oSC14 and LinuxTag coming!
April 23, 2014
- Social skills for geeks
- Presenting awesome (workshop about giving presentations)
- How to run a booth and present your project
- Where KDE is and where it is going
- Cloudy experiences at home (about ownCloud!)
- Community building in 10 steps
That's quite a bunch, I know, but it'll be fun! I look forward to Dubrovnik, although I see it will be rainy and not that warm. Ah, sad...
LinuxTag 2014 - all changeA much bigger deal, for me, is LinuxTag. This year, it is considerably different from the previous few years: no more in the Messe! Instead, the team is collaborating with DroidCon and Re:Publica. That, combined with the location (Station in Berlin), could potentially be awesome! Here I give one talk about the future of KDE. I'll also be speaking at the Community Leadership Summit Europe about Open Governance.
But more importantly, I'll be organizing the LT booth for three projects: ownCloud, KDE and openSUSE. Yeah, ambitious again! Not only that, we're not going for the traditional booth. Instead, I've proposed to do something different: have a track of technical mini-workshops at the booth. 45 minute talks, small, hands-on, about the technology of these projects. So, think about building packages with the Open Build Service, writing an ownCloud App or developing a QML based Plasma widget.
Needing some helpThe idea seems generally liked but I haven't found anybody for any of the three above potential talks - so if you can and want to do that or something like it, please let me know! We won't have too much traditional booth space, just enough for a bit of stuff and one or two ppl answering questions. The talks will repeat every day so as volunteer, you give your talk 3 times, once every day. Otherwise you are free to enjoy the talks as well as the Re:Publica booth area. As the tickets are not cheap (Eur 149!) this is a nice way to get into LinuxTag for free (I have only 2 tickets per booth, though). You'll get hugs and Club Mate as much as you want. And there's travel support available for all these projects!
Help me out, please! And if you can't - at least, be sure to visit the booth at LinuxTag or come say hi at the openSUSE Conference!
Fighting Cargo Cult – The Incomplete SSL/TLS Bookmark Collection
April 21, 2014
Throughout the recent months (and particularly: weeks), people have asked me how to properly secure their SSL/TLS communication, particularly on web servers.
At the same time I’ve started to look for good literature on SSL/TLS. I noticed that many of the “guides” on how to do a good SSL/TLS setup are actually cargo cult. Cargo cult is a really dangerous thing for two reasons: First of all, security is never a one-size-fits-all solution. Your setup needs to work in your environment, taking into account possible limitation imposed by hardware or software in your infrastructure. And secondly, some of those guides are outdated, e.g. they do neglect the clear need for Perfect Forward Secrecy, or use now-insecure ciphers. At the worst case, they are simply wrong.
So I won’t be providing yet another soon-outdated tutorial that leaves you non-the-wiser. Instead, I’ll share my collection of free and for-pay documents, books and resources on the topic which I found particularly useful in the hope that they may help you in gaining some insight.
Introduction to SSL/TLS
If you’re unfamiliar with SSL/TLS, you definitely should take half an hour to read the Crypto primer, and bookmark SSL/TLS Strong Encryption: An Introduction for reference.
- Crypto Primer: How does SSL work? sums up the functionality of SSL/TLS
- SSL/TLS Strong Encryption: An Introduction is less of an introduction than a very elaborate glossary of SSL/TLS and crypto terminology
So you want to get your hands dirty? Check your server setup with Qualys SSL Labs’ server test. Make sure you fix the most important issues. You should at least be able to get an “A-” grading. If you find yourself in trouble (and are the administrator of an Apache or nginx setup), you should read the OpenSSL cookbook. Professional system administrators should have Bulletproof SSL/TLS and PKI on the shelf/eBook reader.1)
- Qualys SSL Labs is a web site that can analyze the quality of a given SSL/TLS setup (HTTP only) using a nice rating scheme 2) and providing hints on how to easily improve your setup.
- Bulletproof SSL/TLS and PKI – Subtitled The Complete Guide to Securely Using SSL/TLS and PKI in Infrastructure Deployment and Web Application Development, this book is still work in progress (and is constantly updated, also according to readers feedback). Its author, Ivan Ristić, is also the guy behind ssllabs.com. While not finished, a preview eBook is available for £19 (roughly €23 or $32). Purchasers will receive the full eBook once finished. You can also pre-order a hard copy
- OpenSSL Cookbook – Extended excerpt from Bulletproof SSL/TLS and PKI. Suitable to secure your web server. Free download (requires registration).
- Up-to-date cipher suite recommendation from Mozilla with detailed explanation on why it was chosen. (Thanks to Tom Brossman).
- Efficiently picking PFS-compatible cipher suites for IIS (using PowerShell).
The SSL, the TLS and the Ugly
If you are a dedicated IT professional, you should not miss the next section. Although it’s not crucial for those wishing to “simply secure their server”, it provides those who are responsible for data security with a clear understanding of the numerous theoretical and practical limitations of SSL/TLS.
- SSL: Paved with Good Intentions: Presentation on history and weaknesses of SSL/TLS by Richard Moore, CTO at Westpoint Ltd and the maintainer of the Qt SSL/TLS stack.
- Adam Langley (Google Chrome) on the risks of Revocation Checks
- 20 years of SSL/TLS Research Dissertation providing an excellent background on the pitfalls, attacks and risks of SSL/TLS. Suitable for non-scholars (and highly recommended). You may skip the math.
- The case for OCSP-Must-Staple: Great commentary on what is needed for SSL/TLS beyond OCSP Stapling to have good support for certificate revocation.
Tools and Utilities for Debugging SSL/TLS
Sometimes you need to debug errors during the SSL handshake. While a bit primitive, OpenSSL’s s_client tool is the weapon of choice. When it comes to monitoring SSL/TLS encrypted communications, use mitmproxy or Charles. They need to be added as proxies, but can also intercept PFS connections, due to their active MITM position.
- sslyze – a command line script to check SSL/TLS on servers (Python)
- cipherscan – command line client to check effectively supported cipher suites (Bash)
- openssl s_client is a command line tool that provides details on the handshake phase and establishes a secure connection. Use it to debug problems with certificate chaining, OCSP stapling, etc.
- Wireshark packet analyzer (and why it will not help you if you’re using PFS)
- mitmproxy suite — command line tools to analyze encrypted traffic (Python-based, Free)
- Charles Web Debugging Proxy (Java, Commercial)
This list is not exhaustive and if you have more suggestions, please go ahead and post them in the comments. I’ll be happy to add them.
Finally, just like with system administration in general, you’re never “done” with security. SSL/TLS is a swiftly moving target, and you need to be aware of what is going on. If you are an IT professional, subscribe to security mailing lists and the announcement lists of your vendor. Finally, while I’m aiming to update this page, there’s never a guarantee of up-to-dateness for this list either.
Update (22.04.2014): Don’t miss the discussion on this article over at Hacker News.
- 21.04.2014 – Initial version
- 21.04.2014 - Added “The Case for OCSP-Must-Staple”, Mozilla Cipher suite recommendation
- 22.04.2014 – Updated to add sslyze and cipherscan, added HN link, fixed typos
1) I do realize that I am courting Ivan a lot in this section and that relying on only an a single external web service that can go away any day is not a good thing. At the same time I think that the handshake simulation and the simple rating process are priceless, as such assessment cannot be trivially done by people whom’s life does not revolve around crypto and security 24/7. At the same time, I’m happy for any pointers towards other, user friendly tools.
2) While blindly following the rating can easily lead to the establishment of cargo cult, ssllabs.com is continuously updated to only give those a good grading that follow the best pactices. Again: Avoid Cargo Cult, make sure you have a good idea of what you are doing.
Why does YouTube insist on weak RC4?
April 14, 2014
A few weeks ago, Google did some changes to YouTube. Now, when you attempt to watch a video on YouTube, the video will be streamed using the RC4 cipher. If you disable RC4 in your browser, no video will be loaded. You cannot watch it. It is also documented in a Google groups thread. The first time I heard about it was when Faldrian shared his experience with googlevideo.com (German), while YouTube still worked without RC4. A bit later Google extented it on YouTube.
What's bad about RC4
RC4 is a widely used stream cipher. For instance it is used to safely transport Video or Audio by symmetric encryption. The advantages of RC4 are that is simple and fast. But it also has its drawbacks.
It is said the the RC4 cipher is cryptographically broken (=insecure) for years. Jacob Appelbaum states the NSA can break it in real time. If this is true, it is as good as no encryption. Although no proof exists in public, it seems to be very likely. If you want to be on the safe side, you disable RC4 in your browser. But you cannot disable it for certain web sites only (or only whitelist sites) – it affects all sites.
There may be good reasons for Google doing so, after all they usually reason things out before taking actions. It might have been that Google did not send their videos over an encrypted HTTP connection before (pure speculation), but now they do. Well meant is not necessarily well done. If it drives people to keep using RC4, worse security is the result. My guess is they switched all traffic to TLS encrypted connections, after certain Snowden leaks, and RC4 was the fastest and easiest to implement for video streaming.
An interesting side note is that Google filed a draft for an alternative stream cipher for TLS. The candidate is ChaCha20 by Bernstein. So maybe RC4 is just a temporary move?
I keep RC4 disabled, YouTube is not that important to me. Except for YouTube, I believe I came across only one other site that relied solely on RC4, and it was far less important, even I do not remember which one it was.
Only I wish that more people or blogs would move away from YouTube. The other major reason for this is also to go away from (centralized) services provided by companies that are too big to be good.
Bookmarklet: Search for video on other sites
Since people will not stop to link to YouTube in the near future, I need to find the video on other sites if I want to watch them. I wrote a little bookmarklet (What is a bookmarklet?) that I can click when I end up on a YouTube video. It will take the video title and start a Google video search excluding youtube.com.
Now, not every video will be available somewhere else. Bad luck. On the other hand, many videos on YouTube that are blocked in Germany can be freely seen on other sites. Interested in the bookmarklet? Drag the following "link" into your bookmarks list. Below is a quick video howto if you are new to bookmarklets and also the source code.
Why actually a Google search? – Mainly for ironic reasons. Most likely you can use any search engine that offers a video search if you adjust the URL and parameters. My search engine of choice is startpage.com, by the way, and I do block Google cookies.
ownCloud Client 1.6: The Tour
April 9, 2014
Now that ownCloud 1.6.0 beta1 is out, it’s time to explain the story behind it:
This release was developed under the promise that it would improve performance 1), and we have made tremendous improvements: Using a new Qt-based propagator implementation, we can now perform multiple simultaneous up- and downloads. We still provide the old propagator for certain situation where it’s more suitable, such as for situations where bandwidth limitation is needed.
Furthermore, the sync journal access code has been significantly optimized. It paid tribute to most of the high CPU load during the mandatory interval checks. CPU usage should be much lower now, and the client should be usable with more files at the same time.
Windows users should also find update times improved as the time spent in file stat operations has been reduced. Mac OS X users will enjoy the benefits of a much improved file watcher. To be able to use the more efficient API, 1.6 drops support for Mac OS Snow Leopard (10.6) and now requires Mac OS 10.7 or better.
At the same time, production releases are now using Qt 5 rather than Qt 4 on Windows and Mac OS X2). This fixes a lot of visual bugs in Mac OS X, especially for Mavericks users, and allows us to profit from improvements in the SSL handling, especially on the Mac.
We also implemented an item that was on many peoples wish list: a concise sync log. Next to the database, the sync folder now holds a hidden file called
.owncloudsync.log. It will store all sync processes in a minimal CSV file. Contrary to previous logging facilities, it always logs and only collects information relevant to the actual sync algorithm decisions.
Because this tour was not as colorful as the previous one, let’s close this blog post with a feature contributed by Denis Dzyubenko: The settings dialog on Mac OS X now has a native look & feel:
1) Now that while the client is multi-threaded, you may find that the transfer time still doesn’t improve as much as you would expect. This is due locking issues on the server which prevent efficient parallel transfers. This has been improved in 1.7, and could potentilly improved even further by implementing support for
X-Accel-Redirect in SabreDAV, the DAV framework used by ownCloud server.
2) We can’t do the switch even on modern Linux distributions mostly due of the poor support for modern and divergent Systray/Notification area support in Qt5: Even in Qt 4 we could only use it because Canonical had patched their Qt to make
QSystemTrayIcon work with Unity, which they have not ported to Qt 5 yet. Gnome 3 also hides away traditional Systray icons way to well, not to speak of Plasma. Any leads would be helpful.
PS: Martin’s blog on the subject indicates that Qt 5.3 might solve the problem.
March 31, 2014
ownCloud Inc. blog by Frank, I'll be joining ownCloud Inc. as community manager tomorrow. Like in my previous gig at SUSE, I consider the 'manager' part of the title to be about helping out the community wherever I can. To put it less graphically than Frank did: you get another person to talk to when you think we can improve things.
I'm excited to get started and find out what should be done. Of course I have thoughts and ideas on that but I am not the type to have a strong opinion before I know what is going on and have heard a bunch of opinions about it. And although I've been around ownCloud a fair bit, having written and talked about it, used it and knowing many of you, I intend to take my time to get to know you all better. Of course, marketing is my thing, so I'm sure to be around in that area, helping spread the word on what ownCloud is doing and why it matters.
Opinions, ideas and introductions are very welcome! I'm around on most social media but most actively on G+ and of course you can email me, ping me IRC and so on.
I really look forward to getting my head in the clouds with you all!