[Cryptography] I don't get it.

ianG iang at iang.org
Wed Apr 16 06:30:52 EDT 2014 

On 15/04/2014 21:46 pm, Peter Fairbrother wrote:
> I  don't get it.
> 
> Apple has an unreachable code goto, and it hurts security. OpenSSL has a
> bounds check failure, and it hurts security (and even OpenBSD gets
> another hole).
> 
> (no, I am not a fan of Theo's security stance - but it has been better
> that most)
> 
> But as far as I can see, almost all of the big holes in the last ten
> years could have been caught by good code checkers.


Well, the goto bug, maybe.  The gnuTls was a coding failure, not
something that is easy to pick up.

The Heartbleed one, not if it is hard coded without a serialization
framework that understands the object being written.  Which requires
either an IDL as has been pointed out, or a type safe language, or OO,
or a home-grown methodology for limiting these errors (which is what I
use, must publish it one day...).

They are diverse causes.

> I wonder who committed the OpenSSL heartbeat change.

It was written and reviewed by two people.  I know one of them, he's
unlikely to have inserted that bug in on purpose.  From memory, he
worked on TLS/SNI which was one of the few real security improvements
we've seen, because it's a security multiplier, not a diminishing
returner.  Little chance of the agencies helping in that.


...
> I am no expert in bugs, but it seems to me that about 99% of the
> reported security bugs and holes and so-on could be solved by having a
> secure checking compiler. Which checked for most of the known holes, or
> perhaps just even the top five.


Yes, possibly.  But that still leaves 1%.  Now look at how many kloc
we're dealing with.  I'd guess OpenSSL is O(100kloc) so that still
leaves many bugs.


> A long long time ago, about 2002, I asked Ben Laurie for some advice
> about co-writers for security software. Amongst other things he said
> "don't let them us C++ - it's too powerful". The specific advice may
> have been meant only for me in my situation, but it contains a basic
> truth - languages are, or can be, too powerful.


right.  Use an OO, type-safe, memory-safe language, preferably with some
sort of psuedo-code.  If you're serious, use only code you know is good;
 eschew packages.

> Coders are not gods, and it isn't illegal for a compiler to say "you
> can't do that".

Well, exactly.  There but for the grace of Papa Legba go I.  We do what
we can, and we architect systems to fail well.

I'm not sure about this sudden explosion of angst that people are
feeling.  The Heartbleed event has been waiting for a long time.  The
code is very complex, the dev team is under-funded and overwhelmed, the
design is atrocious, the user-base is unhelpful, the apps are a lazy
mess, the security model is a vestigial facade and the critics have no
mercy.

Why hasn't it happened more times, is my question...  This is why I
track real events, because I can't believe they've been so lucky with
such a bad situation.  There has to be other things going on, and to
find them we need real science (is my guess).



iang

More information about the cryptography mailing list