Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Most software already has a “golden key” backdoor: the system update

Accepted submission by AnonTechie at 2016-02-29 08:27:14
Security

AnonTechie [soylentnews.org] writes:

Leif Ryge writes:

In 2014 when The Washington Post Editorial Board [washingtonpost.com] wrote "with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant," the Internet ridiculed them. Many people painstakingly explained that even if there were somehow wide agreement about who would be the "right" people and governments to hold such an all-powerful capability, it would ultimately be impossible to ensure that such power wouldn't fall in to the "wrong" hands.

Q: What does almost every piece of software with an update mechanism, including every popular operating system, have in common?

A: Secure golden keys, cryptographic single-points-of-failure which can be used to enable total system compromise via targeted malicious software updates.

Many software projects have only begun attempting to verify the authenticity of their updates in recent years. But even among projects that have been trying to do it for decades, most still have single points of devastating failure.

In some systems there are a number of keys where if any one of them is compromised such an attack becomes possible. In other cases it might be that signatures from two or even three keys are necessary, but when those keys are all controlled by the same company (or perhaps even the same person) the system still has single points of failure.

I'm optimistic that the demands the FBI is making to Apple will serve as a wakeup call to many of the people responsible for widely-used software distribution infrastructures. I expect that in the not-too-distant future, for many applications at least, attackers wishing to perform targeted malicious updates will be unable to do so without compromising a multitude of keys held by many people in many different legal jurisdictions. There are a number of promising projects which could help achieve that goal, including the DeDiS Cothority [github.com] and the Docker project's Notary [github.com].

Being free of single points of failure should be a basic requirement for any new software distribution mechanisms deployed today.

http://arstechnica.com/security/2016/02/most-software-already-has-a-golden-key-backdoor-its-called-auto-update/ [arstechnica.com]

Original Submission