  Less that 24 hours after the release of a
priv-escalation attack they broke root on that box and I had their "root
kit".  Lesson to be learn...  Compromising your desktop (easy) can be as
bad as compromising root if the timing sucks and you don't spot it.
Linux or any *NIX is NOT immune.  You must be on guard.  Take it to the
bank.  Linux machines are being compromised and abused for malware right
now.  We are tracking some of them.

Second, and most important lesson, is nothing solves the problem in the
"wet ware)" (BEBCAK - Problem Exists Between Chair and Keyboard).
People still do stupid shit and Stuxnet propagated primarily through USB
keys (i.e. chump bait).  There is no patch for stupid.

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20101013/6502eced/attachment.bin 


More information about the Ale mailing list