[linux-elitists] Rooted kernel.org hosts (was: PJ takes her victory lap)

Jay Sulzberger jays at panix.com
Wed Aug 31 22:53:30 PDT 2011


Elitists!  Please forgive my failure to arrange proper
threading, if thread be not arranged properly!

On Wed, 31 Aug 2011, Rick Moen <rick at linuxmafia.com> wrote:

> Quoting Rick Moen (rick at linuxmafia.com):
>
>> In other news, here.kernel.org was recently determined to be hax0red, and
>> Jon C. kindly explained to journos why the sky remains determinedly unfallen.
>> https://www.linux.com/news/featured-blogs/171-jonathan-corbet/491001-the-cracking-of-kernelorg
>
> Typo; I knew full well that the hostname is 'hera', but my fingers were
> in rebellion.
>
> Anyway, cross-posting my query from LWN:
>
>
> I'm curious about two points not (to my knowledge) yet covered, probably
> for the simple reason that there hasn't been enough time for proper
> forensics:
>
> 1. What was the escalation path to root?
>
> 2. Completely aside from the git repo contents, were the downloadable
> *.tar.[gz|bz2] source archives trojaned? Are there any non-site-local
> mechanisms in place to detect such tampering (other than, of course, the
> fact that the Linux Kernel Archives OpenPGP key is well known, and some
> of us bother to check the *.tar.[gz|bz2].sign files?

>From front page of http://www.kernel.org just now:

   However, it's also useful to note that the potential damage of
   cracking kernel.org is far less than typical software
   repositories. That's because kernel development takes place using
   the git distributed revision control system, designed by Linus
   Torvalds. For each of the nearly 40,000 files in the Linux
   kernel, a cryptographically secure SHA-1 hash is calculated to
   uniquely define the exact contents of that file. Git is designed
   so that the name of each version of the kernel depends upon the
   complete development history leading up to that version. Once it
   is published, it is not possible to change the old versions
   without it being noticed.

   Those files and the corresponding hashes exist not just on the
   kernel.org machine and its mirrors, but on the hard drives of
   each several thousand kernel developers, distribution
   maintainers, and other users of kernel.org. Any tampering with
   any file in the kernel.org repository would immediately be
   noticed by each developer as they updated their personal
   repository, which most do daily.

Here is a copy of Satoshi Nakamoto's announcement of his Bitcoin
paper on the cryptography list:

   Bitcoin P2P e-cash paper

      Satoshi Nakamoto
      Sat, 01 Nov 2008 16:16:33 -0700

   I've been working on a new electronic cash system that's fully
   peer-to-peer, with no trusted third party.

   The paper is available at:
   http://www.bitcoin.org/bitcoin.pdf

   The main properties:
    Double-spending is prevented with a peer-to-peer network.
    No mint or other trusted parties.
    Participants can be anonymous.
    New coins are made from Hashcash style proof-of-work.
    The proof-of-work for new coin generation also powers the
       network to prevent double-spending.

   Bitcoin: A Peer-to-Peer Electronic Cash System

   Abstract.  A purely peer-to-peer version of electronic cash would
   allow online payments to be sent directly from one party to another
   without the burdens of going through a financial institution.
   Digital signatures provide part of the solution, but the main
   benefits are lost if a trusted party is still required to prevent
   double-spending.  We propose a solution to the double-spending
   problem using a peer-to-peer network.  The network timestamps
   transactions by hashing them into an ongoing chain of hash-based
   proof-of-work, forming a record that cannot be changed without
   redoing the proof-of-work.  The longest chain not only serves as
   proof of the sequence of events witnessed, but proof that it came
   from the largest pool of CPU power.  As long as honest nodes control
   the most CPU power on the network, they can generate the longest
   chain and outpace any attackers.  The network itself requires
   minimal structure.  Messages are broadcasted on a best effort basis,
   and nodes can leave and rejoin the network at will, accepting the
   longest proof-of-work chain as proof of what happened while they
   were gone.

   Full paper at:
   http://www.bitcoin.org/bitcoin.pdf

   Satoshi Nakamoto

The announcement is archived at

   http://www.mail-archive.com/cryptography@metzdowd.com/msg09959.html

The Linux kernel "web of Git" is a realization of an
approximation of the "Bitcoin web", that is, Satoshi's block
chain system.  The claim is that, by somewhat different means,
the Linux kernel web is also somewhat resilient against attack by
injection of bad blocks^Wkernel trees.

oo--JS.


>
>
> _______________________________________________
> Do not Cc: anyone else on mail sent to this list.  The list server is set for maximum one recipient.
> linux-elitists mailing list
> linux-elitists at zgp.org
> http://zgp.org/cgi-bin/mailman/listinfo/linux-elitists
>
>




More information about the linux-elitists mailing list