User: Password:
|
|
Subscribe / Log in / New account

Security

Brief items

Peer to Peer Freedom of Speech

December 3, 2003

This article was contributed by Jake Edge.

One necessary precondition for true freedom of speech is a way to communicate that does not identify the speaker or the listener. Several projects are working to provide that ability through peer-to-peer networking protocols that use cryptography to enable this kind of communication: Freenet, Entropy, and GNUnet. The goals of these projects are quite similar, to provide for the free exchange of ideas while thwarting any attempts to censor the information or punish the participants.

The basic framework for each of these networks is a decentralized, peer-to-peer communications model where a node in the network talks to some number of other nodes, sending requests to these peer nodes and handling requests that come from them. The messages sent between nodes are encrypted using a session key that has been negotiated between the nodes using public key encryption. This encryption should be sufficient to deny a 'man in the middle' from determining anything useful about the traffic (other than its existence).

When a node sends a request to one of its peers, there is no reason to assume that the request actually originated on that node as nodes will forward requests that they receive, but cannot satisfy. Any response that is generated to a node is likewise not necessarily ultimately bound for that node and could be the response to a request that was forwarded by the node. With a sufficient number of nodes and amount of traffic, no analysis of the traffic to or from nodes will reveal the true source and destinations of the requests. This stands in stark contrast to the more common peer-to-peer networks where, once the content is found, a direct connection is made from the destination to the source to retrieve the content.

Each node that fully participates in the network provides some local storage for information in the network and can immediately satisfy requests for any data that it has stored locally. In order to provide deniability for the operators of these nodes, this data is encrypted and the operators are unable to determine what content actually resides on their node at any given time. Cryptographic hash functions on the file contents are typically used to identify particular files that have been inserted into the network. These identifiers are not particularly user friendly - for instance a copy of Kevin Mitnick's book The Art of Deception can be found in the Entropy network using the identifier:

    SSK@zpxOK~ounTzoDwJKguoUHib8G7sBCMA/ArtOfDeception//
To make the system easier to use, various network users have put together directories of content to help navigation.

The popularity of a file governs how long it stays in the network and how often it is replicated. Each of the networks has limits on the amount of storage available to it (based on the number of active nodes and the amount of storage allocated to the nodes by each operator) and must sometimes prune content when new content is added. GNUnet tries to overcome the problem of 'freeloaders' (nodes that request content but do not serve any) by adding an 'economic' layer to its network. Each node keeps track of its 'opinion' of the other nodes that it has talked to; nodes that satisfy requests have a better reputation and will be treated preferentially under higher network loads.

Both Freenet and Entropy provide an HTTP proxy that allows the use of standard web browsers as clients to view some of the content on the network. Entropy also adopted the Freenet Client Protocol so that all of the client applications originally written for Freenet will work with Entropy as well. Frost is one of the most widely used clients and provides file sharing and message board functionality. GNUnet appears to mainly use command line tools, though gnunet-gtk provides a graphical front-end.

Security is clearly taking precedence over performance, as it should, but this causes the user experience browsing Freenet or Entropy (at least) to be fairly frustrating. Sites can take tens of minutes to load or fail to load altogether, presumably because the information has either dropped out of the network or any sites that contain the information are currently offline or too far away (in network, not geographic, terms).

Critics of these projects complain that they could be used by criminals for nefarious purposes and, obviously, that is true. There is no way to provide for anonymous communication that cannot be abused and these projects have decided that freedom of communication is more important than stopping illegal uses. In the end, these networks are tools like computers or phones and they can be used for good or for ill. It would be impossible and a serious affront to liberty to outlaw all tools that could be used to commit a crime.

Comments (10 posted)

Security reports

Savanna.gnu.org compromised too

If you go to Savannah, the GNU project's development server, you'll find a note stating that it, too, has been broken into. "The compromise seems to be of the same nature as the recent attacks on Debian project servers; the attacker seemed to operate identically." Savannah will be down until (at least) December 5. (Thanks to "sdoyon", who posted the news in an LWN comment).

Comments (22 posted)

New vulnerabilities

bind: cache poisoning

Package(s):bind CVE #(s):CAN-2003-0914
Created:November 26, 2003 Updated:February 19, 2004
Description: A cache poisoning vulnerability in BIND may be exploited causing a temporary denial of service until the bad record expires from the cache.
Alerts:
SCO Group CSSA-2004-003.0 bind 2004-02-19
Debian DSA-409-1 bind 2004-01-05
SuSE SuSE-SA:2003:047 bind8 2003-11-28
Trustix 2003-0044 bind 2003-11-27
Immunix IMNX-2003-7+-024-01 bind 2003-10-27
EnGarde ESA-20031126-031 BIND 2003-11-26

Comments (none posted)

GnuPG: ElGamal signing keys compromised

Package(s):gnupg CVE #(s):CAN-2003-0971
Created:November 28, 2003 Updated:March 3, 2004
Description: A severe vulnerability was discovered in GnuPG by Phong Nguyen relating to ElGamal sign+encrypt keys. This email message from Werner Koch contains more information. "Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead to a compromise of almost all ElGamal keys used for signing. Note that this is a real world vulnerability which will reveal your private key within a few seconds."
Alerts:
SCO Group CSSA-2004-009.0 gnupg 2004-03-02
Debian DSA-429-2 gnupg 2004-02-13
Debian DSA-429-1 gnupg 2004-01-26
Gentoo 200312-05 app-crypt/gnupg 2003-12-12
Fedora FEDORA-2003-025 gnupg 2003-12-10
Red Hat RHSA-2003:395-01 gnupg 2003-12-10
Red Hat RHSA-2003:390-01 gnupg 2003-12-10
Conectiva CLA-2003:798 gnupg 2003-12-09
SuSE SuSE-SA:2003:048 gpg 2003-12-03
Mandrake MDKSA-2003:109 gnupg 2003-11-28

Comments (3 posted)

kernel: local root exploit in 2.4.22

Package(s):kernel CVE #(s):CAN-2003-0961
Created:December 1, 2003 Updated:April 5, 2004
Description: A vulnerability was discovered in the Linux kernel versions 2.4.22 and previous. A flaw in bounds checking in the do_brk() function can allow a local attacker to gain root privileges. This vulnerability is known to be exploitable.

The 2.4.23 kernel contains the fix. For more details on how this vulnerability works, see this LWN article.

Alerts:
Debian DSA-475-1 kernel-image-2.4.17-hppa 2004-04-05
Debian DSA-470-1 kernel-image-2.4.17-hppa 2004-04-01
Debian DSA-442-1 kernel-patch-2.4.17-s390 2004-02-19
Debian DSA-433-1 kernel-patch-2.4.17-mips 2004-02-04
Debian DSA-423-1 kernel-image-2.4.17-ia64 2004-01-15
Red Hat RHSA-2003:368-01 kernel 2003-12-19
Conectiva CLA-2003:796 kernel 2003-12-05
Gentoo 200312-02 kernel 2003-12-04
SuSE SuSE-SA:2003:049 kernel 2003-12-04
Yellow Dog YDU-20031203-1 kernel 2003-12-03
Red Hat RHSA-2003:389-01 kernel 2003-12-01
Fedora FEDORA-2003-026 kernel 2003-12-02
Slackware SSA:2003-336-01 kernel 2003-12-01
Red Hat RHSA-2003:392-00 kernel 2003-12-01
Trustix 2003-0046 kernel 2003-12-01
Mandrake MDKSA-2003:110 kernel 2003-12-01
Debian DSA-403-1 kernel 2003-12-01

Comments (1 posted)

Net-SNMP: security bugs in versions before 5.0.9

Package(s):Net-SNMP CVE #(s):CAN-2003-0935
Created:December 2, 2003 Updated:February 13, 2004
Description: The Net-SNMP project includes various Simple Network Management Protocol (SNMP) tools. A security issue in Net-SNMP versions before 5.0.9 could allow an existing user/community to gain access to data in MIB objects that were explicitly excluded from their view.

Version 5.0.9 of Net-SNMP is not vulnerable to this issue. In addition, Net-SNMP 5.0.9 fixes a number of other minor bugs.

Alerts:
Whitebox WBSA-2004:023-01 Net-SNMP 2004-02-12
Red Hat RHSA-2004:023-01 net-snmp 2004-01-15
Mandrake MDKSA-2003:115 net-snmp 2003-12-11
Red Hat RHSA-2003:335-01 net-snmp 2003-12-02

Comments (none posted)

screen: privilege escalation

Package(s):screen CVE #(s):CAN-2003-0972
Created:November 28, 2003 Updated:March 3, 2004
Description: According to this advisory a buffer overflow in GNU screen allows privilege escalation for local users. Usually screen is installed either setgid-utmp or setuid-root.

It also has some potential for remote attacks or getting control of another user's screen. The problem is that you have to transfer around 2-3 gigabytes of data to user's screen to exploit this vulnerability. 4.0.1, 3.9.15 and older versions are vulnerable.

Alerts:
SCO Group CSSA-2004-011.0 screen 2004-03-02
Fedora-Legacy FLSA:1187 screen 2004-01-26
Conectiva CLA-2004:809 screen 2004-01-20
Debian DSA-408-1 screen 2004-01-05
Mandrake MDKSA-2003:113 screen 2003-12-08
OpenPKG OpenPKG-SA-2003.050 screen 2003-11-28

Comments (none posted)

stunnel: file descriptor leak

Package(s):stunnel CVE #(s):CAN-2003-0740
Created:November 26, 2003 Updated:December 3, 2003
Description: A vulnerability was discovered in stunnel versions 3.24 and earlier, as well as 4.00, by Steve Grubb. It was found that stunnel leaks a critical file descriptor that can be used to hijack stunnel's services. See this advisory for more information.
Alerts:
Trustix 2003-0045 stunnel 2003-11-27
Mandrake MDKSA-2003:108 stunnel 2003-11-25

Comments (none posted)

Resources

A mailing list for secure application development

A new mailing list (called "SC-L") has been set up for the discussion of secure application development. It is a moderated list. Click below for the full announcement, and instructions for signing up.

Full Story (comments: none)

Page editor: Jonathan Corbet
Next page: Kernel development>>


Copyright © 2003, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds