Keith,
For those of us unfortunate enough to be unable to attend, are there any resources you would recommend (print or web) that covered Michael's presentation? Thank you! On Feb 16, 2011 8:13 AM, "Keith Lofstrom" <[email protected]> wrote: > I was thinking about Michael Dexter's BSD presentation last night. > One of my concerns about software is the insertion of logic bombs. > > While open source code is decently reviewed by many eyes, the > review process is unlikely to catch intentional malware whose > behavior is scattered through many interacting modules. A > line of code here, a regexp there. It would be difficult to > make all that add up to an exploit, but not impossible. > > So, I assume that well funded agencies with enough brainpower > (US National Security Agency, Chinese People's Liberation > Army, Iranian Sepāh) can, and have, inserted logic bombs in > my Linux systems through seemingly innocent contributions to > open source software. The insertion process would have to > be continous, and uncertain, as patches introduced by others > might deactivate parts of the behavior the logic bombs depend > on. An arms race, where one side is trying to hide their > manipulations, and the other side is unknowingly defeating the > manipulations through the general process of code improvement. > > I assume different code trees, like Linux and BSD, do not share > enough commonalities for the same subtle exploits to work on > both. So if the two operating systems are running side by > side, processing the same inputs for the same intended outputs, > a third system could monitor the outputs of both and look for > differences. This is a very high level abstraction; of course > the outputs and their sequence will differ, even if they follow > the same overall specification. But if the specifications are > specific enough, the differences will be small and predictable, > and serious discrepancies detectable. Both systems might have > some of the same overall exploits, but the time-to-exploit would > likely be different. That should be enough to get attention > and trigger intervention. > > On a less paranoid level, a "two OS plus detector" system > might be useful for testing code, or looking for failures in > systems needing ultra-high reliability. Yes, the maintainers > of such systems will need big staffs to deal with a lot of > false alarms, but their code will become very well tested as > the sources of such alarms (bad specs and noncompliant code) > were eliminated. > > While I personally do not have the resources necessary to > maintain multiple OS'es (production Redhat and dabbling > with Ubuntu is all I can manage), those who can support a > heterogeneous collection of systems might consider setting > up some test systems like this. > > So, I'm glad some of us geeks are running BSD! Keeping that > knowledge alive and ready to spread will be vitally important > in an emergency. > > If we geeks ever find ourselves defending the region's > infrastucture from large scale attack, we may need to rapidly > deploy such systems to keep the generators from melting and > the gas pipelines from exploding. From what I've read, the > US government and military are focused on cyber offense, and > the defense of their own systems, not protecting the general > population. We are on our own - someday, the people on this > list may save Portland. > > Keith > > -- > Keith Lofstrom [email protected] Voice (503)-520-1993 > KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon" > Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
