Date: Sat, 4 Apr 2015 00:36:41 +0300 From: Gleb Smirnoff <glebius@FreeBSD.org> To: Hans Petter Selasky <hps@selasky.org> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>, "Robert N. M. Watson" <rwatson@freebsd.org> Subject: Re: Patch to reduce use of global IP ID value(s) to avoid leaking information Message-ID: <20150403213641.GM64665@glebius.int.ru> In-Reply-To: <551F034A.3040402@selasky.org> References: <551F034A.3040402@selasky.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hans, On Fri, Apr 03, 2015 at 11:16:58PM +0200, Hans Petter Selasky wrote: H> > What the hell? At Fri, 3 Apr 2015 15:41:21 +0300 (MSK) you ask: H> H> An expression like that requires a good answer. I've pulled together H> some parts and pieces from some existing code to make a test application H> showing the problem. Maybe when you hear the problem with your own ears, H> you will get it. H> H> Setup: H> H> I'm running 11-current prior to Gleb's IP ID commits. Possibly Gleb's IP H> ID commits won't change much. H> H> This little crude application I've called "pingphone" almost allows you H> to speak PCM audio through ICMP packets with zero payload. ... Thanks for a nice hack, I'll look at it :) H> What's stated in: H> H> https://svnweb.freebsd.org/changeset/base/281024 H> H> Is correct. I see no technical reason to pull that out. Hans, no one argued with you, that there is a covert channel. Yes there is one! And there are dozens of other covert channels in TCP/IP. But our manual pages are not an essays on hacking the Internet, however. The point of the manual pages is to provide documentation on knobs and switches. The point of the manual pages is not to describe funny stuff you can achieve turning the knobs on or off. The documentation on net.inet.ip.random_id is solid and doesn't need the text from your commit. If you don't agree with me, let's ask opinion of Mike Silbersack, the author of the random IP ID code. What does he things on manual page diff? P.S. Let me notice again, that you give 1 hour and 40 minutes for review. Why so impatient? The paragraph was sitting there without modification for a decade. Can it wait for at least a day? -- Totus tuus, Glebius.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150403213641.GM64665>