Wifi encryption is beyond fucked. Wi-Fi Chip Vulnerability - Schneier on Security
Where do I add this reference?
1 Like
Router and Local Area Network Security suitable?
That’s for specific hardware and patches have already been released. Users just need to update.
Problem is, most of the vulnerable devices will never receive an update nor will they be upgradable even if they do. Better to let people assume this is the case and behave accordingly.
From the article you linked:
Manufacturers have made patches available for most or all of the affected devices, but it’s not clear how many devices have installed the patches.
The only issue is users not installing them.
If you read the original post by Schneier he says what I’ve quoted.
When was the last time you saw a 3 or 4 year old phone get an update?
If you’re using EoL devices, this is one of the last things you should be worried about.
Even if you use an aftermarket ROM the wifi drivers are usually closed blobs that never get updated by the manufacturer.
Custom ROMs can’t apply security patches to EoL devices either. The patches don’t exist in the first place.
Unless you’re talking about the community creating their own patches which is very unlikely and isn’t the same as experts at google making the patches.
Custom ROMs themselves are a massive security issue too. The majority of them ruin the security model by using userdebug builds, disabling SELinux, disabling verified boot, requiring an unlocked bootloader etc.
I am not discussing a perfect world where everybody (including large enterprises) throws out their devices every couple of years, but the situation as it is now and will remain. Obsolete embedded devices and phones will stick around for much longer than the planned obsolescence model has planned because it’s costly.
In this type of world wifi vulns will remain unpatched for a long time. Nevermind the faulty IEEE standards or half baked fixes for KRACK.
I’m not discussing that either. These vulnerabilities just aren’t anything major to be worried about in comparison to the other massive issues with EoL devices and if you aren’t using an EoL device, you can update to fix it. I don’t see why this would deserve a wiki mention.
shouldn’t the simple rule be to encrypt your comms over wifi, rather than relying on wifi encryption? pretty much mitigates this vuln.
1 Like
Good point. It’s easy enough to set up a local openvpn server on the router and a client on your machine as one example
new chapter: Tor Documentation for Whonix Users
new chapter: Verifying Software Signatures
new page:
instructions how to burn Whonix-Host ISO image to DVD or USB
Maybe start with a survey of other Libre Linux distributions that are (somewhat) focused on good usability? Which are…? elementary?
- https://elementary.io
- Installation
- others?
Could you have a look please if there are any gross inaccuracies or easily misunderstood points in this write-up? @HulaHoop
1 Like
Excellent.
Some suggestions:
See for example Spectre and Meltdown.
I would link to this page of our documentation.
Important to explain even with Open Hardware there are still problems:
-
We have no way to verify the silicon actually matches the blueprints and hasn’t been tampered with during production. This in theory is fixable with personal 3D printers in the future.
-
An open design doesn’t automatically mean secure (just like for software), but it gives more people a chance to more asily verify the design and fix it.
I have some suggestions for Security-Focused Operating System Comparison as Base for Whonix
Alpine Linux
The only reasoning I can find for Alpine being “secure” is that it uses PIE and SSP which every popular distro uses by default anyway making it nothing special.
“Alpine Linux was designed with security in mind. All userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection. These proactive security features prevent exploitation of entire classes of zero-day and other vulnerabilities.”
OpenBSD
OpenBSD’s mitigations are very lacking. It doesn’t have modern mitigations such as Control-Flow Integrity (work is even being done on that in Linux). Some of its current mitigations are flawed such as its W^X which can be bypassed by using mprotect to change a previously writable page to executable (work on this is also being done on Linux - see S.A.R.A. LSM or SELinux’s memory protections).
“OpenBSD is thought of by many security professionals as the most secure UNIX-like operating system” is also very questionable as I’ve only been seeing the opposite. For example, https://twitter.com/grsecurity/status/1211303353340366848 or https://grsecurity.net/~spender/exploits/exp_moosecox.c
Although, OpenBSD does have some great mitigations, many of these can be trivially replicated/improved on Linux. One example is Daniel Micay’s hardened_malloc which is superior to the OpenBSD malloc.
Also see, https://isopenbsdsecu.re/
FreeBSD
FreeBSD is extremely lacking in security. It doesn’t even have ASLR by default.
1 Like
Added.
Something useful / security here Alpine Linux:Overview - Alpine Linux ?
Added links.
Added.
Generally, I don’t want to add to deep analysis of (in)security of other Linux distributions. Reasons:
- might get outdated
- distracts developer time from other tasks
- might get disputed and then needs to be debated, fixed
The reason for that wiki page, listing these distribution is to demonstrate that these were considered as base distribution for Whonix before. During the early years of TorBOX / Whonix there were people repeating the myth “Why don’t you build on top of OpenBSD which is the most secure operating system?” Since these things nowadays are documented, easy to find on google and good arguments made, nobody is ever making these suggestions. Asking good questions such as in case of FreeBSD helped to get rid of these suggestive / myths. Looks to me like reading these write-ups people give up on these distributions / suggestions.
Reason to expand these notes would only be if any distribution(s) would be seriously considered porting to.
1 Like