User: Password:
|
|
Subscribe / Log in / New account

Security

ParanoidLinux: from fiction to reality

By Jake Edge
October 1, 2008

A novel for young adults by Cory Doctorow has inspired the creation of a new Linux distribution focused on privacy. ParanoidLinux is still in the planning stages, but it adopts some interesting ideas from Doctorow's book to place atop a Debian Testing base. It is targeted at those who have a very strict need to disguise their documents and network traffic because of a repressive regime.

Doctorow is familiar to many in the free software world, for his work as a science fiction author as well as a digital rights activist and blogger. His recent novel, Little Brother is set in the US after another devastating terrorist attack. Because of the attack, most civil liberties have been suspended leading some characters to use an alternative operating system:

ParanoidLinux is an operating system that assumes that its operator is under assault from the government (it was intended for use by Chinese and Syrian dissidents), and it does everything it can to keep your communications and documents a secret. It even throws up a bunch of "chaff" communications that are supposed to disguise the fact that you're doing anything covert. So while you're receiving a political message one character at a time, ParanoidLinux is pretending to surf the Web and fill in questionnaires and flirt in chat-rooms. Meanwhile, one in every five hundred characters you receive is your real message, a needle buried in a huge haystack.

It is that description, along with others in the book, that is guiding the development of the "real" ParanoidLinux. While it is relatively easy to come up with a fictional privacy-oriented operating system, the reality of building one is rather challenging. The project has only existed since May, so the current focus is to get some kind of alpha system put together as a starting point.

The idea of "chaff" is one that has been taken up on the ParanoidLinux wiki. There are several facets to the problem: how does one generate normal-looking traffic while somehow transferring encrypted data as part of that traffic. There are existing techniques that could be used. Chaff combines the ideas of steganography—hiding even the existence of a message—with cryptographic techniques.

The discussion about chaff makes it clear that the ParanoidLinux developers are looking at Doctorow's ideas carefully before implementing them. Chaff is certainly not a panacea, as it won't hide the traffic from an adversary that has specifically targeted someone. It is, instead, a means to fly under the radar, to appear to be a "normal" internet user with standard traffic patterns.

Using Tor (i.e. The Onion Router) is one way to anonymously use the internet—within limits—but traffic bound for a TOR node would be very suspicious to any monitoring agency. Another privacy-enhancing feature would be full-disk encryption, but that would be yet another red flag for an agency that was inspecting the computer. These are kinds of trade-offs that are being discussed by the project as they try to narrow their focus to something that can be implemented in the near term.

Hiding, or at least obfuscating, the existence of ParanoidLinux on the computer is another piece of the puzzle. It could be very dangerous to be required by the authorities to boot one's ParanoidLinux laptop. But, if it appears to be a "regular" system—perhaps looking much like Windows—it may escape scrutiny. Encrypted data might then be stored on partitions that are not directly accessible from the desktop.

This is an interesting project for those who worry about government crackdowns or perhaps already live under a repressive regime. Even if the ParanoidLinux distribution does not meet one's needs, the various discussions on options and different ways to approach a privacy-oriented operating system will be useful. One hopes not to ever need such a system, but knowing that people are thinking about the problem—while generating a working version—is certainly reassuring. For that, we can thank Doctorow for popularizing the idea.

Comments (11 posted)

New vulnerabilities

emacspeak: temporary file vulnerability

Package(s):emacspeak CVE #(s):CVE-2008-4191
Created:October 1, 2008 Updated:October 1, 2008
Description: The emacspeak extract-table.pl script (in versions 26 and 28) suffers from a temporary file vulnerability.
Alerts:
Fedora FEDORA-2008-8379 emacspeak 2008-10-01
Fedora FEDORA-2008-8423 emacspeak 2008-10-01

Comments (none posted)

firefox: multiple vulnerabilities

Package(s):mozilla-firefox CVE #(s):CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-4059 CVE-2008-4066 CVE-2008-4069
Created:September 26, 2008 Updated:January 8, 2009
Description: Multiple vulnerabilities have been discovered in Mozilla-Firefox.
Alerts:
openSUSE openSUSE-SU-2014:1100-1 Firefox 2014-09-09
Gentoo 201301-01 firefox 2013-01-07
Slackware SSA:2008-366-01 mozilla 2009-01-02
Slackware SSA:2008-353-01 mozilla 2008-12-19
Debian DSA-1669-1 xulrunner 2008-11-23
Fedora FEDORA-2008-9859 thunderbird 2008-11-21
Fedora FEDORA-2008-9807 thunderbird 2008-11-21
Debian DSA-1697-1 iceape 2009-01-07
Debian DSA-1696-1 icedove 2009-01-07
Debian DSA-1649-1 iceweasel 2008-10-08
SuSE SUSE-SA:2008:050 MozillaFirefox,MozillaThunderbird,seamonkey,mozilla 2008-10-08
CentOS CESA-2008:0908 thunderbird 2008-10-06
Red Hat RHSA-2008:0908-01 thunderbird 2008-10-01
Fedora FEDORA-2008-8429 seamonkey 2008-09-27
Fedora FEDORA-2008-8401 seamonkey 2008-09-27
Mandriva MDVSA-2008:206 mozilla-thunderbird 2008-09-26
Ubuntu USN-647-1 mozilla-thunderbird, thunderbird 2008-09-26
Ubuntu USN-645-3 firefox, xulrunner 2008-09-25
Slackware SSA:2008-269-02 seamonkey 2008-09-26
Slackware SSA:2008-269-01 mozilla 2008-09-26
Mandriva MDVSA-2008:205 mozilla-firefox 2008-09-25

Comments (1 posted)

initscripts: local system file removal vulnerability

Package(s):initscripts CVE #(s):CVE-2008-3524
Created:September 25, 2008 Updated:November 13, 2008
Description: From the Fedora 9 update: This update fixes an issue (CVE-2008-3524) where a malicious user could cause system files to be removed on startup.
Alerts:
rPath rPSA-2008-0318-1 initscripts 2008-11-12
Fedora FEDORA-2008-7667 initscripts 2008-09-24

Comments (none posted)

kernel: denial of service

Package(s):kernel CVE #(s):CVE-2007-6716
Created:September 25, 2008 Updated:December 3, 2008
Description: From the Red Hat Enterprise Linux alert: a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service.
Alerts:
SuSE SUSE-SA:2008:056 kernel 2008-12-03
Mandriva MDVSA-2008:220-1 kernel 2008-11-19
CentOS CESA-2008:0972 kernel 2008-11-20
Red Hat RHSA-2008:0972-01 kernel 2008-11-19
SuSE SUSE-SR:2008:025 apache2, ipsec-tools, kernel-bigsmp, flash-player, mysql, ktorrent 2008-11-14
Mandriva MDVSA-2008:220 kernel 2008-10-29
Ubuntu USN-659-1 linux, linux-source-2.6.15/22 2008-10-27
SuSE SUSE-SA:2008:052 kernel 2008-10-21
SuSE SUSE-SA:2008:051 kernel 2008-10-21
Debian DSA-1653-1 linux-2.6 2008-10-13
SuSE SUSE-SA:2008:047 kernel 2008-10-01
CentOS CESA-2008:0885 kernel 2008-09-25
Red Hat RHSA-2008:0885-01 kernel 2008-09-24

Comments (none posted)

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2008-3525
Created:October 1, 2008 Updated:June 25, 2009
Description: Linux kernels through 2.6.26.3 lack a capability check in the sbni WAN driver which could allow unauthorized users to perform privileged actions.
Alerts:
Fedora FEDORA-2009-6846 kernel 2009-06-23
Fedora FEDORA-2009-5383 kernel 2009-05-25
Red Hat RHSA-2008:0787-01 kernel 2009-01-05
CentOS CESA-2008:0973 kernel 2008-12-17
Red Hat RHSA-2008:0973-03 kernel 2008-12-16
Mandriva MDVSA-2008:220-1 kernel 2008-11-19
SuSE SUSE-SR:2008:025 apache2, ipsec-tools, kernel-bigsmp, flash-player, mysql, ktorrent 2008-11-14
Red Hat RHSA-2009:0001-01 kernel 2009-01-08
Mandriva MDVSA-2008:223 kernel 2008-10-31
Mandriva MDVSA-2008:220 kernel 2008-10-29
Ubuntu USN-659-1 linux, linux-source-2.6.15/22 2008-10-27
SuSE SUSE-SA:2008:053 kernel 2008-10-27
Fedora FEDORA-2008-8929 kernel 2008-10-23
Fedora FEDORA-2008-8980 kernel 2008-10-23
SuSE SUSE-SA:2008:052 kernel 2008-10-21
SuSE SUSE-SA:2008:051 kernel 2008-10-21
Debian DSA-1655-1 linux-2.6.24 2008-10-16
Debian DSA-1653-1 linux-2.6 2008-10-13
SuSE SUSE-SA:2008:049 kernel 2008-10-02
SuSE SUSE-SA:2008:047 kernel 2008-10-01

Comments (none posted)

mono: CRLF injection

Package(s):mono CVE #(s):CVE-2008-3906
Created:September 30, 2008 Updated:December 7, 2009
Description: From the CVE entry: CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.
Alerts:
Mandriva MDVSA-2009:322 mono 2009-12-07
Ubuntu USN-826-1 mono 2009-08-26
Mandriva MDVSA-2008:210-1 mono 2008-10-11
Mandriva MDVSA-2008:210 mono 2007-10-03
rPath rPSA-2008-0286-1 mono 2008-09-29

Comments (none posted)

openafs: denial of service

Package(s):openafs CVE #(s):CVE-2007-6559
Created:September 30, 2008 Updated:October 1, 2008
Description: From the Mandriva advisory: A race condition in OpenAFS 1.3.40 through 1.4.5 allowed remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks.
Alerts:
Mandriva MDVSA-2008:207 openafs 2007-09-29

Comments (none posted)

pam_mount: restriction bypass

Package(s):pam_mount CVE #(s):CVE-2008-3970
Created:September 30, 2008 Updated:October 22, 2008
Description: From the Mandriva advisory: pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.
Alerts:
Mandriva MDVSA-2008:208-1 pam_mount 2008-10-18
Mandriva MDVSA-2008:208 pam_mount 2007-09-29

Comments (none posted)

phpMyAdmin: code execution vulnerability

Package(s):phpMyAdmin CVE #(s):
Created:September 25, 2008 Updated:October 1, 2008
Description: From the Fedora 9 update: This update by upstream to phpMyAdmin 2.11.9.1 solves a not yet clearly specified code execution vulnerability.
Alerts:
Fedora FEDORA-2008-8269 phpMyAdmin 2008-09-24
Fedora FEDORA-2008-8370 phpMyAdmin 2008-09-24

Comments (none posted)

phpMyAdmin: cross-site scripting vulnerability

Package(s):phpMyAdmin CVE #(s):
Created:September 25, 2008 Updated:October 1, 2008
Description: From the Fedora 8 advisory: This update by upstream to phpMyAdmin 2.11.9.2 solves a not yet clearly specified XSS in MSIE using NUL byte vulnerability.
Alerts:
Fedora FEDORA-2008-8286 phpMyAdmin 2008-09-24
Fedora FEDORA-2008-8335 phpMyAdmin 2008-09-24

Comments (none posted)

rkhunter: insecure temp file

Package(s):rkhunter CVE #(s):
Created:September 25, 2008 Updated:October 1, 2008
Description: The rkhunter root kit checker has an insecure auxiliary tmp file usage issue that may lead to a symlink attack.
Alerts:
Fedora FEDORA-2008-8314 rkhunter 2008-09-24
Fedora FEDORA-2008-8364 rkhunter 2008-09-24

Comments (none posted)

rubygem-rails: SQL injection

Package(s):rubygem-rails CVE #(s):CVE-2008-4094
Created:September 29, 2008 Updated:December 21, 2009
Description:

From Ruby on Rails Security Project:

An SQL Injection vulnerability has been found in Rails. The issue affects Rails < 2.1.1, namely the :limit and :offset parameters that are not correctly sanitized:

    Person.find(:all, :limit => "10; DROP TABLE users;")
A possible attack will work only if you allow the user control these two values as in User.find(:all, :limit => 10, :offset => params[:offset]). Note that will_paginate is not affected, it escapes the values before.
Alerts:
Gentoo 200912-02 rails 2009-12-20
SuSE SUSE-SR:2008:027 squirrelmail, gnutls, rubygem-activerecord, rubygem-actionpack, samba, dbus-1, pdns, php5, pam_krb5 2008-12-09
rPath rPSA-2008-0295-1 rails 2008-10-16
Fedora FEDORA-2008-8282 rubygem-activesupport 2008-10-16
Fedora FEDORA-2008-8322 rubygem-activerecord 2008-09-27
Fedora FEDORA-2008-8322 rubygems 2008-09-27
Fedora FEDORA-2008-8322 rubygem-actionpack 2008-09-27
Fedora FEDORA-2008-8322 rubygem-actionmailer 2008-09-27
Fedora FEDORA-2008-8322 rubygem-activeresource 2008-09-27
Fedora FEDORA-2008-8322 rubygem-activesupport 2008-09-27
Fedora FEDORA-2008-8322 rubygem-rails 2008-09-27

Comments (none posted)

thunderbird: buffer overflow

Package(s):mozilla-thunderbird, thunderbird CVE #(s):CVE-2008-4070
Created:September 26, 2008 Updated:January 8, 2009
Description: From the Ubuntu advisory: Georgi Guninski discovered that Thunderbird improperly handled canceled newsgroup messages. If a user opened a crafted newsgroup message, an attacker could cause a buffer overrun and potentially execute arbitrary code with the privileges of the user invoking the program.
Alerts:
openSUSE openSUSE-SU-2014:1100-1 Firefox 2014-09-09
Gentoo 201301-01 firefox 2013-01-07
Fedora FEDORA-2008-9859 thunderbird 2008-11-21
Fedora FEDORA-2008-9807 thunderbird 2008-11-21
Debian DSA-1697-1 iceape 2009-01-07
SuSE SUSE-SA:2008:050 MozillaFirefox,MozillaThunderbird,seamonkey,mozilla 2008-10-08
CentOS CESA-2008:0908 thunderbird 2008-10-06
Red Hat RHSA-2008:0908-01 thunderbird 2008-10-01
Debian DSA-1696-1 icedove 2009-01-07
Slackware SSA:2008-270-01 thunderbird 2008-09-29
Mandriva MDVSA-2008:206 mozilla-thunderbird 2008-09-26
Ubuntu USN-647-1 mozilla-thunderbird, thunderbird 2008-09-26

Comments (none posted)

viewvc: ignore user-provided MIME types

Package(s):viewvc CVE #(s):
Created:September 25, 2008 Updated:October 1, 2008
Description: ViewVC ignores arbitrary user-provided MIME types, see ViewVC issue #354 for more details.
Alerts:
Fedora FEDORA-2008-8252 viewvc 2008-09-24
Fedora FEDORA-2008-8270 viewvc 2008-09-24

Comments (none posted)

Page editor: Jake Edge
Next page: Kernel development>>


Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds