All posts by jake

[$] KRACK, ROCA, and device insecurity

Post Syndicated from jake original https://lwn.net/Articles/736736/rss

Monday October 16 was not a particularly good day for those who are
even remotely security conscious—or, in truth, even for those who aren’t. Two
separate security holes came to light; one probably affects almost all
users of modern technology. The other is more esoteric at some level, but
still serious. In both cases, the code in question is baked into various
devices, which makes it more difficult to fix; in many cases, the devices
in question may not even have a plausible path toward a fix. Encryption
has been a boon for internet security, but both of these vulnerabilities
have highlighted that there is more to security than simply cryptography.

[$] Achieving DisplayPort compliance

Post Syndicated from jake original https://lwn.net/Articles/736011/rss

At the X.Org Developers Conference, hosted by Google in Mountain View, CA
September 20-22, Manasi Navare gave a talk about her journey learning
about kernel graphics on the way to achieving DisplayPort (DP)
compliance for Intel graphics devices.
Making that work involved learning about DP, the kernel graphics subsystem,
and how to do
kernel development, as well. There were plenty of details to absorb,
including the relatively new atomic mode
setting support, the design of which was described in a twopart LWN
article.

[$] A comparison of cryptographic keycards

Post Syndicated from jake original https://lwn.net/Articles/736231/rss

[Four keycards]
An earlier LWN article showed that
private key storage is an important
problem to solve in any cryptographic system and established keycards
as a good way to store private key material offline. But which keycard
should we use? This article examines the form factor, openness, and
performance of four keycards to try to help readers choose the one that
will fit their needs.


Millions of high-security crypto keys crippled by newly discovered flaw (Ars Technica)

Post Syndicated from jake original https://lwn.net/Articles/736520/rss

Ars Technica is reporting on a flaw in the RSA library developed by Infineon that drastically reduces the amount of work needed to discover a private key from its corresponding public key. This flaw, dubbed “ROCA”, mainly affects key pairs that have been generated on keycards. “While all keys generated with the library are much weaker than they should be, it’s not currently practical to factorize all of them. For example, 3072-bit and 4096-bit keys aren’t practically factorable. But oddly enough, the theoretically stronger, longer 4096-bit key is much weaker than the 3072-bit key and may fall within the reach of a practical (although costly) factorization if the researchers’ method improves.

To spare time and cost, attackers can first test a public key to see if it’s vulnerable to the attack. The test is inexpensive, requires less than 1 millisecond, and its creators believe it produces practically zero false positives and zero false negatives. The fingerprinting allows attackers to expend effort only on keys that are practically factorizable. The researchers have already used the method successfully to identify weak keys, and they have provided a tool here to test if a given key was generated using the faulty library. A blog post with more details is here.”

Security updates for Friday

Post Syndicated from jake original https://lwn.net/Articles/736317/rss

Security updates have been issued by Arch Linux (botan, flyspray, go, go-pie, pcre2, thunderbird, and wireshark-cli), Fedora (chromium and mingw-poppler), Red Hat (Red Hat JBoss BPM Suite 6.4.6 and Red Hat JBoss BRMS 6.4.6), SUSE (git and kernel), and Ubuntu (libffi and xorg-server, xorg-server-hwe-16.04, xorg-server-lts-xenial).

Security updates for Thursday

Post Syndicated from jake original https://lwn.net/Articles/736176/rss

Security updates have been issued by CentOS (httpd and thunderbird), Debian (nss), Fedora (git), openSUSE (krb5, libvirt, samba, and thunderbird), Oracle (httpd and thunderbird), Red Hat (httpd, rh-mysql57-mysql, and thunderbird), Scientific Linux (httpd and thunderbird), and Ubuntu (ceph).

[$] Continuous-integration testing for Intel graphics

Post Syndicated from jake original https://lwn.net/Articles/735468/rss

Two separate talks, at two different venues, give us a look into the
kinds of testing that the Intel graphics team is
doing. Daniel Vetter had a
short presentation as part of the Testing and Fuzzing microconference at
the Linux Plumbers Conference (LPC). His colleague, Martin Peres, gave a
somewhat longer talk, complete with demos, at the X.Org Developers Conference
(XDC). The picture they paint is a pleasing one: there is lots of testing
going on there. But there are problems as well; that amount of testing
runs afoul of bugs elsewhere in the kernel, which makes the job
harder.

[$] An update on GnuPG

Post Syndicated from jake original https://lwn.net/Articles/735840/rss

The GNU Privacy Guard (GnuPG) is one of the
fundamental tools that allows a distributed group to
have trust in its communications. Werner Koch, lead developer of GnuPG,
spoke about it
at Kernel Recipes: what’s in the new 2.2 version, when older versions
will reach their end of life, and how development will proceed going forward.
He also spoke at some length on the issue of best-practice key management
and how GnuPG is evolving to assist. Subscribers can click below for a
report on the talk by guest author Tom Yates.

Security updates for Friday

Post Syndicated from jake original https://lwn.net/Articles/735663/rss

Security updates have been issued by Arch Linux (curl, krb5, lib32-curl, lib32-krb5, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, and libcurl-gnutls), Debian (golang), Fedora (MySQL-zrm), Mageia (firefox, ghostscript, libgd, libraw, libwpd, open-vm-tools, poppler, and rawtherapee), Oracle (kernel and postgresql), Red Hat (kernel), Scientific Linux (kernel), Slackware (curl, openjpeg, and xorg), and Ubuntu (ruby1.9.1).

[$] Steps toward a privacy-preserving phone

Post Syndicated from jake original https://lwn.net/Articles/735597/rss

What kind of cell phone would emerge from a concerted effort
to design privacy in from
the beginning, using free software as much as possible? Some
answers are provided by a crowdfunding campaign launched in
August by Purism SPC, which has used two such
campaigns successfully in the past to build a business around secure
laptops. The Librem 5, with a five-inch screen and radio chip for
communicating with cell phone companies, represents Purism’s hope to bring
the same privacy-enhancing vision to the mobile space, which is much more
demanding in its threats, technology components, and user experience.

[$] More from the testing and fuzzing microconference

Post Syndicated from jake original https://lwn.net/Articles/735034/rss

A lot was discussed and presented in the three hours allotted to the Testing
and Fuzzing microconference
at this year’s Linux Plumbers Conference
(LPC), but some spilled out of that slot. We have already looked at some
discussions on kernel testing that occurred both before and during the
microconference. Much of the rest of the discussion is summarized in the
article from this week’s edition, which subscribers can access from the
link below.

[$] Improvements in the block layer

Post Syndicated from jake original https://lwn.net/Articles/735275/rss

Jens Axboe is the
maintainer of the block layer of the kernel. In this capacity,
he spoke at Kernel Recipes
2017
on what’s new in the storage world for
Linux, with a particular focus on the new block-multiqueue subsystem:
the degree to which it’s been adopted, a number of optimizations that
have recently been made, and a bit of speculation about
how it will further improve in the future.

Subscribers can click below for a report from the Kernel Recipes talk by
guest author Tom Yates.

[$] Strategies for offline PGP key storage

Post Syndicated from jake original https://lwn.net/Articles/734767/rss

While the adoption of OpenPGP
by the general population is marginal at
best, it is a critical component for the security community and
particularly for Linux distributions. For example, every package
uploaded into Debian is verified by the central repository using the
maintainer’s OpenPGP keys and the
repository itself is, in turn, signed
using a separate key. If upstream packages also use such signatures, this
creates
a complete trust path from the original upstream developer to
users.
Beyond that, pull requests for the Linux kernel are verified using
signatures as well.
Therefore, the stakes are high: a compromise of the release key, or
even of a single maintainer’s key, could enable devastating
attacks against many machines.

Security updates for Friday

Post Syndicated from jake original https://lwn.net/Articles/735121/rss

Security updates have been issued by Arch Linux (ffmpeg2.8, nvidia, and openvpn), Fedora (git, mercurial, moodle, php-horde-Horde-Image, poppler, and pure-ftpd), openSUSE (fmpeg and vlc), Oracle (firefox, kernel, and nss), Red Hat (firefox and nss), Slackware (mozilla), and SUSE (firefox).

[$] The NumWorks graphing calculator

Post Syndicated from jake original https://lwn.net/Articles/734766/rss

As the Internet of Things (IoT) becomes
ever more populous, there is no shortage of people warning us that the
continual infusion into our lives of hard-to-patch
proprietary devices running hard-to-maintain proprietary code is a bit
of a problem. It is an act of faith for some, myself included,
that open devices running free software (whether IoT devices or not) are
easier to
maintain than
proprietary, closed ones. So it’s always of interest when freedom (or
something close to it) makes
its way into a class of devices that were not previously so blessed.

Subscribers can click below for a look at the NumWorks graphing calculator
by guest author Tom Yates.