Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security Bug Encryption Government Privacy United States

Computer Science Professor Mocks The NSA's Buggy Code (softpedia.com) 179

After performing hours of analysis, a computer science professor says he's "not impressed" by the quality of the recently-leaked code that's supposedly from an NSA hacking tool. An anonymous Slashdot reader writes: The professor, who teaches Software Vulnerability Analysis and Advanced Computer Security at the University of Illinois, Chicago, gripes about the cryptography operations employed in the code of an exploit called BANANAGLEE, used against Fortinet firewalls. Some of his criticism include the words "ridiculous", "very bad", "crazy" and "boring memory leaks".

"I would expect relatively bug-free code. And I would expect minimal cryptographic competence. None of those were true of the code I examined which was quite surprising," the professor told Softpedia in an email.

If these were cyberweapons, "I'm pretty underwhelmed by their quality," professor Checkoway writes on his blog, adding that he found "sloppy and buggy code," no authentication of the encrypted communication channel, 128-bit keys generated using 64 bits of entropy, and cypher initialization vectors that leaked bits of the hash of the plain text...
This discussion has been archived. No new comments can be posted.

Computer Science Professor Mocks The NSA's Buggy Code

Comments Filter:
  • by hsmith ( 818216 ) on Saturday August 20, 2016 @10:34AM (#52737841)
    The real issue is what was exploited that one should be concerned about the quality of the code. "Oh man your shell scripts suck!"
    • by saps1e ( 560653 ) on Saturday August 20, 2016 @10:48AM (#52737901)
      Agreed. Considering this in the context of "cyberweapon", many weapons have been poorly designed and/or rushed into service, so this may be par for the course. I haven't looked at the code myself, but I would imagine that having a small footprint, both in terms of size and resources, is key to running undetected. Cutting corners, minimal encryption... those could be considered advantages here.
      • by ubrgeek ( 679399 )
        > many weapons have been poorly designed and/or rushed into service

        Yup. Just ask the Gorn.
    • by Spazmania ( 174582 ) on Saturday August 20, 2016 @11:06AM (#52737971) Homepage

      "Oh man your shell scripts suck!"

      Yeah, that was my thought as well. Red team code is supposed to be quick and dirty. It's the attacker, not the defender. It doesn't have to be pretty or work well, it just has to breach the target system.

      • by drinkypoo ( 153816 ) <martin.espinoza@gmail.com> on Saturday August 20, 2016 @12:24PM (#52738243) Homepage Journal

        Yeah, that was my thought as well. Red team code is supposed to be quick and dirty.

        I think that's a somewhat strong statement. You want your code to work when you deploy it. It's supposed to work. If it works, then it's a working weapon. If it has bugs that impede its function, then it isn't. If the tool can be used against the initiator, because the back channel isn't protected, then it's not just a weapon — it's a hazard.

      • It doesn't have to be pretty or work well, it just has to breach the target system.

        Sure, if you're using the "blast down the front door and storm through shooting" approach. On the other hand if you want to be a bit more subtle then your code needs to be tight and unobtrusive. The best attack is one that the defender never even knows about until it's far too late.

    • by Sique ( 173459 ) on Saturday August 20, 2016 @11:29AM (#52738053) Homepage
      Apparently, the bad code has been known to some secret services for some time. And that means that other secret services had the time to exploit the bad code and use it as an attack vector back against the NSA. I would be very wary to know that my opponent knows how shoddy my own code is. If for instance you can hijack encrypted communications, you can feed the communication any desinformation you want, and the original attacker believes it to be the real thing.
    • "Oh man your shell scripts suck!"

      I'm thinking that this could pave the way to a new geeky genre of the "Yo Mama" jokes.

      "Yo NSA code is so bad, __________".

  • Photos of the professor with under age children have been appearing all over the internet.

    People have been puzzled why the material was on otherwise innocuous sites.

    • Scary (Score:2, Interesting)

      by Anonymous Coward

      You don't like someone? All you have to do is place child porn pictures on their computer, alert the authorities, and even if they've never seen the pics, they are going to the hole for a long time. And it's quite easy to get the pics there too. USB, web link, email attachments, all so easy, and once the evidence is there, you're screwed, even if you deleted it, short of reinstalling windows, (and even that might not work) or replacing new harddrive.

      The police and society at whole have no sympathy for "chil

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Actually the FBI has already been caught putting pictures ONTO peoples' computers in order to gain warrants. They don't do it directly, they do it by proxy through hacker groups they hire "for investigations", but it's been revealed that the hackers will put the material onto the computer, alert the FBI that this has been successful, go back and retrieve the pictures while the FBI watches, and thus giving the FBI what they need to breach the location. It's all pretty damn shady if you ask me. Does our FBI e

      • The police and society at whole have no sympathy for "child molestors", despite the fact that VIEWING A PICTURE IS AN INNONCENT CRIME...for an activity that didn't harmed anyone.

        I've seen you seed this unsubtle agenda into other comments before (or, God help us there are more than one of you out there trying to rationalize child porn to yourselves). It is clearly something in which you have a personal stake. Get help.

        • by dbIII ( 701233 )
          There have been people convicted for viewing cartoons so it is a bit of a point that things have gone a bit far off track from preventing child exploitation.
          We keep on letting the child rapists like Roman Polanski go free while using pictures as an excuse for paramilitary raids on suspects.
    • Re: In other news (Score:5, Insightful)

      by Type44Q ( 1233630 ) on Saturday August 20, 2016 @11:06AM (#52737969)
      Or the exact opposite: they send him a fat check, as per their agreement (the NSA funtions more effectively when it's being underestimated).
  • TTL (Score:3, Insightful)

    by Anonymous Coward on Saturday August 20, 2016 @10:36AM (#52737853)

    I'm guessing that time to live is more important than having everything looking pretty with your i's dotted and t's crossed. These tools are for exploits that may not be around for ever. Getting the code live and useful is more important than anything else.

    • by Megane ( 129182 )

      It doesn't matter how pretty you make a bomb, in the end all it has to do is go "boom".

      Then again, it does help if it doesn't fall apart before it hits the target.

    • I'm guessing that time to live is more important than having everything looking pretty with your i's dotted and t's crossed.

      Absolutely. If TTL is set too low, data packets won't make it back to NSA's servers. But for NSA peeps reading this: do make sure to avoid TTL in the electronics! It's lethal for your spying device battery life.

  • by Anonymous Coward on Saturday August 20, 2016 @10:38AM (#52737865)

    Remember, these are the people who want "Front Door" access to your computer. Without a warrant, without oversight.

    You can trust them, they are the most skilled cyber-warriors on the planet!

    Give them the keys to your front door, both physical and virtual! They are super competent and trustworthy.

    • We have no idea what they want, don't be such an ignoramus. Republicans in Congress want government to have "front door" access to your computer. Nobody knows what the NSA wants, because they don't even talk to the public about what they want, and they don't ask for anything but money, ever. And don't bother asking what they spent it on, they're not going to engage in a conversation with you where they tell you "no."

      • by dbIII ( 701233 )

        don't be such an ignoramus ... because they don't even talk to the public about what they want

        They talk to the press and some of us "ignoramus" types read it.
        A bit of an amusing backfiring insult there Aighearach. The NSA don't get their government cash without saying in very broad terms what their aims are. We get to hear that stuff too if we pay attention instead of ignoring it.

        • They talk to the press and some of us "ignoramus" types read it.

          Right and you have no way to tell if they're lying to you, or to the other guy, or if all of 12 different public theories were presented by them.

          The Air Force hiding experimental craft by saying "it was a weather balloon" is beginner stuff, but these are professionals. There is no way you can receive information purported to be from them and have any idea if it is true or which parts are lies and why. There is a long history of the government hiding secrets by encouraging and even inventing conspiracy theor

          • by dbIII ( 701233 )

            Right and you have no way to tell if they're lying to you

            Frequently they are but they still have to beg for money in public.

            but these are professionals

            The star trek set thing, what Snowden could get hold of and an increasingly long list of other things (outsourcing - WTF?) indicate otherwise. They are toy soldiers IMHO best replaced by the real thing.

            credible claim to knowledge of the subject

            You are the one calling us ignorant yet saying they never say stuff in public. Quite funny really and a bit of an o

            • Right and you have no way to tell if they're lying to you

              Frequently they are but they still have to beg for money in public.

              I can hear hamsterdance playing when you say that.

              No, actually, they don't have to beg in public. You obviously don't follow politics well enough to already know the details, so you should have looked it up instead of just guessing that it might be the same as with non-secret agencies. But it was an awful guess, not even all members of Congress to get to the see how much money they're giving the NSA! They certainly don't come begging. We're not talking about NASA here.

              Blathering about Star Trek doesn't caus

              • by dbIII ( 701233 )
                Conspiracy theories can be comforting when you assume the conspirators are all powerful and nothing can be done about them, so you can just ignore them and move on.

                Meanwhile back in reality the NSA is leaking like a sieve and we know far more about them than we would ever want to.

                I must say your denial of what you wrote in your first post and the insults calling me stupid for taking your first post at face value are very amusing. Do you do balloon animals too Pogo?
                • That's a pretty lame approach, but very ignorant.

                  I'm not supporting a "conspiracy theory," don't be a blatant tool. I'm saying YOU can't KNOW which conspiracy theory to BELIEVE because you can't CHOOSE between then because the government IS KNOWN (in a non-conspiratorial, "this is their job" way) that spy agencies intentionally mislead you, AND other country's spy agencies mislead too while making it look like somebody else, and PRIVATE PARTIES also offer their own additional lies and propaganda for whateve

                  • by dbIII ( 701233 )

                    "conspirators are all powerful and nothing can be done about them."

                    That is the approach you are using by insisting that they are an unknowable force dealing with the unknown.
                    Meanwhile in reality they appear to be toy soldiers best replaced by real military intelligence. Your vote could do something about that some day, they are not the Stasi and this is not East Germany.
                    Please wake up to what is going on instead of railing against people who dare to challenge your comfort zone.

                    • No, I didn't say they're an "unknowable force dealing with the unknown." I said it is known that they deal in misinformation, have formal permission for lots of secret activities, have a large budget the details of which are secret, and it is their job to hide or obscure all the details of all that. It isn't unknown what their job is; it is known exactly where they are working when and in what way, etc, etc.

                      If you can't tell the difference between known unknowns and known knowns, you might as well not even

                    • by dbIII ( 701233 )

                      No, I didn't say they're an "unknowable force dealing with the unknown.

                      That is exactly what you suggested and you then went as far as calling those of us that have been paying attention "ignorant".
                      Pathetic really. Especially your conspiracy theories A, B and C - you really are damaged.

                      If you had more contact with government and military you would be laughing at those ideas instead of trying to spread them.
                      Some of the five eyes stuff like spying on an Indonesian tobacco company shows how hopelessly mundane

                    • Your conspiracy theories A, B and C depict them as an unknowable force with perfect capability. That's a common factor with a lot of conspiracy theories where the exponents can feel comfort that there is somebody with infinite capability in control so they don't have to worry.
                      Reality is a series of fuckups some of which have got public attention. The theory that the fuckups are just there to lull us into a false sense of security instead of them being a bunch of toy soldiers that should be replaced with t
                    • Right, things I didn't say, that you somehow thought were "suggested," that you have been told were neither said nor meant, OK, at that point you've established completely and without question that you misread it. And you're still defending your misreading of what I said.
                      Pathetic. Really.

                    • by dbIII ( 701233 )

                      And you're still defending your misreading of what I said

                      If you didn't mean what you wrote then I suggest writing what you do mean instead. That will avoid a bit of confusion.
                      It looks very much like you are slamming anyone that pays attention to publicly available information on the NSA as "ignorant". Did you really mean something other than that?

      • They want the same thing Hoover wanted... And even if somehow they don't want it right now, it's terrible idea to allow them the capability.

    • They may be experts, but they probably still have interns who write code and then accidentally let someone steal it.

  • By Design (Score:2, Funny)

    by Anonymous Coward

    Clearly the NSA leaked these tools with built-in weaknesses so they could get others to install them, then they get to use them.

    • Yep, that's what it says on the tin; "This conspiracy can never be proven or disproven, and you'll never have any way to know what is really going on or which lie is from which of a dozen "sides" are competing to lie to you.

      This is why mindless flailing doesn't help the situation. There isn't an obvious direction to flail in.

    • by clovis ( 4684 )

      Clearly the NSA leaked these tools with built-in weaknesses so they could get others to install them, then they get to use them.

      Or, perhaps they were copied directly from some guys computer from a folder titled "dev".

      If you look on my computer, you'll see a folder named "scripts" with many megabytes of scripts in there. It's all historical stuff as I worked on various things or attempted to try something different. Dead ends and so on. Almost none of these were actually used. The things I actually used are elsewhere. I don't know why we would assume that these were examples of programs actually in use.

  • You think this "leaked" code is the real thing?
  • Not Surprised (Score:5, Insightful)

    by organgtool ( 966989 ) on Saturday August 20, 2016 @10:53AM (#52737915)
    Security vulnerabilities are discovered and patched all of the time. It doesn't make sense to spend a lot of time writing extremely meticulous code for an exploit that could be patched by the time you're done writing the exploit code. Combine that with the fact that there's probably a ton of vulnerabilities in a lot of different applications, drivers, and firmware and it probably makes more sense to focus on quantity of exploits rather than quality.
    • by Anonymous Coward

      A big part of writing quality code is separating the parts that change from the parts that don't. The same is true with hacking code and exploit code. There should be a high quality framework or harness which can accept custom build modules for the individual exploits and any custom one-off exploitation code that's required. In fact, this is precisely how many of the high quality botnet and hacking tools maintained by the Russian criminal gangs work. Maybe our government could learn a thing or two from the

    • by janoc ( 699997 )

      Are you really so naive as to believe that the sloppy crypto code is not reused elsewhere?

      He isn't talking about the exploit code but some parts of the payload - crypto and some packet handling stuff.

  • by PPH ( 736903 ) on Saturday August 20, 2016 @10:54AM (#52737917)

    Our best guy is on vacation in Moscow.

  • by Anonymous Coward

    ok so like the NSA got pwnt because they asshat-miscrypto-cleartexted the shit out of trillions of dollars worth of strategic vital interest defensive and offensive cyberweapons while exposing us to digital armageddon by revealing a global infrastructure of intentionally, illegally, and poorly back-doored hardware while being recorded for 3 years by our enemies engaging in top secret god knows what the fuck in an information age geopolitical information warfare climate of 2013-2016? did i get this correct g

  • .....is what they're thinking I'm sure. They probably destroy the VM after using the tool anyway.

  • by Anonymous Coward

    Consider the possibility that the leaked code may be disinformation.

  • In retrospect.

    Suddenly those spent costs no longer seem like they should have cost as much.

    And those lessons learned? We should have just known those!

    It's why industry refuses to spend anything on basic research anymore. SOO inefficient, and with priorities that make no sense to some random consultant or investor.

    [sarcasm]
    Pff - NASA, I could do better than that! Here - I'll just make up an ideal, say, random number generation that I just happen to have a library of code on, and WOW - I do SO MUCH BETTER

  • Meh (Score:5, Interesting)

    by Greyfox ( 87712 ) on Saturday August 20, 2016 @11:45AM (#52738105) Homepage Journal
    I've yet to see a computer science professor with particularly excellent code, either. I run across assignments and example code from courses on a regular basis that fall into the "Never, ever do that" category of programming. Case in point, a relative of mine recently had some questions about a CS programming assignment. Part of the assignment description talked about design patterns and predictably went straight for the Singleton as an example. I'm pretty sure that's the only pattern that about 90% of programmers ever actually learn when reading about design patterns and it's so abused in the industry right now that you can basically never get one past a design review board.

    Anywhoo, back in the '90's I worked for a company that was getting a B2 Certification for its operating system. My job basically consisted of reading the entire AT&T C standard library code, finding potential security flaws, writing tests for those flaws and then writing a report with the tests which would be delivered to the NSA. I found the remote buffer overflow in the AT&T telnet daemon a couple years before the same overflow was discovered in the Linux telnet daemon. So the NSA basically outsourced the hard work of finding all those exploits to the companies that were trying to get security certifications. It took three or four guys just a few months to go through all the stuff we had to look at. I'm sure we missed a bit, but I was much more confident in the security of their OS at the end of all that. Too bad they eventually went out of business, were acquired by IBM and their products were killed. You know, progress!

    • I've yet to see a computer science professor with particularly excellent code, either. I run across assignments and example code from courses on a regular basis that fall into the "Never, ever do that" category of programming. Case in point, a relative of mine recently had some questions about a CS programming assignment. Part of the assignment description talked about design patterns and predictably went straight for the Singleton as an example. I'm pretty sure that's the only pattern that about 90% of programmers ever actually learn when reading about design patterns and it's so abused in the industry right now that you can basically never get one past a design review board.

      Anywhoo, back in the '90's I worked for a company that was getting a B2 Certification for its operating system. My job basically consisted of reading the entire AT&T C standard library code, finding potential security flaws, writing tests for those flaws and then writing a report with the tests which would be delivered to the NSA. I found the remote buffer overflow in the AT&T telnet daemon a couple years before the same overflow was discovered in the Linux telnet daemon. So the NSA basically outsourced the hard work of finding all those exploits to the companies that were trying to get security certifications. It took three or four guys just a few months to go through all the stuff we had to look at. I'm sure we missed a bit, but I was much more confident in the security of their OS at the end of all that. Too bad they eventually went out of business, were acquired by IBM and their products were killed. You know, progress!

      I use singletons at work ALL the time. But only for hardware resources that I don't want someone to try and create more than one instance to. I can only have input and output stream on my device and, sure, I could make that static, but if I make the whole object obviously a singleton to the person using it, they get the idea that there is a limit on the hardware. Now, granted, if I was in the business of providing access to multiple instances of the same type of hardware, that would not be acceptable.

      • by Greyfox ( 87712 )
        Is there every any particular need to limit them, though? A couple decades ago it was uncommon to have more than one sound device on a machine. Now it's unusual not to have two or three. Designs and requirements change over time, and having to factor out singleton behavior that was never really necessary in the first place is kind of a pain in the ass. You could easily just create those things with thing factories when the program starts up, and pass them around to objects that need them. No artificial limi
        • Is there every any particular need to limit them, though? A couple decades ago it was uncommon to have more than one sound device on a machine. Now it's unusual not to have two or three. Designs and requirements change over time, and having to factor out singleton behavior that was never really necessary in the first place is kind of a pain in the ass. You could easily just create those things with thing factories when the program starts up, and pass them around to objects that need them. No artificial limits, and you don't have to factor out singleton behavior when you decide you want two things where you used to only have one.

          I've found that design review boards are becoming increasingly hostile toward singletons, too. There was a narrow window where they'd at least consider one, back when people started talking about design patterns. These days it's next to impossible to get one approved, even if there's pretty good justification for it. You can always design around the need for a singleton, and usually the system design will be better without them.

          In this case, most of the time, yes. There are exceptions, I am about to start a new project where the limit on the number of devices would be an issue. But I write drivers for credit card terminals on mobile devices. So unless the project specifically requires multiple credit card terminals (not common and the project I am referring to that will require it is due to the fact that one terminal may be hard configured for one currency and the other the USD), we intentionally limit the mobile device to one

          • And let me be more clear, I wrote the software in layers. One layer speaks the native protocol of the device and the other is an abstraction layer that hides details of the specific device and makes it a more generic credit card terminal interface. The enforcement of a singleton happens at the publicly exposed layer and can be more easily removed.
        • by dgatwood ( 11270 )

          Singletons are a good default design pattern to use if you need something that should typically be shared across lots of pieces of code (e.g. a cache). With that said, my general policy is that you generally shouldn't design classes that are limited to use as a singleton. You should always provide the ability to allocate additional instances unless it is impossible to safely have more than one instance for some reason (and you must justify why this is the case).

  • Whos naked? (Score:3, Funny)

    by Pablo Essgalhardo ( 4676547 ) on Saturday August 20, 2016 @12:26PM (#52738253)
    He can mock their code but thats how they got all his emails, internet browsing history, phone calls, text messages and gps coordinates for the last 10 years or more...
  • Random Numbers (Score:4, Interesting)

    by raftpeople ( 844215 ) on Saturday August 20, 2016 @12:52PM (#52738355)
    Is it possible the NSA knows something about existing pseudo-random number implementations and is purposefully working around that issue in this code? The professor seems to ignore this possibility.
    • Re:Random Numbers (Score:4, Insightful)

      by david_bonn ( 259998 ) <davidbonn@3.14mac.com minus pi> on Saturday August 20, 2016 @05:54PM (#52739739) Homepage Journal

      That's possible, true.

      But it is hard to see that someone would "fix" that problem using the approach given in the code sample. Basically their "fix" only produced 64 bits of entropy for a 128 bit key, which is a 101-level cryptography mistake. It also took more time and was much more complex than a straightforward implementation, which kind of kills the argument about the authors having to work quickly. This is one of those screwups that required thought and effort. I'm left with two possibilities:

      (1) The NSA is hiring complete amateurs to write their exploit tools, and they aren't giving any adult supervision (or code reviews) to the products of those amateurs.

      (2) The NSA/Equation Group didn't write this code at all.

  • What if the shadow brokers didn't hack and steal NSA code, but simply had some part in writing the code to begin with and perhaps what they're selling is unrefined prototypes?

    Frankly I have no reason to believe that the shadow brokers and the equation group are even separate entities. If equation group are as good as they are supposed to be, then it makes more sense that for some reason equation group are playing a game with the public. (I highly doubt they'd try and play a game with the NSA.)

    I have also se

  • by Overzeetop ( 214511 ) on Saturday August 20, 2016 @01:41PM (#52738595) Journal

    Expert: I mean, look at it - it's a bunch of nails and duct tape around a low explosive core which doesn't have nearly the proper confinement for even 50% of the maximum shock wave capable, much less the ability to transition to detonation. And this wiring - that's just disgraceful - the solder didn't even flow properly here, and this is entirely unsheilded - anything could set this off accidentally, even a cell phone. If you were in my training program, you're fail miserably.

    Terrorist: We used one of these yesterday to kill 25 people and injure another 70 in a market in Aleppo.

    Expert:...

    • Re: (Score:2, Insightful)

      by raftpeople ( 844215 )
      I know. The professor admits he's not a cryptographer and then criticizes the way NSA forms a random number, which is a critical piece of crypto. Maybe they know something about crypto that he doesn't.
    • Expert: I mean, look at it - it's a bunch of nails and duct tape around a low explosive core which doesn't have nearly the proper confinement for even 50% of the maximum shock wave capable, much less the ability to transition to detonation. And this wiring - that's just disgraceful - the solder didn't even flow properly here, and this is entirely unsheilded - anything could set this off accidentally, even a cell phone. If you were in my training program, you're fail miserably.

      You'd be right they'd fail the course and be booted out! And for good reason. I can assure you that you have special operations soldiers in the US who can and do use IEDs (for black flag, or deniable operations if nothing else) and you can be likewise sure that they will look like cobbled together crap (in case they're detected before they go off) but will not actually be crap. They'll go boom every time, because there's nothing worse than having a meticulously, planned and executed operation, months in the

  • 128-bit keys generated using 64 bits of entropy

    I'd like to see the professor brute forcing 64 bits to show exactly how weak that is.

  • Whats worse?

    The buggy code that can hack a server

    or

    the buggy code running on the server that can be hacked?

  • ...at reverse engineering and cracking tend to be extremely 'pragmatic' in their approach to creating software.

    People are constantly confusing programming with software engineering. Look at Google for example, look at the design decisions behind golang. Google has lots of very smart people no doubt, but golang was designed around their pervasive weakness - they do not tend to be good software engineers (experience will usually lead them there though.)

  • "The purpose of the keygen tool is to generate a 16-byte random number for use by the other tools. This simple task can be accomplished by reading 16 bytes from /dev/urandom."

    No, not really - not if you want to maximize entropy. The procedure he describes afterwards seems awfully convoluted, but might be a good way of generating strong pseudorandom numbers in systems with a poor /dev/urandom implementation.

  • Just saying, there is such a thing as disinformation

  • The scenario of extracting RSA key from memory leaks on Cisco Pix reminds a lot about Heartbleed. Does Cisco Pix use OpenSSL?
  • an exploit called BANANAGLEE, used against Fortinet firewalls

    If the submitter actually bothered to read the article, he would realize that BANANAGLEE targets Juniper, not Fortinet. Hoes does one make the mistake of mis-attributing to someone who was only mentioned once in the entire article?

One small step for man, one giant stumble for mankind.

Working...