Bob Beck who is an OpenBSD, OpenSSH, and LibreSSL developer as well as the director of Alberta-based non-profit OpenBSD Foundation gave a talk earlier today at BSDCan 2014 in Ottawa, discussing and illustrating the OpenSSL problems that have led to the creation of a big fork of OpenSSL that is still API-compatible with the original, providing a drop-in replacement, without the #ifdef spaghetti and without its own "OpenSSL C" dialect.
Bob is claiming that the Maryland-incorporated OpenSSL Foundation is nothing but a for-profit front for FIPS consulting gigs, and that noone at OpenSSL is actually interested in maintaining OpenSSL, but merely adding more and more features, with the existing bugs rotting in bug-tracking for a staggering 4 years (CVE-2010-5298 has been independently re-discovered by the OpenBSD team after having been quietly reported in OpenSSL's RT some 4 years prior).
Bob reports that the bug-tracking system abandoned by OpenSSL has actually been very useful to the OpenBSD developers at finding and fixing even more of OpenSSL bugs in downstream LibreSSL, which still remain unfixed in upstream OpenSSL.
It is revealed that a lot of crude cleaning has already been completed, and the process is still ongoing, but some new ciphers already saw their addition to LibreSSL RFC 5639 EC Brainpool, ChaCha20, Poly1305, FRP256v1, and some derivatives based on the above, like ChaCha20-Poly1305 AEAD EVP from Adam Langley's Chromium OpenSSL patchset.
To conclude, Bob warns against portable LibreSSL knockoffs, and asks the community for Funding Commitment -- the Linux Foundation is turning a blind eye to LibreSSL, and instead is only committed to funding OpenSSL directly, despite the apparent lack of security-oriented direction within the OpenSSL project upstream. Funding can be directed to the OpenBSD Foundation.
Related Stories
It has finally happened. Bob Beck of The OpenBSD Foundation has just announced that the first release of LibreSSL portable is now available, and can be found in the LibreSSL directory of your favourite OpenBSD mirror.
libressl-2.0.0.tar.gz has been tested to build on various versions of Linux, Solaris, Mac OS X and FreeBSD.
This is intended to be an initial portable release of OpenBSD's libressl to allow the community to start using it and providing feedback, and has been done to address the issue of incorrect portable versions being attempted by third-parties. Support for additional platforms will be added as time and resources permit.
OpenBSD developer, Florian Obser, has written a detailed post on privilege drop, privilege separation, and restricted-service operating mode in OpenBSD. The BSD-derived operating project, OpenBSD, has been at the forefront of mitigation techniques, for decades now. Florian discusses what OpenBSD has now, and how it got there and provides examples.
Prologue
My main focus in OpenBSD are privilege separated network daemons running in restricted-service operation mode. I gave talks at BSDCan and FOSDEM in the past about how I used these techniques to write slaacd(8) and unwind(8). While I do not think of myself as a one-trick pony, I have written some more: slowcgi(8), rad(8), dhcpleased(8), and gelatod(8). I also wrote the first version of what later turned into resolvd(8).
At one point I claimed that it would take me about a week to transmogrify one daemon into a new one.
Why
Privilege drop, privilege separation, and restricted-service operating mode are exploit mitigations. When1 an attacker finds a bug we try to stop them from causing damage. The mitigations we are talking about here are aimed at attackers that achieved arbitrary code execution. Due to other mitigations that is quite difficult to pull off. These are the last line of defence. We try to remove as many resources from the attacker to play with and try to crash the program as quickly as possible if an attacker touches something they are not supposed to.
Previously:
(2022) Fuzzing Ping(8) ... and Finding a 24 Year Old Bug
(2021) Recent and Not So Recent Changes in OpenBSD That Make Life Better
(2018) OpenBSD Chief De Raadt Says No Easy Fix For New Intel CPU Bug
(2017) Kernel Address Randomized Link in OpenBSD
(2014) Bob Beck gives a 30-day status update on LibreSSL
And many more.
(Score: 2, Interesting) by Anonymous Coward on Sunday May 18 2014, @06:35AM
going through the slides, it seems to be a lost cause to give any further cent to the OpenSSL team. They're obviously quite incompetent.
Can the Linux foundation divert money to LibreSSL?
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @07:40AM
The Linux foundation has sadly made a commitment to the wrong team already http://www.linuxfoundation.org/news-media/announce ments/2014/04/amazon-web-services-cisco-dell-faceb ook-fujitsu-google-ibm-intel [linuxfoundation.org]
I doubt they would support two competing libraries especially if one is maintained by the *BSD people
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @09:31AM
There is no money to be diverted by funding a competent team releasing quality code. Who is going to feed the hordes of Linux consultants?
(Score: 5, Informative) by mth on Sunday May 18 2014, @10:51AM
(Score: 2) by pe1rxq on Sunday May 18 2014, @11:36AM
It would be a bit more fair to give the OpenSSL team a chance to respond before labeling them incompetent. Right now you only have the presentation of the LibreSSL team which has a clear conflict of interests..
Do they really only want to be paid for new features instead of doing maintenance? Or was there simply nobody who wanted to pay for maintenance?
Personally I think it is a good thing to have multiple implementations, but LibreSSL has not yet proven to me that they are much better. They are getting the low hanging fruit right now, but ripping out and changeing huge amounts of code in a very short time sounds dangerous. They are bound to introduce atleast a few new bugs by their actions.
I'll wait little bit before calling their version the better one.
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @12:34PM
It doesn't need a response really. We can all look at the OpenSSL code and their bug tracker right now. If there is a 4 year old problem on the tracker that they haven't bothered to deal with, they're clearly bad at what they do, or they don't do their job at all.
Now the fork has fixes from the bugtracker that the original project never bothered to fix, f*cking unbelievable for a project this sensitive.
(Score: 3, Informative) by omoc on Sunday May 18 2014, @01:02PM
Did you see the presentation? https://www.youtube.com/watch?v=GnBbhXBDmwU [youtube.com]
The entropy mess alone shows that the OpenSSL people cannot be trusted with crypto stuff.
(Score: 2) by pe1rxq on Sunday May 18 2014, @01:57PM
Did you really have a good look at the presentation?
Just do a quick calculation on how many thousands of lines of code they removed every day on average! There is no way they read and fully understood every one of them.
LibreSSL might end up being the best crypto library ever. But right now I am supposed to think they are great because 'we can make the other guys look stupid'.
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @02:18PM
reading the commit log, the other guys really asked for it
When it comes to security, I trust the OpenBSD team a whole lot more than everyone else. They're good at it and they do it for free and ask for donations later. OpenSSL may be called a foundation but it's a for-profit consultant company that obviously didn't even care about fixes people submitted to their bugtracker. You're not supposed to think anything, just look at the evidence and draw a conclusion.
(Score: 2) by pe1rxq on Sunday May 18 2014, @09:59PM
The OpenBSD team indeed has a great reputation with respect to security.
Unfortunatly they also have a bad reputation of trash talking with Theo being the posterboy of anti-social behavior.
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @07:02AM
Gotta be some kind of a record...
(Score: 1, Flamebait) by Hairyfeet on Sunday May 18 2014, @07:02AM
Kinda hard to be surprised they aren't getting funding when they think Comic Sans is fine for a presentation.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 4, Informative) by melikamp on Sunday May 18 2014, @07:24AM
(Score: 1) by Refugee from beyond on Sunday May 18 2014, @09:46AM
>"This page scientifically designed to annoy web hipsters - donate now"
That's hardly professional attitude, though.
Instantly better soylentnews: replace background on article and comment titles with #973131.
(Score: 2) by Nerdfest on Sunday May 18 2014, @02:12PM
Having a sense of humour in a presentation is hardly unprofessional. It's also great marketing most of the time as it gets some attention, and in this case, likely attention from the correct audience.
(Score: 1) by Refugee from beyond on Sunday May 18 2014, @02:23PM
Calling names is, though.
Instantly better soylentnews: replace background on article and comment titles with #973131.
(Score: 1) by steveha on Monday May 19 2014, @07:45AM
Calling names is [unprofessional]
Yeah. I watched the YouTube video of the presentation, and I'm of two minds about it. On the one hand, it's kind of unprofessional to just keep slamming the OpenSSL guys. On the other hand... it seems like the OpenSSL guys really deserve all the abuse. (Horrible security issues languishing for four years, unfixed? WTF?)
I have to agree that the OpenSSL situation was so dire that a hostile fork really was justified. I'm cheering for the LibreSSL guys, and I look forward to future presentations where they will talk more about cool technical security stuff and not so much about how truly awful OpenSSL was.
(Score: 0) by Anonymous Coward on Monday May 19 2014, @10:36AM
The name calling mentioned by GP is probably in relation to the word hipster being used to describe the GPer. The presentation doesn't attack any OpenSSL developer. Either directly or as a group. It does mention that their code is crap, which is an objective truth. And points to a possible reason: OpenSSL inc. which again does objectively exist and it does what it does. If they or someone by proxy feel offended, they are free to change jobs. OpenSSL inc. doesn't have them as slaves, I suppose.
(Score: 2) by maxwell demon on Sunday May 18 2014, @10:04AM
If all you want is to annoy web hipsters, then all you have to do is to use HTML without any fancy CSS. Use basic HTML items, let the browser choose colours and fonts, use nothing than bare HTML. This will annoy web hipsters without annoying almost everyone else.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by kaszz on Sunday May 18 2014, @12:35PM
Web hipsters can donate money for computer upgrades to read their mudpool of fluff. Here on it will be HTML v2 if lucky and hey it just works :P
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @07:33AM
So you prefer funding incapable people without comic sans? People like you always need to find something to whine about, if one thing doesn't matter than it's what font they use. There's a lot at stake so just be happy someone is doing something about this mess.
(Score: 2) by maxwell demon on Sunday May 18 2014, @10:13AM
The authors acting childish in one respect doesn't exactly induce trust in them acting professionally otherwise. Which is especially relevant in questions of security-related code.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by kaszz on Sunday May 18 2014, @12:40PM
Acting incompetent is so much better. Given that LibreSSL cleans the mess up for free. They also ought to earn the right to mock the predecessors a bit.
(Score: 2) by omoc on Sunday May 18 2014, @12:45PM
Especially if you read this on the OpenSSL page:
> "Please note that the OpenSSL Software Foundation (OSF) is incorporated in the United States as a regular for-profit corporation."
(Score: 2) by kaszz on Sunday May 18 2014, @12:55PM
Do shit to the public at large and get mocked for it. News at 11 - READ ALL ABOUT IT! :D
Same as for Microsoft, same for OpenSSL etc..
(Score: 2) by maxwell demon on Sunday May 18 2014, @12:53PM
I don't see the connection between mocking the predecessors and intentionally making their web page ugly.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by omoc on Sunday May 18 2014, @01:53PM
If you can't do something right, at least do it badly. That's the credo of OpenSSL in general and the Webpage of LibreSSL.
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @02:06PM
I'd say 25-40k$ so far for using comic sans with the donation hint was well worth it. But go on complaining please
(Score: 2) by maxwell demon on Sunday May 18 2014, @03:34PM
You have any indication that this amount of money was spent because of Comic Sans?
For all we know, it might as well have been ten times as much if they hadn't used Comic Sans. Unfortunately we don't have access to an alternative reality to compare the numbers.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by gman003 on Sunday May 18 2014, @03:36PM
They're making a point - fixing the code is much more important than having a fancy website, so they put up an extremely simple website. To demonstrate that they are focused on the codebase rather than marketing, they used a few things that modern designers claim is the Worst Thing Ever - Comic Sans, blink tags, marquee tags.
(Score: 2) by maxwell demon on Sunday May 18 2014, @03:46PM
There's nothing wrong with setting up an extremely simple web site. But they really should not have added those negative things. There's a huge difference between just not making it pretty, and actively making it ugly.
Indeed, even if the time they put in it has not been large, it still is true that the time they invested into thinking which part might blink would better have been invested in the code. That is, by actively making the site intentionally ugly they actually counteract the very point.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @04:35PM
meet maxwell demon (1608) the pissed off web hipster
(Score: 2) by maxwell demon on Sunday May 18 2014, @05:11PM
Ah, an ad hominem, the resort of those who ran out of arguments.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @07:26PM
It's more like you don't get it, so any argument is pointless. But sure, lets all be annoyed by the look of that website than the quality of the code they're fixing for us
(Score: 2) by maxwell demon on Sunday May 18 2014, @07:55PM
Oh, so just because they (promise to) do something good, you are not allowed to criticise them for something they are doing bad? That's certainly not an attitude I can relate with.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by Hairyfeet on Sunday May 18 2014, @08:17PM
Sadly I see this waaay too often from the FOSS camp, its the "its free so you can't complain" argument and to which i always respond "So if somebody offers you a free sandwich and then puts a side of shit on the plate that doesn't matter because its free?"
If they want people to give them tens of thousands of dollars for their work? A touch of professionalism really isn't too much to ask IMHO. if somebody came into my shop with a proposal and they put it in Comic Sans because "its to annoy hipsters lulz" I'd tell them "You obviously have the mentality of a 15 year old, please stop wasting my time" and show them the door...and they are shocked that the Linux foundation doesn't want to hand a couple million to them over openSSL?
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by hybristic on Sunday May 18 2014, @09:13PM
I believe the point is, the part they are doing "badly" was completely intentional. It was part of the statement and marketing. So yes it took time away from the code development, but if they just threw up a plain html site without all the blinking and Comic Sans they couldn't have made the statement they were going for. And it's important to get a message across about what you're doing. They are saying, yeah we are bad at all this web design crap, look we even use crap fonts and scrolling text! But what we do know is security. If you are into looks and features this isn't the solution for you.
(Score: 2) by Hairyfeet on Sunday May 18 2014, @06:09PM
THANK YOU!!! If you want me to break out my CC for a SECURITY RELATED PROJECT you better damned well act like fricking pros so I know you can do the job! Would YOU trust somebody who thinks its appropriate to act like a snarky douche in a presentation where they are trying to get donations? that alone has told me this project is poorly managed and not worthy of consideration and I have no doubt shit like this is why the Linux foundation has passed on giving them funds.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 0) by Anonymous Coward on Sunday May 18 2014, @08:28PM
I've read once that politicians can discuss nuclear program for 5 minutes and then discuss whether to paint aluminium shack for their bicycles or something like that for hours because they think that they know what they're talking about (in case of shack). I think this was in "Parkinsons law".
This SSL and comic sans discusion look oddly similar in proportions.
(Score: 3, Insightful) by tibman on Sunday May 18 2014, @07:28AM
People will become more interested when their distro offers it via package manager. Not many people are interested in installing an important library like that outside their pm.
SN won't survive on lurkers alone. Write comments.
(Score: 2) by kaszz on Sunday May 18 2014, @01:11PM
Why is https missing from libressl.org [libressl.org] and openbsd.org [openbsd.org] if security is so important?
Doing the walking talk but not the walking walk ..
(Score: 1) by sobers_2002 on Sunday May 18 2014, @01:26PM
seeing as how they are looking for funding, it wouldn't make much sense to waste (or spend more on) their server resources by including SSL overhead for non-secure content.
not using it where it's not required shows that they are actually walking the talk
(Score: 2) by stormwyrm on Sunday May 18 2014, @03:29PM
What parts of a website offering security software are "non-secure content"? The part where you download the developer's PGP signing key? Sure you could in theory verify it via the web of trust, but how many people do you know who have been to a key signing party with Theo de Raadt or one of the other developers involved? Having an SSL website allows fallback to the PKI to augment the web of trust.
Numquam ponenda est pluralitas sine necessitate.
(Score: 2, Informative) by cnst on Sunday May 18 2014, @03:50PM
Per discussion on slashdot [slashdot.org], it turns out that the following is basically a gross exaggeration in my editorial:
> Linux Foundation is turning a blind eye to LibreSSL
Which I thought was true, based on the following quote from the slides [openbsd.org]:
> Yes we have asked the Linux Foundation. They have not yet committed to support us.
Pardon my missing the importance of the "yet" part. (-: I think I was not alone, though. [michaelwlucas.com]
As such, please consider the following correction:
Linux Foundation <del>is turning a blind eye to LibreSSL, and instead is</del> <ins>has "not yet committed to support us", and has so far</ins> only committed to funding OpenSSL directly, despite the apparent lack of security-oriented direction within the OpenSSL project upstream