[TriLUG] NSA hunting and hacking sysadmins

Aaron Joyner aaron at joyner.ws
Fri Mar 21 13:24:55 EDT 2014


As recent security incidents have shown[1], an extra semi-colon can make
the difference between good security and almost no security.  Even when
there are thousands of eyes who are qualified and sufficiently careful to
catch such a bug, all those eyes are human, and they still slip through
occasionally.  In fact, a casual perusal of CVE or any other archive of
security incidents will convince you that they slip through all the time.
 Mostly because the rate of change and adoption of software (not just OS
software) is so high.

Going one step further, trust is a very sticky wicket.  I'd suggest reading
the classic article by Ken Thompson, "Reflections on Trust"[2], to better
understand the nature of why it's hard to trust something, even when you
audit the source carefully and compile it yourself.  You probably didn't
start from the ground up[3], so which parts of your systems do you really
trust?

In spite of those concerns, in general I personally have pretty high
confidence in the security of the source of most core open source software
packages.  They're not perfect, but under most circumstances it's not
possible to do better on your own.  I have less confidence in any
particular system or instance of a tool chain.  Defense in depth, careful
auditing (read: paying attention for anomalies, and investigating them
thoroughly), and good old fashioned paranoia are the only things standing
between very competent and well funded adversaries and the data of your
users.

1 - http://gnutls.org/security.html
2 - http://cm.bell-labs.com/who/ken/trust.html
3 - Thought it's fascinating and educational to do so:
http://www.amazon.com/Elements-Computing-Systems-Building-Principles/dp/0262640686...
it's entirely impractical to do so any meaningful percentage of the
time



On Fri, Mar 21, 2014 at 12:58 PM, <matt at noway2.thruhere.net> wrote:

> >> Try to avoid being 'that guy'.  :)
> >
> > Or if you're going to be "that guy",
> > make sure they make it worth your while.
> >
> >
> >
> I am going to come right out and ask.  I have always taken comfort in the
> open source nature of Linux and the responsiveness that thousands of eyes
> upon the code brings.  While I realize it is not impregnable, I have to
> question that if it is so easily for a 3rd party to fundamentally
> compromise it and take covert ownership of it, how is it that the
> vulnerabilities have not been discovered and addressed?  Or is it really
> so easily compromised?
> --
> This message was sent to: Aaron S. Joyner <aaron at joyner.ws>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> http://www.trilug.org/mailman/options/trilug/aaron%40joyner.ws
> Welcome to TriLUG: http://trilug.org/welcome
>


More information about the TriLUG mailing list