![]() ![]() They probably thought they would be able keep the keys safe against realistic attacks, and they didn't consider the possibility that their governments would actually compel them to use their keys to sign malicious updates.įortunately, there is some good news. I believe it was a combination of naivety and hubris. How did we get here? How did so many well-meaning people build so many fragile systems with so many obvious single points of failure? When I run the apt-get update command, anyone with any one of those nine keys who is sitting between me and any of the webservers I retrieve updates from could send me malicious software and I will run it as root. If you use Debian or a Debian derivative like Ubuntu, you can see how many single points of failure you have in your update authenticity mechanism with this command:įor the computer I'm writing this on, the answer is nine. Even my favorite operating system, Debian, has this problem. In other cases it might be that signatures from two or even three keys are necessary, but when those keys are all controlled by the same company (or perhaps even the same person) the system still has single points of failure.įurther Reading Debian 8: Linux’s most reliable distro makes its biggest change since 1993This problem exists in almost every update system in wide use today. In some systems there are a number of keys where if any one of them is compromised such an attack becomes possible. But even among projects that have been trying to do it for decades, most still have single points of devastating failure. Many software projects have only begun attempting to verify the authenticity of their updates in recent years. Any data on the device can be exfiltrated, including encryption keys and new data which can be collected from attached microphones, cameras, or other peripherals. The latter can only be used when the necessary conditions exist for an active attack to be executed, but when those conditions exist it allows for much more than mere access to already-obtained-but-encrypted data. The former allows for passively-collected encrypted communications and other surreptitiously obtained encrypted data to be decrypted. ![]() Advertisementįrom an attacker perspective, each capability has some advantages. I think many informed people discussing The Washington Post's request for a "secure golden key" assumed they were talking about the former type of backdoor, though it isn't clear to me if the editorial's authors actually understand the difference. In the case of an operating system, this means that the attacker can subvert any application on that computer and obtain any encryption keys or other unencrypted data that the application has access to.Ī backdoored encryption system which allows attackers to decrypt arbitrary data that their targets have encrypted is a significantly different kind of capability than a backdoor which allows attackers to run arbitrary software on their targets' computers. Finally, by "total system compromise" I mean that the attacker obtains all of the authority held by the program they're impersonating an update to. To perform a targeted malicious software update, an attacker needs two things: (1) to be in a position to supply the update and (2) to be able to convince the victim's existing software that the malicious update is authentic. A "targeted malicious software update" means that only the attacker's intended target(s) will receive the update, which greatly decreases the likelihood of anyone ever noticing it. I'll define those terms: By "malicious software update," I mean that someone tricks your computer into installing an inauthentic version of some software which causes your computer to do things you don't want it to do. Q: What does almost every piece of software with an update mechanism, including every popular operating system, have in common?Ī: Secure golden keys, cryptographic single-points-of-failure which can be used to enable total system compromise via targeted malicious software updates. Yet, here is a sad joke that happens to describe the reality we presently live in: Many people painstakingly explained that even if there were somehow wide agreement about who would be the "right" people and governments to hold such an all-powerful capability, it would ultimately be impossible to ensure that such power wouldn't fall in to the "wrong" hands. In 2014 when The Washington PostEditorial Board wrote "with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant," the Internet ridiculed them. He used to tweet as but is on hiatus until Twitter stops suspending Tor users' accounts. ![]() Leif Ryge is an artist, hacker, and journalist living in Berlin. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |