[ale] China chooses FreeBSD as basis for secure OS

Richard Faulkner rfaulkner at 34thprs.org
Wed Oct 13 19:02:57 EDT 2010


I've just gotten home from an afternoon of being on the road.  So it
looks like this can be done
and targeted systems can be brought-down on an OS level if done right.
With all of the talk of
cyber warfare it brings rise to wonder what's coming down the road and
how *nix may change
as a result of it.  

I take it for granted that source is trusted that I install on my
systems -- just as I do for any 
number of updates that get pushed my way for Fedora.  I do stop to
wonder about the source
and "unknowns" in the code that I'm installing but have no way of
validating it myself to truly 
know is it "safe".  

Not that I feel insecure in my computing or that I have anything to hide
but built-in back doors
and being a potential platform for decentralized attacks are a good part
of the reason why I 
got away from M$.  

Perhaps I should reconsider learning C?

Will try to catch-up on the links provided through this thread...thanks
for chiming in on this all!
Very interesting and thought provoking....   ----R


-----Original Message-----
From: Greg Freemyer <greg.freemyer at gmail.com>
Reply-to: Atlanta Linux Enthusiasts - Yes! We run Linux! <ale at ale.org>
To: Atlanta Linux Enthusiasts - Yes! We run Linux! <ale at ale.org>
Subject: Re: [ale] China chooses FreeBSD as basis for secure OS
Date: Wed, 13 Oct 2010 16:17:18 -0400

I thought it was in the wild for years before Thompson told the world
about it?

ie. I thought early generation unix systems all had the backdoor that
allowed Thompson in.

I'm curious if I have that right, or if he just described a potential
backdoor / trojan.

Greg 

On Wed, Oct 13, 2010 at 2:30 PM, Charles Shapiro
<hooterpincher at gmail.com> wrote:

        Wow, that's so khewl!
        
        I was given to understand that Ken Thompson's idea has not been
        seen
        in the wild.  But then again, that doesn't mean it hasn't
        happened.
        
        -- CHS
        
        
        
        
        On Wed, Oct 13, 2010 at 2:18 PM, Lightner, Jeff
        <jlightner at water.com> wrote:
        > HP once did a sort of strange loop to one of my former
        employers accidentally.   They put out a HP-UX patch that
        changed the way the kernel got recompiled after applying kernel
        patches.   The patch that did the change installed fine but any
        subsequent kernel patch would bomb due to errors in the earlier
        patch that did the change.   In HP-UX one typically applies
        patch bundles with dozens if not hundreds of patches so
        determining what broke everything was rather difficult.   You'd
        see the kernel patch blowup and assume that was the problem but
        then when you'd remove it and install the rest of the bundle it
        would blow up on the next kernel patch.
        >
        > What made all this worse, was the person who initially applied
        the patch bundle rendered the system she was working on
        unbootable.   Rather than stopping to troubleshoot she then went
        ahead and applied the same bundle to the next server and was
        surprised when it broke too.
        >
        > -----Original Message-----
        > From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On
        Behalf Of Charles Shapiro
        > Sent: Wednesday, October 13, 2010 1:58 PM
        > To: rfaulkner at 34thprs.org; Atlanta Linux Enthusiasts - Yes! We
        run Linux!
        > Subject: Re: [ale] China chooses FreeBSD as basis for secure
        OS
        >
        > Sure. All you need is source to the compiler they're using,
        and you
        > only need that once.  Ken Thompson described it first.
        >
        ( http://scienceblogs.com/goodmath/2007/04/strange_loops_dennis_ritchie_a.php ).
        >
        > -- CHS
        >
        >
        > On Wed, Oct 13, 2010 at 1:34 PM, Richard Faulkner
        <rfaulkner at 34thprs.org> wrote:
        >> Okay...this then brings up an interesting proposition.  Is it
        possible to
        >> build a tenable backdoor in a distro that would go unnoticed
        at source code
        >> level?  For security purposes would it be better to develop
        (as a state)
        >> your own updates rather than take distro updates from
        source?  Could this
        >> mark a threat to security as we see it?
        >>
        >> Please keep in mind that I'm new to Linux and NOT a
        programmer...more of a
        >> designer.
        >>
        >>
        >> -----Original Message-----
        >> From: wolf at wolfhalton.info <wolf at wolfhalton.info>
        >> Reply-to: Atlanta Linux Enthusiasts - Yes! We run Linux!
        <ale at ale.org>
        >> To: mhw at wittsend.com, Atlanta Linux Enthusiasts - Yes! We run
        Linux!
        >> <ale at ale.org>
        >> Subject: Re: [ale] China chooses FreeBSD as basis for secure
        OS
        >> Date: Tue, 12 Oct 2010 21:35:02 -0400
        >>
        >> It would at least be a little more of a challenge than Window
        $
        >>
        >> -----Original Message-----
        >> From: Michael H. Warfield <mhw at wittsend.com>
        >> Reply-to: mhw at wittsend.com, Atlanta Linux Enthusiasts - Yes!
        We run Linux!
        >> <ale at ale.org>
        >> To: Atlanta Linux Enthusiasts - Yes! We run Linux!
        <ale at ale.org>
        >> Cc: mhw at wittsend.com
        >> Subject: Re: [ale] China chooses FreeBSD as basis for secure
        OS
        >> Date: Tue, 12 Oct 2010 17:26:40 -0400
        >>
        >> On Tue, 2010-10-12 at 15:58 -0400, Chuck Payne wrote:
        >>> On Tue, Oct 12, 2010 at 3:13 PM, George Allen
        <glallen01 at gmail.com> wrote:
        >>> > Apparently China is moving their entire Dept of Defense to
        a hardened
        >>> > version of FreeBSD.
        >>> > http://blogs.techrepublic.com.com/security/?p=1682
        >>> > _______________________________________________
        >>> > Ale mailing list
        >>> > Ale at ale.org
        >>> > http://mail.ale.org/mailman/listinfo/ale
        >>> > See JOBS, ANNOUNCE and SCHOOLS lists at
        >>> > http://mail.ale.org/mailman/listinfo
        >>> >
        >>
        >>> Good Choose.
        >>
        >> I presume you meant choice and I concur.  Give that some
        reports are
        >> putting the level of Stuxnet infections at over 1 million
        machines in
        >> Iran and more than 6 million machines in China, anything,
        other that
        >> Windows, would be a smooth move.  Nobody really knows who is
        behind the
        >> Stuxnet but I would put it at 99% probability that it's
        "state
        >> sponsored" and the leading contenders are Israel, the US, and
        Russia.
        >> Unfortunately, any of those players are more than capable of
        building
        >> something nasty for FreeBSD or Linux, or even OpenBSD if they
        really set
        >> their minds to it.
        >>
        >> Regards,
        >> Mike
        >> _______________________________________________
        >> Ale mailing list
        >> Ale at ale.org
        >> http://mail.ale.org/mailman/listinfo/ale
        >> See JOBS, ANNOUNCE and SCHOOLS lists at
        >> http://mail.ale.org/mailman/listinfo
        >>
        >> _______________________________________________
        >> Ale mailing list
        >> Ale at ale.org
        >> http://mail.ale.org/mailman/listinfo/ale
        >> See JOBS, ANNOUNCE and SCHOOLS lists at
        >> http://mail.ale.org/mailman/listinfo
        >>
        >>
        >> _______________________________________________
        >> Ale mailing list
        >> Ale at ale.org
        >> http://mail.ale.org/mailman/listinfo/ale
        >> See JOBS, ANNOUNCE and SCHOOLS lists at
        >> http://mail.ale.org/mailman/listinfo
        >>
        >>
        >
        > _______________________________________________
        > Ale mailing list
        > Ale at ale.org
        > http://mail.ale.org/mailman/listinfo/ale
        > See JOBS, ANNOUNCE and SCHOOLS lists at
        > http://mail.ale.org/mailman/listinfo
        >
        > Proud partner. Susan G. Komen for the Cure.
        >
        > Please consider our environment before printing this e-mail or
        attachments.
        > ----------------------------------
        > CONFIDENTIALITY NOTICE: This e-mail may contain privileged or
        confidential information and is for the sole use of the intended
        recipient(s). If you are not the intended recipient, any
        disclosure, copying, distribution, or use of the contents of
        this information is prohibited and may be unlawful. If you have
        received this electronic transmission in error, please reply
        immediately to the sender that you have received the message in
        error, and delete it. Thank you.
        > ----------------------------------
        >
        > _______________________________________________
        > Ale mailing list
        > Ale at ale.org
        > http://mail.ale.org/mailman/listinfo/ale
        > See JOBS, ANNOUNCE and SCHOOLS lists at
        > http://mail.ale.org/mailman/listinfo
        >
        
        _______________________________________________
        Ale mailing list
        Ale at ale.org
        http://mail.ale.org/mailman/listinfo/ale
        See JOBS, ANNOUNCE and SCHOOLS lists at
        http://mail.ale.org/mailman/listinfo
        



-- 
Greg Freemyer
Head of EDD Tape Extraction and Processing team
Litigation Triage Solutions Specialist
http://www.linkedin.com/in/gregfreemyer
CNN/TruTV Aired Forensic Imaging Demo -

http://insession.blogs.cnn.com/2010/03/23/how-computer-evidence-gets-retrieved/

The Norcross Group
The Intersection of Evidence & Technology
http://www.norcrossgroup.com

_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20101013/6a05877c/attachment-0001.html 


More information about the Ale mailing list