Thursday, June 29, 2017

opmsg saving you from OpenSSH 0days

As I am interested in Crypto and its implementation,
being it my own projects or competing ones, I often take a deep
look into the OpenSSL and LibreSSL projects to estimate
what can potentially go wrong and where special care
must be taken while swimming with sharks.

I have already written and complained here in past about the
shiny OpenSSL 1.1 API changes. I think its safe to say that opmsg
and drops have been the first larger projects being neatly
ported to the 1.1 API, while still being aligned to older
OpenSSL installations and LibreSSL, cross platform of course.
How many projects do you know - and heavily use libcryto
or libssl - can do that?

OpenSSH for example can't. OpenSSH-portable on Linux suffered
similar hard times due to the new 1.1 API. No pain, no gain.
While OpenSSH upstream declined to make
OpenSSH-portable ready for the 1.1 API (at least yet),
there was still demand for it, since lots of newer distros
were simply not able to build their openssh packages with their
own shipped libcrypto packages. Thats why the Fedora project
adopted patches (this one is already fixed after my report).
However they introduced some double-free conditions by
means of RSA_set0_key() and similar functions. You can read
my report and see in the patch how the order of function
calls has been changed to fix the double-frees.

You can thank me later that I saved your Fedora boxes
from an ssh 0day.

Friday, June 16, 2017

dropsview ncurses trickery

If you were ever curious about what a GUI frontend designed
by me would look like, here you go.

Hand crafted without any GUI builder but with much love
and ergonomics and minimal dependencies. It allows you
to manage your personas and op messages easily and to
send instant messages to your peers without the command
line hassle. And most importantly: without anyone watching
and processing even the meta data.

If you have a static IPv4 (or v6), consider running a
drops node. Its small footprint and you don't necessarily
need to participate in messaging. You can just run it in 
background as a message hub.