Weakness of Internet of Things security
Recent traffic on this list is addressing OpenBSD issues with respect to randomness for improving security. There is an excellent survey published today of problems with Internet of Things security, which in turn affects O/S development, written by two prominent cryptographers, one of whom is the co-inventor of public key cryptography: James P. Hughes and Whitfield Diffie The Challenges of IoT, TLS, and Random Number Generators in the Real World: Bad random numbers are still with us and are proliferating in modern systems Queue 20(3) 18--40 May 2022 https://doi.org/10.1145/3546933 One of its 20 references is a 2016 paper that reports Internet measurements on the extent of key weakness: Weak Keys Remain Widespread in Network Devices https://doi.org/10.1145/2987443.2987486 --- - Nelson H. F. BeebeTel: +1 801 581 5254 - - University of Utah - - Department of Mathematics, 110 LCBInternet e-mail: be...@math.utah.edu - - 155 S 1400 E RM 233 be...@acm.org be...@computer.org - - Salt Lake City, UT 84112-0090, USAURL: http://www.math.utah.edu/~beebe/ - ---
Re: random manual pages
Thanks for the comments, Theo. I wasn't clear in my posting about distinguishing deterministic from nondeterministic generators. The former are required for reproducible simulations; the latter are needed for things like cryptographic key generation. Both have their place, and both are necessary. --- - Nelson H. F. BeebeTel: +1 801 581 5254 - - University of UtahFAX: +1 801 581 4148 - - Department of Mathematics, 110 LCBInternet e-mail: be...@math.utah.edu - - 155 S 1400 E RM 233 be...@acm.org be...@computer.org - - Salt Lake City, UT 84112-0090, USAURL: http://www.math.utah.edu/~beebe/ - ---
Re: random manual pages
Thanks, Theo, for this good advice about random-number generators: >> - if you need determinism, write your own. >> - do not rely upon an external function which will make your seed >> produce a different result approximately every 8 years. I would add more points: * You MUST have portable source code for your generator (but you probably don't need to, or should, write it yourself, unless you are an expert in the field). * If reproducibility of simulations matters (as it often does), set the seed explicitly from your program source code or your input, then print in your program output the first 50 to 100 random numbers produced by your generator. A similar list from a later run can then be compared with the earlier one to verify that both use the same sequence. * Avoid generators that use floating-point arithmetic: they are difficult, perhaps impossible, to make platform independent. * Beware of old algorithms: there have been huge improvements in random-number generators in the last two to three decades See the preamble comments in http://www.math.utah.edu/pub/tex/bib/prng.bib http://www.math.utah.edu/pub/tex/bib/prng.html for pointers to papers that show the extreme subtlety of long-range correlations in many generators that can derail simulations. There are more recommendations, and programming subtleties, discussed in chapter 7 of my book, The Mathematical-Function Computation Handbook. However, the extensive prng.bib file above can lead you to the original research papers, if it matters to you. --------------- - Nelson H. F. BeebeTel: +1 801 581 5254 - - University of UtahFAX: +1 801 581 4148 - - Department of Mathematics, 110 LCBInternet e-mail: be...@math.utah.edu - - 155 S 1400 E RM 233 be...@acm.org be...@computer.org - - Salt Lake City, UT 84112-0090, USAURL: http://www.math.utah.edu/~beebe/ - ---
OpenBSD 6.x and wxallowed
Because I dislike splitting disks into numerous partitions, each of whose sizes is a future show-stopper when they prove too small, I generally split disks into just root + swap. Thus, I find on our currently 7 versions of OpenBSD 6.x in our test farm reports like this: # mount /dev/wd0a on / type ffs (local, wxallowed) The output of "man mount" says wxallowed Processes that ask for memory to be made writeable plus executable using the mmap(2) and mprotect(2) system calls are killed by default. This option allows those processes to continue operation. It is typically used on the /usr/local filesystem. OpenBSD 3.3 introduced the W^X feature in 2004, and some other O/Ses have implemented it as well since then. Has anyone looked into the problem of enumerating packages that are installed in the /usr/local tree that actually NEED simultaneous write and execute access? If only a small number of packages need W^X capability, would it make sense to create a separate file tree for them, and let every other part of the filesystem enjoy W^X protection, along with additional security from addition of pledge() and veil() promises into software packages? --- - Nelson H. F. BeebeTel: +1 801 581 5254 - - University of UtahFAX: +1 801 581 4148 - - Department of Mathematics, 110 LCBInternet e-mail: be...@math.utah.edu - - 155 S 1400 E RM 233 be...@acm.org be...@computer.org - - Salt Lake City, UT 84112-0090, USAURL: http://www.math.utah.edu/~beebe/ - ---