Show Notes: linuxactionnews.com/119

The post Linux Action News 119 first appeared on Jupiter Broadcasting.

This week we continue our two-part series on the activities of various BSD foundations. Ken Westerback joins us today to talk all about the OpenBSD foundation and what it is they do. We’ve also got answers to your emails and all the latest news, on BSD Now – the place to B.. SD.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

BSDCan 2015 schedule

• The list of presentations for the upcoming BSDCan conference has been posted, and the time schedule should be up shortly as well
• Just a reminder: it’s going to be held on June 12th and 13th at the University of Ottawa in Canada
• This year’s conference will have a massive fifty talks, split up between four tracks instead of three (but unfortunately a person can only be in one place at a time)
• Both Allan and Kris had at least one presentation accepted, and Allan will also be leading a few “birds of a feather” gatherings
• In total, there will be three NetBSD talks, five OpenBSD talks, eight BSD-neutral talks, thirty-five FreeBSD talks and no DragonFly talks
• That’s not the ideal balance we’d hope for, but BSDCan says they’ll try to improve that next year
• Those numbers are based on the speaker’s background, or any past presentations, for the few whose actual topic wasn’t made obvious from the title (so there may be a small margin of error)
• Michael Lucas (who’s on the BSDCan board) wrote up a blog post about the proposals and rejections this year
• If you can’t make it this year, don’t worry, we’ll be sure to announce the recordings when they’re made available
• We also interviewed Dan Langille about the conference and what to expect this year, so check that out too

SSL interception with relayd

• There was a lot of commotion recently about superfish, a way that Lenovo was intercepting HTTPS traffic and injecting advertisements
• If you’re running relayd, you can mimic this evil setup on your own networks (just for testing of course…)
• Reyk Floeter, the guy who wrote relayd, came up a blog post about how to do just that
• It starts off with some backstory and some of the things relayd is capable of
• relayd can run as an SSL server to terminate SSL connections and forward them as plain TCP and, conversely, run as an SSL client to terminal plain TCP connections and tunnel them through SSL
• When you combine these two, you end up with possibilities to filter between SSL connections, effectively creating a MITM scenario
• The post is very long, with lots of details and some sample config files – the whole nine yards

OPNsense 15.1.6.1 released

• The OPNsense team has released yet another version in rapid succession, but this one has some big changes
• It’s now based on FreeBSD 10.1, with all the latest security patches and driver updates (as well as some in-house patches)
• This version also features a new tool for easily upgrading between versions, simply called “opnsense-update” (similar to freebsd-update)
• It also includes security fixes for BIND and PHP, as well as some other assorted bug fixes
• The installation images have been laid out in a clean way: standard CD and USB images that default to VGA, as well as USB images that default to a console output (for things like Soekris and PCEngines APU boards that only have serial ports)
• With the news of m0n0wall shutting down last week, they’ve also released bare minimum hardware specifications required to run OPNsense on embedded devices
• Encouraged by last week’s mention of PCBSD trying to cut ties with OpenSSL, OPNsense is also now providing experimental images built against LibreSSL for testing (and have instructions on how to switch over without reinstalling)

OpenBSD on a Minnowboard Max

• What would our show be without at least one story about someone installing BSD on a weird device
• For once, it’s actually not NetBSD…
• This article is about the minnowboard max, a very small X86-based motherboard that looks vaguely similar to a Raspberry Pi
• It’s using an Atom CPU instead of ARM, so overall application compatibility should be a bit better (and it even has AES-NI, so crypto performance will be much better than a normal Atom)
• The author describes his entirely solid-state setup, noting that there’s virtually no noise, no concern about hard drives dying and very reasonable power usage
• You’ll find instructions on how to get OpenBSD installed and going throughout the rest of the article
• Have a look at the spec sheet if you’re interested, they make for cool little BSD boxes

Netmap for 40gbit NICs in FreeBSD

• Luigi Rizzo posted an announcement to the -current mailing list, detailing some of the work he’s just committed
• The ixl(4) driver, that’s one for the X1710 40-gigabit card, now has netmap support
• It’s currently in 11-CURRENT, but he says it works in 10-STABLE and will be committed there too
• This should make for some serious packet-pushing power
• If you have any network hardware like this, he would appreciate testing for the new code

Interview – Ken Westerback – directors@openbsdfoundation.org

The OpenBSD foundation‘s activities

News Roundup

s2k15 hackathon report: dhclient/dhcpd/fdisk

• The second trip report from the recent OpenBSD hackathon has been published, from the very same guy we just talked to
• Ken was also busy, getting a few networking-related things fixed and improved in the base system
• He wrote a few new small additions for dhclient and beefed up the privsep security, as well as some fixes for tcpdump and dhcpd
• The fdisk tool also got worked on a bit, enabling OpenBSD to properly wipe GPT tables on a previously-formatted disk so you can do a normal install on it
• There’s apparently plans for “dhclientng” – presumably a big improvement (rewrite?) of dhclient

FreeBSD beginner video series

• A new series of videos has started on YouTube, aimed at helping total beginners learn about FreeBSD
• We usually assume that people who watch the show are already familiar with basic concepts, but they’d be a great introduction to any of your friends that are looking to get started with BSD and need a helping hand
• So far, he’s covered how to get FreeBSD, an introduction to installing in VirtualBox, a simple installation or a more in-depth manual installation, navigating the filesystem, basic ssh use, managing users and groups and finally some basic editing with vi and a few other topics
• Everyone’s gotta start somewhere and, with a little bit of initial direction, today’s newbies could be tomorrow’s developers
• It should be an ongoing series with more topics to come

NetBSD tests: zero unexpected failures

• The NetBSD guys have a new blog post up about their testing suite for all the CPU architectures
• They’ve finally gotten the number of “expected” failures down to zero on a few select architectures
• Results are published on a special release engineering page, so you can have a look if you’re interested
• The rest of the post links to the “top performers” (ones with less than ten failure) in the -current branch

PCBSD switches to IPFW

• The PCBSD crew continues their recent series of switching between major competing features
• This time, they’ve switched the default firewall away from PF to FreeBSD’s native IPFW firewall
• Look forward to Kris wearing a “keep calm and use IPFW” shir- wait

Feedback/Questions

• Sean writes in
• Dan writes in
• Florian writes in
• Sean writes in
• Chris writes in

Mailing List Gold

• VCS flamebait
• Hidden agenda

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Some extra emails would be great, since we’ll be recording two episodes next week
• Be sure to say hi if you’re at AsiaBSDCon in a couple weeks, maybe we could even interview some listeners too
• We talked to the NetBSD foundation back in episode 12 and DragonFlyBSD doesn’t have a foundation, so there won’t be an “official” third part in this series

The post From the Foundation (Part 2) | BSD Now 78 first appeared on Jupiter Broadcasting.

A back backdoor found in many common routers gets covered up instead of patched, and all it takes is a knock on the door to exploit it. We’ll share the details.

Plus cross VM attacks just got much easier, a great batch of your questions – our answers, and much much more!

On this week’s episode of TechSNAP!

Thanks to:

— Show Notes: —

Intentional backdoor in home routers, when reported vendor just attempts to hide it better

• Back around Christmas researchers found a backdoor in 24 different models of routers from Cisco, Linksys, Netgear and Diamond. The backdoor gave an attacker who knew about the flaw a full root shell on the router, and allowed them to dump the entire config, and make changes to the configuration
• This could allow an attacker to get inside your network by forwarding ports etc, but also conduct a Man-in-the-Middle attack by changing the DNS resolvers on your router to be malicious ones that would direct your traffic to the wrong location
• Shortly there after, Netgear released updated firmware from the vendor (sercomm)
• When the researchers dissected the firmware, they found that the backdoor was still there, but was only listening on a UNIX domain socket, inaccessible from the network
• However, they found that in specific circumstances, the backdoor will be reenabled
• If the router receives a specially crafted ethernet frame, it will reenable the backdoor via TCP
• They also found additional capabilities, including the ability to change query the router for its MAC access, change the LAN IP address, or cause different LED lights on the modem
• Since this requires a specially crafted ethernet frame, it can only be sent from 1 hop away
• This means that the backdoor can only be enabled from the local LAN or WLAN, or by the ISP
• A number of the features of this ‘backdoor’ would appear to be useful to an ISP, querying data from the routers and reprogramming them etc
• However the negative security aspects outweigh all of the gain
• Researcher PDF

Fine grain Cross-VM Attacks on Xen and VMware

• Researchers from Worcester Polytechnic Institute have published new research showing the cloud services may be vulnerable
• “we show that AES in a number popular cryptographic libraries including OpenSSL, PolarSSL and Libgcrypt are vulnerable to Bernstein’s correlation attack when run in Xen and VMware (bare metal version) VMs, the most popular VMs used by cloud service providers (CSP) such as Amazon and Rackspace. We also show that the vulnerability persists even if the VMs are placed on different cores in the same machine. The results of this study shows that there is a great security risk to AES and (data encrypted under AES) on popular cloud services.”
• Use a separate machine for each client, although this basically breaks the entire purpose of ‘the cloud’
• Using AES-NI mitigates the attack entirely, however many clouds still use older machines that do not support AES-NI
• Newer versions of the various libraries seem to mitigate the attack against the last round of crypto, but are still susceptible during the first round
• The researchers suggest using AES256 instead of AES128 because 256 uses 14 rounds to 128’s 10

Feedback:

• RE: Brett bare metal backup

• Question for System Network Administration Experts

• Forking OpenSSL is bad

• Tricky home printing scenario

• Follow Up: Arch ZFS readonly issue // Slexy 2.0

Round Up:

• Chrome Extension Stealing Bitcoins
• Mozilla offers $10,000 bounty for bugs to incentivize auditing of the new certificate verification library before it ships with a future version of Firefox
• Tech Titans Launch \’Core Infrastructure Initiative\’ to Secure Key Open Source Components
• Cisco proposed RFC 3924 – Architecture for Lawful Intercept in IP Networks
  
• Google Offered to Help Samsung in its Patent Battles with Apple
• The design flaw that almost wiped out an NYC skyscaper – a lesson in responsible engineering
• F.C.C., in a Shift, Backs Fast Lanes for Web Traffic
• Vulnerability in Netsupport Manager could allow attackers to steal data
• Verizon’s Data Breach Investigations Report reveals that the most common cause of data breaches is weak credentials
• DDoS attacks increasingly being used to cover up or distract from theft and fraud

The post Intentional Backdoor | TechSNAP 159 first appeared on Jupiter Broadcasting.