From owner-freebsd-security@freebsd.org Thu Oct 6 02:15:17 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 568BEAF6484 for ; Thu, 6 Oct 2016 02:15:17 +0000 (UTC) (envelope-from repeatable_compression@yahoo.com) Received: from nm37.bullet.mail.ne1.yahoo.com (nm37.bullet.mail.ne1.yahoo.com [98.138.229.30]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 23C9A787 for ; Thu, 6 Oct 2016 02:15:16 +0000 (UTC) (envelope-from repeatable_compression@yahoo.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1475720110; bh=QRPAuT3FHGwn7cObK9w42e3pYCrMUad/bEOIjioCKIY=; h=Date:From:Reply-To:To:In-Reply-To:References:Subject:From:Subject; b=IMVBkCSXGSrnZDByjUaHG53+jMkKI8E1ue+z9eEp74utz4eaWfhiPFpRPQ5DsxZHa4/J9/zp3gHGsC9eTjiSnIR9yp+LN2R3B+Fq4z4oWMajE0hyyORj1uXspl32XpoSRQ1hiIXhclaO2c3c6AdmQYSCNEHWVwr1dEgbaeHxz9/CLua5xwpF1EPe4zieQkD1n6Kj/RsZ8zXh36Hl4T4J9mkYzI67KSyJIIfSPZWAmQIhPfVS5a6S7DCQ+kRQhr5LDFkGAMU96Wp6ccEOrDmRzswTgdN6ScJ8PF0WhTs81wTxCdwelIfrCqkjq8qtqt1CaAfioGsScgXN1oh/xeWHJw== Received: from [127.0.0.1] by nm37.bullet.mail.ne1.yahoo.com with NNFMP; 06 Oct 2016 02:15:10 -0000 Received: from [98.138.100.114] by nm37.bullet.mail.ne1.yahoo.com with NNFMP; 06 Oct 2016 02:12:26 -0000 Received: from [98.138.226.167] by tm105.bullet.mail.ne1.yahoo.com with NNFMP; 06 Oct 2016 02:12:25 -0000 Received: from [127.0.0.1] by omp1068.mail.ne1.yahoo.com with NNFMP; 06 Oct 2016 02:12:25 -0000 X-Yahoo-Newman-Property: ymail-4 X-Yahoo-Newman-Id: 970964.95763.bm@omp1068.mail.ne1.yahoo.com X-YMail-OSG: 9sLoj3wVM1l8Z29yvAupt6yQrT0iQapzvFspRLq8S.KFQq77ylczh5yA1EStQpi ZaXkYd2TUXEMhAWAb_Q2xIjG1EngT3ezXBistKm1pd694Yq1SqKAmR3ySTVQzBqEWhVDXvxYuXG9 V4_P9UjF1t_TKqTdEUp9tuV7tmHOoQh.uaCPxpI0j97dZGFOuaYGoi7.hh_jo10JHQd0w3ZEN6Gc iAqCtDtIESSZdF4X9n2_.YLK9s8X2jsnTQVXsDi475RyPYXvCCXIWb7xf0eeKxo6BLtPMmvphwbk _AyMvK28kjnlE_aHrAnoTi80.qHXpNfUVHOh52qvMO3U8_0vsDDuEmjA04SJPhOtrbvzgY91VSdd yL07TpYLsS43jrQCtoSSOw2VkovlEUK_kp7aR.rZXrwX2zG0NeggXIuhh2fXOVPPEJ3uZ6qQWYQg HCpSrX1VMnXerQsA6ykvfb09jYgbI7OFsZkyBkxyxmJMLakNfxq6L6WNQhQIAxtt.rEMcPkcvzAX Irm1lwz8QrVpaLbrypou_76k1jxuFTuRBedTj9wIVW4oh Received: from jws100249.mail.ne1.yahoo.com by sendmailws109.mail.ne1.yahoo.com; Thu, 06 Oct 2016 02:12:25 +0000; 1475719945.510 Date: Thu, 6 Oct 2016 02:12:25 +0000 (UTC) From: Jules Gilbert Reply-To: Jules Gilbert To: "freebsd-security@freebsd.org" Message-ID: <1326548497.53590.1475719945105@mail.yahoo.com> In-Reply-To: <307150697.750173.1475719669536@mail.yahoo.com> References: <1410500115.6001690.1475677275963.ref@mail.yahoo.com> <1410500115.6001690.1475677275963@mail.yahoo.com> <307150697.750173.1475719669536@mail.yahoo.com> Subject: Fw: isn't this the worst possible report?? -- i went back and put a copy on a memstick; see attachment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2016 02:15:17 -0000 See attachment,=C2=A0 Simple program, in C.=C2=A0 Without access to=C2=A0 a= file, it "partially characterizes" it.=C2=A0 (My term for weakly predictin= g it.)=C2=A0 Why is this useful?, read on. But please help me.=C2=A0 These attacks are limiting my work efforts. =20 ----- Forwarded Message ----- From: Jules Gilbert To: Julian Elischer =20 Sent: Thursday, October 6, 2016 2:07 AM Subject: Re: isn't this the worst possible report?? -- i went back and put= a copy on a memstick; see attachment =20 First, the machine wasn't new, it's more than five years old.=C2=A0 Sorry, = I thought my post was obvious, that the OS environment was brand-new.=C2=A0= Sorry to confuse you. Second, I've been getting hit everyday, everytime I put up a non-CDROM base= d OS.=C2=A0=C2=A0=C2=A0=C2=A0 No matter the day, no matter the time, (which= makes me think it's not one person.) And why am I in this situation? Well, not that I know the reason,=C2=A0 but I actually do have repeatable c= ompression, except lot's of folks don't believe me. Some in the FreeBSD community have my give-away demo.=C2=A0 What I describe= is available, it's in C and not difficult for any programmer to follow. = =C2=A0 (And, except for the usual fopen/fgetc/similar, the program contains= no API references.) =C2=A0 I'm running off a CD, so I don't have it on the= disk (how do I mount the underlying disk?=C2=A0 I'm running Lubuntu, it's = the disk I had on hand.)=C2=A0 My point, if you ask I'll send you a copy. About my demo;=C2=A0 it serves two purposes. SCENARIO #1:=C2=A0=C2=A0 You are on machine 1, you want a file from machine= 2.=C2=A0=C2=A0=C2=A0 This is without wires, wireless, media transfer, it's= all done by guessing, nothing else.=C2=A0 Lot's of people think it's right= 50% of the time, not so.=C2=A0 It's right (this version,) 75% of the time. You have the system PRNG (a random-number generator that is restartable;=C2= =A0 Both the SEND and RCVE machines must use the same key-seed.=C2=A0 How a= bout 1.0? It guesses 'p', where: int p =3D r >=3D d; (The function that does this is called "rdRELATION" in the code, it returns= a one or zero.)=C2=A0=20 Without knowing or having any access to 'd'.=C2=A0 The demo version is righ= t with a probability of 0.75 (that's 75%.)=C2=A0 The commercial version is = correct with a probability of 1. Now if you know 'p', then you can do a lot to infer 'd'.=C2=A0 You can iter= ate, XOR'ing 'r' through a sequence of values.=C2=A0 Let me not detail the = works but instead just say that deriving 'd' is easy. Again, to those people who work on FreeBSD, ask and I'll send you a copy.= =C2=A0=C2=A0 (I just spent a few minutes putting a copy on a memstick and a= ttaching it.) Okay, now it get's deep... SCENARIO #2:=C2=A0=C2=A0=C2=A0 Basically, the same problem, except now the = file containing the 'd' vector of values doesn't exist.=C2=A0=C2=A0 That fi= le won't exist for a week, which is when you'll sit down and write the mess= age to yourself. When you're done laughing... Except we (we geeks,) already do something very similar to this.=C2=A0=C2= =A0=C2=A0 I'm not kidding. From: Julian Elischer To: freebsd-security@freebsd.org=20 Sent: Wednesday, October 5, 2016 7:14 PM Subject: Re: isn't this the worst possible report?? =20 On 5/10/2016 7:21 AM, Jules Gilbert via freebsd-security wrote: > Well maybe worse, that the deal with AT&T for the BSD franchise has falle= n apart... > Okay, so I have a FreeBSD 10.1 CD-ROM,=C2=A0 believed to be a true copy a= nd authentic copy. > And I loaded it on a computer.=C2=A0 I did this entirely offline.=C2=A0 I= also supplied passwords. > > Then I went online to get packages. > Nothing unusual happened UNTIL the machine seized and when I rebooted I d= iscovered it would hang and reboot.=C2=A0 A loop. > I had done nothing to cause this.=C2=A0 I had not opened an X session nor= done anything other than load packages such as maxima, cproto.=C2=A0 Nothi= ng involved in the area of security. > > I had thought this was pretty much impossible...=C2=A0 Remember, this mac= hine was brand new, I'd loaded FBSD-10.1 on it no more than an hour prior a= nd had not messed with any of the internals. > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" > > depending on where it rebooted, it really sounds like an infant=20 mortality problem..=C2=A0 (failure in computer or drive). (brand new machines have a much higher chance of failure than middle=20 aged machines, as all the components burn in.) why is this in 'security'? _______________________________________________ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" =20 =20 From owner-freebsd-security@freebsd.org Thu Oct 6 05:45:01 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E096BBD3CD0 for ; Thu, 6 Oct 2016 05:45:01 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 401E9F55 for ; Thu, 6 Oct 2016 05:45:00 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id u965infO096855; Thu, 6 Oct 2016 16:44:49 +1100 (EST) (envelope-from smithi@nimnet.asn.au) Date: Thu, 6 Oct 2016 16:44:49 +1100 (EST) From: Ian Smith To: Jules Gilbert cc: "freebsd-security@freebsd.org" Subject: Re: Fw: isn't this the worst possible report?? -- i went back and put a copy on a memstick; see attachment In-Reply-To: <1326548497.53590.1475719945105@mail.yahoo.com> Message-ID: <20161006163807.Q6806@sola.nimnet.asn.au> References: <1410500115.6001690.1475677275963.ref@mail.yahoo.com> <1410500115.6001690.1475677275963@mail.yahoo.com> <307150697.750173.1475719669536@mail.yahoo.com> <1326548497.53590.1475719945105@mail.yahoo.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2016 05:45:02 -0000 On Thu, 6 Oct 2016 02:12:25 +0000, Jules Gilbert via freebsd-security wrote: > But please help me.  These attacks are limiting my work efforts. A lot of people make the mistake of using cheap aluminium foil. You have to use real tin. HTH, Ian