* Are linux network drivers really affected by this?
@ 2003-01-09 12:52 Nils Petter Vaskinn
2003-01-10 8:08 ` andrea.glorioso
0 siblings, 1 reply; 10+ messages in thread
From: Nils Petter Vaskinn @ 2003-01-09 12:52 UTC (permalink / raw)
To: linux-kernel
http://www.kb.cert.org/vuls/id/412115
Summary: Some network drivers don't pad ethernet packets with nulls,
they are filled with "garbage" often from previously sent packets. Linux
is mentioned as vulnerable.
Nils Petter Vaskinn
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-09 12:52 Are linux network drivers really affected by this? Nils Petter Vaskinn
@ 2003-01-10 8:08 ` andrea.glorioso
2003-01-10 11:46 ` Alan Cox
0 siblings, 1 reply; 10+ messages in thread
From: andrea.glorioso @ 2003-01-10 8:08 UTC (permalink / raw)
To: linux-kernel
>>>>> "npv" == Nils Petter Vaskinn <nils.petter.vaskinn@itsopen.net> writes:
npv> http://www.kb.cert.org/vuls/id/412115
npv> Summary: Some network drivers don't pad ethernet packets with
npv> nulls, they are filled with "garbage" often from previously
npv> sent packets. Linux is mentioned as vulnerable.
The paper presented by Olaf Arkin (amongst other) points to some parts
of the linux code where this "vulnerability" exists. I think Alan Cox
is working on some patches for his tree. I wonder whether it's better
to null-pad ethernet packets or to fill them with random values
(possibly an overkill, but more resiliant against fingerprinting).
bye,
andrea
--
Andrea Glorioso andrea.glorioso@binary-only.com
Binary Only http://www.binary-only.com/
Via A. Zanolini, 7/b Tel: +39-348.921.43.79
40126 Bologna Fax: +39-051-930.31.133
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-10 11:46 ` Alan Cox
@ 2003-01-10 11:12 ` andrea.glorioso
2003-01-10 12:11 ` Denis Vlasenko
2003-01-14 1:19 ` Miles Bader
0 siblings, 2 replies; 10+ messages in thread
From: andrea.glorioso @ 2003-01-10 11:12 UTC (permalink / raw)
To: Alan Cox; +Cc: Linux Kernel Mailing List
>>>>> "ac" == Alan Cox <alan@lxorguk.ukuu.org.uk> writes:
ac> Most of them will pad with zero. We have a couple of drivers
ac> that already pad with something along the lines of "NetBSD is
ac> a cool OS too.."
Let's talk about subliminal messages, then. :)
How sensible would it be to have a runtime or compile time option for
choosing between zero padding and random values padding? I think the
variable length of the padding could cause some performance problems,
but I'm no kernel hacker nor cryptography expert.
ac> The -ac tree should have the problem fixed for all the drivers
ac> I know have the problem or may do.
Great.
bye,
andrea
--
Andrea Glorioso andrea.glorioso@binary-only.com
Binary Only http://www.binary-only.com/
Via A. Zanolini, 7/b Tel: +39-348.921.43.79
40126 Bologna Fax: +39-051-930.31.133
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-10 8:08 ` andrea.glorioso
@ 2003-01-10 11:46 ` Alan Cox
2003-01-10 11:12 ` andrea.glorioso
0 siblings, 1 reply; 10+ messages in thread
From: Alan Cox @ 2003-01-10 11:46 UTC (permalink / raw)
To: andrea.glorioso; +Cc: Linux Kernel Mailing List
On Fri, 2003-01-10 at 08:08, andrea.glorioso@binary-only.com wrote:
> The paper presented by Olaf Arkin (amongst other) points to some parts
> of the linux code where this "vulnerability" exists. I think Alan Cox
> is working on some patches for his tree. I wonder whether it's better
> to null-pad ethernet packets or to fill them with random values
> (possibly an overkill, but more resiliant against fingerprinting).
Most of them will pad with zero. We have a couple of drivers that already
pad with something along the lines of "NetBSD is a cool OS too.."
The -ac tree should have the problem fixed for all the drivers I know have
the problem or may do.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-10 11:12 ` andrea.glorioso
@ 2003-01-10 12:11 ` Denis Vlasenko
2003-01-10 14:53 ` andrea.glorioso
2003-01-14 1:19 ` Miles Bader
1 sibling, 1 reply; 10+ messages in thread
From: Denis Vlasenko @ 2003-01-10 12:11 UTC (permalink / raw)
To: andrea.glorioso, Alan Cox; +Cc: Linux Kernel Mailing List
On 10 January 2003 13:12, andrea.glorioso@binary-only.com wrote:
> >>>>> "ac" == Alan Cox <alan@lxorguk.ukuu.org.uk> writes:
>
> ac> Most of them will pad with zero. We have a couple of
> drivers ac> that already pad with something along the lines of
> "NetBSD is ac> a cool OS too.."
>
> Let's talk about subliminal messages, then. :)
>
> How sensible would it be to have a runtime or compile time option
> for choosing between zero padding and random values padding? I
> think the variable length of the padding could cause some
> performance problems, but I'm no kernel hacker nor cryptography
> expert.
Too much work for zero gain
--
vda
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-10 12:11 ` Denis Vlasenko
@ 2003-01-10 14:53 ` andrea.glorioso
2003-01-13 6:57 ` Denis Vlasenko
0 siblings, 1 reply; 10+ messages in thread
From: andrea.glorioso @ 2003-01-10 14:53 UTC (permalink / raw)
To: vda; +Cc: Alan Cox, Linux Kernel Mailing List
>>>>> "dv" == Denis Vlasenko <vda@port.imtp.ilyichevsk.odessa.ua> writes:
dv> Too much work for zero gain
`Too much work' refers to coding time or to kernel work?
bye,
andrea
--
Andrea Glorioso andrea.glorioso@binary-only.com
Binary Only http://www.binary-only.com/
Via A. Zanolini, 7/b Tel: +39-348.921.43.79
40126 Bologna Fax: +39-051-930.31.133
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-10 14:53 ` andrea.glorioso
@ 2003-01-13 6:57 ` Denis Vlasenko
2003-01-13 9:54 ` andrea.glorioso
0 siblings, 1 reply; 10+ messages in thread
From: Denis Vlasenko @ 2003-01-13 6:57 UTC (permalink / raw)
To: andrea.glorioso; +Cc: Alan Cox, Linux Kernel Mailing List
On 10 January 2003 16:53, andrea.glorioso@binary-only.com wrote:
> >>>>> "dv" == Denis Vlasenko <vda@port.imtp.ilyichevsk.odessa.ua>
> >>>>> writes:
>
> dv> Too much work for zero gain
>
> `Too much work' refers to coding time or to kernel work?
Coding.
IMHO:
Zero padding is secure enough.
There is no point spending time coding random
padding, config options, etc.
--
vda
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-13 6:57 ` Denis Vlasenko
@ 2003-01-13 9:54 ` andrea.glorioso
0 siblings, 0 replies; 10+ messages in thread
From: andrea.glorioso @ 2003-01-13 9:54 UTC (permalink / raw)
To: vda; +Cc: Alan Cox, Linux Kernel Mailing List
>>>>> "dv" == Denis Vlasenko <vda@port.imtp.ilyichevsk.odessa.ua> writes:
dv> On 10 January 2003 16:53, andrea.glorioso@binary-only.com
dv> wrote:
>> >>>>> "dv" == Denis Vlasenko
>> <vda@port.imtp.ilyichevsk.odessa.ua> >>>>> writes:
>>
dv> Too much work for zero gain
>> `Too much work' refers to coding time or to kernel work?
dv> Coding.
I would have said `kernel work' (although the relative occurrence of
undersized frames is probably low).
dv> IMHO:
dv> Zero padding is secure enough.
Not for fingerprinting, though.
dv> There is no point spending time coding random padding, config
dv> options, etc.
You're probably right.
bye,
andrea
--
Andrea Glorioso andrea.glorioso@binary-only.com
Binary Only http://www.binary-only.com/
Via A. Zanolini, 7/b Tel: +39-348.921.43.79
40126 Bologna Fax: +39-051-930.31.133
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Are linux network drivers really affected by this?
2003-01-10 11:12 ` andrea.glorioso
2003-01-10 12:11 ` Denis Vlasenko
@ 2003-01-14 1:19 ` Miles Bader
2003-01-18 14:09 ` Folkert van Heusden
1 sibling, 1 reply; 10+ messages in thread
From: Miles Bader @ 2003-01-14 1:19 UTC (permalink / raw)
To: andrea.glorioso; +Cc: Alan Cox, Linux Kernel Mailing List
andrea.glorioso@binary-only.com writes:
> ac> Most of them will pad with zero. We have a couple of drivers
> ac> that already pad with something along the lines of "NetBSD is
> ac> a cool OS too.."
>
> Let's talk about subliminal messages, then. :)
How about `Printer on fire'?
-Miles
--
I have seen the enemy, and he is us. -- Pogo
^ permalink raw reply [flat|nested] 10+ messages in thread
* RE: Are linux network drivers really affected by this?
2003-01-14 1:19 ` Miles Bader
@ 2003-01-18 14:09 ` Folkert van Heusden
0 siblings, 0 replies; 10+ messages in thread
From: Folkert van Heusden @ 2003-01-18 14:09 UTC (permalink / raw)
To: 'Miles Bader', andrea.glorioso
Cc: 'Alan Cox', 'Linux Kernel Mailing List'
> ac> Most of them will pad with zero. We have a couple of drivers
> ac> that already pad with something along the lines of "NetBSD is
> ac> a cool OS too.."
>> Let's talk about subliminal messages, then. :)
>How about `Printer on fire'?
I vote for padding with"
"Linus is god!"
Repeating the exclamation-mark as much as needed.
Folkert
www.vanheusden.com
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2003-01-18 14:00 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-01-09 12:52 Are linux network drivers really affected by this? Nils Petter Vaskinn
2003-01-10 8:08 ` andrea.glorioso
2003-01-10 11:46 ` Alan Cox
2003-01-10 11:12 ` andrea.glorioso
2003-01-10 12:11 ` Denis Vlasenko
2003-01-10 14:53 ` andrea.glorioso
2003-01-13 6:57 ` Denis Vlasenko
2003-01-13 9:54 ` andrea.glorioso
2003-01-14 1:19 ` Miles Bader
2003-01-18 14:09 ` Folkert van Heusden
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.