OpenSSL 的 DSA 被 Side-channel attack 打爆

在「Make Sure DSA Signing Exponentiations Really are Constant-Time」這篇文章裡面,直接透過 end-to-end 的 timing attack 打爆 (也就是透過 internet 觀察攻擊),而不需要在同一台機器上對 cache 之類的區域攻擊:

A unique feature of our work is that we target common cryptographic protocols. Previous works that demonstrate cache-timing key-recovery attack only target the cryptographic primitives, ignoring potential cache noise from the protocol implementation. In contrast, we present end-to-end attacks on two common cryptographic protocols: SSH and TLS. We are, therefore, the first to demonstrate that cache-timing attacks are a threat not only when executing the cryptographic primitives but also in the presence of the cache activity of the whole protocol suite.

而且次數相當的少,就可以 key recovery:

260 SSH-2 handshakes to extract a 1024/160-bit DSA host key from an OpenSSH server, and 580 TLS 1.2 handshakes to extract a 2048/256-bit DSA key from an stunnel server.

CVE 編號為 CVE-2016-2178OpenSSL 全系列 (包括 fork 出去的版本) 與 OpenSSH 只要是 DSA 的實作都中獎...

CloudFlare 總算記得要加美國的點了...

CloudFlare 一直加海外的點,在東南亞加到平均 latency 比美國低... 這有點不太像話 XD 總算是記得要加強美國的 latency 了:「Hello, Colorado! CloudFlare's 82nd Data Center is Live in Denver」。

這次加在丹佛剛好是目前美國的點裡面最弱的一環:先前離 CloudFlare 最近的機房應該是 Phoenix 或是 Dallas,都大約在 600km 左右,latency,而網路也不會直線連接,所以這次加上去後的改善很明顯:


Denver joins CloudFlare's existing United States data centers in Ashburn, Chicago, Dallas, Los Angeles, Miami, Minneapolis, Phoenix, San Jose, and Seattle. In the continued pursuit of faster performance, we have data centers at another ten North American cities in the works.


Our week of expansion isn't done. Tomorrow, we head to one of the world's largest cities.

換 Ubuntu 的字型... (Andada、PT Sans Captian、Hack)

在 HiDPI 4K 螢幕下挑字型的基準跟以往普通 DPI 螢幕完全不同。以往會受到當畫素不夠時的限制,在 HiDPI 下就不需要考慮這點了...

我三不五十就會換個字型用 (換心情),所以之後有可能會再換掉... 這次挑選的基準有三個:

  • 免費可在網路上下載個人使用的。
  • 字的重量要重一些。
  • sans 與 monospace 的字要帶有一點 serif 的感覺。

我把 fontconfig 設定放在 99-local.conf 這邊,有興趣的可以直接拉回去丟到 /etc/fonts/conf.d/ 裡用...

Andada 是拿來定義 sans 的,長這樣:(出自「Andada Font Free by Huerta Tipográfica」)

PT Sans Captain 是拿來定義 serif 的,長這樣:(出自「PT Sans Font Free by Paratype」)

Hack 是拿來定義 monospace 的,長這樣:(出自「Hack Font Free by Chris Simpkins」)

Facebook 上貼的所有的連結都是公開的

tl;dr:Facebook 認為這個功能是 feature,不是 bug。

在「Why you shouldn’t share links on Facebook」這邊作者發現在 Facebook 上貼的「任何一個連結」都會產生 object id,而任何一個 object id 都可以直接取得 url,無論權限設定,像是這樣:

而 Facebook 認定這是 feature 而非 bug:

可以想像 NSA 之類的單位與地下組織開始狂掃...

把 JavaScript 關閉一個月後的其他感想

一個月前我決定把瀏覽器的 JavaScript 預設關掉:「把 Google Chrome 預設的 JavaScript 關閉,開白名單...」,包括後來「改用 Simple JavaScript Toggle 切換 Google Chrome 的 JavaScript」試著找出快速暫時性切換的方案。

跑了這一個月下來,就好處來說,在一個月前的文章就有提到了,到是遇到不少問題 (然後找到各種方法解掉)。

主要的問題是電子商務網站幾乎都不會動 (包括信用卡刷卡網站),尤其是刷卡階段常用 HTTP POST,沒辦法靠 Simple JavaScript Toggle 在失敗時切過去 (會被刷卡系統偵測到重複送出而擋下),必須設白名單避免問題。

另外是愈來愈多內容性質的網站再沒有 JavaScript 下就不會動,不過這種性質的網站在 Google Chrome 上可以靠 Readability 來解決,還順便把版面給搞定了,不算是什麼大問題。


Microsoft Azure 宣佈正式支援 FreeBSD

Microsoft Azure 宣佈支援 FreeBSD:「Microsoft has created its own FreeBSD image. Repeat. Microsoft has created its own FreeBSD image」,Microsoft 的正式公告在這:「FreeBSD now available in Azure Marketplace」。

Microsoft 所作的 patch 都有進 10.3-RELEASE 裡,主要是對於 Hyper-V 虛擬化後的效能補強:

The majority of the investments we make at the kernel level to enable network and storage performance were up-streamed into the FreeBSD 10.3 release, so anyone who downloads a FreeBSD 10.3 image from the FreeBSD Foundation will get those investments from Microsoft built in to the OS.

像是 10Gbps 網路這部份就有明顯的改善:

For example, our measured networking throughput on a 10Gb network on FreeBSD 10.1 was 2Gbps. With 10.3, we’ve been able to achieve over 9Gbps in testing


GitHub Pages 正式支援 HTTPS

GitHub 正式宣佈支援 HTTPS:「HTTPS for GitHub Pages」。

其實對使用者來說,前面的 CDN 伺服器已經支援 HTTPS 很久了,但因為之前從 CDN 到 GitHub 這端沒加密,所以一直都不算是正式支援:

You have been able to request Pages sites over HTTPS for some time, but we refrained from officially supporting it because the traffic from our CDN to our servers wasn't encrypted until now.

另外,新建立的 GitHub Pages 都強制上 HTTPS:

Starting next Wednesday (June 15, 2016, 12pm PDT), HTTPS enforcement will be required for all new GitHub Pages sites.

在 Python 的 pip、Nodejs 的 npm、Ruby 的 RubyGems 上面放木馬研究?

在 Python 領域裡常用 pip 安裝軟體:

$ pip install reqeusts


$ sudo pip install reqeusts

其他的平台也大致類似於這樣的動作。而在「Typosquatting programming language package managers」這篇文章裡,作者用 typo 之類的方式列出可能的名稱,像是這樣的名稱:

$ sudo pip install reqeusts


All in all, I created over 200 such packages and equipped them with a small program and uploaded them over the course of several months. The idea is to add some code to the packages that is executed whenever the package is downloaded with the installing user rights.


Firefox 48 將引入 Multi-process 模式

現在是 Firefox 47,也就是下個版本就會引入 Multi-process 模式了:「Firefox 48 finally enables Electrolysis for multi-process goodness」。

Multi-process 模式也就是 Electrolysis,這對權限的分離 (sandbox) 以及效能的提昇有著顯著的幫助:

Electrolysis functionality hosts, renders, or executes web related content in background child processes which communicate with the "parent" Firefox browser via various ipdl protocols. The two major advantages of this model are security and performance. Security improvements are accomplished through security sandboxing, performance improvements are born out of the fact that multiple processes better leverage available client computing power.

這算是個開頭,地基打出來以後,之後就可以拆更多東西到其他的 child process。