OpenBSD Will Not Fix PRNG Weakness 196
snake-oil-security writes "Last fall Amit Klein found a serious weakness in the OpenBSD PRNG (pseudo-random number generator), which allows an attacker to predict the next DNS transaction ID. The same flavor of this PRNG is used in other places like the OpenBSD kernel network stack. Several other BSD operating systems copied the OpenBSD code for their own PRNG, so they're vulnerable too; Apple's Darwin-based Mac OS X and Mac OS X Server, and also NetBSD, FreeBSD, and DragonFlyBSD. All the above-mentioned vendors were contacted in November 2007. FreeBSD, NetBSD, and DragonFlyBSD committed a fix to their respective source code trees, Apple refused to provide any schedule for a fix, but OpenBSD decided not to fix it. OpenBSD's coordinator stated, in an email, that OpenBSD is completely uninterested in the problem and that the problem is completely irrelevant in the real world. This was highlighted recently when Amit Klein posted to the BugTraq list."
then exploit it (if you can) (Score:5, Insightful)
nothing says "fix it" faster than a few thousand compromised hosts
release a PoC that gets r00t, inform the security lists and stand back
thats what full disclosure is for.
if it isnt exploitable then BSD can fix it at leisure
or if thats not quick enough and as its Open Source, YOU fix it if you are that concerned
now somebody call the whhaaambulance
Uh what (Score:4, Insightful)
Re:Uh what ... yeah (Score:1, Insightful)
That's right, I'm trolling BSD users because their idea of Free Software has a flaw, and it'd be nice for them to realise it once in awhile. This is instead of their constant trolling of the GPL (and compatible) while pretending their perception is perfect. And I'm no coward in saying it.
What?? (Score:1, Insightful)
The flaw in the PRNG is not exploitable. Not unless you are root on the local machine and have the ability to stop all other processes. If you are root then there is nothing to exploit as you are already, well, root.
So perhaps you should have RTA first? Or where you in a hurry to make a post on front of the list?
Re:So much for high security (Score:5, Insightful)
The OpenBSD guys are pretty defensive about security. If they say it is not a problem, I am inclined to believe them.
Re:If the OpenBSD devs say it isn't a security fla (Score:2, Insightful)
I see you don't remember how OpenBSD developers downplayed remote root vulnerability in mbuf code, until COREsecurity gived them working exploit
And this is that mega randomness with what OpenBSD team was so proud
Re:Uh what ... yeah (Score:2, Insightful)
Apple are free to release their putative fix to the community, or not - their free choice. That's one more freedom, relative to being obliged to release any changes they make which lead to a binary release outisde of Apple, which the GPL would oblige.
There are plenty of folk who see that as a feature not a flaw.
Oh for Bob's sake! (Score:2, Insightful)
But when the PRNG for a non-MS operating system is shown to have a similar (but not identical) problem, it's "irrelevant"?
Perception is as important as actuality (Score:2, Insightful)
Can someone say how hard a fix would be ? Surely: for the sake of a bit of work they are committing a public relations blunder!
Re:Alternative submission (Score:3, Insightful)
If flawed, predictable PRNG code is so 'irrelevant in the real world' why does even Microsoft seek to improve upon it?
"Strengthens the cryptography platform with a redesigned random number generator, which leverages the Trusted Platform Module (TPM), when present, for entropy and complies with the latest standards. The redesigned RNG uses the AES-based pseudo-random number generator (PRNG) from NIST Special Publication 800-90 by default. The Dual Elliptical Curve (Dual EC) PRNG from SP 800-90 is also available for customers who prefer to use it."
Overview of Windows Vista Service Pack 1 [microsoft.com]
Though this question obviously will depend on how MS's previous PRNG implementation stacks up against OpenBSD's.
Strike 2, OpenBSD. (Score:5, Insightful)
First they refused to implement WPA (despite the other BSDs having it), because it "doesn't provide real security" and "just use IPSEC".
Now they're refusing to address a weakness in their network stack (despite the other BSDs addressing it), again with the implication that everybody should just jump to IPSEC. What if you're in a situation where an IPSEC rollout is impractical or impossible?
Whatever happened to defense in depth? Whatever happened to "secure by default"? Whatever happened to constructive paranoia, such as randomizing of libc addresses, that was unlikely to have any real impact on security but was a nice extra, just in case? Why must I now upgrade to NetBSD to get security features that are lacking in OpenBSD? Isn't the shoe on the wrong foot?
What happened? Was there a change of management? Is OpenBSD under the thumb of a douchebag patch manager lately? Is this going to go away at some point? Those of us that sleep with OpenBSD firewalls like a gun under our pillow are taking notice.
GPL has the same flaw, ya know. (Score:3, Insightful)
( * which only says something about making the code, and thus the fix, available if the code, or compiled version thereof, is distributed. )
The difference is trivial, isn't it. In both cases an existing fix would not automatically be contributed back.
Re:What?? (Score:1, Insightful)
You say "OpenBSD is secure, therefore any comparison of OpenBSD to windows 95 is invalid". The GP says "OpenBSD and windows 95 seem to be comparable here, therefore OpenBSD - apparently - is not 100% secure". A priori, the latter makes much more sense; your position can only be reasonably adopted if you already KNOW that OpenBSD is secure. Given that we're talking about a potential flaw in OpenBSD here, such an assertion would amount to circular reasoning.
You say that the flaw "is not exploitable". On what basis are you claiming this? Can you back up your claim somehow? Did you examine the source code or investigate possible attack scenarios? Are you an OpenBSD developer?
The answer to all the above is "no", of course. You do not know that the flaw is not exploitable; you merely have formed an opinion on OpenBSD's supposedly perfect security already and cannot stand the cognitive dissonance created by having to admit it might not be; therefore, you're forced to make claims such as this in the hopes that someone else who's suffering from the same problem(s) will mod you up.
But of course, that need not concern me, the GP, or anyone else - we don't care about your personal problems. All that matters to us is that until we have, at the very least, strong evidence that this flaw cannot possibly be exploited, we are going to treat it as if it can be. And even in the face of such evidence, we are still going to assert that it's better to be careful and that even a flaw that you currently believe cannot be exploited should be patched - after all, nobody is perfect.
It's better to be vigilant, and the OpenBSD developers should be the first to agree to that.
Re:Strike 2, OpenBSD. (Score:2, Insightful)
Re:Uh what ... yeah (Score:3, Insightful)
Re:Strike 2, OpenBSD. (Score:3, Insightful)
Umm, they're completely correct to take this stance. WPA is far inferior to IPSEC, security-wise. It's OpenBSD's job to help insulate you from insecure technologies. We could easily say, "Just because FreeBSD allows one-character passwords, OpenBSD should, too!" And you know what? We'd be wrong to think in that way.
What happened? Was there a change of management? Is OpenBSD under the thumb of a douchebag patch manager lately? Is this going to go away at some point? Those of us that sleep with OpenBSD firewalls like a gun under our pillow are taking notice.
What happened? Nothing happened. The OpenBSD team members are performing their task perfectly. They are computer security experts who have considered this problem, and found it to not be the issue that some others think it is. So they're doing the responsible thing, and not making willy-nilly changes to their codebase for the sake of a "security glitch" that really doesn't exist.
Re:Uh what ... yeah (Score:4, Insightful)
Don't conflate "things you want" with "freedom", please.
Re:then exploit it (if you can) (Score:2, Insightful)
You probably did a typo in a closing tag. Anyway, There's a reason why we have a "preview" button
Re:Uh what ... yeah (Score:3, Insightful)
Re:then exploit it (if you can) (Score:3, Insightful)
Re:Perception is as important as actuality (Score:2, Insightful)
Nobody forces you to use OpenBSD, and nobody prevents you from patching it yourself. They are entirely in their rights to say "No" even if it is a stupid thing to do.
They'd more likely be used to compromise the user (Score:3, Insightful)
Not everything is about compromising someone's computer.
Re:Strike 2, OpenBSD. (Score:5, Insightful)
So, OpenBSD is refusing to put a locking mechanism on the doorknob because it wants to make people use a deadbolt. Me, I'd want both; if it turns out my deadbolt had a defect and thus easily defeated, the doorknob lock would at least provide some security.
Re:So much for high security (Score:3, Insightful)
Your dollar, your time (Score:2, Insightful)
As we can see, even Microsoft can't seem to be vigilant on everything at once.
And the question to ask would be, what alternative? OpenBSD has (yet another) theoretical vulnerability. Is it one that affects the things you use obsd for?
MSWxxx has yet another real vulnerability. Is it one that affects what you use MSWxxx for?
It's better to allocate your time to be vigilant on things that matter (to you).