Schneier on Security

Nick P • June 8, 2012 8:37 PM

@ 3rd world jamesbond

Looka like the filter is performing admirably

Nick P • June 11, 2012 1:56 PM

Interesting definitions and stuff. I’ll critique the parts that seem relevant. First, the TPM has to go or be changed.

I have real concerns about TPM’s. The link Clive posted mentioned three good counterarguments against them: vendor lock in, DRM & large number of configurations measured. The first is enough reason to avoid purchasing any TPM’enabled device. Major vendors, including big time TPM pushers like Microsoft, have a long track record trying to put obstacles between their customers and any competing product. It’s a form of centralized control of people’s devices that sends profit in the direction of the controllers.

Recently, Microsoft showed this again with Win8 ARM devices needed firmware-enabled signing ability. Customers options: trusted boot with MS-signed software or no trusted boot at all. And pay extra for their choice of OS. Missing 3rd option: set your own public signature verification key & boot what YOU (or your organization) trust. My designs allow for this. It should be the default. Not in TPM’s alliance interests.

Second counter is DRM. Both the methods employed for it & the uses for it show the industries promoting DRM are quite shady. In the past, we’ve seen these industries trying to force people into proprietary DRM-ed formats whereby they need to buy an extra copy to use the content on different devices. We see something similar in the siloization of the web. DRM locks things down & hampers innovation, much like patents. Let’s not give them better methods.

The third issue is more technical. The paper mentioned that a device’s configuration might have a huge number of possible measured values. This depends on is usage, patching strategy, & even customization by software. The TPM’s strategy doesn’t seem efficient for the job. In my designs, there’s a certain amount of abstraction so that each level in the system is responsible for updating, verifying or re-hashing its own layer’s components. Each layer is handled separately, as well. There’s other possible variations that beat out the TPM.

“This is necessary. We cannot protect against some unknown threat. ”

Not necessarily true. Compete mediation, good design & good security policy means anything subject to it can be compromised in an unlimited number of ways & still not break security policy. This is an explicit goal of systems heading toward EAL6/7. Every (or almost) non-covert channel application attack discovered since GEMSOS was certified A1 (eal7-equiv) in the 90’s would have failed to violate its main security policy. That was the point of using these methods. A number of modern approaches are explicitly designed to defeat 0-days in certain parts of the security.

“Control, with feedback that the control mechanism has been applied successfully. Cryptography can be the method of assurance here (challenge response.).”

Total assured control requires that the TCBs of the host & server are untampered with, that they’re implemented correctly, that their comms stacks can’t subvert the process, and that the protocol works as advertised against sophisticated attackers. Cryptography is usually only a tiny part of the security of any real system. In fact, I rarely think about it at all, even in crypto appliances. (Hint: total assured control of anything is all about ensuring correct information flows & transformations.)

Good thought on owner having responsibility to protect things. Problem comes with the fact that there are often people who compete to be in control of the information, with their own justifications. As in DRM example, there was the owner (copyright holder) using the obscure format to limit the song to the device & the user believing they should be allowed to play content they purchase on whatever device they’re carrying (standard up to that point). Who is right? It’s philosophy and law. However, enforcement is owner’s responsibility.

“So this is where the Castle-v-prison comes to play!
For example, to mask the holes (known unknowns, or unknown unknowns) in an Operating system, one can put that OS on top of higher assurance Hypervisor or Micro-visor (OKL4, which claims to have proven to be 100% bug free, and achieved EAL7). The hypervisor gives the control (to compensate for the lack of awareness of the vulnerabilities of the OS). Hypervisors are smaller, and easier to evaluate that a full Operating system.”

The funny thing is that they’re reinventing the old Orange Book security kernels. The point of a security kernel was that it could cover holes in all application & OS functionality. It would be the lowest software layer. It was also small enough to evaluate. (Sound familiar? 😉 That failed for a number of reasons in the general case & succeeded in other cases.. Btw, OKL4 isn’t EAL7 or bug free: the seL4/OKL4Verified version has EAL7+-equiv software correctness proofs (just one EAL7 requirement) and we never claim bug-free of anything.

I think it would have helped you if Clive explained his castle and prison analogy better. (or it be easier to understand for newcomers haha) You’re thinking of an actual prison cell & how it’s isolated. Clive uses it b/c of prison guars & the warden. His idea is that the system will have tons of very simple processing elements with limited hardware access. They can have program/data inserted in, turned on, run fine grained functions, & be suspended at any time to check for “signatures” of foul-play going on.

You were also thinking of an actual castle, whereas Clive mainly uses the term as “impenetrable fortress” or “weathers all conditions.” My castle approach is about prevention. It’s the previous standard in INFOSEC. (Current one is non-INFOSEC 8). The castle starts at its foundations. It’s built ground up to resist problems. Each layer has a rigorously analysed specification & an implementation that provably corresponds to it. Any safe implementation principles are applied where they can & pen testing is used. Upper layers use the functionality of lower ones via carefully constructed interfaces. Any looping between layers is nonexistent or minimized. Applications have minimal privileges & can only ask for things to be done. Like GEMSOS & Smith’s LOCK, it’s built with the best assurance techniques possible to achieve what it must achieve.

(Papers on LOCK are available at cryptosmith.com. For GEMSOS, look up Final evaluation report Gemini Trusted network processor. Focus on design and assurance sections for GEMSOS security kernel.)

Recently, as insecure COTS is inevitable, I’ve switched to a hybrid that’s similar to his approach, but castles up wherever appropriate. I try to lock in anything security critical into some small part of the system, then do any extra assurance there, ignoring or selectively monitoring the rest. So, if it fails, only availibility hurts.

I’ll let you rethink it in light of this information. The links I sent you before, maybe plus GEMSOS/LOCK, are critical in understanding discussions of truly secure systems. You might also want to Google Cygnacom’s Evaluated Assurance Levels description, focusing on what makes EAL5-7 different from the rest.

(Btw: I’d appreciate if you’d never use TSA in an analogy for security again. They are the most hated example of security theater in existence & a distraction from all things good.)

Nick P • June 12, 2012 1:26 PM

@ wael

TPM specs. Yeah, well theres theory and practice. The main people pushing it are lockin loving vendors, pro DRM types, and the NSA, which has always undermined/restricted true secure systems in favor of vulnerable systems. Most likely, the group is doing a fait accompli strategy.

Say a group has an ominous plan to control anothers assets for their own selfish purposes. They cant just release version 1 of Total Govt and Corporate Control for x86. People resist, like Clipper. Fait accompli breaks main goal into pieces separated over time, each with a legit sounding and independent justification. After each passes.and chips widespread, protests are too late. Most likely whats going on. Theory! = practice.

Glad you are getting the castles and prisons thing but may i suggest u forget the castle analogy? Clives recent post shows its relevance is straining. Just go with ur mental model of what was in the links i gave u on security kernels, assurance techniques, etc. His prison analogy is fine for his stuff, though.

Re TSA dont take such statements too seriously formally whatever. Im not a Mod and pro free speech. The TSA is just such a clear example of security theater and beauracracy gone wrong that it has earned constant hate and ridicule here. The only way they tie into security is an example of doing it horribly wrong. You can say whatever u want it’s just that those letters can cause instant negativity among some.

And Clive definitely wont be offended by anything u say unless you’re trying to insult him. This blog’s readers are quite diverse but the regulars are laid back about things. We just come to share knowledge and have good discussions. We also shun Slashdot types 😉

Btw, one step at a time is fine. My post’s size or complexity is a habit from talking to Clive. He rubbed off on me or something haha.

Nick P • June 13, 2012 2:18 PM

@ O W

I believe you’re quoting Wael, who I think was speculating on hypervisor-based security. If you’re interested in that, the better modern examples of that are INTEGRITY Padded Cell, LynxSecure, PikeOS & OKL4. The source of OKL4 3.0, Turaya, Nova microhypervisor and Fiasco.OC are available. To see what a high assurance hypervisor takes, google “Retrospective on VAX Security Kernel.” A modern, complex one on x86 would be MUCH harder to do right. Then, there’s weaknesses in the chip and firmware… (sighs)

@ Wael

I wouldn’t put TOO much into the Godel work. The current line of thought in mathematics can apply one day & totally not the next. There’s huge debate in the formal (mathematical) methods community over how to apply his work. The thing is that he might be right overall, technically, etc. However, they keep finding potential shortcuts, exceptions and just ways of applying their ideas successfully in spite of Godel’s proclamaition of doom. Peter Guttman’s pessimistic paper on formal methods was sadly much more realistic. Most of that’s overcome by doing it right with experienced people, with much exp. accumulated since the paper.

(Yet, if you look at A1/EAL7 systems, they’ve lived up to their security claims. The verified CompCert compiler did amazing in tests where competing compiler’s middle ends were buggy by comparison. INTEGRITY-178B RTOS, MULTOS smart card os & AAMP7G processor have similarly lived up to claims. Anyone listening to Godel or Guttman might have not tried.)

Nick P • June 13, 2012 3:04 PM

@ Clive Robinson

Ah, so now all of our work finally starts to intersect in cross-roads. It seems that things are getting interesting right as I was considering leaving INFOSEC for a field where I could get things done. 😉

“so many ‘step level’ dependancies…”

Never heard it put that way. I always say legacy. Nice way to put it, though. x86 might be the worst for this because, unlike ARM, many of its vestigial (there’s one!) parts have almost NO use due to being superceeded. The cache’s alone are very high bandwidth timing channels. I would say this stuff doesn’t matter but it might if we remove low hanging fruit: current malware model has sophisticated people devising the exploits, packaging them as kits, and selling them to less sophisticated. I figure we’d see timing channel kits, firmware subversion kits, etc.

Best recommendation for this, for now, is combining a verified processor like VAMP (or a simple one, at least) with a modern non-leaking cache, IOMMU, trusted boot, & firmware that uses non-writable boot ROM & writeable flash together. That should provide foundation to stop most software attacks. I agree with exponential increases in difficulty past a certain security margin w/out chip-based security.

“Now to introduce a heretical idea… systems need only be “occasionaly secure”. ”

It’s not so heretical. Different forms of it have been in security for a while. Examples include not doing permission stuff until an access, recovery base systems that wait 15 min b/f restores, and integrity-check/attestation during critical operation.

“It’s important to note at this point that the hypervisor is running on a CPU of it’s own, and thus it is possible if incorrrectly programed for it to be effected by the data it sees. This should not be allowed to happen, that is it is written as a simple state machine that either OK’s each simple test or “fails hard” (and in turn it is “watched” by a more trusted hypervisor).”

I’ve always had a problem with this. Your design is great for POLA & information flow control. The problem comes with the other big requirement: timing. Just mere context switches brought old systems to a crawl. Your design wouldn’t just require putting code/data into processing units & managing them. It would also require scheduling a large number of activities across a (likely) smaller number of processing units, possibly integrating their outputs at some point, managing hardware IO, and managing UI activities. How would you do all of this w/out your system comparing unfavorably to a 20Mhz IBM PC circa 1993? 😉

Btw, what I just wrote is sounding similar to the Cell processor. You might want to read Green Hill’s or other security analysis of it. Has some interesting features. It’s just too weird and expensive for me.

“Secondly it is possible that rouge code in the CPU could in some way sync it’s activities to the blocked state and thus avoid detection (very very unlikely due to resource limitations but theoreticaly possible).”

It would seem very hard. If it happened, I think the components would be relying on external input to clock the channel OR take advantage of the fact that many applications demand a response in a certain time range. The latter would make the former easier.

Btw, it might be easier to autogenerate the hardware for your prison approach from application requirements. i.e. application-specific TCB to run on ASIC or FPGA. The reason I thought about it was Tensillica’s Xtensa processor kits. Unlike FPGA acceleration, the Xtensa kit lets you design a processor, then the tools generate it and an entire toolchain to go with it. Honestly, I think that was the realistic version of the dream goal driving original interest into FPGA’s by software people. Really neat product idea.

http://www.tensilica.com/products/hw-sw-dev-tools/for-processor-designers.htm

“And as you will realise that with a little thought the prison system can be split across a number of chips such that you can with carefull design actually use chips that might have been “backdoored” in some distant Fab by some “Chinese APT” agents.”

I agree totally. I’ve done that in my designs that I worked on for the past year or so. No doubt inspired by increasing paranoia from discussions with you hardware guys on this blog. My basic model is to use more trustworthy, but maybe limited, chips for the critical code. Then, non-security-relevant functions like storage, networking, etc. are put on one or more boards that can be backdoored for all I care. It will only matter if I let it. 😉

“Well patient information is thus freely on display to any one with working eyes and ears with multiple doctors and nurses making the best of limited space often with their backs to patients and their relatives when working at computers so “sholder surfing” data is easy. ”

Tell me about it. I was in the doctor’s office yesterday for [hopefully] my final checkup on rotator cuff strain (thank God not ‘tear’!). Hopefully, back to the gym and martial arts soon! Getting ahead of myself. Anyway, I was concerned about all the personal info. Scheduling was done with name and birthdate. This was not optional… What disturbed me most is I could always tell if someone was about to see me by hearing them rummage through the papers outside the door. All this HIPPA, encryption, access control, monitoring, etc. & someone just has to walk up in scrubs and pick up my chart. Medical record security my (bleeeep!)…

Unrelated

The group behind the Flicker architecture keeps doing interesting work on minimal means to get low TCB execution on Intel/AMD using TPM’s and stuff. The paper below from Microsoft Research claims Flicker (at that time) had a TCB of 250 lines thanks to design. (They exclude hardware TCB, which is there anyway I guess.)

http://research.microsoft.com/pubs/165720/parno-cacm.pdf

Here’s other stuff from that group. I plan to read the Lockdown and CARMA papers later. Eventually: I just updated my stuff by downloading over a 100 papers from IEEE and ACM for mid-2011 to 2012. I’m glad I have no access to SpringerLink. It has some good abstracts and I already put way too much time into this stuff. 🙂

https://sparrow.ece.cmu.edu/group/publications.html

Nick P • June 13, 2012 5:54 PM

@ Clive Robinson

Haha. I keep seeing old timers telling me about how their bodies suffer so much for all the activity they did as they were young. Is God sending me a warning? I wonder.

“People just don’t seem to be as inventive these days with digital chips up in the THz range…”

Yeah, most aren’t. You must give us credit though: designs are so complex these days that, even with great tools, it’s still hard to fully grasp & properly execute them. Also, most of the modern “hackers” aren’t throwing their best ideas at boring jobs at work: they channel that into their creative side projects, some of which end up being useful for work.

My personal experience with hacking stuff together like you describe is a bit scattered. Probably the best example was doing “Web 2.0” stuff on “Web 1.0” clients and servers. Back then, we called it “DHTML” (a la dynamicdrive.com) and scripting. My goal was to make the browser just a bit more like an application interactivity-wise and do most work in real applications written in real programming languages. (Sound familiar? 8)

And by real programming language, I mean Visual Basic 6.0. Haha. People hated on me for it, but I liked its RAD/GUI abilities so much I wrapped plenty of good C/C++ functionality in it & just did most one-off stuff in VB. I think I used Perl for much server side stuff, hacking scripts and administration. All of this was before I fully understood concepts like TCB, maintainable code & vendor neutrality. Still fun though.

Hope you enjoy the reading. The CARMA thing is directed at reducing hardware TCB in the face of very serious threats. Flicker has potential short-term. Some form of Tiara or SAFE(R) architectures might be desirable compromise between castle and prison for specific apps in the future. It’s all fun to read.

Nick P • June 15, 2012 1:11 PM

Interesing developments for the Boeing Secure Network Server (SNS). Honestly don’t know what to make of it. SNS, previously MLS LAN, is one of the last two surviving A1-class systems of Orange Book days (Aesec’s GEMSOS is other). The NSA said, under RAtings Maintenance Program (RAMP), A1 vendors would only have to recertify what updates changed. Then, upon Common Criteria, they said all B3/A1 programs must re-certify under EAL schemes. Most couldn’t afford it, but Boeing is a big defense contractor.

So, first Boeing SNS was quickly certified to EAL4+. This means nothing in practice & was likely done so they could begin sales to federal govt. Everyone knew Boeing SNS would get certified higher than competing border security solutions, probably close to EAL7. The article stated EAL7 was their next target.

Source
http://www.boeing.com/news/releases/2007/q2/070621b_nr.html

A number of people CV’s and LinkedIn talked about building EAL7 evidence for Boeing SNS. Yet, I had to hit the Wayback Machine to pull up 2010 “In Evaluation” list to prove it for sure.

SNS going for EAL7
http://web.archive.org/web/20100103081527/http://www.niap-ccevs.org/in_evaluation/

I went to do my periodic check, as EAL7 border security is nice. Imagine how surprised I was to see it was successfully evaluated at… EAL5+. Same as more recent XTS-400. Dropped an entire assurance level, then another. 😉 Well, to be fair, the + = “augmented/extra” & it has a LOT of extra’s (see yourself).

Certified Products List
http://www.commoncriteriaportal.org/products/

So, I grabbed the validation report and security target. I had an old copy of both, which were targeted at EAL4+. Now, you guys might have to take my word for this, the Boeing SNS in EAL7 evaluation didn’t have a dedicated security target. I figure they would just swap EAL4+ for EAL7. Instead, the final reports have a target and completion at EAL5+, plenty lower than before. Although, admittedly, the TOE security is rated HIGH.

So, it seems that the last A1-class product going for evaluation failed to meet both EAL6 and EAL7, dropping to EAL5 Very Augmented. So, a major defense contracter can’t or won’t do an EAL7 guard. Is this truly the end of high robustness outside of smartcards and separation kernels? Stay tuned!

Nick P • June 15, 2012 1:44 PM

I’m thinking I should have read the validation report before posting. Too much coffee I guess. I stand by the previous post with these two amendments.

The validation report says:

“Boeing performed a search of all public domain sources for known vulnerabilities and performed a flaw hypothesis strategy to identify potential product vulnerabilities. No residual vulnerabilities remain in the product.”

I checked the glossay to see if there was a definition of “residual vulnerabilities” that might be different than mine. Not seeing one, this led me to believe they are saying no vulnerabilities remain in the product. Quite a claim for a product that didn’t make high assurance. Most high assurance projects in safety-critical industries don’t say there are “no flaws,” just unlikely to be any serious ones.

It’s getting kind of deep in Common Criteria circles, if you know what I mean. 😉

Section 12 “National and international interpretations and precedent decisions”

Well, I forgot what that meant & it’s irrelevant. “International” got me thinking: there’s a possibility they dropped to EAL5 to make international sales easier. They no doubt spent a ton of money on this thing & want to earn it back. I’ve said before B3/A1 systems had export controls & premably their equivalents EAL6/EAL7 do, too. A number of EAL5 products are available internationally. Maybe no export controls on them?

I don’t want to give them an out in the event that they just didn’t make the cut for EAL6-7. However, it’s possible that they targeted for EAL5, augmented with the most important EAL6-7 requirements, so that they could sell to US and allies unimpeded. Honestly, I was thinking about targeting any secure products I developed at EAL4/5 for same reason. Just a thought…

Nick P • June 17, 2012 4:07 PM

@ Clive Robinson

I was wondering where you were going with that at first. With respect, I disagree. I know proving security can be likened to proving a negative, but I see it as a positive proof of information flow properties.

With regard to empirical, we certainly DO have measures to use in science. Fagan’s inspection process and the Cleanroom method were both proven via defect counts. Cleanroom is statistically certifiable, leading to it being warrantied by some firms.

Other methods focus on the process (e.g Common Criteria) or artifact attributes. For the former, we can track security defect rates of a process overtime to predict the likely No. of defects of future products. EAL5-7 or higher DO-178B typically produce WAY better stuff than others.

As for artifact attributes, we have indirect measures that give insights into security rating. Bernstein noted the benefits of reducing code, esp trusted code. We also know language and runtime design can provably eliminate certain issues. All confirmed by measurements at different points.

So, testing is important and all, but scientific measurements do exist to support the use of other methods.Ill personally say relying on those i could afford has worked as advertised.

Nick P • June 28, 2012 2:37 PM

@ Wael on the security weaknesses & countermeasures

I’ll note that the Orange Book and Common Criteria requirements address a number of those. I don’t have an enumeration I go by. I think of it in terms of layers, system components, and interactions. That let’s me spot old things and new potential weaknesses. An example was when I avoided the “hyperthreading” feature for any MLS usage b/c I figured it was a glorified timing channel. Two decade old methods could prove this. Modern academics eventually did. (Not to say checklists, enumerations, etc. aren’t useful: they would be part of any commercial development I did in this area.)

First, though, I have to be clear who I’m defending against. Almost all the products on the market assume the administrator is trustworthy & the box isn’t in bad guy’s possession. There are tamper-resistant products that try to deal with these situations, but I’m currently focused on eliminating remote attacks. I say let’s deal with the 14 year old kiddies & state sponsered 0-day problem before we try to use technical solutions to stop insiders & physical attacks. (That said, I try to keep outside ports DMA-free & use tamper-resistance or 3rd party verification where useful.)

So, how do remote attacks happen? Generally, they will exploit a hardware/firmware bug, software bug, overprivileged piece of usable functionality, or misconfigured piece of privileged functionality. I’ll add special categories for attacks on protocols, attacks that use cross-platform portable OS’s (err, web browsers ;), and those that trick user into escalating privilges. If we deal with these, then we’ve knocked out the vast majority of options the attacker has.

Guess what? Much of it is doable with the right design or tools. Let’s start with how Orange Book B2-A1 (EAL5-7) systems handled things. They were required to use hardware features as much as possible: dedicated hardware optionally; rings to protect OS from apps & security kernel from OS parts; MMU; segments commonly acted as a less functional IOMMU. So far, the design ensures that security can be enforced at a granular level even if apps or certain OS functionality is compromised. The enforcer is also very small to allow top notch verification. Modern separation kernels follow suite, typically 10KLOC or less.

(Note: Capabilities have been the most popular primitive recently to use for access control purposes. From seL4 to the A1 LOCK design, they’ve matured overtime. They can be used to implement the conceptual ring models, access/integrity control, etc.)

The systems required other features. For one, a trusted path was required to let the user be absolutely sure they were talking to the system & not a hacker. Additionally, “trusted” window managers were demanded a la CMW to label/color various windows by security level & control how information was shared between them. TX is an older example. Modern Nitpicker GUI combines these concepts a bit to provide a way for applications to undisputedly prove the user input & output are on the right path, with very little code in TCB. Pitbull turns Solaris into a CMW, but with huge TCB & less assurance.

These two strategies, combined, would stop attacks that spring from a non-critical app to the system level or from non-trusted OS part to trusted component. The user couldn’t even authorize a browser- or app-based execution strain to access critical OS functionality. There goes most rootkits. I’ve added special update modes & unspoofable screens to the concept to allow that stuff to be safe. What’s next? Oh yeah, ensuring correct information flow & keeping software defects (possible vulnerabilities) low.

The early systems gave us ideas there. C was avoided for most privileged software in Multics & GEMSOS to make verification easier. Additionally, they used Parnas information hiding, modularization, strong module to spec correspondence, tons of tests, static analysis, & call-by-value where possible. This tells us to use safe languages, libraries, design strategies & coding patterns. It also tells us to do things in a way that our tools can analyze & catch problems. Lastly, it tells us to TOTALLY AVOID doing something whose effects we can’t predict, like tons of hyper-efficient pointer magic. Praxis’ Correct by Construction approach is a modern continuation of a subset of these principles.

The above paragraph mostly pertains to an individual piece of software. The best method so far for local systems is to define their behavior, model security, etc. by modeling each individual component, modeling interactions of components at well-defined interfaces, & analyzing these. So, both formal and informal methods can be used to see any influence a given component has over another component & to see information flows in the system. Illegal information flows can be detected & the design changed to minimize or remove them.

Now, connect something to a network & everything changes, eh? Well, this was the problem they had in an early A1 project, the BLACKER VPN. They noticed that a group of participating devices was essentially a system as well, just at higher granularity. So, they did the local level modeling to prove system level components, but also modeled interactions between systems (esp on any shared state). There are many variations on this to handle proving properties on networked systems, including decentralized. How they talk to each other is important, though. This leads us to protocols.

Personally, I hate protocols. They seem like they should be so easy to get right. Yet, years of brains thrown at certain conceptually simple protocols has yielded mistake after mistake after mistake. A number could have been avoided: poor implementation, models way to abstract to capture important details, etc. Yet, what do we do? Well, it depends on whether we’re talking comms protocols or security-critical protocols. For the former, just use Google’s Protocol Buffers or similar setup that automagically handles it. Try to get the logic right, handle problems gracefully, etc. For the other type, read on & bear with me.

I think we should just not trust protocols. In the past, I said we should have several ways of doing something that can be randomly chosen (or each explicitly avoided if weakness is found). Others contended that we do security protocols in app-level virtual machines or interpreters where they can include their definition with them, with us able to swap them out at will. Others promote formal proofs of design correctness, autogeneration of protocol handlers from specs, etc. My friends, I still don’t have an answer as I’m not a protocol wizard (and they screwed up enough). So, here’s what I’ve been doing in designs. 😉

I assume the protocol will be flawed. I include a protocol number field & tell the handler to have a plug-in approach to protocols, able to hand off the computation to whatever module is necessary. Then, have several protocols to rely on that each used whatever assurance techniques they wanted from above paragraph. The protocols should be fail-safe & SIMPLE (see XML-based tech for opposite). They should have minimal opportunities for info leakage, DOS, etc.

Examples include using JSON or certain ASN.1 instead of XML; UDT instead of TCP for reliable transmission; preloaded public key recognition instead of CA’s for authentication; encrypted messages encapsulated by proven crypto tech instead of whatever “new improved” crap they’re using. It’s really all just risk reduction principles, minimizing complexity, & shoehorning new functionality into existing protocols IF SENSIBLE (i.e. crypto example or UDT using UDP).

Almost an afterthought: firmware, peripherals, etc. I’ve found that many attacks on this kind of stuff requires privilged access. The methods above largely prevent that. This makes it a non-issue in many cases. This may be why it was ignored in the old days. Today, we have to consider it for clients, esp thanks to the likes of firewire & USB. I recommend a good IOMMU on all processors & trusted boot process that allows safe update of firmware, trusted OS components, & other software. USB HID needs to be revisited, as it can defeat many DLP software. (I just disable anything I can’t trust.) Processor errata can be reduced by verification technology (VAMP, AAMP7G) or using processors that are less complex than x86 (PPC, MIPS). VIA Padlock style onboard TRNG, crypto acceleration, etc. is a plus.

Browsers? Avoid them where possible. They were created to deal with the fact that cross-platform & networked applications weren’t happening very well. Today, we have numerous mature toolsets for doing that well. If the app itself can’t be made portable, then the way it interacts can & you can use whichever tool you want. The Apache Portable Runtime is nice on server side, while there are numerous cross-platform GUI toolkits. Interactive shell minimalism is also possible. However it is approached, privilges, complexity and TCB should be kept to a minimum.

Another side of it is handling security-critical functionality. Let’s say we have a trustworthy platform with many features I’ve described above. You can trust its key generation, crypto, storage, auditing, access control, etc. Wherever possible, the large risky applications should offload security-critical functionality to the OS or more trustworthy applications. This has been promoted by microkernel advocates for a while & the embedded virtualization vendors are targeting their products for it.

Additionally, the apps should offload privilges when possible, so a privileged launch != a privileged compromise. Multiple processes that communicate with each other can be used to emulate this, as DJB did in qmail. Using multiple, inexpensive devices together to segregate information & functionality can help as well. I did this in my transaction appliance posted on Schneier & Krebs blogs.

As I closed, multithreading and scalability come to mind. There’s been many formal methods (e.g. CSP), special languages (e.g. X10, Cilk), and entire books around to deal with the incredible issues that come from that. I recommend app developers using platforms or design approaches that minimize those issues whereever possible. One for scalable, correct multi(whatever) apps that’s I’ve come to like recently is ZeroMQ. It seems like a magic bullet for that stuff & makes it superbly easy in tons of languages. There’s similar languages/frameworks aiming to solve security problems in general in web development, like SIF & Opa. Time will tell.

Anything I miss? Comments? Criticisms? Massive amounts of funding? 😉

Nick P • June 29, 2012 11:22 AM

@ Wael

Awesome. It’s natural for Clives posts to be a tad difficult to follow. As for mine, it must be that a certain amount of assumed knowledge comes with my posts. Assume reader knows a lot, my post is condensed with stuff they dont get. Assume too little, i have to drop small books. So, it’s prolly a sign im gradually figuring out your lvl of background knowledge.

Nick P • July 11, 2012 5:36 PM

@ Wael

Timing is fine. Or about darned time. Whichever. 😉

Yeah, they certainly push usability to the limit. No doubt about that. I was thinking about trying to secure appliance-type offerings first. As for general purpose stuff, thin clients are straightforward enough to take my approach. Matter of fact, Aesec has a thin client prototype/design for their A1/EAL7-class GEMSOS security kernel. More recent companies have been doing that. Then there’s VPN’s, web servers, app servers, databases, etc. You can also accomplish plenty in security in user-land (e.g. tripwire) & with middleware (e.g. message broker) if you can trust the underlying platform. As for a full GP computer, eh I see serious usability issues too. However, many roles don’t need those capabilities. Heck, many companies run DOS-like apps for their critical stuff. I’m sure even an ancient B3/A1 system could run those pretty fast, ya think? 😉

Re Clive on code cutters

I think there’s merit in what he says. The comment has some unstated premises though. In his previous statements and our discussions, the idea that software development and engineering (hardware or in general) are very different. There are engineering-style ways of producing quality software, but most developers don’t use them. Theirs is an art and, from a quality perspective, it sucks. Hence, his negative term “code cutters” for people throwing stuff together or to a lesser extent using low quality methods to produce software.

Ignoring radical full Agile methods, there are numerous software production methods that have empirically-measured higher success at achieving requirements, keeping defects low, etc. If you want to look them up, the Fagan Software Inspection Process and the Cleanroom process are two old ones still in use. Newer ones include Praxis Correct by Construction, PSP/TSP, and any that can meet a high security- or safety-critical certification. The latter vary, but the quality is consistently good.

Groups using some of these methods can statistically certify their defect rate & have been known to warranty software. Name a well-known application vendor that will warranty their product against failures. If you can’t, you might be sensing the difference between results of software ENGINEERING and development/coding. 😉

Note: High quality code can be made without such methods. It’s just harder to do & requires more skilled labor & effort. Also, requires time to pass to watch bug count, as typical development has less predictable bug count.