Profile

Cover photo
Erik Pusch
110 followers|145,929 views
AboutPosts

Stream

Erik Pusch

Shared publicly  - 
 
Lustiges Loch im Windows -  MS mag nicht patchen, weil sie Kompatibilitätsprobleme befürchten

http://www.heise.de/newsticker/meldung/Issue-222-Die-Windows-Luecke-die-Microsoft-nicht-schliessen-will-2585592.html
 ·  Translate
1
Add a comment...

Erik Pusch

Shared publicly  - 
 ·  Translate
Als erstes Gefährt von Menschenhand hat der Mars-Rover Opportunity nun einen kompletten Marathon auf einer fremden Welt zurückgelegt. Die Sonde sollte eigentlich nur drei Monate arbeiten, hat aber nun schon mehr als elf Jahre auf dem Buckel.
1
Add a comment...

Erik Pusch

Shared publicly  - 
 
Via +Kristian Köhntopp

Alten Cryptocode loswerden ist nicht leicht.
 ·  Translate
 
Deprecating Old Crypto in a Linux Distro: A tale of something that looked obvious but .. there's a lesson in it somewhere.

While working on my Linux distro project at work, one of the things I recently wanted to do is phase out old crypto.

Yes we all read Bruce Schneider's text and how important it is, but nothing drives it home like reading The Guardian articles followed
by OpenSSL downgrade attacks in the last year or two.

Now, nothing should be defaulting to some of the antique crypto, but the only way to know 100% sure  that the algorithms in question aren't being used, is to just not compile them into the various crypto libraries of your distro.

So.. step 1 was to look at the algorithm list of openssl:

arjan@clr:~$ openssl ciphers

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:DES-CBC-SHA




A few things stand out immediately.

RC4. This like seriously predates MD5, and MD5 is already suspect.

DES. Yes really. DES. in 1995 I worked at a company as an intern that made DES chips that you could use to brute force DES. In 1995, when Twin Peaks was on TV  and you measured transistor sizes of a chip in micrometers not nanometers.

MD5. The general consensus seems to be that for crypto, you shouldn't use MD5 anymore. I'm not talking about SHA1, where one can argue that existing uses are still ok, but MD5.

I decided to draw my first line there, stick to the consensus and all that.

The good news is that OpenSSL is very configurable, and it's pretty easy to say

no-rc4 no-des no-md5

on the configure line (and for good measure, I added no-ssl2 and no-ssl3).

At this point, I thought I was on a roll, removing old crypto is easy, lets finish this 15 minute project before the project meeting starts.

So now on to the bad news. And sadly, there is plenty to be had.

openssl does not even compile with the no-md5 option:

make[1]: Entering directory '/builddir/build/BUILD/openssl-1.0.2a/ssl'
In file included from s3_srvr.c:171:0:
../include/openssl/md5.h:70:4: error: #error MD5 is disabled.
 #  error MD5 is disabled.
    ^
In file included from s3_clnt.c:158:0:
../include/openssl/md5.h:70:4: error: #error MD5 is disabled.
 #  error MD5 is disabled.
    ^
....


Ok, so MD5 is technically not insane broken for small packets, and
it's just consensus not so much hard earned proof, so maybe deprecating md5 is a project for another day.

openssl does not even compile with the no-des option:

make[2]: Entering directory '/builddir/build/BUILD/openssl-1.0.2a/apps'
../libcrypto.so: undefined reference to `EVP_des_ede3_wrap'

or when you fix that, it does not pass its test suite (I'll spare you the details). 

Now here I had to draw a line. 20 years ago DES was not secure.. never mind today. I wouldn't  be surprised if someone will chime in and say that their smartwatch can brute force DES in realtime now.
So.. fixing it is.

I suppose the good news is that no-rc4 went just fine.

The success story then, with the list of crypto from openssl after no-rc4 and no-des:

$ openssl ciphers
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:PSK-AES128-CBC-SHA

no DES, no RC4.




But, as it was a Monday, the misery only started there (Dave Jones should have taught me that misery is like lawyers, it always comes in pairs).

I threw the no-rc4/no-des package into our build system, and in no time the world came apart on me. Half the distro broke!
Well not half, but several very important pieces.

It turns out that components like curl, libcurl (so anything speaking http), wget, openssh, mariadb, ...

all hard-code DES usage. Now, I'll give curl credit, with creative use of configure options, you can make it not compile DES in, but you can't then make it pass its testsuite.

There must be a lesson in here somewhere.

One, our team will be fixing these projects to not require DES (or RC4), and we'll send those patches to the upstream projects of course.

But more, and this is a call to action: If you're working on an open source project that uses crypto, please please don't opencode crypto algorithm usage.
The algorithm may be outdated at any time and might have to go away in a hurry. 
And if you have to use a very specific algorithm anyway (for compatibility or otherwise), at least be kind and make a
configure option for each algorithm in your project, so that when things go bad (be it in 5 or 20 years), its very feasible to disable the algorithm entirely. 
29 comments on original post
1
Add a comment...

Erik Pusch

Shared publicly  - 
 ·  Translate
Über das Public-Key-Pinning im Webbrowser Chrome ist Google auf gefälschte Zertifikate für Google-Domains gestoßen. Diese werden von der Root-CA CNNIC beglaubigt, der viele Betriebssysteme und Browser beim Aufbau verschlüsselter Verbindungen vertrauen.
1
Add a comment...

Erik Pusch

Shared publicly  - 
 
via +Martin Vogel - wie Schokorosinen hergestellt werden -)
 ·  Translate
 
Easter is coming! A reminder of how raisinettes are made.
3 comments on original post
1
Add a comment...

Erik Pusch

Shared publicly  - 
 
BER und Termine funktioniert in Berlin nicht und bei der IT schaut es auch nicht besser aus. Vielleicht sollte man doch ein Münchner Limux ausrollen, nachdem es anscheinend so schwer ist, sich für ein neues MS Produkt zu erwärmen:

http://www.heise.de/newsticker/meldung/Extra-Support-laeuft-aus-Berliner-Senat-klebt-an-Windows-XP-2582739.html
 ·  Translate
Zum Jahresende liefen in der Berliner Verwaltung noch rund 38 Prozent aller IT-Arbeitsplätze unter dem veralteten Betriebssystem Windows XP, seitdem hat sich offenbar wenig getan. Die Grünen warnen vor einem Sicherheitsdebakel.
1
Ralph Steins's profile photoErik Pusch's profile photo
2 comments
 
+Ralph Steins so kann man's auch sehen :-)
 ·  Translate
Add a comment...
Have them in circles
110 people
Marcus Schmidke's profile photo
Herbert Framke's profile photo
Reinhard Keller's profile photo
Serg Bond's profile photo
Christoph Schaddach's profile photo
Orhan Kilic's profile photo
Daniela Duerbeck (mehrmeer)'s profile photo
Jana Beuter's profile photo
Stefanie Weissenbach's profile photo
Durch einen Trick könnte eine bereits installierte App einen bösartigen Trojaner auf Android-Geräten platzieren – ohne dass der Anwender das bemerkt oder ihr irgendwelche Rechte einräumen müsste.
1
Add a comment...

Erik Pusch

Shared publicly  - 
Heute vor 20 Jahren veröffentlichte der Programmierer Ward Cunningham eine Software im Internet, die er WikiWikiWeb benannte. Eine schlichte Codezeile namens "Edit this page" revolutionierte das Internet.
1
Add a comment...

Erik Pusch

Discussion  - 
Am 18. März ist in Tutzing der Ingenieur und Informatikprofessor Eike Jessen gestorben. Er hat den Großrechner TR 440 entwickelt und war maßgeblicher Mitgestalter des Deutschen Forschungsnetzes.
3
Add a comment...

Erik Pusch

Shared publicly  - 
 
ähm tja... was soll man da noch sagen...
 ·  Translate
 
no comment

Telefonieren über das Internet ist grundsätzlich nichts Neues. Im sogenannten Voice-over-IP-Verfahren (VoIP) wird bereits mittels Datenverbindung über das Internet telefoniert, etwa über die Computersoftware Skype. Ein Ersatz für den herkömmlichen Telefonanschluss ist VoIP per PC allerdings nicht, denn sie bietet vergleichsweise geringen Komfort und Verbindungsabbrüche sind an der Tagesordnung. Zudem muss der PC ständig eingeschaltet sein und eine konstante Verbindung zum Internet bestehen.

Das ist beim Telefonieren über das Internet Protokoll ganz anders: Die Gesprächsverbindungen über IP erfolgen in hervorragender Sprachqualität und dem Kunden stehen alle Bequemlichkeiten moderner Telefon-Features zur Verfügung. Zudem kann jeder Anschluss ohne zusätzliche Kosten zwei Sprachkanäle nutzen und erhält mindestens drei Rufnummern.

(es geht noch weiter)

http://www.telekom.com/medien/medienmappen/Medienmappe+IP-Umstellung/260274

via +Lars Sobiraj 
 ·  Translate
IP-Telefonie: Wenn die Stimme übers Internet kommt
19 comments on original post
1
Add a comment...

Erik Pusch

Shared publicly  - 
 
Openstack Werkzeug
 
Seitdem ich Openstack mache, weiß ich: Es gibt Bedarf an diesen Dingen. »XM42. The world's first commercially available handheld flamethrower. The XM42 is the world’s first fully handheld, grab and go flamethrower on the market. No heavy pressurized tanks, no silly car-wash sprayers. Elegant and Powerful.«
 ·  Translate
The Ion Productions Team
25 comments on original post
1
Add a comment...

Erik Pusch

Shared publicly  - 
 
 
Nice article by +Linux Voice on Konrad Zuse. "If you have any interest in computer history, and possibly even if you haven’t, you’ll have heard of two of the early computer pioneers: Alan Turing and John von Neumann, who were involved with the machines being developed during World War II. But there’s a fair chance that you haven’t heard of Konrad Zuse, in Germany — despite the fact that he was achieving very similar things over four years earlier.

Unlike both Turing and von Neumann, Zuse was working in isolation — he had no similarly able colleagues in Germany, and did not of course have any contact with the leading computer scientists and mathematicians working for the Allies. Nevertheless, in the Z3 he built the world’s first fully operational electromagnetic programmable computer, in 1941; and came up with the theory of stored-program computation in 1937, several years before von Neumann proposed it."

Pictured: Z4 (the real thing!) on display in the German Museum in Munich. Image: Clemens Pfeiffer, CC-G.
If you have any interest in computer history, and possibly even if you haven't, you'll have heard of two of the early computer pioneers: Alan Turing and John von Neumann, who were involved with the machines being developed during World War II. But there's a fair chance that you haven't heard of ...
View original post
1
Add a comment...
People
Have them in circles
110 people
Marcus Schmidke's profile photo
Herbert Framke's profile photo
Reinhard Keller's profile photo
Serg Bond's profile photo
Christoph Schaddach's profile photo
Orhan Kilic's profile photo
Daniela Duerbeck (mehrmeer)'s profile photo
Jana Beuter's profile photo
Stefanie Weissenbach's profile photo
Basic Information
Looking for
Friends, Networking
Story
Tagline
42. 23 ist auch ok
Introduction
Professioneller Bitschubser und digitaler Problemlöser