#jogamp @ irc.freenode.net - 20140422 05:05:32 (UTC)


20140422 05:05:32 -jogamp- Previous @ http://jogamp.org/log/irc/jogamp_20140421050532.html
20140422 05:05:32 -jogamp- This channel is logged @ http://jogamp.org/log/irc/jogamp_20140422050532.html
20140422 06:13:10 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 06:39:41 * hharrison (~chatzilla@anon) has joined #jogamp
20140422 07:11:19 * hharrison (~chatzilla@anon) Quit (Remote host closed the connection)
20140422 07:37:47 * bbbruce (~bx@anon) Quit (Ping timeout: 276 seconds)
20140422 07:44:57 * jvanek (jvanek@anon) has joined #jogamp
20140422 07:49:01 * bbbruce (~bx@anon) has joined #jogamp
20140422 08:58:04 * hija (~hija@anon) has joined #jogamp
20140422 11:48:35 * xranby (~xranby@anon) Quit (Ping timeout: 255 seconds)
20140422 11:53:17 * xranby (~xranby@anon) has joined #jogamp
20140422 14:05:34 * jvanek (jvanek@anon) Quit (Quit: Leaving)
20140422 15:55:42 * zzuegg (~zzuegg@anon) has joined #jogamp
20140422 16:44:38 * xranby (~xranby@anon) Quit (Ping timeout: 240 seconds)
20140422 16:45:27 * monsieur_max (~maxime@anon) Quit (Quit: Leaving.)
20140422 16:51:34 * xranby (~xranby@anon) has joined #jogamp
20140422 17:18:52 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 17:25:36 <sgothel> @Mark: what was/is the openssl issue ? Have I missed another leak ?
20140422 17:27:30 <rmk0> lo, no panic
20140422 17:27:37 <rmk0> just the stupidity of the whole situation
20140422 17:27:44 <rmk0> still relying on junk like openssl to power everything
20140422 17:27:58 <rmk0> had to dump new certificates into irssi as freenode reissued theirs
20140422 17:30:45 <rmk0> i wrote ada bindings for openssl once
20140422 17:30:49 <rmk0> the code is NIGHTMARISH
20140422 17:31:07 <rmk0> really among the worst i've ever seen
20140422 17:32:12 <sgothel> yes yes .. partial awful review comments are all over the place, hence my copy-paste of Theo's OpenBSD patches :)
20140422 17:32:33 <sgothel> wonder whether they will be picked up .. hmm
20140422 17:32:54 <rmk0> doubt they'll be integrated into openssl.org
20140422 17:33:02 <rmk0> but.. they've started that libressl.org
20140422 17:33:09 <rmk0> will probably usurp openssl
20140422 17:33:20 <rmk0> still a great big pile of unsafe C, of course
20140422 17:33:28 <rmk0> only a matter of time before this happens again
20140422 17:33:40 <sgothel> I am more like: 'better really review and work-out' openssl, instead of doing it from scratch. this shall ensure proper understanding of issues and vulns.
20140422 17:34:05 <rmk0> i'd rather have something formally verified and written in a memory-safe language
20140422 17:34:24 <sgothel> I don't care about 'C' or lang issues .. IMHO one should be able to find a good secure way - either way (lang)
20140422 17:34:45 <sgothel> then - openssl should use a formalized way to utilize stack and memory
20140422 17:34:46 <rmk0> disagree... no human is capable of writing code that's completely safe in memory-unsafe languages
20140422 17:34:52 <sgothel> OpenBSD does that somewhat ..
20140422 17:35:17 <sgothel> sure, but you could verify this .. i.e. not using a safe 'tool'
20140422 17:35:33 <rmk0> not sure if you've done any formal verification of code
20140422 17:35:45 <sgothel> i.e. how you guard stack (compiler options)
20140422 17:35:51 <sgothel> how you allocate memory .. etc
20140422 17:36:06 <rmk0> is next to impossible to verify after the fact... you generally write code in a safe language with something akin to dependent types, and then automatically extract a runnable program in a less-safe language with the types erased
20140422 17:36:28 <rmk0> can do runtime checking, but so far attackers have found a way around every kind of protection
20140422 17:36:38 <rmk0> stack protection, W^X, randomization, etc
20140422 17:37:21 <rmk0> there's only one formally verified TLS implementation at the moment, but it was developed in F#
20140422 17:37:24 <rmk0> so... not portable
20140422 17:37:25 * rmk0 sulks
20140422 17:37:27 <sgothel> well, the last bug was only possible due to not using the safe memory manager
20140422 17:38:09 <sgothel> I understand top->bottom security (lang/tools) .. and bottom->up .. (safe environment) ..
20140422 17:38:44 <sgothel> IMHO the latter must ensure a safe machine, while top->bottom is nice and helping the 'coder'
20140422 17:39:41 <rmk0> still don't think there's any reason that a human being should still be writing C
20140422 17:39:44 <sgothel> all the 'new' languages .. sure, if you are honest it makes a product safe more easily, I agree
20140422 17:39:52 <rmk0> one mistake and the whole show's over
20140422 17:39:59 <sgothel> but if you have somebody wiling to add fraud ..
20140422 17:40:45 <sgothel> and you still need your validation process - for any language/description
20140422 17:40:59 <rmk0> .. you've lost me
20140422 17:41:16 <rmk0> didn't understand those last few lines
20140422 17:41:42 <sgothel> we have many diff. qualities .. as I see it, for 'secure' operation
20140422 17:42:02 <sgothel> one is the low-level, like stack, memory boundaries / protection .. etc
20140422 17:42:17 <sgothel> one is the algorithm itself
20140422 17:42:35 <sgothel> IMHO the low-level shall be protected properly by the OS
20140422 17:42:45 <rmk0> like not writing crypto algorithms that are sensitive to timing attacks?
20140422 17:44:00 <sgothel> those are surely high-level attacks, i.e. side-channel - since IMHO the OS cannot protect you or guarantee random timing and sideffects (besides random number generators .. etc)
20140422 17:45:50 <sgothel> so to harden the algo against it (test), you need to know 'em .. dependencies and sideffects first
20140422 17:47:33 <rmk0> i suppose i'm just claiming that memory-unsafe languages should be out. if all of the programs on my system were written in ocaml, there'd be no memory-related vulnerabilities. i'd want formal verification (proofs of correctness, executable programs automatically extracted from proofs) for crypto algorithms to unequivocally demonstrate a lack of vulnerabilities of that type
20140422 17:47:44 <sgothel> then you may have hardware sidechannel attacks (a CRT for example ..) .. well :)
20140422 17:47:51 <rmk0> i agree OS-level memory protection is needed too
20140422 17:48:21 <rmk0> i maintain nobody should be writing this kind of security sensitive code in C in 2014
20140422 17:48:46 <rmk0> the tools exist to do it right, but engineers haven't kept up with developments
20140422 17:48:49 <sgothel> maybe you would even feel more safe if the same memory quality-based security would be guaranteed by the OS itself
20140422 17:49:12 <rmk0> maybe
20140422 17:49:47 <rmk0> some olde burroughs machines had security-labelled memory regions that the hardware could use to apply a security policy
20140422 17:49:56 <rmk0> i'd rather use general purpose hardware, though!
20140422 17:50:12 <sgothel> I saw other lang descr. in discussions as well .. claiming to support such a thing, cool - still, while it's a great enhancement on one level (the human error as you say), the machine is not safe here, 'mechanical' so to speak
20140422 17:50:38 <rmk0> well, we can't trust any x86 hardware we buy
20140422 17:50:46 <rmk0> but we can do significantly better than a giant pile of C
20140422 17:50:47 <sgothel> yup .. the OpenBSD team had a discussion about such knobs .. performance vs security
20140422 17:51:05 <sgothel> hence Theo was a bit angry about not using their 'malloc' :)
20140422 17:51:19 <rmk0> does java actually run on openbsd?
20140422 17:51:26 <rmk0> seem to remember it depending on W^X, which is depressing
20140422 17:51:35 <rmk0> er, W&X
20140422 17:51:38 <sgothel> I guess .. why not? hmm
20140422 17:51:56 <rmk0> something about the jit needing to execute from pages it's writing to
20140422 17:52:04 <sgothel> ah ..
20140422 17:52:12 <rmk0> no idea why they'd not remap read-only before executing
20140422 17:52:26 <sgothel> but AFAIK, I have enabled that executable page thingy in Linux as well .. hmm
20140422 17:52:43 <sgothel> i.e. allocate an executable page .. hmm
20140422 17:52:44 <rmk0> i used grsecurity on linux for a long time
20140422 17:52:49 <rmk0> is even more extreme than openbsd
20140422 17:53:00 <rmk0> became too much of a maintenance problem compiling kernels all the time
20140422 17:53:54 <rmk0> java doesn't run in the default grsecurity setup
20140422 17:54:01 <rmk0> have to relax some of the security features on a per-process basis
20140422 17:54:18 <sgothel> .. then we have the high level quality, your formal (mathematical) verification - IMHO the biggest attack vector, where mathematicians and security folks still dunno whether some ciphers are trojans or not :)
20140422 17:54:33 <rmk0> urhur
20140422 17:55:50 <rmk0> .. i've actually not encountered a hosting provider that doesn't run grsecurity
20140422 17:56:04 <sgothel> for example, I could not advise using anything w/ hardware mmap to be used in security critical env.
20140422 17:56:32 <rmk0> $ ssh io7m.com
20140422 17:56:37 <rmk0> io7m$ uname -a
20140422 17:56:40 <rmk0> Linux bs3-dallas.accountservergroup.com 3.2.45-grsec #1 SMP Thu May 23 08:37:40 CDT 2013 x86_64 x86_64 x86_64 GNU/Linux
20140422 17:57:48 <sgothel> had that chat about javascript/webgl .. a lot - where they try to give you security by parsing the high level GLSL stuff etc .. while it might be a nice level of convenience against user / programmer bugs, security folks prove otherwise (not guaranteeing safety)
20140422 17:57:56 <sgothel> grsec .. hmm, earmarking
20140422 17:58:29 <rmk0> i'm sure they can show GLSL is safe when they solve the halting problem
20140422 17:59:13 <sgothel> the point is - one attacker showed how to inject GPU code at boot time .. etc :)
20140422 17:59:26 <rmk0> ugly
20140422 17:59:46 <rmk0> well, i don't tolerate javascript in the browser, let alone webgl!
20140422 17:59:49 <sgothel> then that GPU code flows back .. and stuff like this .. it's like fake security for one attack plane - while others are wide open
20140422 18:00:25 <sgothel> since the architecture may allow utilizing the GPU from any user process .. it's wide open
20140422 18:01:07 <sgothel> so I consider out memory validation more like a little helper .. not really making things secure at all
20140422 18:01:46 <sgothel> https://grsecurity.net/ <- will read this later, thx!
20140422 18:04:56 * monsieur_max (~maxime@anon) Quit (Quit: Leaving.)
20140422 18:05:24 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 18:07:35 * monsieur_max (~maxime@anon) Quit (Client Quit)
20140422 18:07:58 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 18:08:31 * monsieur_max (~maxime@anon) Quit (Client Quit)
20140422 18:09:43 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 18:11:02 * monsieur_max (~maxime@anon) Quit (Client Quit)
20140422 18:22:12 <sgothel> GCM insecurity (German article: http://fm4.orf.at/stories/1737330/, Niels Ferguson's paper http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/CWC-GCM/Ferguson2.pdf)
20140422 18:24:48 <sgothel> GCM: Encryption (2) and MAC (1) in wrong order .. ? ECB lacks of proper block randomness (salted padding) .. Left is CBC + TLS 1.2 .. and new stuff (ed25519 .. etc)
20140422 18:25:05 <sgothel> http://blog.fefe.de/?ts=ada88996 (german)
20140422 18:26:01 <sgothel> ^^ (1st link) also discusses how those 'standards' became official suspecting NSA and co .
20140422 18:27:42 <rmk0> not familiar with GCM
20140422 18:27:44 <rmk0> what's it?
20140422 18:27:54 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 18:28:40 <sgothel> GCM = Galois Counter Mode (a mode like CBC .. etc)
20140422 18:28:52 <sgothel> a mode is a way how to use/call a block cipher
20140422 18:28:58 <sgothel> (like AES)
20140422 18:29:14 <rmk0> right
20140422 18:29:39 <sgothel> https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_.28ECB.29 <- i.e. if done wrong .. you still see the penguin
20140422 18:30:27 <rmk0> yep
20140422 18:32:01 <sgothel> oh dear .. have to disable GCM then ..
20140422 18:34:54 <rmk0> think i've got everything except AES-256-CBC with SHA256 disabled on my vpn
20140422 18:35:06 <rmk0> helps that everyone uses the same client so there are no compatibility issues
20140422 18:37:32 * monsieur_max (~maxime@anon) Quit (Quit: Leaving.)
20140422 18:38:40 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 18:42:05 * monsieur_max (~maxime@anon) Quit (Client Quit)
20140422 18:51:46 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 18:52:29 * sgothel (~sgothel@anon) Quit (Quit: Leaving.)
20140422 19:07:40 * sgothel (~sgothel@anon) has joined #jogamp
20140422 19:07:40 * sgothel (~sgothel@anon) Quit (Changing host)
20140422 19:07:40 * sgothel (~sgothel@anon) has joined #jogamp
20140422 19:07:40 * ChanServ sets mode +v sgothel
20140422 19:20:46 * xranby (~xranby@anon) Quit (Read error: Operation timed out)
20140422 19:38:39 * xranby (~xranby@anon) has joined #jogamp
20140422 19:59:26 * xranby (~xranby@anon) Quit (Ping timeout: 276 seconds)
20140422 20:05:21 * monsieur_max (~maxime@anon) Quit (Quit: Leaving.)
20140422 20:05:51 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 20:12:01 * xranby (~xranby@anon) has joined #jogamp
20140422 20:12:07 * monsieur_max (~maxime@anon) Quit (Ping timeout: 265 seconds)
20140422 20:18:30 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 20:20:44 * monsieur_max (~maxime@anon) Quit (Client Quit)
20140422 20:23:58 * monsieur_max (~maxime@anon) has joined #jogamp
20140422 20:33:14 * monsieur_max (~maxime@anon) Quit (Ping timeout: 240 seconds)
20140422 21:12:09 * hharrison (~chatzilla@anon) has joined #jogamp
20140422 21:51:06 <hharrison> sgothel: have a chance to pick up my trivial findbugs patches?
20140422 22:29:57 * kermyt (~kermyt@anon) Quit (Ping timeout: 245 seconds)
20140422 22:33:30 * kermyt (~kermyt@anon) has joined #jogamp
20140422 22:36:05 * xranby (~xranby@anon) Quit (Ping timeout: 276 seconds)
20140422 22:50:05 * hija (~hija@anon) Quit (Ping timeout: 264 seconds)
20140422 22:51:56 * xranby (~xranby@anon) has joined #jogamp
20140422 23:20:08 * bbbruce (~bx@anon) Quit (Read error: Operation timed out)
20140422 23:47:47 * bbbruce (~bx@anon) has joined #jogamp
20140423 00:17:55 * hharrison (~chatzilla@anon) Quit (Quit: ChatZilla 0.9.90.1 [Firefox 29.0/20140414143035])
20140423 01:04:08 <sgothel> http://www.libressl.org/
20140423 01:04:28 <sgothel> http://www.tedunangst.com/flak/post/origins-of-libressl http://www.tedunangst.com/flak/post/worst-common-denominator-programming :)
20140423 01:06:05 <jk4> at least with openbsd managing an ssl library, you know it'll be secure by virtue of being obscure
20140423 01:06:35 <sgothel> I am all for it .. sure, kudos to Theo & Team !
20140423 01:07:19 <jk4> might as well rip out C too
20140423 01:07:26 <sgothel> :)
20140423 01:07:36 <jk4> if you want a secure library, C ain't gonna help
20140423 01:07:50 <sgothel> but after lib[re]ssl or libre-ssl .. well, one has a reference
20140423 01:08:14 <jk4> i think re is short for reaction
20140423 01:08:23 <jk4> as in knee jerk reaction
20140423 01:08:31 <sgothel> jaja :) .. but one step at a time .. maybe rewrite using that using a c-alike safe[er] env.
20140423 01:08:33 <sgothel> :)
20140423 01:08:55 <jk4> or just use libnss
20140423 01:09:08 <jk4> it was supposedly somewhat verified way back in the 90s
20140423 01:10:57 <jk4> aaaanyway
20140423 01:11:03 <jk4> useless discussion
20140423 01:11:29 <jk4> programmers will continue to waste our finite resources
20140423 01:11:49 <jk4> maybe in the 22nd century things will be better
20140423 01:13:26 <sgothel> :)
20140423 01:13:49 <sgothel> dunno whether it's useless (the discussion)
20140423 01:14:16 <sgothel> recursions may make things better, and the simple fact this happens allows us to think about it
20140423 01:15:35 <jk4> recursion can make things better, when recursion actually takes place.
20140423 01:15:49 <sgothel> might be a good questions: why not using libnss (maybe w/ a wrapper for libssl allowing existing apps to use it) ?
20140423 01:16:19 <jk4> that might be too practical
20140423 01:16:44 <jk4> openbsd is suffering from empty bank account. maybe they're hoping libressl will help fill it
20140423 01:16:48 <sgothel> me not too familiar w/ quality of those libs
20140423 01:17:03 <sgothel> was one of my thoughts as well .. reading the libressl site .. hmm
20140423 01:17:15 <sgothel> but they matched their fundraiser .. so good
20140423 01:17:45 <jk4> i've used it for years on my router. couldn't care less if the project died
20140423 01:17:57 <jk4> pf would live on. that's all anyone really cares about
20140423 01:18:05 <sgothel> openssh ?
20140423 01:18:06 <jk4> specifically the pf.conf parser
20140423 01:18:14 <jk4> the firewall rules
20140423 01:18:20 <sgothel> yup
20140423 01:18:43 <jk4> maybe save carp. but linux has some carpy stuff now i think
20140423 01:19:02 <jk4> re recursion: more often a programmer suffers from NIH syndrome and simply must write something that does what some existing solution does
20140423 01:19:08 <sgothel> what I have read so far over the years re Theo et al. makes me believe I can trust them though ..
20140423 01:19:15 <jk4> or it's not in their the new language they invented last night
20140423 01:19:51 <sgothel> well, they clean up the blubber for now :)
20140423 01:20:13 <jk4> heh yeah
20140423 01:20:15 <sgothel> allowing a later review in the 1st place
20140423 01:20:30 <jk4> seems like it'd be easier to start from scratch
20140423 01:20:55 <jk4> i've not used it so i guess i can't really say
20140423 01:21:09 <sgothel> since the test-suite might be missing and the stuff must be understood well, maybe that could only be done as a 2nd step
20140423 01:21:15 <jk4> to me it would seem important to break compatibility with openssl to force a choice
20140423 01:21:28 <sgothel> flavors ..
20140423 01:21:48 <jk4> you can be the guy who makes the decision in your company for openssl that compromised all your customers' data
20140423 01:22:07 <jk4> or you can spend a little time learning the slightly different api of tthe new ssl lib
20140423 01:22:22 <jk4> either way you lose
20140423 01:22:37 <jk4> i'd rather be the guy who opts for something with a better process
20140423 01:22:57 <sgothel> we are talking ecosystems .. tons of apps - and you cannot really put your hand in the fire for such decision anyways
20140423 01:22:59 <sgothel> I agree ..
20140423 01:23:07 <jk4> needs to be a campaign against openssl to make a stigma against using it
20140423 01:23:16 <jk4> when someone says let's use openssl, people just give blank stares
20140423 01:23:41 <sgothel> I just prefer evolutionary progress .. while trying to understand the misses / failures .. instead of reset-forget-new, which may lead to the same ..
20140423 01:24:21 <jk4> would be like salvaging the tacoma narrows bridge
20140423 01:24:35 <sgothel> IMHO no need to get hysterical here .. those bugs are deeply build in for a long time
20140423 01:25:23 <sgothel> and then the insecure cipher classes .. another problem
20140423 01:25:31 <jk4> they should be removed
20140423 01:25:41 <jk4> if something is insecure it should cease to be supported
20140423 01:25:45 <jk4> deprecate and remove
20140423 01:25:48 <jk4> deprecate and remove
20140423 01:25:52 <jk4> it's really that simple
20140423 01:25:54 <sgothel> when we have identified them ..
20140423 01:26:19 <jk4> right, then no one has to wonder which things they can use because the library won't build with your app
20140423 01:26:27 <jk4> seems braindead simple
20140423 01:26:42 <jk4> crypto lib shouldn't allow insecurity for compatibility
20140423 01:26:46 <sgothel> hindsight .. always that simple :)
20140423 01:26:54 <jk4> that's not even hindsight
20140423 01:26:58 <jk4> that's just common sense
20140423 01:27:14 <sgothel> lets jump back 1-2 years .. where folks suspected some stuff to be .. at least weird
20140423 01:27:27 <sgothel> now .. it's like, yeah .. of course
20140423 01:27:40 <sgothel> NSA, IETF .. all that crap
20140423 01:42:39 <sgothel> https://github.com/dyu/ffi-overhead <- if we could use llvm or gcc alike linkage to such a safer libssl written in ocaml / rustc .. or whatever is typesafe and easy to proof .. w/ little overhead
20140423 01:44:09 <sgothel> reminds me of a task of ours left to-do, experiment w/ such alternatives llvm/gcc-lib/robovm ..
20140423 01:44:35 <sgothel> ideal: use your language of your choice .. and mix & match
20140423 02:45:44 * sgothel (~sgothel@anon) Quit (Ping timeout: 252 seconds)
20140423 02:52:42 * sgothel (~sgothel@anon) has joined #jogamp
20140423 02:52:43 * sgothel (~sgothel@anon) Quit (Changing host)
20140423 02:52:43 * sgothel (~sgothel@anon) has joined #jogamp
20140423 02:52:43 * ChanServ sets mode +v sgothel
20140423 05:05:33 -jogamp- Continue @ http://jogamp.org/log/irc/jogamp_20140423050533.html