Is open source more secure?

Always in the same issue of 2600, phundie describes an attack on GnuPG: an open signature programme. He used Linux command LD_PRELOAD to overload a shared library. By analyzing the software in passphrase.c from the GPG distribution, he spotted the use of functions read() and memcpy(). He wrote a software to overload them and to dump the data in a file. Later, it was rather simple to spot the potentially dialed passphrase.

In the paper, he proposes several countermeasures such as using only static binary, rewrite its own procedures, or verify that LD_PRELOAD is not modified.

This paper clearly illustrates that open source is not adapted to hostile environment. It gives a strong advantage to an attacker who controls the host. It would be interesting to write a good paper analyzing the trust model of open source software highlighting the assumptions. Any volunteer to be co-author?

Leave a Reply

Your email address will not be published. Required fields are marked *