The tough question: who knew this all along?
We can only speculate about whether anyone knew about this problem beforehand – and if so, who. Potential attackers have had more than a year and a half to detect and exploit the problem. For numerous reasons, it is improbable that such a grave flaw went unnoticed from September 2006 until May 2008, when Luciana Bello discovered and reported it.
One can assume that security experts and "black hats" were not the only ones carefully reading change logs in version control systems for cryptographic software and distributors. In particular, specialists working for secret service organisations will also have done their homework: after all, they are responsible for tapping and collecting all kinds of data.
But in this case, we don't really need to judge the severity of the change to the OpenSSL random number generator based on a rather modest-looking patch. Instead, well organised attackers can rely on statistics. It is quite probable that secret services and similar organizations not only archive tapped connections, but also maintain databases of public keys. The data they need to do this practically grows on trees – web servers, VPN terminals, and SSH-protected servers are more than happy to hand over their public key to anyone who wants to use it to check the server's authenticity.
Those who have taken the time over the past 20 months to maintain a database with collections of such public keys will probably have been surprised to see collisions that should not have happened at all suddenly start occurring in October of 2006. As the birthday paradox illustrates, 500 weak keys of the same length suffice to produce a duplicate some 95 percent of the time. Once such a duplicate has been discovered, it does not take long to detect the Debian operating system behind it via the rough time and the context of the keys in question. Then, you can study the changes made during that time frame to the source code of cryptographically relevant program suites.
Where to go from here
The Debian disaster puts the open source development model in a bad light. The obvious lack of effective quality assurance mechanisms in the maintenance of critical security program packages in Debian Linux will not exactly make it easier for proponents of open source software to get their software used professionally. On the other hand, it is also clear that source code review works as a way of identifying security problems in open source software – though, as this case shows, it may take some time.
Critics of open source software will now hit this ball back into the other half of the court on behalf of the closed source model. The only counter argument is that proprietary software may also already suffer from such problems, but we will never know because the source code is not made accessible for analysis. (cr)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
