FBI Backdoored OpenBSD?

[ewmayer]

In slightly off-topic other news, a little while ago Karl Denninger (one of the blogs I often cite in the Mystery Economic Theater thread in Soapbox) posted an article titled "FBI Outed Breaking Into The US Internet", and now his site appears to be experiencing 'technical difficulties'. Perhaps the FBI has managed to co-opt many of the "Anonymous" hacktivists to perform DDOS on its behalf in exchange for free Farmville credits and ChuckECheese play-money coins?

[an hour later] KD`s site is back up now, and here is the post mentioned above

Quote:

I have no way to vet or verify this.

However, be aware that a sizable number of implementations of internet security systems are based on the OpenBSD framework, as OpenBSD has been widely regarded for a very long time as one of the more-secure reference implementations.

There have been persistent rumors on The Internet for years that back doors have existed in various vendor's firmware that would allow the US Government to log in undetected and redirect data streams to places they desire. The latter - redirection and "mirroring" is a common and legitimate diagnostic function. The ability to use it without generating any sort of log with a "back door" password is not!

Again, these rumors have been persistent for years and have implicated a number of vendors. I have not published them in the past primarily because I have not been able to vet them nor get anyone to admit "on the record" in a form that I can reproduce that the back doors are there.

Some of these rumors date back to when I ran my ISP. I can tell you that if they existed in the firmware at that time, my diligent attempts to detect it being used (yes, real people have packet capture hardware as well as spooks) failed to do so. That doesn't mean it didn't exist - it only means that on my network it was not activated to direct traffic to "somewhere else." In fact, I had a rather sophisticated surveillance system looking for evidence of exactly that for several months at one point. None was found.

But this is a very specific allegation. If it's present then one must assume that the key is not in fact secret and any encrypted traffic using these facilities, which implicates SSH, IPSEC and other similar things, such as VPN sessions, has been compromised.

Note that this likely means that the majority of so-called "secure" credit card validation transactions that run over networks without an "air gap" are also likely insecure.

It probably doesn't implicated SSL web sessions.

Probably.

My Comment: Note that the person implicated in the e-mail reproduced below has denied involvement with the FBI, and adds that study of his actual code checkins as captured in the CVS tree should shed light on who is being truthful here. And here is the opening message from the OpenBSD-tech mailing list linked to in Karl's article - interested readers can follow the "next in thread chain" which ensues:

Quote:

List: openbsd-tech
Subject: Allegations regarding OpenBSD IPSEC
From: Theo de Raadt <deraadt () cvs ! openbsd ! org>
Date: 2010-12-14 22:24:39
Message-ID: 201012142224.oBEMOdWM031222 () cvs ! openbsd ! org
[Download message RAW]

I have received a mail regarding the early development of the OpenBSD
IPSEC stack. It is alleged that some ex-developers (and the company
they worked for) accepted US government money to put backdoors into
our network stack, in particular the IPSEC stack. Around 2000-2001.

Since we had the first IPSEC stack available for free, large parts of
the code are now found in many other projects/products. Over 10
years, the IPSEC code has gone through many changes and fixes, so it
is unclear what the true impact of these allegations are.

The mail came in privately from a person I have not talked to for
nearly 10 years. I refuse to become part of such a conspiracy, and
will not be talking to Gregory Perry about this. Therefore I am
making it public so that
(a) those who use the code can audit it for these problems,
(b) those that are angry at the story can take other actions,
(c) if it is not true, those who are being accused can defend themselves.

Of course I don't like it when my private mail is forwarded. However
the "little ethic" of a private mail being forwarded is much smaller
than the "big ethic" of government paying companies to pay open source
developers (a member of a community-of-friends) to insert
privacy-invading holes in software.

----

From: Gregory Perry <Gregory.Perry@GoVirtual.tv>
To: "deraadt@openbsd.org" <deraadt@openbsd.org>
Subject: OpenBSD Crypto Framework
Thread-Topic: OpenBSD Crypto Framework
Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg==
Date: Sat, 11 Dec 2010 23:55:25 +0000
Message-ID: <8D3222F9EB68474DA381831A120B1023019AC034@mbx021-e2-nj-5.exch021.domain.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Status: RO

Hello Theo,

Long time no talk. If you will recall, a while back I was the CTO at
NETSEC and arranged funding and donations for the OpenBSD Crypto
Framework. At that same time I also did some consulting for the FBI,
for their GSA Technical Support Center, which was a cryptologic
reverse engineering project aimed at backdooring and implementing key
escrow mechanisms for smart card and other hardware-based computing
technologies.

My NDA with the FBI has recently expired, and I wanted to make you
aware of the fact that the FBI implemented a number of backdoors and
side channel key leaking mechanisms into the OCF, for the express
purpose of monitoring the site to site VPN encryption system
implemented by EOUSA, the parent organization to the FBI. Jason
Wright and several other developers were responsible for those
backdoors, and you would be well advised to review any and all code
commits by Wright as well as the other developers he worked with
originating from NETSEC.

This is also probably the reason why you lost your DARPA funding, they
more than likely caught wind of the fact that those backdoors were
present and didn't want to create any derivative products based upon
the same.

This is also why several inside FBI folks have been recently
advocating the use of OpenBSD for VPN and firewalling implementations
in virtualized environments, for example Scott Lowe is a well
respected author in virtualization circles who also happens top be on
the FBI payroll, and who has also recently published several tutorials
for the use of OpenBSD VMs in enterprise VMware vSphere deployments.

Merry Christmas...

Gregory Perry
Chief Executive Officer
GoVirtual Education

[Robert Holmes]

It appears one of the accused, Jason Wright, has already responded to the allegations:

http://marc.info/?l=openbsd-tech&m=129244045916861&w=2

Quote:

Subject: Allegations regarding OpenBSD IPSEC

Every urban lengend is made more real by the inclusion of real names,
dates, and times. Gregory Perry's email falls into this category. I
cannot fathom his motivation for writing such falsehood (delusions
of grandeur or a self-promotion attempt perhaps?)

I will state clearly that I did not add backdoors to the OpenBSD
operating system or the OpenBSD crypto framework (OCF). The code I
touched during that work relates mostly to device drivers to support
the framework. I don't believe I ever touched isakmpd or photurisd
(userland key management programs), and I rarely touched the ipsec
internals (cryptodev and cryptosoft, yes). However, I welcome an
audit of everything I committed to OpenBSD's tree.

I demand an apology from Greg Perry (cc'd) for this accusation. Do
not use my name to add credibility to your cloak and dagger fairy
tales.

I will point out that Greg did not even work at NETSEC while the OCF
development was going on. Before January of 2000 Greg had left NETSEC.
The timeline for my involvement with IPSec can be clearly demonstrated
by looking at the revision history of:
src/sys/dev/pci/hifn7751.c (Dec 15, 1999)
src/sys/crypto/cryptosoft.c (March 2000)
The real work on OCF did not begin in earnest until February 2000.

Theo, a bit of warning would have been nice (an hour even... especially
since you had the allegations on Dec 11, 2010 and did not post them
until Dec 14, 2010). The first notice I got was an email from a
friend at 6pm (MST) on Dec 14, 2010 with a link to the already posted
message.

So, keep my name out of the rumor mill. It is a baseless accusation
the reason for which I cannot understand.

--Jason L. Wright

[rogue]

I understand how some "government organization" would be interested in doing such as thing, but the one thing that struck me was that the one organization that would have the manpower and skill to do this would be the CIA. The FBI is involved more in criminal investigations rather than spying. It doesn't strike me that they would be the ones to do this.

BTW, if there were such backdoors, I would expect hackers to have discovered them by now.

[retina]

Hackers will only discover things like this if there is incentive to find them. Once Windows has been relegated to 2nd place and BSD takes then we will start to see whether or not BSD is really secure or not. But not now, not yet, currently BSD is too small a target to warrant the hackers' time to investigate.

[xilman]

Quote:

Originally Posted by retina

Hackers will only discover things like this if there is incentive to find them. Once Windows has been relegated to 2nd place and BSD takes then we will start to see whether or not BSD is really secure or not. But not now, not yet, currently BSD is too small a target to warrant the hackers' time to investigate.

Too simplistic an analysis, IMO.

Some security misfeatures will be discovered by chance; no incentive other than idle curiousity required.

"BSD" is a family of operating systems which share various characteristics and a largely common licen{c,s}ing scheme. OpenBSD specializes in having very few exploitable security bugs. Other BSDs put more of their efforts elsewhere. MacOS is fundamentally BSD, for instance. Are you suggesting that hackers are not interested in finding holes in that distribution of BSD? If so, you need to get out more.

Hackers are certainly interested in finding security holes in non-Windows operating systems. Many have been found in Linux distributions, BSD distributions, Solaris distributions, Symbian distributions and many other distributions over recent years and there is no indication visible to me to suggest that security holes will not continue to be searched for and found by hackers in the coming years. If I'm wrong, perhaps I ought to get out more.


Paul

[retina]

Quote:

Originally Posted by xilman

Are you suggesting that hackers are not interested in finding holes in that distribution of BSD?

No. The interest will certainly be there. I suggest it is the incentive is lacking. The occasional bored hacker, or serendipitous discovery, is not a proper test of the real security level.

Quote:

Originally Posted by xilman

... you need to get out more.

That is true regardless of whether my analysis is correct or not.

[xilman]

Quote:

Originally Posted by retina

No. The interest will certainly be there. I suggest it is the incentive is lacking. The occasional bored hacker, or serendipitous discovery, is not a proper test of the real security level.That is true regardless of whether my analysis is correct or not.

I can only conclude that you are avoiding the point, whether deliberately or carelessly I can't decide.

Searching for security holes, at whatever level of interest, is undoubtedly a proper test of the real security level --- by definition. Finding a hole is undoubtedly a failure of the implementation to meet the security model --- also by definition.

I also deduce that you have a different conception of "truth" from mine.

Finally, you make an absolute statement:

Quote:

Originally Posted by retina

Hackers will only discover things like this if there is incentive to find them

(emphasis added) then go on to claim that "serendipitous" discoveries can be made despite a lack of incentive. Spotted a possible inconsistency yet? Perhaps you believe that hackers never make serendipitous discoveries --- that's the only way I have yet found to reconcile your two statements. If so, all I can say is that you have your beliefs and I have mine.


Paul

[retina]

Quote:

Originally Posted by xilman

Finally, you make an absolute statement: (emphasis added) then go on to claim that "serendipitous" discoveries can be made despite a lack of incentive. Spotted a possible inconsistency yet? Perhaps you believe that hackers never make serendipitous discoveries --- that's the only way I have yet found to reconcile your two statements. If so, all I can say is that you have your beliefs and I have mine.

It's a fair cop. But not deliberate, just sloppy thinking at this time of day.

Certainly bored hackers can have incentive, but in general a "few" hackers is not a real test of security (IMO). I will still claim that point. My definition of a secure system is not a proclamation by the software writers, but a demonstrated resistance to attacks by suitably motivated attackers. Right now it appears that BSD is secure enough for the current level of threat and the current level of usage (both low). But I was saying that once BSD moves up in popularity of usage then the threat model changes. And in that situation BSD may still prove to be secure, or not, time will tell. But I do not accept that it is secure simply because someone proclaims it to be designed to be secure. Ya gotta test it against real world threat models.

[Mr. P-1]

Quote:

My NDA with the FBI has recently expired, and I wanted to make you
aware of the fact that the FBI implemented a number of backdoors and
side channel key leaking mechanisms into the OCF

I find it difficult to believe that something of this magnitude would be the subject of a non-permanent NDA.

[Mr. P-1]

Quote:

Originally Posted by rogue

BTW, if there were such backdoors, I would expect hackers to have discovered them by now.

By "hackers" do you mean "people interested in breaking into computers"? or "extremely talented programmers"?

I agree that the latter, particularly those who develop NetBSD, would probably have found them by now.

[Wacky]

I, too, think that this is a bunch of "conspiracy" BS.

Any true hidden backdoors are imbedded in things that are not "under public scrutiny". If Intel or some BIOS manufacturer has been "paid off" to intentionally place a "backdoor" in their hardware or boot_firmware, it might be difficult to detect.

In a similar vein, compromising a particular compiler (for example, gcc) to insert "backdoor" code, independent of the source code submitted, is hard to imagine and sustain.

Even if some trojan were introduced, it is questionable that it could lie totally hidden, without any "sleeper cell" tripping some alarm on un-compromised networks.

So, if you believe that the code "does what it says it does", and flaws are "in plain sight". (That does not imply that they are easy to recognize, but that, with proper diligence, they can be found), how can you believe that the FBI has ……… ?

Over decades, the various *BSD communities have addressed various aspects of the overall OS realm. However, it is important to note that they all have been happy to adopt the "best work" from the various branches.

Thus, FreeBSD, Darwin (MacOSX), etc. groups have all accepted to corrections found by the OpenBSD, et. al. folks.

In the last decade, most of the "security alerts" are due to the discovery of cases where a function MIGHT be caused to over-write an area beyond that which the programmer intended. In particular, strings which might be longer than anticipated, can, by the use of functions that "assume unverifiable characteristics" of their inputs be made to over-write other parameters. This, in itself, does not mean that the code can be compromised. Most "possible loopholes" get closed before anyone has the opportunity to determine if it is possible to present an exploitable input.

Fortunately, the opportunity to exploit this behavior also is tied, very closely, to a particular "system/compiler/ordering of the source code." An exploit that works in one configuration is likely to fail in another.

I'm more concerned that "the drug cartels" are taking control of the physical territory, and that my "US$" assets are rapidly becoming worthless because of the impending inflation.