guest - flak

missing features as features

Whenever I plug an external monitor into my laptop, nothing happens. Then I run xrandr, and gears turn, and displays appear. Not too surprising. Whenever I unplug an external monitor, nothing happens. Then I run xrandr, gears turn, and all those hidden offscreen windows come screaming back. This is absurd, right? Shouldn’t my desktop software be, I don’t know, desktopping?

I actually like it, and I wouldn’t want it any other way. Like many people, I have a particular desktop setup I like. An arrangement of xterms for this, an arrangement of xterms for that, an email client here, a browser there. Some of it is big time serious business and goes on the big monitor. Other stuff lives on the small screen.

Continue reading missing features as features...

Posted 2017-03-03 19:04:28 by tedu Updated: 2017-03-03 19:04:28
Tagged: software thoughts

meaningful short names

Why don’t unix commands have any vowels in the name? cp and mv are obviously devoweled standins for copy and move. But they’re less intuitive for new users. The user wants to copy a file. Why shouldn’t the name of the command be exactly the operation the user wants to perform?

What exactly does the user want to do? Instead of copying files, maybe I want to link two files. What does that mean? In unix, we have hard links and symbolic links. If I replace the “original” file, do I want the link to refer to the original file or the replacement? Or maybe what I mean by link two files is to combine two object files into an executable. Do we call that loading instead? ln is the name of a command, but link is the name of a concept.

grep is a remarkably useful tool, but with most unintuitive name. Why not call it find like Windows does? I want to find some text, I run find. So obvious. But some users may want to find files in the filesystem, not strings in a file. What command do they run? Probably locate.

There may be a great deal of historical accident in the names of commands (what if the inventors of awk had different initials?), but that doesn’t mean we can’t recognize the value of unique and precise identifiers.

Posted 2017-03-03 02:31:53 by tedu Updated: 2017-03-03 02:31:53
Tagged: rants software

colliding, fast and slow

I found it hard to locate a good reference explaining how various hash attacks apply to password hashing. Somebody might reasonably ask how the SHA1 collision, or an extension thereof, would apply to bcrypt. Can bcrypt have collisions? It’s a strange question if you know the answer, but knowing that much requires synthesizing a fair bit of knowledge that’s not all in one place.

Start with the usual crypto hashes. Classics like MD5, current standards like SHA2, new hotness like BLAKE2. All of them are supposed to be collision resistant, and it’s bad news when somebody finds that they’re not. A collision attack is pretty simple to understand. Two inputs have the same hash.

An example attack is Mallory generates two messages with identical hashes, “IOU $10” and “IOU $1000”, and borrows $1000 from Alice, who accepts SHA1(“IOU $1000”) = 0x65de12 as a contract. (Digital signatures usually involve signing a hash of the document.) Later, Mallory pays Alice $10 and produces SHA1(“IOU $10”) = 0x65de12 to prove the debt has been paid. Alice is out $990. This is a collision attack. The adversary has control over both messages and the hash.

Continue reading colliding, fast and slow...

Posted 2017-02-28 22:38:41 by tedu Updated: 2017-03-05 19:12:50
Tagged: security software thoughts

features are faults redux

Last week I gave a talk for the security class at Notre Dame based on features are faults but with some various commentary added. It was an exciting trip, with the opportunity to meet and talk with the computer vision group as well. Some other highlights include the Indiana skillet I had for breakfast, which came with pickles and was amazing, and explaining the many wonders of cvs to the Linux users group over lunch. After that came the talk, which went a little something like this.

welcome

I’m a developer with the OpenBSD project. If you’ve never heard of OpenBSD, it’s a free unix like system. So kind of like Linux, but better in every way. Totally unbiased opinion.

Continue reading features are faults redux...

Posted 2017-02-21 22:02:11 by tedu Updated: 2017-02-21 22:18:32
Tagged: security software thoughts

using yubikeys everywhere

Everybody is getting real excited about yubikeys recently, so I figured I should get excited, too. I have so far resisted two factor authorizing everything, but this seemed like another fun experiment. There’s a lot written about yubikeys and how you should use one, but nothing I’ve read answered a few of the specific questions I had.

It’s not a secret I’ve had a dim view of two factor auth, although many of my gripes are about implementation details. I think a lot of that remains true. Where two factor auth perhaps might succeed is in limiting the damage of phishing attacks. I like to think of myself as a little too savvy for most phishing attacks. That’s sadly true of most phishing victims as well, but really: I don’t use webmail. I don’t have any colleagues sharing documents with me. I read my mail in a terminal, thus on the rare occasion that I copy and paste a link, I see exactly the URL I’m going to, not the false text between the <a> tags. Nevertheless, if everybody else recommends secure tokens, I should at least consider getting on board with that recommendation. But not before actually trying these things out.

Continue reading using yubikeys everywhere...

Posted 2017-02-20 07:14:52 by tedu Updated: 2017-02-21 17:07:50
Tagged: computers gadget security software

mplayer ktracing

In my ongoing quest to find the most inefficient software that still appears to work, I happened to notice that mplayer was chewing up 16% CPU while playing an MP3 (an audio format from the time before youtube). This was somewhat surprising because extrapolating back to the 20 year old computer I first used for MP3 listening, this would mean in excess of 100% CPU usage. Is efficient MP3 decoding really a lost art or was mplayer spending all its time doing something other than decoding? ktrace to the rescue.

Continue reading mplayer ktracing...

Posted 2017-02-11 18:45:52 by tedu Updated: 2017-02-11 18:45:52
Tagged: software

watt time is left

So Apple no longer knows how to make a battery meter. The good news is OpenBSD is still here for all your desktop needs. How does its battery meter work?

The simplest interface to get battery status info is to run apm. This gives us both percentage and an estimate of time remaining.

Continue reading watt time is left...

Posted 2016-12-16 13:49:18 by tedu Updated: 2016-12-16 13:49:18
Tagged: computers openbsd software

who even calls link_ntoa?

So there’s a buffer overflow in link_ntoa. What does this mean? CERT says an attacker may be able to execute arbitrary code, but who can be an attacker? Where is link_ntoa used?

What does link_ntoa even do? I’ve never heard of this function before.

The link_ntoa() function takes a link-level address and returns an ASCII string representing some of the information present, including the link level address itself, and the interface name or number, if present. This facility is experimental and is still subject to change.

Networking something or other I guess.

First place to look is in libc itself, where the function lives. The implementation lives in net/linkaddr.c but it’s the declaration that’s of particular interest.

./hidden/net/if_dl.h:PROTO_DEPRECATED(link_ntoa);

The PROTO_DEPRECATED macro marks a function as exported from the library, but not for use internally. We can also verify with grep that nothing in libc calls link_ntoa, but with the symbol marking we can be confident we haven’t missed any thing.

Moving on to base, we find a few occurrences.

sbin/route/route.c: printf("%s: link %s; ", which, link_ntoa(&su->sdl)); sbin/route/show.c: return (link_ntoa(sdl)); usr.bin/netstat/show.c: return (link_ntoa(sdl));

This is used to print route information obtained from the kernel. So if you haven’t patched yet, before you run route show again, make sure you trust the kernel.

Posted 2016-12-07 03:00:07 by tedu Updated: 2016-12-07 03:00:07
Tagged: openbsd software

openbsd changes of note 2

Things happened, stuff changed.

X550 support among other ix changes and cleanup.

Ongoing switch work. Better OpenFlow compat. You know it’s serious when tcpdump gets an update.

Loongson 3A support.

Turn ipstat into a set of percpu counters. Per CPU counters allow simple statistics to be collected in a lockless manner, collating them as necessary. The basic mechanism was introduced a little earlier in October.

Hydrogen bomb fixes.

Dedicated build user builds for xenocara.

Some iwm diffs, since committed. reducing rx latency. ack rates. reduce retry limit.

PCI info ioctl for DRM.

Assorted changes to pool memory management. More mbuf pool changes to come.

Something else of potential interest: pine64 bootloader.

Posted 2016-11-23 02:37:09 by tedu Updated: 2016-11-23 02:37:09
Tagged: openbsd software

openbsd changes of note

Stuff happened, things changed.

mcl2k2 pools and the em conversion. The details are in the commits, but the short story is that due to hardware limitations, a number of tradeoffs need to be made between performance and memory usage. The em chip can (mostly) only be programmed to write to 2k buffers. However, ethernet payloads are not nicely aligned. They’re two bytes off. Leading to a costly choice. Provide a 2k buffer, and then copy all the data after the fact, which is slow. Or allocate a larger than 2k buffer, and provide em with a pointer that’s 2 bytes offset. Previously, the next size up from 2k was 4k, which is quite wasteful. The new 2k2 buffer size still wastes a bit of memory, but much less.

Continue reading openbsd changes of note...

Posted 2016-11-16 21:28:16 by tedu Updated: 2016-11-16 21:28:16
Tagged: openbsd software

production ready

A few thoughts on what it means for software to be production ready. Or rather, what if any information is conveyed to me when I’m told that something is used in production. Millions of users can’t be wrong!

Some time ago, I worked with a framework. It doesn’t matter which, the bugs have all been fixed, and I don’t think it was remarkable. But our team picked it because it was production ready, and then I discovered it wasn’t quite so ready.

Egregious performance because of a naive N^2 algorithm for growing a buffer.

A timezone library that could handle DST, but couldn’t handle the absence of DST, as in it would crash in such exotic locales as Arizona that don’t have DST.

A mail library that didn’t escape dots, thus terminating the SMTP conversation early.

Continue reading production ready...

Posted 2016-11-11 20:11:29 by tedu Updated: 2016-11-11 20:11:29
Tagged: software thoughts

chromebook printing troubles

I have a chromebook which is quite nice for what it does. A dedicated browsing machine, fast and low maintenance. Alas, I am sometimes required to go outside, and worse yet talk to people, and even worster, show those people information. It is inconvenient to hand over my phone, no rotate it back, your other yaw, scroll a little, here, oh wait, let me unlock it again. I print such things on paper. Double alas, the chromebook makes this difficult.

Something they don’t mention in the advertising for chromebooks is what the printing experience is like. I also forgot to ask because I figure if I can make OpenBSD print, someone on team chrome should be able to solve this problem as well. And oh boy, have they ever. Solved it, I mean. Not solved it well.

Continue reading chromebook printing troubles...

Posted 2016-10-24 19:41:17 by tedu Updated: 2016-10-24 19:41:17
Tagged: computers rants software

doas mastery

It’s been a year since the introduction of doas, so it’s clearly time to write a book. Or maybe a pamphlet.

UNIX systems have two classes of user, the super user and regular users. The super user is super, and everybody else is not. This concentration of power keeps things simple, but also means that often too much power is granted. Usually we only need super user powers to perform one task. We would rather not have such power all the time. Think of the responsibility that would entail! Like the sudo command, doas allows for subdivision of super user privileges, granting them only for specific tasks.

The doas command itself has a few options, which we’ll discuss somewhat later, but the most interesting part is the configuration file. This is where the real magic happens.

Continue reading doas mastery...

Posted 2016-09-05 09:02:36 by tedu Updated: 2016-09-19 01:19:43
Tagged: openbsd software

computers for parents

Recently had the experience of getting new computers for my parents. The plan was to deliver a chromebook for my mother, but coincidentally the power supply or something in my father’s computer had given up. So mom would get new software and dad would get new hardware. Some observations.

My mother was already using chrome on a Thinkpad running Windows, so how different could it be running chrome on a chromebook? Let me count the ways...

First off, mother is one of those people who likes to click the little button at the bottom of the scroll bar to move the page. I don’t think I’ve ever done this, but that’s how she does things. So immediately upon starting up, this is a problem. I spend some time teaching her how two finger scroll works. Two fingers on the touchpad, no, not too close together, now push down, no, both fingers at once, don’t twist, straight lines, no, lift up to start over, there, nope, too close, that’s just one finger, ok, good.

Continue reading computers for parents...

Posted 2016-08-17 23:17:14 by tedu Updated: 2016-08-18 00:28:26
Tagged: computers software

random failures

Lots of examples of random numbers failing, leading to cryptographic failure.

The always classic Debian, OpenSSL, and the year of the zero.

The time Sony signed Playstation code with the same nonce and leaked the keys.

Samy phpwned session IDS.

The Bitcoin app Blockchain used random.org for entropy. Bonus giggles for not following the HTTP redirect, but actually using “301 Moved Permanently” as a random number.

The paper Mining Your Ps and Qs has pretty extensive investigation into weak keys on network devices, many of which result from poor entropy.

Continue reading random failures...

Posted 2016-08-05 18:15:21 by tedu Updated: 2016-08-19 04:19:31
Tagged: gadget security software

broken features aren’t used

One of the difficulties in removing a feature is identifying all the potential users. A feature here could be a program bundled with an operating system, or a command line option, or maybe just a function in a library. If we remove a feature, users that depend on it will be sad. Unfortunately, absence of evidence is not evidence of absence. I’ve never heard of anybody running ls -p but it’s not impossible that somebody does.

The reasons why we want to remove an existing feature can vary. Sometimes it’s old code that interferes with maintenance. Sometimes a nearly complete rewrite can improve performance. In other cases, the feature in question is really more of a misfeature. It may have security implications, where the existence of the feature can be used to facilitate the exploitation of other vulnerabilities, and removing the feature will help mitigate the exploit.

There’s no general test that can be used, but there is one test that works in many cases. Test that the feature works. If the feature doesn’t work, that’s compelling evidence that nobody is using it, because nobody can be using it. You don’t need to fix it. You can just remove it.

(If you’ll pardon the heresy, this may be an argument against exhaustive unit tests. Many times a feature will start life in a functional state, but over time falls out of use and then gets broken by subsequent changes. Nobody notices and life goes on. If you have a perfect test suite, you’ll never have broken features, making it harder to identify the unused ones.)

Posted 2016-07-29 21:32:53 by tedu Updated: 2016-07-30 01:27:46
Tagged: programming software

rss table manners

I provide an RSS feed for flak. I also wrote a simplistic RSS feed reader for myself. The design of the latter was influenced by observing the behavior of existing readers.

There’s a small wave of fetchers that appear every five and ten minutes, converging with larger waves every fifteen minutes. These coalesce with a tidal wave at the top of every hour. My log file shows a whole lot of quiet interspersed with feeding frenzies at regular intervals.

This isn’t a problem, per se, because the total number of feeders is low, and the feed itself is very lightweight. But it’s easy to imagine a more popular blog with more content requiring an outsize investment in capacity to handle such an uneven request distribution.

What can a reader do to avoid such rude behavior? Check feeds at irregular times. For me, this was implemented as a check deadline for each feed. Each time the feed is checked, the deadline is incremented by a random amount between two and four hours. (One to two would work great, too. I’ve fluctuated a bit.) This means that not only is my fetcher not synced with other fetchers, but it’s not possible for it to even accidentally fall into lock step.

If everyone did things this way, that’s all that would be needed. But in a world populated with lock step feeders, there’s one more wrinkle. The fetch process is initiated by cron every five minutes, but the very first thing it does is sleep a random amount between one and three minutes before checking for expired deadlines, ensuring that we never hit a server during a hot minute.

I do this mostly because being polite to servers is the right thing to do, but clients benefit from being nice too. Requests to an idle server are more likely to succeed and faster. If multiple clients are sharing a link (or proxy), they can suffer the same kinds of congestion that busy servers do.

One can imagine that RSS feeds are not the only problem domain which benefits by decoupling a regular activity from a fixed time.

Posted 2016-07-27 18:00:56 by tedu Updated: 2016-07-27 18:00:56
Tagged: software web

timeline of libexpat random vulnerability

libexpat calls rand to obtain a secret hash salt. That’s not good. Actually, as far as vulnerabilities go, it’s pretty chickenshit, but perhaps there’s a lesson to be learned.

2012-03-24 - libexpat 2.1.0 released with a fix for an algorithmic hash table attack (CVE-2012-0876). It uses rand() seeded by srand(time(NULL)) to obtain a hash table salt.

2012-04-01 - libexpat 2.1.0 imported to OpenBSD. The rand calls are replaced with arc4random as spotted by deraadt and nicm. April Fools!

2012-04-05 - A public report that using random may be too predictable.

2013 - Tick tock.

2014 - Tick tock.

2015-02-07 - Redhat bug filed. The complaint is not that rand is a poor choice for secret salts, but that calling srand interferes with the proper malfunctioning of other rand consumers.

2016-06-04 - libexpat is the proud recipient of two more CVE awards. By sheer miraculous luck, OpenBSD is not susceptible. Users of other operating systems need not be alarmed as libexpat has been patched to use getpid as a source of entropy as well.

const unsigned long entropy = gather_time_entropy() ^ getpid() ^ (unsigned long)parser;

Lesson to be learned? Sometimes bad things happen and there’s nothing we can do to prevent them. So it goes.

Posted 2016-06-10 05:40:40 by tedu Updated: 2016-06-10 05:40:40
Tagged: openbsd security software

browser ktrace browsing

The key to understanding how modern browsers work is to observe them in action. For this, we can use ktrace. I’ve posted a few ktrace snippets before, but here’s some new ones to aid in our understanding. Even if we don’t learn anything, deciphering ktrace and kdump output is a pretty useful skill. I use ktrace to verify software I write does what I think I expect. Using ktrace on other people’s software is like a never ending set of practice exercises.

All of the kdump output below has the same form. Process and thread ID, name, timestamp, record type, data.

On the surface, Firefox looks like a pretty simple program with few dependencies:

Continue reading browser ktrace browsing...

Posted 2016-06-03 14:48:57 by tedu Updated: 2016-06-03 14:48:57
Tagged: software

file considered harmful

Yes, actually harmful.

The file utility can be useful. Don’t know what program to open a file with? Run file and it will tell you. Of course, sometimes file will be wrong and misidentify the file type. This may be inconvenient, but at least as a user you still have the option of trying to run another program.

Except when you don’t. What happens when file (or its programmatic buddy, libmagic) is not a hint, but a gatekeeper? What happens when some application determines its behavior based on the output of file?

What happens is you can’t print on Tuesday.

Or you can’t print particular documents that contain inappropriate phrases.

Or you can’t launch a browser and consequently prevent Firefox from providing ASLR enabled builds.

Something tells me these won’t be the last three bugs.

A program that helps users is useful. A program that restricts users is harmful. Run file on your computer all you want, but don’t use file to limit what I can do.

Posted 2016-05-18 18:11:51 by tedu Updated: 2016-05-18 18:11:51
Tagged: bugs rants software