1
00:00:00,090 --> 00:00:13,750
<i>33C3 preroll music</i>

2
00:00:13,750 --> 00:00:16,299
basically textbooks have been written

3
00:00:16,299 --> 00:00:19,718
about it countless talks have been

4
00:00:19,718 --> 00:00:22,480
have been Illuminating all of the errors

5
00:00:22,480 --> 00:00:26,690
of our ways and still all those sucky

6
00:00:26,690 --> 00:00:30,400
software is out there but

7
00:00:30,400 --> 00:00:33,130
Fefe over here the hero of our show

8
00:00:33,130 --> 00:00:36,700
has put out has put all of these best

9
00:00:36,700 --> 00:00:39,990
practices into you know into his work to

10
00:00:39,990 --> 00:00:43,480
try to create a secure website he's

11
00:00:43,480 --> 00:00:46,859
going to show us how it's done so that

12
00:00:46,859 --> 00:00:52,489
we can all sleep way better at night and

13
00:00:52,489 --> 00:00:55,189
with that template go back and

14
00:00:55,189 --> 00:00:57,303
and secure our own software and so with

15
00:00:57,303 --> 00:00:59,540
that I'm going to hand it right over to

16
00:00:59,540 --> 00:01:01,930
Fefe give him a round of applause

17
00:01:01,930 --> 00:01:12,406
<i>applause</i>

18
00:01:13,371 --> 00:01:15,153
thank you I have to start

19
00:01:15,153 --> 00:01:17,580
with an apology because I did submit

20
00:01:17,580 --> 00:01:19,840
this talk but it was rejected so the

21
00:01:19,840 --> 00:01:21,880
slides are not at the stage where they

22
00:01:21,880 --> 00:01:24,320
should be these are our slides for a

23
00:01:24,320 --> 00:01:26,359
previous version of the talk it contains

24
00:01:26,359 --> 00:01:28,179
all the material and I tried to update

25
00:01:28,179 --> 00:01:30,231
it more but that destroyed the flow so

26
00:01:30,231 --> 00:01:33,334
we we're stuck with it basically the

27
00:01:33,084 --> 00:01:35,720
difference was the the audience so while

28
00:01:35,720 --> 00:01:37,580
I expect more developers here the other

29
00:01:37,580 --> 00:01:39,259
audience was more and hackers and

30
00:01:39,259 --> 00:01:42,640
business people so I try to get them

31
00:01:42,640 --> 00:01:45,800
from where they are and the main question

32
00:01:45,800 --> 00:01:48,382
usually is "are we there yet?" right

33
00:01:48,382 --> 00:01:50,842
so about me you probably

34
00:01:50,842 --> 00:01:52,960
seen this before I'm a code auditor by

35
00:01:52,960 --> 00:01:55,479
trade I have a small company and

36
00:01:55,229 --> 00:01:57,230
companies show us their code and I show

37
00:01:57,230 --> 00:02:00,190
them bugs I find in them quite easy

38
00:02:01,911 --> 00:02:04,000
but before we start I have a small

39
00:02:04,000 --> 00:02:06,500
celebration to do this actually happened

40
00:02:06,500 --> 00:02:09,230
just a day before the first time I

41
00:02:09,230 --> 00:02:11,680
talked about this so Kaspersky

42
00:02:11,680 --> 00:02:15,440
message they found some malware introduced

43
00:02:15,440 --> 00:02:16,540
tied to libc

44
00:02:16,540 --> 00:02:18,340
which I have written so this is

45
00:02:18,340 --> 00:02:19,270
like a

46
00:02:19,270 --> 00:02:26,430
<i>applause</i>

47
00:02:27,257 --> 00:02:28,999
some of the malware people

48
00:02:28,999 --> 00:02:31,020
know what's good

49
00:02:31,020 --> 00:02:33,430
so basically the main question when I

50
00:02:33,430 --> 00:02:35,769
talk to customers is we spend so much

51
00:02:35,769 --> 00:02:38,860
money on this why isn't it working

52
00:02:38,860 --> 00:02:42,399
and the answer is you're doing it wrong

53
00:02:42,399 --> 00:02:46,420
so I will try to show now what exactly
is wrong

54
00:02:46,420 --> 00:02:49,830
and there's a small preface here people

55
00:02:49,830 --> 00:02:51,730
usually say there's no time to do this

56
00:02:51,730 --> 00:02:54,230
right and that's just wrong you have

57
00:02:54,230 --> 00:02:56,580
exactly as much time per day as other

58
00:02:56,580 --> 00:02:58,640
people who did great things so you can

59
00:02:58,640 --> 00:03:01,780
do great things too you just need to do it

60
00:03:02,620 --> 00:03:05,420
so let's play a little warm-up game

61
00:03:05,420 --> 00:03:07,050
it's called how it started and how

62
00:03:07,050 --> 00:03:09,570
it's going so let's have a demo round

63
00:03:09,570 --> 00:03:11,420
IBM Watson is revolutionizing

64
00:03:11,420 --> 00:03:14,839
10 Industries and it's going like this

65
00:03:14,839 --> 00:03:17,219
whatever happened to IBM Watson that's a

66
00:03:17,219 --> 00:03:19,629
typical pattern in the security industry

67
00:03:19,629 --> 00:03:23,150
right so here's another one how it started

68
00:03:23,150 --> 00:03:25,480
revolutionize security with AI

69
00:03:25,480 --> 00:03:27,261
right we all know where this is going

70
00:03:27,261 --> 00:03:28,461
<i>laugther</i>

71
00:03:28,461 --> 00:03:31,230
right so that's the pattern

72
00:03:31,230 --> 00:03:33,640
let's play IT security mine sweeper

73
00:03:33,390 --> 00:03:35,256
right so everybody here probably

74
00:03:35,256 --> 00:03:37,349
knows who Gartner is they publish

75
00:03:37,349 --> 00:03:39,379
recommendations and they even have a

76
00:03:39,379 --> 00:03:41,249
voting section where people can say

77
00:03:41,249 --> 00:03:43,159
this is the best product in this section

78
00:03:42,909 --> 00:03:45,248
right so let's look at a few of them and

79
00:03:45,248 --> 00:03:48,040
see what happened to people who trusted
Gartner

80
00:03:48,040 --> 00:03:51,020
first is a firewall right so how

81
00:03:51,020 --> 00:03:54,247
it started the number one recommendation

82
00:03:54,247 --> 00:03:57,175
is for Fortinet and they have a lot of

83
00:03:57,175 --> 00:03:59,425
marketing <i>gibberish</i>

84
00:03:59,425 --> 00:04:01,229
<i>laughter</i>

85
00:04:01,229 --> 00:04:03,159
and if you look how it's going it's not

86
00:04:03,159 --> 00:04:05,300
going so good

87
00:04:05,850 --> 00:04:08,090
so let's extend the pattern a bit

88
00:04:08,090 --> 00:04:10,420
why what happened to me in this regard

89
00:04:10,420 --> 00:04:11,750
so I don't need a firewall

90
00:04:11,750 --> 00:04:14,270
I don't have any ports open that I need
blocking right

91
00:04:14,270 --> 00:04:16,120
so you don't need this

92
00:04:16,120 --> 00:04:18,559
strictly speaking you don't need it

93
00:04:18,559 --> 00:04:20,479
next discipline endpoint protection

94
00:04:20,479 --> 00:04:24,519
so it started with Trellix this is the

95
00:04:24,519 --> 00:04:26,773
number one recommendation on Gartner

96
00:04:26,773 --> 00:04:28,769
I hadn't heard of them there like can make

97
00:04:28,769 --> 00:04:30,429
a feed joint venture or something

98
00:04:30,429 --> 00:04:31,434
who cares

99
00:04:31,434 --> 00:04:34,543
they also have great marketing <i>gibberish</i>

100
00:04:34,543 --> 00:04:36,304
and then if you look at what happened

101
00:04:36,304 --> 00:04:39,214
it's like they made it worse

102
00:04:39,214 --> 00:04:42,955
okay so this didn't apply to me

103
00:04:42,955 --> 00:04:45,305
either because I don't use snake oil

104
00:04:45,305 --> 00:04:47,295
let's see the third one password manager

105
00:04:47,295 --> 00:04:48,530
also very popular

106
00:04:49,730 --> 00:04:52,320
how it started recommended LastPass

107
00:04:52,320 --> 00:04:54,250
you probably know where this is going

108
00:04:54,250 --> 00:04:55,747
<i>laugther</i>

109
00:04:57,129 --> 00:04:59,710
yeah they got owned and then

110
00:04:59,710 --> 00:05:00,892
people got owned

111
00:05:02,502 --> 00:05:05,241
so you may notice a pattern here

112
00:05:05,436 --> 00:05:06,916
this didn't apply to me because

113
00:05:06,916 --> 00:05:08,916
I deserve a password authentication use

114
00:05:08,916 --> 00:05:10,810
public key which has been available for

115
00:05:10,810 --> 00:05:14,150
decades right so small bonus

116
00:05:14,150 --> 00:05:17,109
the last one 2FA

117
00:05:17,609 --> 00:05:19,789
Gartner recommends Duo which has

118
00:05:19,789 --> 00:05:22,039
been bought by Cisco but doesn't matter

119
00:05:23,589 --> 00:05:25,414
so if you look at what Duo does

120
00:05:25,414 --> 00:05:27,378
your server asks the cloud for

121
00:05:27,378 --> 00:05:29,877
permission the cloud goes to the telephone

122
00:05:29,877 --> 00:05:33,590
telephone shows a popup you click yes

123
00:05:31,590 --> 00:05:35,100
and then the cloud tells the server it's

124
00:05:35,100 --> 00:05:37,470
okay you can let them in if you look

125
00:05:37,470 --> 00:05:39,360
really closely you can notice the cloud

126
00:05:39,360 --> 00:05:41,520
doesn't have to do the popup it can just

127
00:05:41,520 --> 00:05:43,871
say sure so this comes pre-owned

128
00:05:43,871 --> 00:05:45,952
there is no need to hack anything here

129
00:05:45,952 --> 00:05:47,452
<i>laugther</i>

130
00:05:47,452 --> 00:05:48,980
and something many people don't

131
00:05:48,980 --> 00:05:50,596
realize you don't need two factor

132
00:05:50,596 --> 00:05:53,410
if you have public key that's already the
second factor

133
00:05:53,944 --> 00:05:55,109
Okay, so

134
00:05:55,789 --> 00:05:57,808
yeah let's skip over this briefly

135
00:05:57,808 --> 00:06:00,318
Splunk is the the recommend option here

136
00:06:00,318 --> 00:06:02,038
and they make the organization

137
00:06:02,038 --> 00:06:04,438
more resilient unless you install it

138
00:06:04,438 --> 00:06:07,279
<i>laughter</i>

139
00:06:07,279 --> 00:06:15,543
<i>applause</i>

140
00:06:15,543 --> 00:06:17,812
okay so this one is dear to my heart

141
00:06:17,812 --> 00:06:20,713
because people start arguing about

142
00:06:20,713 --> 00:06:22,453
whether to install patches and

143
00:06:22,453 --> 00:06:25,093
which patch to install first and it used

144
00:06:25,093 --> 00:06:27,683
to be simple you look for problems

145
00:06:27,683 --> 00:06:29,443
then you install the patches and then

146
00:06:29,443 --> 00:06:31,533
it got a bit more complicated and

147
00:06:31,533 --> 00:06:33,423
the result is this right

148
00:06:33,423 --> 00:06:36,173
that's a famous podcast in Germany

149
00:06:36,173 --> 00:06:38,693
it's about municipality who got owned

150
00:06:38,693 --> 00:06:41,673
by ransomware and then had to call the

151
00:06:41,673 --> 00:06:42,943
army for help

152
00:06:42,943 --> 00:06:44,460
<i>inaudible chatter in crowd</i>

153
00:06:44,460 --> 00:06:46,510
and what you should do I'm having

154
00:06:46,510 --> 00:06:48,470
this for completeness install all patches

155
00:06:48,470 --> 00:06:50,430
immediately but that's a separate talk

156
00:06:50,430 --> 00:06:52,705
right so you may notice a pattern here

157
00:06:52,705 --> 00:06:54,450
the IT security industry

158
00:06:54,450 --> 00:06:55,630
recommends something and

159
00:06:55,630 --> 00:06:58,274
if you do it you're [ __ ] so don't do it

160
00:06:58,274 --> 00:07:01,000
in case you can't read this says snake

161
00:07:01,000 --> 00:07:03,460
repellent granules and then there's a

162
00:07:03,460 --> 00:07:05,060
snake sleeping next to it

163
00:07:05,060 --> 00:07:06,111
<i>laugther</i>

164
00:07:06,111 --> 00:07:07,390
<i>coughing</i>

165
00:07:07,921 --> 00:07:10,670
right so if we can't trust the

166
00:07:10,670 --> 00:07:12,911
recommendations of the industry what
shall we do

167
00:07:13,449 --> 00:07:15,049
and so I had a lot of

168
00:07:15,049 --> 00:07:16,929
time on my hands because I didn't have

169
00:07:16,929 --> 00:07:19,510
to clean up after crappy IT security

170
00:07:19,510 --> 00:07:21,570
industry recommendations so what

171
00:07:21,570 --> 00:07:23,770
what did I do with my time

172
00:07:24,210 --> 00:07:26,630
and I decided I need a Blog

173
00:07:26,630 --> 00:07:30,440
some time ago now and I started

174
00:07:30,440 --> 00:07:32,660
thinking what do I need and it's

175
00:07:32,660 --> 00:07:34,570
actually not that much I could have just

176
00:07:34,570 --> 00:07:37,590
shown basically static content a little

177
00:07:37,590 --> 00:07:39,727
search function would be good but it's

178
00:07:39,727 --> 00:07:42,530
optional um I didn't need comments for

179
00:07:42,530 --> 00:07:44,920
legal reasons because people start

180
00:07:44,920 --> 00:07:48,390
posting like links to maware or

181
00:07:48,390 --> 00:07:50,230
whatever I don't want that I don't

182
00:07:50,230 --> 00:07:52,162
need that right so the first version was

183
00:07:52,162 --> 00:07:53,950
actually really easy it was a small

184
00:07:53,950 --> 00:07:56,141
standard web server and I had the

185
00:07:56,141 --> 00:07:58,219
blog entries a static HTML files

186
00:07:58,219 --> 00:08:00,199
one file per month it was actually really

187
00:08:00,199 --> 00:08:02,090
easy if you want to search you just can

188
00:08:02,090 --> 00:08:04,870
ask Google and limit it to my site so

189
00:08:04,870 --> 00:08:07,229
posting was also easy had a little

190
00:08:07,229 --> 00:08:09,699
script that I could run on the server

191
00:08:09,699 --> 00:08:12,924
and I just SSH in and SSH I trust for

192
00:08:12,924 --> 00:08:14,824
authentication so there's no new attack

193
00:08:14,824 --> 00:08:17,445
surface I have that anyway and this is a

194
00:08:17,445 --> 00:08:20,074
great design it's secure it's simple

195
00:08:20,074 --> 00:08:22,190
there's low risk it's also high

196
00:08:22,190 --> 00:08:24,779
performance but you couldn't do a talk

197
00:08:24,779 --> 00:08:27,270
about it at the CCC right so

198
00:08:27,270 --> 00:08:30,130
it's too boring so I started to introduce

199
00:08:30,130 --> 00:08:31,200
risk in my setup

200
00:08:31,200 --> 00:08:33,640
*laughter

201
00:08:34,400 --> 00:08:36,410
so the first idea was I had

202
00:08:36,410 --> 00:08:38,280
written a small web server I could just

203
00:08:38,280 --> 00:08:40,360
implement the blog in the web server

204
00:08:40,360 --> 00:08:43,384
because you know it's my code anyway

205
00:08:43,384 --> 00:08:46,796
but that has downsides if the the blog

206
00:08:46,796 --> 00:08:48,935
is running in the web server then it can

207
00:08:48,935 --> 00:08:50,846
access all the memory of the web server

208
00:08:50,846 --> 00:08:52,776
in particular it can see the TLS private

209
00:08:52,776 --> 00:08:55,166
key and that I don't want people to

210
00:08:55,166 --> 00:08:57,856
extract right so it can't be a module

211
00:08:57,856 --> 00:09:00,056
in the web server

212
00:09:00,480 --> 00:09:03,030
and the the obvious solution is

213
00:09:03,030 --> 00:09:05,510
it has to run in a different user ID on

214
00:09:05,510 --> 00:09:08,090
on Linux I'm using Linux or but any

215
00:09:08,090 --> 00:09:09,810
Unix or Windows would be the same

216
00:09:09,810 --> 00:09:11,860
basically it runs in a different user ID

217
00:09:11,860 --> 00:09:13,940
and then if you if you take over the

218
00:09:13,940 --> 00:09:15,989
process of the blog because there's some

219
00:09:15,989 --> 00:09:18,680
bug in it you couldn't access the TLS

220
00:09:18,680 --> 00:09:21,770
key and while I did that the industry

221
00:09:21,770 --> 00:09:23,049
was doing this

222
00:09:23,049 --> 00:09:23,759
<i>chatter</i>

223
00:09:23,759 --> 00:09:25,429
that's like the running gag of this

224
00:09:25,429 --> 00:09:27,520
talk I show all kinds of interesting

225
00:09:27,520 --> 00:09:29,280
things the industry did and then show

226
00:09:29,280 --> 00:09:31,209
what I did in that time right so

227
00:09:31,939 --> 00:09:32,828
next question

228
00:09:32,828 --> 00:09:34,749
where's the content I could just have

229
00:09:34,749 --> 00:09:37,418
files on disk like static HTML as before

230
00:09:37,418 --> 00:09:39,819
but I think that's not professional enough

231
00:09:39,569 --> 00:09:41,829
right so for a good CCC talk you

232
00:09:41,829 --> 00:09:44,059
need to be more professional

233
00:09:44,059 --> 00:09:45,260
also for a different

234
00:09:45,260 --> 00:09:47,488
project I had just written an LDAP server

235
00:09:47,488 --> 00:09:50,543
so I decided to reuse it and

236
00:09:50,543 --> 00:09:52,400
while I did that the industry did this

237
00:09:52,400 --> 00:09:54,080
I took this photo at the airport of

238
00:09:53,830 --> 00:09:55,731
Jerusalem so this is an actual ad it's

239
00:09:55,731 --> 00:09:57,210
not photoshopped right it's for

240
00:09:57,210 --> 00:09:59,040
Northrop Grumman which is a

241
00:09:59,040 --> 00:10:02,760
military contractor and it's about full

242
00:10:02,760 --> 00:10:05,700
spectrum cyber across all domains

243
00:10:05,700 --> 00:10:06,933
<i>chatter</i>

244
00:10:06,933 --> 00:10:09,770
so why would I write my own LDAP server

245
00:10:09,770 --> 00:10:11,870
mostly because it's small and

246
00:10:11,870 --> 00:10:14,650
because I'm an auditor by trade I know

247
00:10:14,650 --> 00:10:17,630
that if you want a chance to actually

248
00:10:17,630 --> 00:10:19,570
audit the code it needs to be small

249
00:10:19,570 --> 00:10:22,039
because that's a limited resource

250
00:10:22,039 --> 00:10:24,110
the time you can spend on auditing code

251
00:10:24,110 --> 00:10:27,419
right so Postgres is a common SQL

252
00:10:27,419 --> 00:10:30,122
database slapped in the the open LDAP

253
00:10:30,122 --> 00:10:32,621
implementation of the server and tinyldap

254
00:10:32,621 --> 00:10:35,112
is mine and you see it's much slower

255
00:10:35,112 --> 00:10:36,630
and much smaller

256
00:10:38,750 --> 00:10:40,609
yeah so there was more to this

257
00:10:40,609 --> 00:10:43,760
ad campaign I collected a few funny images

258
00:10:45,080 --> 00:10:48,959
right so um if someone manages to

259
00:10:48,709 --> 00:10:52,069
hack the blog CGI or whatever module

260
00:10:52,069 --> 00:10:54,779
I use to to have connect the blog to the

261
00:10:54,779 --> 00:10:57,399
web server they can open any file that

262
00:10:57,399 --> 00:11:00,280
the blog can read right the UID can read

263
00:11:00,280 --> 00:11:02,820
so I should probably do something

264
00:11:02,820 --> 00:11:05,510
about that that was the next step and

265
00:11:05,510 --> 00:11:07,690
the industry was starting to think about

266
00:11:07,690 --> 00:11:09,180
vulnerability management

267
00:11:11,070 --> 00:11:13,360
so there is a mechanism on Unix

268
00:11:13,360 --> 00:11:15,450
on Linux I did a separate talk about that

269
00:11:15,450 --> 00:11:16,630
on the last Congress

270
00:11:16,630 --> 00:11:19,132
it's called seccomp and seccomp it's like

271
00:11:19,132 --> 00:11:21,371
a firewall for sys calls so I can use

272
00:11:21,371 --> 00:11:24,372
seccomp to block open the open sys which

273
00:11:24,372 --> 00:11:26,812
is used to open files but if I have

274
00:11:26,812 --> 00:11:29,092
to use open myself

275
00:11:29,092 --> 00:11:31,722
then I can't block it right so what

276
00:11:31,722 --> 00:11:33,452
to do about that for example my blog

277
00:11:33,452 --> 00:11:35,672
calls local time which converts Unix's

278
00:11:35,672 --> 00:11:38,092
time into the local time zone and for

279
00:11:38,092 --> 00:11:40,372
that it opens a file containing the

280
00:11:40,372 --> 00:11:43,826
description of the system time zone

281
00:11:43,826 --> 00:11:46,646
and that calls open right so if

282
00:11:46,646 --> 00:11:49,332
I just disabled the open system call from

283
00:11:49,332 --> 00:11:51,057
my blog then it couldn't do the time

284
00:11:51,057 --> 00:11:54,356
translation and this is actually

285
00:11:54,356 --> 00:11:57,506
an old problem that also applies to set

286
00:11:57,506 --> 00:12:00,108
ID programs and has has applied to them

287
00:12:00,108 --> 00:12:03,027
for decades so what you can do is you

288
00:12:03,027 --> 00:12:05,818
can reorganize your code so before you

289
00:12:05,818 --> 00:12:08,478
block or before you drop privileges

290
00:12:08,478 --> 00:12:11,356
generally speaking you do the open

291
00:12:11,356 --> 00:12:14,158
calls in this in this example and

292
00:12:14,158 --> 00:12:16,597
then you disable open and then you look

293
00:12:16,597 --> 00:12:18,970
at the the data provided by the attacker

294
00:12:18,970 --> 00:12:21,079
because if the attacker or any untrusted

295
00:12:21,079 --> 00:12:23,590
source is trying to hack you it is via

296
00:12:23,590 --> 00:12:25,704
data it gives you right it's

297
00:12:25,704 --> 00:12:27,884
the environment is compromised so you look

298
00:12:27,884 --> 00:12:29,844
at what kind of uh elements in the

299
00:12:29,844 --> 00:12:31,764
environment are attacker supplied and

300
00:12:31,764 --> 00:12:33,804
before you look at a single byte in them

301
00:12:33,804 --> 00:12:35,924
you do all the dangerous stuff if you can

302
00:12:35,924 --> 00:12:38,203
right so in this case I call local

303
00:12:38,203 --> 00:12:42,213
time once before I drop the open sys call

304
00:12:42,213 --> 00:12:44,904
and then my libc will cache the

305
00:12:44,904 --> 00:12:47,938
time zone data and the next time I call it

306
00:12:47,938 --> 00:12:49,868
after I have looked at the attacker

307
00:12:49,868 --> 00:12:51,877
supplied code there is no need to call

308
00:12:51,877 --> 00:12:53,988
open right so that's a major advantage

309
00:12:53,988 --> 00:12:57,488
of Secom over similar Technologies like

310
00:12:57,488 --> 00:13:03,200
SELinux where all the prohibitions

311
00:13:03,200 --> 00:13:04,450
on sys calls are

312
00:13:04,450 --> 00:13:06,850
applied to the whole process so there is

313
00:13:06,850 --> 00:13:08,656
this is an example and you should make

314
00:13:08,656 --> 00:13:10,249
use of it you should look at your

315
00:13:10,249 --> 00:13:12,120
process and you can see if you have the

316
00:13:12,120 --> 00:13:13,944
source code at least you can see which

317
00:13:13,944 --> 00:13:16,249
parts do I need to do before I can drop

318
00:13:16,249 --> 00:13:18,689
privileges and you move them up right so

319
00:13:18,689 --> 00:13:19,849
that's what I did

320
00:13:22,120 --> 00:13:24,669
this is actually a mockup from

321
00:13:24,669 --> 00:13:27,450
the Estonian cyber security center

322
00:13:28,760 --> 00:13:29,962
so this is real

323
00:13:30,952 --> 00:13:31,952
okay so

324
00:13:31,952 --> 00:13:34,959
next thought so let's

325
00:13:34,959 --> 00:13:38,129
say someone hacks the blog module and

326
00:13:38,129 --> 00:13:40,400
someone else uses the same module but

327
00:13:40,400 --> 00:13:43,141
supplies a password right

328
00:13:43,141 --> 00:13:44,955
this is a common problem in website

329
00:13:44,955 --> 00:13:46,845
in websites there's some kind of login

330
00:13:46,845 --> 00:13:48,704
something you get maybe a session token

331
00:13:48,704 --> 00:13:51,514
or whatever and if someone manages to

332
00:13:51,514 --> 00:13:54,024
take over the middleware

333
00:13:54,024 --> 00:13:55,574
or like the server component

334
00:13:55,584 --> 00:13:58,891
they can see all other connections too

335
00:13:58,891 --> 00:14:00,420
if they are handled by the same

336
00:14:00,420 --> 00:14:03,460
process right that's a major problem

337
00:14:03,460 --> 00:14:06,340
and you can do something about it

338
00:14:06,340 --> 00:14:08,312
so that's the good news here

339
00:14:09,682 --> 00:14:13,019
and in my example it led to me using CGI

340
00:14:13,019 --> 00:14:15,599
instead of fast CGI which is fast CGI

341
00:14:15,599 --> 00:14:17,953
is a newer version of CGI

342
00:14:17,953 --> 00:14:20,910
and the idea with fast CGI is that you

343
00:14:20,910 --> 00:14:24,189
don't spawn a new process for every

344
00:14:24,189 --> 00:14:26,877
request but you have like a Unix domain

345
00:14:26,877 --> 00:14:29,890
socket or another socket to a fast CGI

346
00:14:29,890 --> 00:14:32,180
process and that opens maybe a threat

347
00:14:32,180 --> 00:14:35,550
per request or something but usually

348
00:14:35,550 --> 00:14:37,450
in fast CGI you try to handle the

349
00:14:37,450 --> 00:14:39,440
requests in the same process and then

350
00:14:39,440 --> 00:14:41,590
you can use that process to cach data so

351
00:14:41,590 --> 00:14:45,140
there's a perf advantage to using fast CGI

352
00:14:45,140 --> 00:14:47,300
but for security reasons I don't

353
00:14:47,300 --> 00:14:50,220
I don't use fast CGI so I can't do

354
00:14:50,220 --> 00:14:52,700
caching right so that's a major downside

355
00:14:52,700 --> 00:14:54,450
and you would expect the block to be

356
00:14:54,450 --> 00:14:56,790
really really slow in the end so

357
00:14:56,790 --> 00:14:59,139
first thing I need to use CGI instead of

358
00:14:59,139 --> 00:15:01,949
fast CGI and secondly you could still

359
00:15:01,949 --> 00:15:05,159
use debug APIs so if you use GDB or

360
00:15:05,159 --> 00:15:07,700
another debugger to to look at another

361
00:15:07,700 --> 00:15:10,199
process they use an API called ptrace

362
00:15:10,199 --> 00:15:12,860
but that's a sys call so I can use seccomp

363
00:15:12,860 --> 00:15:16,394
to disallow ptrace if I do those two

364
00:15:16,394 --> 00:15:20,299
and the attacker takes over a blog process

365
00:15:20,299 --> 00:15:22,529
all they can see is the data they supply

366
00:15:22,529 --> 00:15:26,840
themselves right that's a major advantage

367
00:15:27,879 --> 00:15:30,079
Okay so ENISA is actually an EU agency

368
00:15:30,079 --> 00:15:31,569
which I find really disturbing

369
00:15:31,569 --> 00:15:33,480
because they're burning lots of taxpayer

370
00:15:33,480 --> 00:15:38,302
money anyway so let's assume the attacker

371
00:15:38,302 --> 00:15:41,013
can hack my blog they can sill circumvent

372
00:15:41,013 --> 00:15:43,333
any access control I do in the blog

373
00:15:43,333 --> 00:15:46,302
so for example if I have an admin site

374
00:15:46,302 --> 00:15:49,453
or some login site part of the webiste

375
00:15:49,453 --> 00:15:52,128
and it's handled through the same program

376
00:15:52,128 --> 00:15:55,069
and the access control is done in the blog

377
00:15:55,069 --> 00:15:56,939
CGI and someone manages

378
00:15:56,939 --> 00:15:59,190
to hack my blog CGI they could

379
00:15:59,190 --> 00:16:03,280
just skip that so it's really hard

380
00:16:03,280 --> 00:16:05,640
to do access restrictions that can be

381
00:16:05,640 --> 00:16:07,817
circumvented if you do them in your own

382
00:16:07,817 --> 00:16:09,972
code so the solution is not do it in

383
00:16:09,972 --> 00:16:13,421
your own code I don't do any access

384
00:16:13,421 --> 00:16:15,702
restriction in the blog I do it in the

385
00:16:15,702 --> 00:16:18,431
LDAP server so if you connect to my blog

386
00:16:18,431 --> 00:16:20,525
and supply a password then the blog

387
00:16:20,525 --> 00:16:22,000
doesn't know if the password is

388
00:16:22,000 --> 00:16:24,400
right or not there's an for example

389
00:16:24,400 --> 00:16:26,216
there's an interface where you can add

390
00:16:26,216 --> 00:16:28,130
new block entries or you can edit an old

391
00:16:28,130 --> 00:16:29,739
one and for you need to supply

392
00:16:29,739 --> 00:16:31,740
credentials but the block CGI doesn't know

393
00:16:31,740 --> 00:16:33,404
if they are right or not it opens

394
00:16:33,404 --> 00:16:35,264
the connections to the LDAP server with

395
00:16:35,264 --> 00:16:37,344
that credential and then the LDAP server

396
00:16:37,344 --> 00:16:40,853
says yes or no so since we removed

397
00:16:40,853 --> 00:16:44,434
access to the ptraces calls and the

398
00:16:44,434 --> 00:16:46,613
processes are isolated from each other

399
00:16:46,613 --> 00:16:48,234
that means there is nothing to

400
00:16:48,234 --> 00:16:50,394
circumvent here so if someone hacks my

401
00:16:50,394 --> 00:16:52,733
blog the only advantage they get is

402
00:16:52,733 --> 00:16:54,769
they can do the exact same stuff they

403
00:16:54,769 --> 00:16:56,628
could do before basically they can just

404
00:16:56,628 --> 00:16:58,038
talk to the LDAP server

405
00:16:59,628 --> 00:17:01,229
okay so I'm starting to get into

406
00:17:01,229 --> 00:17:04,243
James Bond territory here right

407
00:17:04,243 --> 00:17:05,874
with the attacks they getting more

408
00:17:05,874 --> 00:17:08,884
convoluted right so the industry started

409
00:17:08,884 --> 00:17:10,653
doing threat intelligence feeds which

410
00:17:10,653 --> 00:17:12,634
are useless don't spend money on those

411
00:17:13,100 --> 00:17:15,820
okay so let's say the attacker hacked my

412
00:17:15,820 --> 00:17:19,070
blog and then went to my tinyldap and now

413
00:17:19,070 --> 00:17:21,820
is attacking tinyldap then they can

414
00:17:21,820 --> 00:17:24,060
watch other logins because tinyldap

415
00:17:24,060 --> 00:17:26,552
handles connections from other instances

416
00:17:26,552 --> 00:17:28,970
of the blog too right so the same

417
00:17:28,970 --> 00:17:30,840
problem we had before we just moved the

418
00:17:30,840 --> 00:17:33,119
goal post a little and we need to

419
00:17:33,119 --> 00:17:36,029
prevent this and the obvious solution

420
00:17:36,029 --> 00:17:38,118
is to do the same thing we did

421
00:17:38,118 --> 00:17:41,369
with the blog we have one process of

422
00:17:41,369 --> 00:17:44,794
the LDAP server per request and then we

423
00:17:44,794 --> 00:17:48,793
just allow ptrace right so now you

424
00:17:48,793 --> 00:17:51,349
can't watch even if you get code execution

425
00:17:51,349 --> 00:17:53,590
inside the LDAP server you can't watch

426
00:17:53,590 --> 00:17:55,520
what passwords other people use

427
00:17:55,520 --> 00:17:58,614
you can still see okay the industry

428
00:17:58,614 --> 00:18:01,150
does some [ __ ] again you can still see

429
00:18:01,150 --> 00:18:04,216
the password in the LDAP store right so

430
00:18:04,216 --> 00:18:06,196
the LDAP server has to have a version of

431
00:18:06,196 --> 00:18:08,277
the password to authenticate against and

432
00:18:08,277 --> 00:18:11,000
the industry practice best practice is to

433
00:18:11,000 --> 00:18:12,820
use salted hashes so the password is

434
00:18:12,820 --> 00:18:14,083
not actually in the store

435
00:18:14,569 --> 00:18:17,169
still if someone manages to attack

436
00:18:17,169 --> 00:18:19,749
tinyldap through the blog they can

437
00:18:19,749 --> 00:18:21,689
extract the hashes and try to crack them

438
00:18:21,689 --> 00:18:24,728
but since I'm the only one adding users

439
00:18:24,728 --> 00:18:27,530
I can control the password complexity so

440
00:18:27,530 --> 00:18:29,780
good luck brute forcing that right

441
00:18:32,410 --> 00:18:37,729
okay so this is actually a real problem

442
00:18:37,729 --> 00:18:39,400
not for my blog specifically

443
00:18:39,400 --> 00:18:41,597
but for other web services or services

444
00:18:41,597 --> 00:18:43,310
that are reachable from the internet

445
00:18:43,310 --> 00:18:45,259
what if an attacker doesn't want to steal

446
00:18:45,259 --> 00:18:47,762
my data but it wants to encrypt it

447
00:18:47,762 --> 00:18:50,052
so the ransomware what can you do

448
00:18:50,052 --> 00:18:53,866
about that and my idea was to make

449
00:18:53,866 --> 00:18:55,916
the data store read only so the

450
00:18:55,916 --> 00:18:58,075
LDAP server has a data store that contains

451
00:18:58,075 --> 00:19:00,555
all the blog entries and let's read only

452
00:19:00,555 --> 00:19:03,046
to the add up process you can only read

453
00:19:03,046 --> 00:19:05,129
from it and if you want to write to it

454
00:19:05,129 --> 00:19:08,248
for example to add a new entry it gets

455
00:19:08,248 --> 00:19:10,279
appended to a second file which I call the

456
00:19:10,279 --> 00:19:13,300
journal so SQL databases have a similar

457
00:19:13,300 --> 00:19:15,670
concept and they use it to roll back

458
00:19:15,670 --> 00:19:17,650
transactions I can do the same thing

459
00:19:17,650 --> 00:19:19,160
it's basically a log file

460
00:19:19,160 --> 00:19:23,045
and that means all the differences from

461
00:19:23,045 --> 00:19:25,526
the last time the store was created

462
00:19:25,526 --> 00:19:27,626
the read only store all the differences

463
00:19:27,626 --> 00:19:29,646
are sequentially in the log file

464
00:19:29,646 --> 00:19:32,647
in the journal so that the performance

465
00:19:32,647 --> 00:19:34,847
gets worse the bigger the journal gets

466
00:19:34,847 --> 00:19:37,330
so every now and then I need to combine

467
00:19:37,330 --> 00:19:39,538
the read only part and the journal

468
00:19:39,538 --> 00:19:41,786
a new bigger read only part and

469
00:19:41,786 --> 00:19:43,466
I do that manually

470
00:19:45,729 --> 00:19:48,470
because tinyldap couldn't do it because

471
00:19:48,470 --> 00:19:50,469
I didn't allow tinyldap to write the store

472
00:19:50,469 --> 00:19:52,450
right that was part of the security here

473
00:19:53,010 --> 00:19:56,510
and so with seccomp I can just disable

474
00:19:56,510 --> 00:19:59,000
sys calls I can also install filters so I

475
00:19:59,000 --> 00:20:01,136
can say open is allowed but only if you

476
00:20:01,136 --> 00:20:03,449
use O_APPEND O_APPEND in the open sys

477
00:20:03,449 --> 00:20:06,440
call on Unix means every right you do to

478
00:20:06,440 --> 00:20:09,126
this descriptor is automatically

479
00:20:09,126 --> 00:20:12,425
added to the end so I know if someone

480
00:20:12,425 --> 00:20:16,026
manages to to access the tinyldap

481
00:20:16,026 --> 00:20:18,815
binary and can write to my journal then

482
00:20:18,815 --> 00:20:21,046
the only place the changes can show up

483
00:20:21,046 --> 00:20:23,176
is at the end and that's actually a really

484
00:20:23,176 --> 00:20:25,316
good thing to have because it means

485
00:20:25,316 --> 00:20:27,756
if someone hacks me and adds junk to

486
00:20:27,756 --> 00:20:30,002
my blog I can only remove at the end

487
00:20:30,002 --> 00:20:32,642
and I'm good again compare that to a

488
00:20:32,642 --> 00:20:35,372
usual SQL database if someone wrote

489
00:20:35,372 --> 00:20:38,221
to the database you need to in to play

490
00:20:38,221 --> 00:20:41,176
a backup uh in to restore backup because

491
00:20:41,176 --> 00:20:43,146
they could have changed anything anywhere

492
00:20:43,366 --> 00:20:45,476
right so but tinyldap doesn't even have

493
00:20:45,476 --> 00:20:47,336
file system level permissions to change

494
00:20:47,336 --> 00:20:48,906
anything in the store so I can

495
00:20:48,906 --> 00:20:51,125
re-sleep soundly

496
00:20:51,630 --> 00:20:53,623
yeah the industry spent money on

497
00:20:53,623 --> 00:20:55,503
cyber security mesh architecture

498
00:20:57,160 --> 00:20:59,380
right so the journal integration has

499
00:20:59,380 --> 00:21:01,420
to be done by me manually out of band

500
00:21:01,420 --> 00:21:04,130
so it's not something an automated process

501
00:21:04,130 --> 00:21:06,100
does I do it manually

502
00:21:06,100 --> 00:21:07,819
and when I'm doing it

503
00:21:08,340 --> 00:21:10,360
because it's not that much data it's

504
00:21:10,360 --> 00:21:12,420
like for a week or two I can just read it

505
00:21:12,420 --> 00:21:14,600
again and see if something doesn't look

506
00:21:14,600 --> 00:21:19,120
right this may not be available to all

507
00:21:19,120 --> 00:21:20,990
other scenarios but you have to

508
00:21:20,990 --> 00:21:22,759
realize if you have bigger data it's

509
00:21:22,759 --> 00:21:25,119
usually not all the data that's big

510
00:21:25,119 --> 00:21:27,140
most of it is usually static and read only

511
00:21:27,140 --> 00:21:30,000
and then you have some logs that are

512
00:21:30,000 --> 00:21:32,750
you know billing data that grows and grows

513
00:21:32,750 --> 00:21:35,149
but usually there's part of the data and

514
00:21:35,149 --> 00:21:38,540
this is the part with the you know

515
00:21:38,540 --> 00:21:41,589
identifying information personally or

516
00:21:41,589 --> 00:21:45,520
billing details that stuff is usually

517
00:21:45,520 --> 00:21:48,120
small and mostly static and you could

518
00:21:48,120 --> 00:21:51,440
use this strategy for that too

519
00:21:53,170 --> 00:21:56,629
well yeah okay

520
00:21:57,079 --> 00:21:59,320
so the attacker can still write garbage

521
00:21:59,320 --> 00:22:01,389
to my blog that's still not good

522
00:22:01,389 --> 00:22:03,730
right but since all they can do is append

523
00:22:03,730 --> 00:22:06,481
to the journal I can use my text editor

524
00:22:06,481 --> 00:22:09,001
open the journal and truncate at some

525
00:22:09,001 --> 00:22:11,434
point and then I get all my data back

526
00:22:11,434 --> 00:22:13,784
till the point where they start to [???]

527
00:22:13,784 --> 00:22:16,234
the blog right this is still bad but

528
00:22:16,234 --> 00:22:18,620
it's a very good position to be in

529
00:22:18,620 --> 00:22:21,139
if there's an emergency because you

530
00:22:21,139 --> 00:22:23,750
can basically investigate calmly first

531
00:22:23,750 --> 00:22:26,240
you turn off right write access then you

532
00:22:26,240 --> 00:22:29,439
delete the vandalism and the journal

533
00:22:29,439 --> 00:22:32,599
and you know you haven't lost anything

534
00:22:32,599 --> 00:22:34,740
because if you want to delete an entry

535
00:22:34,740 --> 00:22:36,890
in the blog you could do that too but

536
00:22:36,890 --> 00:22:38,930
that means at the end of the journal you

537
00:22:38,940 --> 00:22:41,200
append a statement saying delete this

538
00:22:41,200 --> 00:22:43,313
record and I can just remove that and I

539
00:22:43,313 --> 00:22:45,730
get the record back right so there's no

540
00:22:45,730 --> 00:22:48,820
way for someone vandalizing my blog to

541
00:22:48,820 --> 00:22:50,940
damage any data that was in it before

542
00:22:50,940 --> 00:22:53,620
all they can do is append junk at the end

543
00:22:53,620 --> 00:22:56,020
and I can live with that right this is

544
00:22:56,020 --> 00:22:58,390
this is should be the guiding thought

545
00:22:58,390 --> 00:23:00,670
between any security you do

546
00:23:00,670 --> 00:23:03,279
if someone hacks you will be in a very

547
00:23:03,279 --> 00:23:05,440
stressful position the boss will be

548
00:23:05,440 --> 00:23:07,749
behind you breathing down your neck are

549
00:23:07,749 --> 00:23:09,889
we done yet? is it fixed? and you want to

550
00:23:09,889 --> 00:23:12,410
have as little to do as possible at that

551
00:23:12,410 --> 00:23:14,672
time you want to to move all the stress

552
00:23:14,672 --> 00:23:17,279
to before you get hacked because then

553
00:23:17,279 --> 00:23:18,740
you have more time

554
00:23:19,840 --> 00:23:22,080
okay the industry did other things again

555
00:23:24,760 --> 00:23:27,940
so what if the attacker doesn't write

556
00:23:27,940 --> 00:23:30,452
garbage to the journal but writes some

557
00:23:30,452 --> 00:23:33,111
exploit to the journal that the next

558
00:23:33,111 --> 00:23:35,312
tinyldap up instance that reads the

559
00:23:35,312 --> 00:23:37,982
journal gets compromised by it

560
00:23:39,430 --> 00:23:42,699
that is a possibility and that would be

561
00:23:42,699 --> 00:23:45,909
bad so agreed that there still a problem

562
00:23:46,409 --> 00:23:49,595
but realize how preposterous the scenario

563
00:23:49,595 --> 00:23:51,734
is so we are talking about an attacker

564
00:23:51,734 --> 00:23:54,655
who found stable zero day in the blog

565
00:23:54,655 --> 00:23:57,105
and then used that and another

566
00:23:57,105 --> 00:23:59,639
stable zero day in tinyldap up to write

567
00:23:59,639 --> 00:24:02,281
to the journal and then have the third

568
00:24:03,051 --> 00:24:06,290
third zero day to compromise the journal

569
00:24:06,290 --> 00:24:08,706
passing code so I mean

570
00:24:08,706 --> 00:24:11,266
yes it is still a problem but we reduced

571
00:24:11,266 --> 00:24:13,800
the risk significantly

572
00:24:14,160 --> 00:24:15,160
and that is what

573
00:24:15,160 --> 00:24:18,320
I'm trying to to tell you here it's not

574
00:24:18,320 --> 00:24:20,704
it's not all or nothing it's good enough

575
00:24:20,704 --> 00:24:24,077
if you can half the risk that's already

576
00:24:24,077 --> 00:24:26,040
very important and you should do it

577
00:24:26,040 --> 00:24:30,620
so as much as you can slice off the risk

578
00:24:30,620 --> 00:24:32,869
the better the better off you will be

579
00:24:32,869 --> 00:24:34,389
if something happens

580
00:24:34,649 --> 00:24:37,698
right because the smaller the code is

581
00:24:37,698 --> 00:24:40,290
that is still attackable the

582
00:24:40,290 --> 00:24:42,160
more you can audit it and be sure it's

583
00:24:42,160 --> 00:24:44,169
good you show it to your friends and

584
00:24:44,169 --> 00:24:46,679
they can audit it too and you

585
00:24:46,679 --> 00:24:48,714
need to save yourself that time because

586
00:24:48,714 --> 00:24:50,714
it happens every now and then that I get

587
00:24:50,714 --> 00:24:52,904
to get to see the whole code base and

588
00:24:52,904 --> 00:24:54,554
the usual code base for commercial

589
00:24:54,554 --> 00:24:57,123
products is like gigabytes of source code

590
00:24:57,123 --> 00:24:59,523
nobody can read that like

591
00:24:59,523 --> 00:25:01,207
I'm good I'm not that good

592
00:25:02,587 --> 00:25:05,407
so this is a good place to be in

593
00:25:05,407 --> 00:25:07,536
I think right so the industry was selling

594
00:25:07,536 --> 00:25:10,256
DDOS mitigation sure whatever

595
00:25:10,326 --> 00:25:11,950
so what happens if someone attacks

596
00:25:11,950 --> 00:25:14,905
the web server that is still a big

597
00:25:14,905 --> 00:25:18,261
problem and it's actually

598
00:25:20,421 --> 00:25:22,562
it's a full damage right

599
00:25:22,562 --> 00:25:24,231
that's the worst that can happen if

600
00:25:24,231 --> 00:25:26,151
someone manages to attack the web server

601
00:25:26,151 --> 00:25:28,431
they can see all traffic coming through

602
00:25:28,431 --> 00:25:30,421
they can look inside TLS secured

603
00:25:30,421 --> 00:25:32,307
connections and they can sniff all the

604
00:25:32,307 --> 00:25:34,721
passwords so that's really bad

605
00:25:34,979 --> 00:25:36,930
unfortunately there is not too much

606
00:25:36,930 --> 00:25:38,619
you can do about that

607
00:25:40,919 --> 00:25:44,256
you could do a separation

608
00:25:44,256 --> 00:25:46,024
so this is something people have been

609
00:25:46,024 --> 00:25:47,955
talking about for a while OpenSSL is

610
00:25:47,955 --> 00:25:49,977
doing this they moved the dangerous crypto

611
00:25:49,977 --> 00:25:51,914
stuff in a second process and use

612
00:25:51,914 --> 00:25:54,218
sandboxing to lock down that process

613
00:25:54,428 --> 00:25:56,289
that could be done but nobody has done

614
00:25:56,289 --> 00:25:58,649
it for OpenSSL yet so OpenSSL doesn't

615
00:25:58,649 --> 00:26:00,689
support that my web server

616
00:26:00,689 --> 00:26:02,929
also supports embed TLS they don't

617
00:26:02,929 --> 00:26:05,158
support that too so I I could spend time

618
00:26:05,158 --> 00:26:06,589
on that and I've been actually

619
00:26:06,589 --> 00:26:09,095
spending some time already but it's not

620
00:26:09,095 --> 00:26:10,959
it's not ready yet but this would be a

621
00:26:10,959 --> 00:26:13,279
good way to reduce the risk and you may

622
00:26:13,279 --> 00:26:15,629
notice that the the tools I'm using to

623
00:26:15,629 --> 00:26:17,779
reduce risks are actually just a handful

624
00:26:17,959 --> 00:26:20,704
there's not it's not you know it's not

625
00:26:20,704 --> 00:26:23,310
witchcraft I'm not inventing new

626
00:26:23,310 --> 00:26:25,589
ways to look at things I'm doing the

627
00:26:25,589 --> 00:26:27,776
same thing again I'm identifying the

628
00:26:27,776 --> 00:26:29,905
part of the code that's dangerous and

629
00:26:29,905 --> 00:26:32,517
then I think about how I can make that

630
00:26:32,517 --> 00:26:34,667
part smaller maybe put it in a different

631
00:26:34,667 --> 00:26:37,296
process lock it down so we need to do

632
00:26:37,296 --> 00:26:38,936
the same thing with the web server

633
00:26:38,936 --> 00:26:40,910
obviously but it's an ongoing process

634
00:26:42,660 --> 00:26:46,710
yeah so again whatever why

635
00:26:46,710 --> 00:26:49,400
haven't I done that yet uh so in my

636
00:26:49,400 --> 00:26:51,375
web server you can it's a build time

637
00:26:51,375 --> 00:26:53,474
decision if you want SSL support or not

638
00:26:53,474 --> 00:26:55,055
and you can see the binary is

639
00:26:55,055 --> 00:26:57,525
significantly bigger if you have SSL

640
00:26:57,525 --> 00:26:59,535
and I'm showing you this because it means

641
00:26:59,535 --> 00:27:01,805
the bulk of the attack surface is the SSL

642
00:27:01,805 --> 00:27:04,730
code it's not my code so if I if I can

643
00:27:04,730 --> 00:27:07,438
put the SSL code in a different process

644
00:27:07,438 --> 00:27:10,740
they still need to see the private key

645
00:27:10,740 --> 00:27:12,267
because that's what TLS needs

646
00:27:12,267 --> 00:27:13,886
the private key otherwise it can't

647
00:27:13,886 --> 00:27:15,927
do the crypto so the bug of the attack

648
00:27:15,927 --> 00:27:17,739
surface would still have access to the

649
00:27:17,739 --> 00:27:19,530
key I can still do it because there

650
00:27:19,530 --> 00:27:21,480
might be bugs in my code and not the

651
00:27:21,480 --> 00:27:24,929
SSL code but that's just 5% of the of

652
00:27:24,929 --> 00:27:27,310
the overall attack surface so

653
00:27:27,730 --> 00:27:29,843
I will probably do it at some point

654
00:27:29,843 --> 00:27:32,125
but it's I don't expect miracles from it

655
00:27:32,125 --> 00:27:35,025
bugs and open SSL will kill me

656
00:27:35,025 --> 00:27:37,241
there's not much I can do about that

657
00:27:39,696 --> 00:27:40,696
<i>laughter</i>

658
00:27:41,820 --> 00:27:44,160
okay so I know what you're thinking

659
00:27:44,220 --> 00:27:47,390
<i>loud laughter</i>

660
00:27:47,530 --> 00:27:50,829
what about kernel bugs?

661
00:27:50,829 --> 00:27:52,455
so I looked at a few of the recent

662
00:27:52,455 --> 00:27:54,679
kernel bugs and it turns out that they

663
00:27:54,679 --> 00:27:56,991
usually apply to sys calls that are rarely

664
00:27:56,991 --> 00:28:00,113
used in regular programs and because

665
00:28:00,113 --> 00:28:01,930
I'm blocking all the sys calls I don't

666
00:28:01,930 --> 00:28:04,220
really need none of them apply to me

667
00:28:04,220 --> 00:28:07,193
right and this is a this is a pattern

668
00:28:07,193 --> 00:28:09,593
with Kernel bugs

669
00:28:09,593 --> 00:28:12,050
there is a project called Sandstorm

670
00:28:13,060 --> 00:28:16,879
that also uses ptrace and seccomp tracing

671
00:28:16,879 --> 00:28:19,049
to reduce the sys call

672
00:28:19,339 --> 00:28:22,266
surface and then puts regular services

673
00:28:22,266 --> 00:28:25,240
into a sandbox for web services and

674
00:28:25,240 --> 00:28:28,290
they evaded all kinds of of Kernel bugs

675
00:28:28,290 --> 00:28:30,309
just because of that so this is

676
00:28:30,309 --> 00:28:32,040
like a zero effort thing because

677
00:28:32,040 --> 00:28:34,740
obviously if you have a list of sys calls

678
00:28:34,740 --> 00:28:36,480
you'd use a white list and you

679
00:28:36,480 --> 00:28:38,110
have a list of things you are

680
00:28:38,110 --> 00:28:40,197
explicitly low and the rest is disabled

681
00:28:40,197 --> 00:28:42,368
not the other way around right

682
00:28:42,478 --> 00:28:44,478
so none of the usual Kernel bugs apply

683
00:28:44,478 --> 00:28:47,056
to me um because of the the seccomp stuff

684
00:28:47,056 --> 00:28:49,337
I already do so Kernel bugs aren't as big

685
00:28:49,337 --> 00:28:51,818
of a problem as you might think at least

686
00:28:51,818 --> 00:28:54,017
I still have them if I haven't patched

687
00:28:54,017 --> 00:28:56,436
but you can't get to them via the blog

688
00:28:57,269 --> 00:28:59,509
so I have a small confession to make

689
00:28:59,509 --> 00:29:01,669
I'm a bit of a troll and that applies

690
00:29:01,669 --> 00:29:05,010
to this project as well so I used the

691
00:29:05,010 --> 00:29:09,719
worst programming language I used C right

692
00:29:09,719 --> 00:29:11,983
so I'm trolling the security people

693
00:29:11,983 --> 00:29:13,746
and then I'm trolling the Java people

694
00:29:13,746 --> 00:29:15,414
who have been saying you should use

695
00:29:15,414 --> 00:29:17,270
multi-threading for performance and not

696
00:29:17,270 --> 00:29:18,604
have one process per request

697
00:29:18,604 --> 00:29:21,307
so I'm doing actually two fork and exec

698
00:29:21,307 --> 00:29:22,377
per request

699
00:29:23,178 --> 00:29:25,133
I'm trolling the database people

700
00:29:25,133 --> 00:29:26,442
I don't have any caching

701
00:29:26,442 --> 00:29:28,042
I don't have connection pools

702
00:29:28,459 --> 00:29:30,290
and the perf people too because I'm

703
00:29:30,290 --> 00:29:32,130
still faster than most of the regular

704
00:29:32,130 --> 00:29:34,639
solutions so there is no there's really

705
00:29:34,639 --> 00:29:36,873
no downside if you if you architect your

706
00:29:36,873 --> 00:29:38,874
software to use this kind of thing

707
00:29:39,444 --> 00:29:41,943
it will be slower than other ways to do it

708
00:29:41,943 --> 00:29:44,343
but most other software isn't as fast

709
00:29:44,343 --> 00:29:47,494
anyway so there's enough headway that

710
00:29:47,494 --> 00:29:49,724
you can use to do security instead of

711
00:29:49,724 --> 00:29:51,923
performance you will still be faster

712
00:29:53,319 --> 00:29:56,150
so let's recap the methodology I used

713
00:29:57,280 --> 00:29:59,549
first I make a list of all the attacks

714
00:29:59,549 --> 00:30:01,276
I can think of and this means

715
00:30:01,276 --> 00:30:03,301
concrete attacks so what could happen

716
00:30:03,301 --> 00:30:04,558
and what would what would

717
00:30:04,558 --> 00:30:06,958
be the problem then right and then

718
00:30:06,958 --> 00:30:09,118
I think for every item on the list

719
00:30:09,118 --> 00:30:11,430
I consider how to prevent this

720
00:30:11,430 --> 00:30:13,964
can I prevent this? what I need to do

721
00:30:13,964 --> 00:30:15,864
and then I do it right so that's easy

722
00:30:15,864 --> 00:30:17,946
it's like this the Feynman problem solving

723
00:30:17,946 --> 00:30:20,323
algorithm in spirit and this

724
00:30:20,323 --> 00:30:23,086
process is called threat modeling it's

725
00:30:23,086 --> 00:30:25,241
it's like a it's dirty word because it

726
00:30:25,241 --> 00:30:27,290
sounds like there's effort involved and

727
00:30:27,290 --> 00:30:29,060
nobody wants to do it but it's really

728
00:30:29,060 --> 00:30:30,913
it's easy it's just these these steps

729
00:30:30,913 --> 00:30:32,893
you look at your software you

730
00:30:32,893 --> 00:30:35,039
consider all the ways it could be attacked

731
00:30:35,039 --> 00:30:36,468
and then you consider what you

732
00:30:36,468 --> 00:30:38,226
could do to prevent the attack or in

733
00:30:38,226 --> 00:30:40,083
some cases you can't prevent the attack

734
00:30:40,083 --> 00:30:42,621
and then you say well that's a risk I have
live with

735
00:30:42,621 --> 00:30:44,459
right so that's called threat modeling

736
00:30:44,459 --> 00:30:46,069
you should try it's awesome

737
00:30:48,155 --> 00:30:50,119
and you saw that I'm trying

738
00:30:50,119 --> 00:30:52,490
to optimize something here I go for a

739
00:30:52,490 --> 00:30:55,209
specific target in this case I want

740
00:30:55,209 --> 00:30:57,130
as little code as possible

741
00:30:57,840 --> 00:30:59,910
the more code there is the more bugs

742
00:30:59,910 --> 00:31:01,929
there will be that's an a very old

743
00:31:02,469 --> 00:31:04,830
insight from I think it was originally

744
00:31:04,830 --> 00:31:06,795
in IBM study and they basically found

745
00:31:06,795 --> 00:31:08,755
that the number of bugs in code is a

746
00:31:08,755 --> 00:31:11,124
function of the lines of code in the code

747
00:31:11,124 --> 00:31:12,764
so there's a little more to it but

748
00:31:12,764 --> 00:31:15,334
basically it's true so and it's not just

749
00:31:15,334 --> 00:31:17,174
any code I want to have less of

750
00:31:17,669 --> 00:31:19,529
if the code is dangerous I particularly

751
00:31:19,529 --> 00:31:22,309
want to have less of it and the the most

752
00:31:22,309 --> 00:31:25,046
important category to to make smaller is

753
00:31:25,046 --> 00:31:27,256
the code that enforces security

754
00:31:27,256 --> 00:31:29,496
guarantees so like one security

755
00:31:29,496 --> 00:31:31,466
guarantee would be you can't log in

756
00:31:31,466 --> 00:31:33,505
if you don't have the right password right

757
00:31:33,505 --> 00:31:35,514
so the code that checks that I want it to

758
00:31:35,514 --> 00:31:38,272
be as small as possible one or two

759
00:31:38,272 --> 00:31:40,520
lines of code if I can manage it and

760
00:31:40,520 --> 00:31:42,625
then it's obvious if it if it's wrong or

761
00:31:42,625 --> 00:31:45,175
not the more complex the code is the

762
00:31:45,175 --> 00:31:47,552
less easy would it be to see if

763
00:31:47,552 --> 00:31:49,421
it's correct or not and that's what you

764
00:31:49,421 --> 00:31:51,321
want in the end you want to be sure the

765
00:31:51,321 --> 00:31:53,433
code is correct so how far did I get

766
00:31:53,433 --> 00:31:55,332
it's actually pretty amazing I think

767
00:31:55,332 --> 00:31:58,053
you can write an LDAP server in 5000 lines

768
00:31:58,053 --> 00:32:02,594
of code the blog is 3500 lines of code

769
00:32:02,594 --> 00:32:04,992
plus the LDAP client library

770
00:32:04,992 --> 00:32:06,452
plus zlib

771
00:32:06,682 --> 00:32:09,159
but I'm only using zlib to compress not to

772
00:32:09,159 --> 00:32:11,480
decompress so most attack scenarios

773
00:32:11,480 --> 00:32:13,997
doesn't don't apply to to my usage of zlib

774
00:32:13,997 --> 00:32:16,758
and the web server is also pretty slow

775
00:32:16,758 --> 00:32:18,424
if you only look at the HTTP code

776
00:32:18,424 --> 00:32:21,223
unfortunately it also contains the

777
00:32:21,223 --> 00:32:23,557
SSL Library which is orders of magnitude

778
00:32:23,557 --> 00:32:25,596
more than my code and that's how you

779
00:32:25,596 --> 00:32:28,237
want it you want the biggest risk not to

780
00:32:28,237 --> 00:32:30,916
be in the new code but in an old code

781
00:32:31,599 --> 00:32:34,588
that someone else already audited if you

782
00:32:34,588 --> 00:32:36,318
can manage it right so this is the

783
00:32:36,318 --> 00:32:38,948
optimization strategy try to have as

784
00:32:38,948 --> 00:32:40,968
little dangerous code as possible sounds

785
00:32:40,968 --> 00:32:42,697
like a no-brainer but if you look at

786
00:32:42,697 --> 00:32:44,717
modern software development you will

787
00:32:44,717 --> 00:32:47,328
find out they do the exact opposite pull

788
00:32:47,328 --> 00:32:49,362
in as many frameworks as as they can

789
00:32:50,982 --> 00:32:52,409
so this strategy is called

790
00:32:52,409 --> 00:32:54,939
TCB minimization you should try it and

791
00:32:54,939 --> 00:32:57,040
I gave a talk about it already it's

792
00:32:57,040 --> 00:32:59,274
actually pretty easy so

793
00:33:00,410 --> 00:33:02,730
I told you what I did to the

794
00:33:02,730 --> 00:33:03,760
to the blog to

795
00:33:04,780 --> 00:33:07,610
diminish the danger that can be done

796
00:33:08,110 --> 00:33:10,000
if someone manages to take it over and

797
00:33:10,000 --> 00:33:11,731
this is actually part of the

798
00:33:11,731 --> 00:33:14,892
TCB minimization process so the blog was a

799
00:33:14,892 --> 00:33:17,920
high risk area and then I took away

800
00:33:17,920 --> 00:33:21,127
privileges and removed excess checks and

801
00:33:21,127 --> 00:33:24,000
in the end even if I give you remote

802
00:33:24,000 --> 00:33:25,990
code execution in the blog process you

803
00:33:25,990 --> 00:33:28,309
can't do anything you couldn't do before

804
00:33:28,309 --> 00:33:30,839
right so it's no longer part of the TCB

805
00:33:30,839 --> 00:33:33,373
the TCB is the part that enforces

806
00:33:33,373 --> 00:33:35,344
security guarantees which the blog CGI

807
00:33:35,344 --> 00:33:36,509
doesn't anymore

808
00:33:37,734 --> 00:33:39,274
so that's what you want to do

809
00:33:39,274 --> 00:33:41,354
you want to end up in the smallest TCB

810
00:33:41,354 --> 00:33:44,133
you can possibly manage and every

811
00:33:44,133 --> 00:33:47,200
step on the way is good so no step is

812
00:33:47,200 --> 00:33:49,090
too small right if you can shave off

813
00:33:49,090 --> 00:33:51,479
even a little routine do it

814
00:33:52,719 --> 00:33:54,930
this is the minimization part of TCB

815
00:33:54,930 --> 00:33:56,999
minimization right I could I was able to

816
00:33:56,999 --> 00:33:59,739
remove the blog from the TCB tinyldap

817
00:33:59,739 --> 00:34:03,270
still has a risk so you saw

818
00:34:03,270 --> 00:34:05,360
the threat model if someone manages to

819
00:34:05,360 --> 00:34:07,317
take over tinyldap they can read the

820
00:34:07,317 --> 00:34:08,988
hashes and try to crack them that's

821
00:34:08,988 --> 00:34:12,197
still bad but I can live with it right

822
00:34:12,449 --> 00:34:15,209
if they vandalize the blog I can undo

823
00:34:15,209 --> 00:34:17,360
the damage without going to the

824
00:34:17,360 --> 00:34:19,490
date library so that's good

825
00:34:20,440 --> 00:34:22,290
if you compare that to the industry

826
00:34:22,290 --> 00:34:24,550
standard you will find that my approach

827
00:34:24,550 --> 00:34:26,720
is much better usually in

828
00:34:26,720 --> 00:34:28,750
the industry you see platform decisions

829
00:34:28,750 --> 00:34:31,060
done by management not by the techies

830
00:34:31,060 --> 00:34:33,099
and it's untroubled by expertise or

831
00:34:33,099 --> 00:34:35,268
risk analysis and you get a

832
00:34:35,268 --> 00:34:37,767
diffusion of responsibility because if

833
00:34:37,767 --> 00:34:39,737
you even if you try to find out who's

834
00:34:39,737 --> 00:34:41,788
responsible for anything you find

835
00:34:41,788 --> 00:34:43,552
well it's that team over there but we

836
00:34:43,552 --> 00:34:45,408
don't really know and then you find out

837
00:34:45,408 --> 00:34:47,191
the team dissolved last week and it's

838
00:34:47,191 --> 00:34:50,172
really horrible and brand new we have

839
00:34:50,172 --> 00:34:52,372
AI tools which is also a diffusion of

840
00:34:52,372 --> 00:34:53,684
responsibility

841
00:34:55,930 --> 00:34:57,244
and then you get people

842
00:34:57,244 --> 00:34:59,010
arguing well it's so bad it can't get

843
00:34:59,010 --> 00:35:00,790
any worse let's go to the cloud where

844
00:35:00,790 --> 00:35:01,999
obviously it gets worse

845
00:35:01,999 --> 00:35:05,645
immediately so I prefer my way

846
00:35:06,511 --> 00:35:08,421
I think in the end it's important to

847
00:35:08,421 --> 00:35:10,609
realize that the the lack of security

848
00:35:10,609 --> 00:35:12,816
you may have in your projects right now

849
00:35:12,816 --> 00:35:16,076
is self-imposed there is no guy with a

850
00:35:16,076 --> 00:35:17,666
shotgun behind you

851
00:35:17,666 --> 00:35:20,446
threatening you can do it you just have

852
00:35:20,446 --> 00:35:23,524
to start right so this is self-imposed

853
00:35:23,524 --> 00:35:25,494
helplessness you can actually help

854
00:35:25,494 --> 00:35:27,314
yourself you just have to start

855
00:35:28,869 --> 00:35:31,779
right how did we get here this is

856
00:35:31,779 --> 00:35:34,190
obviously not a good place to be

857
00:35:34,190 --> 00:35:36,119
like all the software is crappy and

858
00:35:36,119 --> 00:35:38,030
there's a few it's not just that people

859
00:35:38,030 --> 00:35:39,920
are dumb there's a few reasons for that

860
00:35:39,920 --> 00:35:43,209
so back in the day you used to have

861
00:35:43,209 --> 00:35:45,390
bespoke applications that were written

862
00:35:45,390 --> 00:35:47,954
for a specific purpose and they used the

863
00:35:47,954 --> 00:35:49,789
waterfall model and you had the

864
00:35:49,789 --> 00:35:52,468
requirements specification and it was

865
00:35:52,468 --> 00:35:55,097
lots of bureaucracy and really horrible

866
00:35:55,097 --> 00:35:58,048
but it also meant that you knew what

867
00:35:58,048 --> 00:36:00,108
the application had be had to be able to

868
00:36:00,108 --> 00:36:02,749
do so that means you can make sure

869
00:36:02,749 --> 00:36:06,178
anything else is forbidden if you know

870
00:36:06,178 --> 00:36:08,084
what the application needs to be able to

871
00:36:08,084 --> 00:36:10,029
do you can make sure it doesn't do any

872
00:36:10,029 --> 00:36:12,300
other stuff and that is security if you

873
00:36:12,300 --> 00:36:15,300
think about it deny everything that the

874
00:36:15,300 --> 00:36:17,160
application wasn't supposed to be doing

875
00:36:17,160 --> 00:36:19,210
and then that's what an attacker would

876
00:36:19,210 --> 00:36:21,390
do if they take over the machine right

877
00:36:21,620 --> 00:36:24,450
so if you know beforehand what you're

878
00:36:24,450 --> 00:36:26,330
trying to get to you can actually

879
00:36:26,330 --> 00:36:28,529
implement privilege even architecturally

880
00:36:28,529 --> 00:36:30,250
as I've shown you

881
00:36:31,190 --> 00:36:32,870
now we have more of an Ikea model

882
00:36:32,870 --> 00:36:35,800
you buy parts that are designed by

883
00:36:35,800 --> 00:36:37,659
their own teams and the teams designing

884
00:36:37,659 --> 00:36:39,430
the parts don't know what the final

885
00:36:39,430 --> 00:36:42,145
product will look like right in in some

886
00:36:42,145 --> 00:36:44,086
cases even you don't know what the final

887
00:36:44,086 --> 00:36:45,806
product will look like but it's even

888
00:36:45,806 --> 00:36:47,776
worse if you consider that the

889
00:36:47,776 --> 00:36:49,926
team building the part you make your

890
00:36:49,926 --> 00:36:51,786
software from doesn't know what it will

891
00:36:51,786 --> 00:36:53,775
be used for so it has to be as generic

892
00:36:53,775 --> 00:36:56,275
as possible right the more it can be

893
00:36:56,275 --> 00:36:58,026
done with it the better and that's

894
00:36:58,026 --> 00:37:00,765
the opposite of security right security

895
00:37:00,765 --> 00:37:02,667
means understanding what you need to do

896
00:37:02,667 --> 00:37:05,297
and then disallowing the rest and this

897
00:37:05,297 --> 00:37:08,620
means be as generic as you can the parts

898
00:37:08,620 --> 00:37:11,400
are optimized for genericity what's the

899
00:37:11,400 --> 00:37:15,599
name genericism I don't know so they are

900
00:37:15,349 --> 00:37:17,624
optimized to be as flexible as possible

901
00:37:17,624 --> 00:37:20,211
and they are chosen by flexibility

902
00:37:22,251 --> 00:37:23,890
the developer of the part usually

903
00:37:23,890 --> 00:37:25,519
has no idea what it would used for

904
00:37:25,519 --> 00:37:27,400
and that means you can't do least

905
00:37:27,400 --> 00:37:30,870
privilege because you don't know what

906
00:37:30,870 --> 00:37:33,519
the privilege will be that's least so

907
00:37:33,519 --> 00:37:36,180
this is actually a big mess so if

908
00:37:36,180 --> 00:37:38,470
you use parts programmed by other people

909
00:37:38,470 --> 00:37:40,380
you will have to invest extra effort to

910
00:37:40,380 --> 00:37:42,801
find out what kind of stuff you can make

911
00:37:42,801 --> 00:37:45,474
it not do because it will definitely be

912
00:37:45,474 --> 00:37:47,415
able to do more than you need and the

913
00:37:47,415 --> 00:37:49,505
more you can clamp down the more

914
00:37:49,505 --> 00:37:51,875
security you will have it's even

915
00:37:51,875 --> 00:37:53,524
worse if you do agile development

916
00:37:53,524 --> 00:37:55,244
because then by definition you don't

917
00:37:55,244 --> 00:37:57,425
know what the end result will be so

918
00:37:57,890 --> 00:37:59,580
if you don't know that you can't do

919
00:37:59,580 --> 00:38:00,601
security lockdown

920
00:38:01,739 --> 00:38:03,210
so another argument why we got

921
00:38:03,210 --> 00:38:05,550
here is economics of scale so it used to

922
00:38:05,550 --> 00:38:07,600
be that if you build some kind of device

923
00:38:07,600 --> 00:38:09,900
that needs to do something like I don't

924
00:38:09,900 --> 00:38:13,028
know microwave

925
00:38:14,010 --> 00:38:17,230
then you you find parts and

926
00:38:17,230 --> 00:38:19,309
you combine the parts and you solder

927
00:38:19,309 --> 00:38:21,139
them together and then they solve the

928
00:38:21,139 --> 00:38:23,950
problem but these days you don't

929
00:38:23,950 --> 00:38:26,734
solder parts anymore you assemble from

930
00:38:26,734 --> 00:38:29,024
pre-made parts and these are usually

931
00:38:29,024 --> 00:38:32,339
programmable right so a little ARM chip

932
00:38:32,339 --> 00:38:35,229
cost like a tenth of a cent so why use

933
00:38:35,229 --> 00:38:37,244
a special part if you can use an ARM chip

934
00:38:37,244 --> 00:38:38,889
and then program it but that means

935
00:38:38,889 --> 00:38:40,899
you still need to use software that

936
00:38:40,899 --> 00:38:42,882
actually solves the problem the hardware

937
00:38:42,882 --> 00:38:44,712
is generic and that means the hardware

938
00:38:44,712 --> 00:38:47,072
can be hacked and this is turning out to

939
00:38:47,072 --> 00:38:49,871
be a problem right if you had a brake in

940
00:38:49,871 --> 00:38:53,272
in 20 years know it braked right

941
00:38:53,272 --> 00:38:55,382
but now it's programmable

942
00:38:55,382 --> 00:38:56,732
and people haven't realized

943
00:38:56,732 --> 00:38:58,928
how bad that is but it is bad right so

944
00:38:58,928 --> 00:39:00,411
that's that will bite us in the

945
00:39:00,411 --> 00:39:02,611
ass oops

946
00:39:02,611 --> 00:39:05,852
so the response from the industry

947
00:39:05,852 --> 00:39:08,372
has so far been the ostrich method

948
00:39:08,372 --> 00:39:11,042
basically we install stuff that we know

949
00:39:11,042 --> 00:39:12,955
is untrustworthy and so we

950
00:39:12,955 --> 00:39:14,987
install other stuff on top of it that's

951
00:39:14,987 --> 00:39:17,507
also untrustworthy and then we call it

952
00:39:17,507 --> 00:39:20,276
telemetry or big data and to some risk

953
00:39:20,276 --> 00:39:24,160
logging analysis in [???] or whatever

954
00:39:24,860 --> 00:39:26,791
and in the end the attack surface

955
00:39:26,791 --> 00:39:30,140
has mushroomed like a nuclear explosion

956
00:39:30,140 --> 00:39:31,834
right so that's our fault

957
00:39:31,834 --> 00:39:34,164
nobody has forced us to do this you

958
00:39:34,164 --> 00:39:35,756
don't need to do this in your own

959
00:39:35,756 --> 00:39:39,026
projects that's the hopeful message of

960
00:39:39,026 --> 00:39:40,949
this talk in conclusion if you remember

961
00:39:40,949 --> 00:39:42,684
nothing else from this talk remember

962
00:39:42,684 --> 00:39:44,550
that threat modeling is a thing and you

963
00:39:44,550 --> 00:39:46,440
should try it TCB minimization actually

964
00:39:46,440 --> 00:39:48,790
helps least privilege is another facet

965
00:39:48,790 --> 00:39:51,770
of the same thing and if you can use

966
00:39:51,770 --> 00:39:53,821
append only data storage you should

967
00:39:53,821 --> 00:39:55,400
consider it

968
00:39:55,400 --> 00:39:57,079
- blockchain
- yeah not a blockchain

969
00:39:57,079 --> 00:39:58,300
append only data storage

970
00:39:58,300 --> 00:39:59,480
it's not blockchain

971
00:39:59,480 --> 00:40:01,420
<i>laughter</i>

972
00:40:01,420 --> 00:40:11,940
<i>applause</i>

973
00:40:11,940 --> 00:40:13,030
- two more two more

974
00:40:13,030 --> 00:40:13,845
- two more slides

975
00:40:13,845 --> 00:40:14,907
- yeah two more slides

976
00:40:14,907 --> 00:40:15,980
- sorry I'm imposter

977
00:40:15,980 --> 00:40:17,160
- no problem

978
00:40:17,160 --> 00:40:18,160
so the rule of thumb

979
00:40:18,160 --> 00:40:20,500
should be if if the blog of some

980
00:40:20,500 --> 00:40:23,180
unwashed hobbyist from the Internet is

981
00:40:23,180 --> 00:40:26,101
more secure than your IT security then

982
00:40:26,101 --> 00:40:27,873
you should improve your IT security

983
00:40:27,873 --> 00:40:30,359
right that shouldn't happen

984
00:40:31,029 --> 00:40:33,760
all right so that's all from my

985
00:40:33,760 --> 00:40:35,482
talk I think we still have time for

986
00:40:35,482 --> 00:40:38,433
questions do we? yes okay awesome okay

987
00:40:38,433 --> 00:40:40,153
now you can put your hands together

988
00:40:40,153 --> 00:40:48,040
<i>applause</i>

989
00:40:48,040 --> 00:40:50,040
so if you want to ask a question

990
00:40:50,040 --> 00:40:51,929
we have four microphones in the room

991
00:40:51,929 --> 00:40:55,600
1 2 3 4 and I'm going to take a

992
00:40:55,600 --> 00:40:58,090
question the first question from

993
00:40:58,090 --> 00:40:59,959
the internet the internet is saying you

994
00:40:59,959 --> 00:41:02,340
actually got hacked or can you elaborate

995
00:41:02,340 --> 00:41:04,370
on what happened?

996
00:41:04,370 --> 00:41:05,569
yes actually there was an

997
00:41:05,569 --> 00:41:07,463
incident where someone was able to post

998
00:41:07,463 --> 00:41:09,416
stuff to my blog and because I had append

999
00:41:09,416 --> 00:41:12,707
only data storage I shrugged it off

1000
00:41:12,707 --> 00:41:14,817
basically so use append only data storage

1001
00:41:14,817 --> 00:41:16,886
it's it will save your ass at some point

1002
00:41:16,886 --> 00:41:18,912
the problem was a bug in my

1003
00:41:18,912 --> 00:41:21,007
access control lists I had used some

1004
00:41:21,007 --> 00:41:24,061
some access control list in my LDAP server

1005
00:41:24,061 --> 00:41:26,110
and I had a line in it that

1006
00:41:26,110 --> 00:41:27,870
I should have removed but I forgot to

1007
00:41:27,870 --> 00:41:29,960
remove it and that meant you could post

1008
00:41:29,960 --> 00:41:32,598
without having credentials but it

1009
00:41:32,598 --> 00:41:35,200
happened and it wasn't bad because my

1010
00:41:35,200 --> 00:41:37,695
architecture prevented damage as

1011
00:41:37,695 --> 00:41:39,696
people are leaving the room could you

1012
00:41:39,696 --> 00:41:42,600
leave very quietly thank you

1013
00:41:42,600 --> 00:41:43,969
microphone number one

1014
00:41:43,969 --> 00:41:45,819
- yeah is there a second alternative

1015
00:41:45,819 --> 00:41:48,070
for Windows and MacOS?

1016
00:41:48,070 --> 00:41:50,060
- secure alternative well so

1017
00:41:50,060 --> 00:41:52,969
basically you can do the principles

1018
00:41:52,969 --> 00:41:56,190
I showed in this talk you can do on

1019
00:41:56,190 --> 00:41:59,900
those two so usually you will not be

1020
00:41:59,900 --> 00:42:02,489
hacked because your MacOS or

1021
00:42:02,489 --> 00:42:05,203
Windows had a bug I that happens too but

1022
00:42:05,343 --> 00:42:07,219
the bigger problem is that the software

1023
00:42:07,219 --> 00:42:09,240
you wrote had a bug or that you the

1024
00:42:09,240 --> 00:42:11,800
software that you use had a bug so I'm

1025
00:42:11,550 --> 00:42:14,110
I'm trying to tell you Linux isn't

1026
00:42:14,110 --> 00:42:16,560
particularly more secure than Windows

1027
00:42:16,560 --> 00:42:18,699
it's just it's basically you can write

1028
00:42:18,699 --> 00:42:20,629
secure software and insecure software on

1029
00:42:20,629 --> 00:42:22,865
any operating system you should still

1030
00:42:22,865 --> 00:42:24,795
use Linux because it has advantages but

1031
00:42:24,795 --> 00:42:26,555
if you apply these techniques to

1032
00:42:26,555 --> 00:42:28,805
your software it will be secure on

1033
00:42:28,805 --> 00:42:31,565
MacOS and windows as well right so this

1034
00:42:31,565 --> 00:42:34,396
is not for for end users selecting the

1035
00:42:34,170 --> 00:42:36,169
software if you select software you have

1036
00:42:36,169 --> 00:42:37,709
to trust the vendor

1037
00:42:37,709 --> 00:42:39,500
there's no way around that but if

1038
00:42:39,500 --> 00:42:41,804
you write your own software then you can

1039
00:42:41,804 --> 00:42:44,239
reduce the risk to a point where you can

1040
00:42:44,239 --> 00:42:45,948
live with it and sleep soundly

1041
00:42:45,948 --> 00:42:48,708
- sure is there a a technical alternative

1042
00:42:48,708 --> 00:42:51,198
or similar similarity like seccomp for

1043
00:42:51,198 --> 00:42:53,059
Windows and MacOS so can you drop your

1044
00:42:53,059 --> 00:42:54,930
privileges after you have opened a file

1045
00:42:54,930 --> 00:42:56,290
for example

1046
00:42:56,290 --> 00:42:58,680
- so for MacOS I'm not sure but I know

1047
00:42:58,680 --> 00:43:01,523
that FreeBSD NetBSD and OpenBSD have an

1048
00:43:01,523 --> 00:43:05,146
equivalent thing I think MacOS has it too

1049
00:43:05,146 --> 00:43:07,967
but I'm not sure about that for Windows

1050
00:43:07,967 --> 00:43:10,116
there's are sandboxing methods you can

1051
00:43:10,116 --> 00:43:11,766
look at the Chrome source code for

1052
00:43:11,766 --> 00:43:13,539
example they have a Sandbox it's open

1053
00:43:13,539 --> 00:43:16,370
source you can use that to do this kind

1054
00:43:16,370 --> 00:43:17,270
of thing

1055
00:43:17,270 --> 00:43:18,168
- okay thanks

1056
00:43:18,168 --> 00:43:20,742
- so microphone number two except down

1057
00:43:20,742 --> 00:43:22,172
that's gone so I might go with

1058
00:43:22,172 --> 00:43:23,929
mic number three in that csae

1059
00:43:25,320 --> 00:43:27,568
sorry four four yes

1060
00:43:27,568 --> 00:43:29,468
- will your next talk be about writing

1061
00:43:29,468 --> 00:43:31,719
software secure software in Windows and

1062
00:43:31,719 --> 00:43:33,399
if no uh how much assets would you

1063
00:43:33,399 --> 00:43:35,433
request to compensate for all the pain?

1064
00:43:36,359 --> 00:43:37,661
- no

1065
00:43:37,661 --> 00:43:39,061
*laughter

1066
00:43:39,061 --> 00:43:40,960
it's not a question of money

1067
00:43:40,960 --> 00:43:42,600
<i>laughter</i>

1068
00:43:42,600 --> 00:43:45,299
- okay microphone one

1069
00:43:45,299 --> 00:43:47,085
- have you tried removing unnecessary

1070
00:43:47,085 --> 00:43:49,102
features from openSSL?

1071
00:43:50,260 --> 00:43:52,240
- yes actually I've I've done this

1072
00:43:52,240 --> 00:43:54,968
pretty early but it's still it's still

1073
00:43:54,968 --> 00:43:56,578
much bigger than my code

1074
00:43:56,578 --> 00:43:59,608
so for example openSSL has support for

1075
00:43:59,608 --> 00:44:03,228
UDP based TLS but there's a lot of

1076
00:44:03,228 --> 00:44:05,519
shared ciphers in there you can remove

1077
00:44:05,519 --> 00:44:07,200
ciphers you don't need and and that

1078
00:44:07,200 --> 00:44:08,990
helps a bit but it's still it's the

1079
00:44:08,990 --> 00:44:11,880
biggest part of the web server by far

1080
00:44:11,880 --> 00:44:14,410
- I think there was an internet question

1081
00:44:14,410 --> 00:44:17,000
was there no doesn't look like it

1082
00:44:19,080 --> 00:44:21,176
no yes no no yes okay

1083
00:44:21,176 --> 00:44:23,610
then microphone four

1084
00:44:23,610 --> 00:44:27,080
- as someone who is connected or

1085
00:44:27,080 --> 00:44:29,580
was connected to an industry which has

1086
00:44:29,580 --> 00:44:32,098
programming programmable brakes

1087
00:44:35,120 --> 00:44:37,960
what is your opinion about things like

1088
00:44:37,960 --> 00:44:39,080
like Misra?

1089
00:44:40,210 --> 00:44:41,849
- well well so there are standards

1090
00:44:41,849 --> 00:44:44,080
in the automotive industry for example

1091
00:44:44,080 --> 00:44:46,880
like Misra to make sure you write better

1092
00:44:47,220 --> 00:44:49,669
code and it's mostly compliance

1093
00:44:49,669 --> 00:44:51,340
so they give you rules like

1094
00:44:51,340 --> 00:44:53,731
you shouldn't use recursion in your code

1095
00:44:53,731 --> 00:44:54,910
for example and

1096
00:44:54,910 --> 00:44:57,053
the functions should would be this big

1097
00:44:57,053 --> 00:44:58,883
at most and this is more I mean it

1098
00:44:58,883 --> 00:45:01,232
will probably help a bit but it's much

1099
00:45:01,232 --> 00:45:03,440
better to to invest in in good

1100
00:45:03,440 --> 00:45:05,456
architecture but you may have noticed I

1101
00:45:05,456 --> 00:45:09,058
I've said I wrote the code in C and

1102
00:45:09,058 --> 00:45:11,088
I said nothing about what I did to make

1103
00:45:11,088 --> 00:45:13,565
sure it's it's good code so that's

1104
00:45:13,565 --> 00:45:15,320
that's a different dimension that's

1105
00:45:15,320 --> 00:45:17,071
orthogonal right

1106
00:45:17,071 --> 00:45:20,591
so follow those standards it will it

1107
00:45:20,591 --> 00:45:22,181
will make your code a bit better

1108
00:45:22,181 --> 00:45:24,582
probably but it won't solve all the

1109
00:45:24,582 --> 00:45:26,522
problems and I think personally you

1110
00:45:26,522 --> 00:45:28,972
should do both you should make sure or

1111
00:45:28,972 --> 00:45:30,850
try to make sure that there's as little

1112
00:45:30,850 --> 00:45:32,620
bugs as possible in your code there's

1113
00:45:32,620 --> 00:45:34,479
ways to do that I had a talk about that

1114
00:45:34,479 --> 00:45:36,200
too but after you do that you should

1115
00:45:36,200 --> 00:45:37,380
still have these kind of

1116
00:45:37,380 --> 00:45:39,793
architectural guide guard rails that

1117
00:45:39,793 --> 00:45:41,672
keep you on track even if someone

1118
00:45:41,672 --> 00:45:43,903
manages to take over the process

1119
00:45:44,780 --> 00:45:46,650
- so now I think there was an internet

1120
00:45:46,650 --> 00:45:48,099
question

1121
00:45:48,099 --> 00:45:50,029
- yes the internet is asking

1122
00:45:50,029 --> 00:45:53,519
how would it work to like scale this

1123
00:45:53,519 --> 00:45:55,474
truly impressive security architecture up

1124
00:45:55,474 --> 00:45:58,670
for more use cases and more like

1125
00:45:58,670 --> 00:46:01,380
larger theme or would the theme size and

1126
00:46:01,380 --> 00:46:03,260
the feature keep ruin it

1127
00:46:03,260 --> 00:46:04,319
- yes so

1128
00:46:05,120 --> 00:46:06,080
hello hello

1129
00:46:06,630 --> 00:46:07,630
- oh no

1130
00:46:07,630 --> 00:46:11,449
<i>laughter</i>

1131
00:46:12,319 --> 00:46:14,219
- well I'm sorry

1132
00:46:14,219 --> 00:46:20,389
<i>applause</i>

1133
00:46:20,389 --> 00:46:38,520
<i>postroll music</i>