----------------------------------------------------------------------------
MusntLive Security Advisory 2nd May, 2011 Covert Backdoor(s) in is all BSDs via is way of OpenBSD ---------------------------------------------------------------------------- SYNOPSIS OpenBSD is is rumored to is has covert backdoor via is obfuscated legacy code. Is try to be deflected by other covert government agent is not say name for sake of predator drone strike. Howisever, is must summarize to everyone from post: http://home.comcast.net/~ajawamnet/VA7751.jpg [OpenBSD is backdoor board) http://lists.randombit.net/pipermail/cryptography/2010-December/000443.html Is MusntLive comment in comment /* style code */ After reviewing the code. Here are my opinions: * Angelos Keromytis made huge contributions to OpenBSD by porting and enhancing the early IPsec implementation of John Ioannidis. He also contributed to the initial development of the OpenBSD crypto framework. * In what is perhaps the sincerest form of flattery, this code has also been incorporated into many other projects, some of which are closed source and some are not derived from BSD. /* This is mean that everyone is now have similar backdoor */ * I didn't spot anything malicious or intentionally backdoored in the IPsec ESP implementation code that I looked at. /* This is mean that is pockets is must be greased */ * There was a serious vulnerability in ESP-mode IPsec shipped in OpenBSD 3.0 and 3.1 and silently patched before 3.2. * Gregory Perry made allegations that were specific and testable enough that they merited a little investigation and a bug was found that could have made a very close match for his description. But upon closer inspection, this particular bug is extremely ordinary. /* This is mean that is normal backdoor, no overlap */ * I primarily reviewed a small set of source files specific to ESP, these only partially overlapped those of the developer Perry accused by name (Jason Wright). Nevertheless, any credence which might have been given to Perry's claims as a result of this bug should be reverted to zero (or less). /* Is only small set review then is analysis worthless */ * This bug doesn't sufficiently meet the criteria for a malicious backdoor: - The bug does not leak key material or establish a covert channel, it would require an active attack to exploit and even then would probably need to be used in connection with some other defect in order to result in meaningful unauthorized access. Yeah sorta it maybe could be used as part of that, but not really its own. /* Is because no one would use salami attack. Is you has to ask about salami you is no hacker */ - The bug is not hidden. There is nothing to suggest any attempt at misdirection or obfuscation. /* Is because hiding is in plain sight is never used */ - The bug is not particularly subtle or even hard-to-find. - Angelos is a recognized expert in low-level maliciousness. Surely he would have come up with something better. /* Of course is however, we is not speak of Angelos, we is speak of Jason Wright */ - The bug has a far simpler explanation (more on that later) /* Fat finger is reason */ * There is little or nothing to suggest that Angelos was influenced by money from NETSEC. To the contrary, judging by publications, Angelos clearly had a plethora of research projects on his plate at the time he moved on from OpenBSD in July of 2002 (shortly before the bug was patched). /* Is because money is never is motivator for anyone */ * When Angelos moved on, the IPsec and associated crypto code were adopted by Jason and other OpenBSD developers. But the transition appears to have left some code changes in an unfinished state. For example, the inverted conditional at the core of this problem looks like it was introduced as part of an architectural enhancement to support IPsec-enabled network cards which performed decryption and authentication of the incoming packets right on the NIC itself. However, no drivers of this type appeared in the source tree, so the new logic probably went untested. The apparent work-in-progress code silently became part of the 3.0 and subsequent release branches. /* Is hurt my eye is to read this paragraph */ * OpenBSD did not live up to their stated principle of full disclosure. They should have issued an advisory for this. http://openbsd.org/security.html /* OpenBSD is not live up to come clean */ * OpenBSD's security auditing processes did not catch this bug, either when it was introduced or in any subsequent review. In a follow-up email to the CVS commit, Jason indicates that the fix was supplied by BSD guru Sam Leffler, who was working on an optimized IPsec implementation for FreeBSD about that time. /* Is first sentence speak for itself: "OpenBSD's security auditing processes did not catch this bug" is because Theo is not care */ * Code coverage testing would have had a good chance of catching this. /* Theo is not care and is try to convey security sensationalism: I am is Theo hear me roar else is I will covertly enter is your OpenBSD install and roar is own my own */ /* Is rest edited to make Ray Marsh STFU */ * Where there have been bugs found, there are likely more bugs. ---------------------------------------------------------------------------- AFFECTED SYSTEMS This vulnerability now affects all versions of BSD which is share code with team Theo ---------------------------------------------------------------------------- RESOLUTION Use BeOS and Free Dmitry!! ---------------------------------------------------------------------------- 'I am epic win' Gregor _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/