Torvalds On Being Asked to Insert a U.S. Government Back Door Into Linux Kernel

Torvalds On Being Asked to Insert a U.S. Government Back Door Into Linux Kernel
Sep 19 2013
<http://www.cryptogon.com/?p=37041>
NSA Backdoor
Torvalds was also asked if he had ever been approached by the U.S. government to insert a backdoor into Linux.
Torvalds responded “no” while shaking his head “yes,” as the audience broke into spontaneous laughter.
So given Torvalds response to the backdoor question, take a look at this item from 2003:
Thwarted Linux backdoor hints at smarter hacks
By Kevin Poulsen, SecurityFocus
2003-11-06
<http://www.securityfocus.com/news/7388>
Software developers on Wednesday detected and thwarted a hacker’s scheme to submerge a slick backdoor in the next version of the Linux kernel, but security experts say the abortive caper proves that extremely subtle source code tampering is more than just the stuff of paranoid speculation.
The backdoor was a two-line addition to a development copy of the Linux kernel’s source code, carefully crafted to look like a harmless error-checking feature added to the wait4() system call — a function that’s available to any program running on the computer, and which, roughly, tells the operating system to pause execution of that program until another program has finished its work.
Under casual inspection, the code appears to check if a program calling wait4() is using a particular invalid combination of two flags, and if the user invoking it is the computer’s all-powerful root account. If both conditions are true, it aborts the call.
But up close, the code doesn’t actually check if the user is root at all. If it sees the flags, it grants the process root privileges, turning wait4() into an instant doorway to complete control of any machine, if the hacker knows the right combinations of flags.
That difference between what the code looks like and what it actually is — that is, between assignment and comparison — is a matter of a single equal sign in the C programming language, making it easy to overlook. If the addition had been detected in a normal code review, the backdoor could even have been mistaken for a programming error — no different from the buffer overflows that wind up in Microsoft products on a routine basis. “It’s indistinguishable from an accidental bug,” says security consultant Ryan Russell. “So unless you have a reason to be suspicious, and go back and find out if it was legitimately checked in, that’s going to be a long trail to follow.”
Investigation Underway
In all, the unknown hacker used exactly the sort of misdirection and semantic trickery that security professionals talk about over beer after a conference, while opining on how clumsy the few discovered source code backdoors have been, and how a real cyber warrior would write one.
[snip]

iOS 7 Bug Lets Anyone Bypass iPhone's Lockscreen To Hijack Photos, Email, Or Twitter

iOS 7 Bug Lets Anyone Bypass iPhone’s Lockscreen To Hijack Photos, Email, Or Twitter
 
By Andy Greenberg
Forbes Staff
9/19/2013
Forget the debate around the security or insecurity of the iPhone 5s’s
fingerprint reader. The latest version of the iPhone’s operating system
currently offers a gaping hole in its old-fashioned passcode lockscreen.
Jose Rodriguez, a 36-year-old soldier living in Spain’s Canary Islands,
has found a security vulnerability in iOS 7 that allows anyone to bypass
its lockscreen in seconds to access photos, email, Twitter, and more. He
shared the technique with me, along with the video above.
As the video shows, anyone can exploit the bug by swiping up on the
lockscreen to access the phone’s “control center,” and then opening the
alarm clock. Holding the phone’s sleep button brings up the option to
power it off with a swipe. Instead, the intruder can tap “cancel” and
double click the home button to enter the phone’s multitasking screen.
That offers access to its camera and stored photos, along with the ability
to share those photos from the user’s accounts, essentially allowing
anyone who grabs the phone to hijack the user’s email, Twitter, Facebook
or Flickr account.
I tested the technique on an iPhone 5 running iOS 7, and it worked.
Rodriguez’s video shows it working on an iPad, too. It’s not yet clear if
the same exploit can bypass the lockscreen of an iPhone 5s or 5c, but
Rodriguez tells me he believes it will. I’ve reached out to Apple for
comment and I’ll update this post if I hear from the company. Update: A
spokesperson from Apple tells me that the company “takes security very
seriously and we’re aware of this issue. We’ll deliver a fix in a future
software update.”
[…]
http://www.forbes.com/sites/andygreenberg/2013/09/19/ios-7-bug-lets-anyone-bypass-iphones-lockscreen-to-hijack-photos-email-or-twitter/

Diane Feinstein defines free speech, the 1st Amendment, a “privilege.” (Video)

The great unwashed have been given a voice in the Internet which is troublesome in her view. We must license journalism. If it is licensed, the state can control it.
Feinstein misses the days when her chief of staff could call up a reporter and threaten his or her job if the reporter said the wrong thing about the Senator. Now, people can say whatever they want, and that is a bad thing in the Senator’s view.
Total free speech on the Internet does not produce a poorer product as many in the the power establishment both in Congress and in the #oldmedia assert. Yes there’s lots of crap on the Internet. There are plenty of BS stories about nonsense. But people quickly ferret out poor reporting or analysis. Bad stories are vetted within minutes of posting. Reputations are on the line, all the time. It’s the market of ideas.
Watch this video. She has no qualms trashing the most fundamental right there is, to speak freely.
[youtube=http://www.youtube.com/watch?v=bywtn9RIDRw]
 

Stop using NSA-influenced code in our products, RSA tells customers

Firm “strongly recommends” customers stop using RNG reported to contain NSA backdoor.

by Dan Goodin – Sept 19 2013, 7:43pm EDT
Officials from RSA Security are advising customers of the company’s BSAFE toolkit and Data Protection Manager to stop using a crucial cryptography component in the products that was recently revealed to contain a backdoor engineered by the National Security Agency.
An advisory sent to select RSA customers on Thursday confirms that both products by default use something known as Dual EC_DRBG when creating cryptographic keys. The specification, which was approved in 2006 by the National Institute of Standards and Technology (NIST) and later by the International Organization for Standardization, contains a backdoor that was inserted by the NSA, the New York Times reported last week. RSA’s advisory came 24 hours after Ars asked the company if it intended to warn BSAFE customers about the deliberately crippled pseudo random number generator (PRNG), which is so weak that it undermines the security of most or all cryptography systems that use it.
“To ensure a high level of assurance in their application, RSA strongly recommends that customers discontinue use of Dual EC DRBG and move to a different PRNG,” the RSA advisory stated. “Technical guidance, including how to change the default PRNG in most libraries, is available in the most current product documentation” on RSA’s websites.
The BSAFE library is used to implement cryptographic functions into products, including at least some versions of the McAfee Firewall Enterprise Control Center, according to NIST certifications. The RSA Data Protection Manager is used to manage cryptographic keys. Confirmation that both use the backdoored RNG means that an untold number of third-party products may be bypassed not only by advanced intelligence agencies, but possibly by other adversaries who have the resources to carry out attacks that use specially designed hardware to quickly cycle though possible keys until the correct one is guessed.
McAfee representatives issued a statement that confirmed the McAfee Firewall Enterprise Control Center 5.3.1 supported the Dual_EC_DRBG, but only when deployed in federal government or government contractor customer environments, where this FIPS certification has recommended it. The product uses the newer SHA1 PRNG random number generator in all other settings.
The NIST certification page lists dozens of other products that also use the weak RNG. Most of those appear to be one-off products. More significant is the embrace of BSAFE as the default RNG, because the tool has the ability to spawn a large number of derivative crypto systems that are highly susceptible to being broken.
< – >
http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/