Always in the same issue of 2600, phundie describes an attack on GnuPG: an open signature programme. He used Linux command LD_PRELOAD to overload a shared library. By analyzing the software in passphrase.c from the GPG distribution, he spotted the use of functions read() and memcpy(). He wrote a software to overload them and to dump the data in a file. Later, it was rather simple to spot the potentially dialed passphrase.
In the paper, he proposes several countermeasures such as using only static binary, rewrite its own procedures, or verify that LD_PRELOAD is not modified.
This paper clearly illustrates that open source is not adapted to hostile environment. It gives a strong advantage to an attacker who controls the host. It would be interesting to write a good paper analyzing the trust model of open source software highlighting the assumptions. Any volunteer to be co-author?
Pingback: Blockchain: a “supply chain” attack | The blog of content protection