Peer Review of Liberté Linux
For a security-oriented distribution such as Liberté Linux, peer review of its
capability to resist malicious attacks is a highly desirable feature. If you
possess the relevant expertise, you are welcome to criticize Liberté’s design
or implementation by sending me an email. The reason that I ask to send an
email is that right now, this site’s engine does not have anonymous edits
turned on. If your arguments are reasonable, they will appear here on a short
notice (with a reply).
Below, some specific pivotal potential vulnerabilities worthy of exploration
Since the 2011.1 release, Liberté implements secure and anonymous
communication using email-like addresses. Potential
(i.e., undiscovered) weaknesses of this cables exchange system may include:
- Circumventing proper message authentication via a communication protocol
- Misrepresenting another user (as cable sender or receiver)
- Convincing the sender to encrypt a cable for unintended recipient (e.g.:
certificates chain verification issue, multiple certificates in a single
pem file, …)
- Exploiting a remote system via a specially formatted certificate / message
- Known-plaintext attack by generating specially crafted message receipt
requests (e.g.: padding doesn’t work as expected)
- Susceptibility to traffic analysis
and similar vulnerabilities.
If you have performed an audit of source code in Liberté Linux, please send me
the revision or release tag at which you looked, and your review (or a link to
one), and I will post / link to it here.
Some useful references are listed below.
- P. James,
Secure Portable Execution Environments: A Review of Available Technologies,
Proc. AISM 2008, pp. 70–86, 1–3 Dec. 2008, Perth, AU-WA.
- J. A. Halderman et al.,
Lest We Remember: Cold-Boot Attacks on Encryption Keys,
Commun. ACM, 52(5), pp. 91–98, May 2009.
- J. Chow et al.,
Understanding Data Lifetime via Whole System Simulation,
Proc. USENIX Security ‘04, pp. 321–336, 9–13 Aug. 2004, San Diego, US-CA.
- C. Wright et al.,
Overwriting Hard Drive Data: The Great Wiping Controversy,
Proc. ICISS 2008, LNCS 5352, pp. 243–257, 16–20 Dec. 2008, Hyderabad, IN-AP.
- K. Bauer et al.,
Low-Resource Routing Attacks Against Tor,
Proc. WPES ‘07, pp. 11–20, 29 Oct. 2007, Alexandria, US-CA.
- D. Herrmann et al.,
Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naïve-Bayes Classifier,
Proc. CCSW ‘09, pp. 31–41, 13 Nov. 2009, Chicago, US-IL.
- V. Brik et al.,
Wireless Device Identification with Radiometric Signatures,
Proc. MobiCom ‘08, pp. 116–127, 14–19 Sep. 2008, San Francisco, US-CA.
- M. G. Kuhn,
Electromagnetic Eavesdropping Risks of Flat-Panel Displays,
Proc. PET 2004, LNCS 3424, pp. 88–107, 26–28 May 2004, Toronto, CA-ON.
- M. Vuagnoux, S. Pasini,
Compromising Electromagnetic Emanations of Wired and Wireless Keyboards,
Proc. USENIX Security ‘09, pp. 1–16, 10–14 Aug. 2009, Montréal, CA-QC.
- L. Zhuang et al.,
Keyboard Acoustic Emanations Revisited,
ACM T Inform Syst Se, 13(1), pp. 3:1–26, Oct. 2009.
- M. Backes et al.,
Tempest in a Teapot: Compromising Reflections Revisited,
Proc. IEEE SP 2009, pp. 315–327, 17–20 May 2009, Oakland, US-CA.