Couldn't obtain random bytes in sshd - problem in RAND_poll? - Openssl

This is a discussion on Couldn't obtain random bytes in sshd - problem in RAND_poll? - Openssl ; On Mon, Aug 11, 2008 at 02:50:55AM -0700, David Schwartz wrote: > > Ted T'so wrote: > > > At this point, you've just spent reams and reams of electrons stating > > the obvious. > > Yes, for the ...

+ Reply to Thread
Page 3 of 3 FirstFirst 1 2 3
Results 41 to 42 of 42

Thread: Couldn't obtain random bytes in sshd - problem in RAND_poll?

  1. Re: Couldn't obtain random bytes in sshd - problem in RAND_poll?

    On Mon, Aug 11, 2008 at 02:50:55AM -0700, David Schwartz wrote:
    >
    > Ted T'so wrote:
    >
    > > At this point, you've just spent reams and reams of electrons stating
    > > the obvious.

    >
    > Yes, for the second time, because some people *still* don't understand it.
    > (It's quite obvious to you and me, not so obvious to the people who still
    > don't get it.)


    David,

    I think you have a problem of not making clear what you actually mean.

    I'm going to give 3 examples of how I could read what you were saying so
    far:

    1. A client connects to a server, but the server has been compromised
    and someone knows it's secret key. The client properly checks
    that the key is valid.
    2. A client connects to a server, but the client has been compromised
    and now accepts any or certain keys it's been offered. The client
    software is/was written to do proper checking.
    3. A client connects to a server, but it accepts the public key the
    server or attacker returns because it doesn't do proper checking.


    I now think that people understand that you meant one of the first 2
    cases but actually meant the 3rd. And if you actually meant the 3rd,
    that's not what I was reading in the other mails.


    Kurt

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    Development Mailing List openssl-dev@openssl.org
    Automated List Manager majordomo@openssl.org


  2. RE: Couldn't obtain random bytes in sshd - problem in RAND_poll?


    Kurt Roeckx wrote:

    > David,
    >
    > I think you have a problem of not making clear what you actually mean.
    >
    > I'm going to give 3 examples of how I could read what you were saying so
    > far:
    >
    > 1. A client connects to a server, but the server has been compromised
    > and someone knows it's secret key. The client properly checks
    > that the key is valid.
    > 2. A client connects to a server, but the client has been compromised
    > and now accepts any or certain keys it's been offered. The client
    > software is/was written to do proper checking.
    > 3. A client connects to a server, but it accepts the public key the
    > server or attacker returns because it doesn't do proper checking.
    >
    > I now think that people understand that you meant one of the first 2
    > cases but actually meant the 3rd. And if you actually meant the 3rd,
    > that's not what I was reading in the other mails.


    God, I hope you're right. That would mean that I was being unclear, rather
    than everyone else being crazy. That's a much more comforting scenario.

    Of course, it doesn't help when you have someone who is deliberately making
    every effort to misunderstand and mock you when you're trying to prevent
    people from doing real harm. People have in fact created SSLv3-based
    products that are vulnerable to MITM attacks, and when the vulnerabilities
    are pointed out to them, they inevitable reply "but we used SSLv3 -- isn't
    SSLv3 immune to MITM attacks?". Yes, really.

    The fault, of course is not in SSLv3. It's in the fault of morons who insist
    that SSLv3 *alone* makes you immune to MITM attacks. There is a very
    technical sense in which this is true, but that very technical meaning is
    lost on the people who make this kind of mistake.

    OpenSSL is a spectacular library. It's a great implementation of various
    crypto algorithms, a nice interface to access them generically, SSL, DER,
    and various other things. However, just as it makes it much easier to do
    crypto right, it also makes it much easier to do crypto wrong.

    Without OpenSSL, the people who made the kind of mistakes I'm talking about
    would probably never get their code to even talk to a server. With OpenSSL,
    they can get the appearance of SSL and the belief that they have all the
    guarantees that SSLv3, used properly, *can* provide. But in actuality, they
    have little to no security at all because their endpoints are compromised --
    by design.

    DS


    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    Development Mailing List openssl-dev@openssl.org
    Automated List Manager majordomo@openssl.org


+ Reply to Thread
Page 3 of 3 FirstFirst 1 2 3