Turtles all the way down: Introduction

Jan 03, 2014

The sum total of the Edward Snowden revelations have pretty conclusively proved one thing: That we can't trust anything. The communications networks wrapped around the globe like a blanket are surveilled so minutely that Russian President Vladimir Putin has openly stated his admiration for the US getting away with it so successfully. Much of the cryptographic infrastructure used to protect our communications and data at rest is known to be vulnerable to one or more practical attacks that, in the end they can't really be called effective if one wants to be honest. The company RSA has all but admitted that the BSafe libraries, which are used in dozens of software packages have serious flaws in them. To recap, in September 2013 RSA announced that we shouldn't use BSafe in the default configuration, which includes the use of the Dual_EC_DRBG pseudorandom number generator by default. Then in December 2013, it came out that RSA had a $10mus software development contract with the NSA.

Taken separately, the two things are not particularly incriminating. When you put them togegther, it strongly implies that the latter brought about the former. A few days after that a patent was discovered which reveals how Dual_EC_DRBG was probably compromised. On New Year's Eve a proof of concept implementation of this attack was published. Ouch.

SSL and TLS, most commonly discussed in the context of the Web but used elsewhere to protect data in motion have been debated, torn apart, PoC'd and bikeshedded to death, so I won't talk about them again. As it turns out, you can't even trust any hardware you buy. It's also come out that the NSA intercepts some computer hardware purchased online to backdoor it before it reaches the entity that bought it. Not just whole computers are compromised before they're received, even Ethernet switches, routers, and the firmware of hard drives from the biggest manufacturers have fully capable and mature attack methods for boobytrapping them already worked out. Entirely separate from the Snowden revelations, I beg you to note, security researchers have independently discovered some of the same attacks, namely, backdooring hard drive firmware and installable Cisco iOS rootkits.

But wait, it gets better. In late 2013 a team of researchers published a paper (including a hands-on methodology by which the technique can actually be carried out) about an attack in which they were able to manipulate individual transistors on the silicon to undetectably meddle with important functions like random number generation (Stealthy Dopant-Level Hardware Trojans by Becker, Regazzoni, Paar, and Burleson). If they were able to figure it out in 2013, you have to wonder what was possible in previous years... say, those parts of the calendar discussed in Snowden's papers. This implies that you can't even trust commodity chips if you want to build your own gear because you can't tell if they may have been tampered with in subtle ways.

Not many people are really sure what's going on in the firmware blobs loaded by common peripherals like network interfaces, graphics cards, and just about every other input/output device that we use on a daily basis. By definition, all of those firmware images are executable code, and thus they are backdoorable. If you follow the trail far enough you will discover that the radios in something as common as a cellphone are themselves Turing-complete microcomputers running their own operating systems and containing their own exploitable vulnerabilities. This is just as bad as you think it is.

After the latest set of shocks passed I got to thinking - how could a theoretically trustworthy toolchain be bootstrapped, assuming that one was sufficiently motivated? I mean, from straight chips all the way up to a computer that day-to-day work could get done on? Everything from word processing to writing and debugging code...

Please bear in mind, I have not actually done this before. I might be getting some stuff wrong because I don't understand something sufficiently or because I don't have the hands-on experience to know any better. I suspect that I might have added some steps that are irrelevant. At any rate, I started this research project to puzzle out what, exactly would be involved in building a general purpose computer as close to from scratch as possible in the year 2014.ev. I'm hoping that people who know more about some of the sketchy bits will chime in with comments because I would very much like to see this happen one day.

From time to time I'm going to be using a particular term to refer to the open source hardware and software platform I noodle over - trusted. Ordinarily, 'trusted' in an information security context means that the system is designed from the silicon up to support things like cryptographic operations proven to do what they're supposed to do, store keying material in such a way that not even the user can get to it (only certain pre-approved and signed code can get access), and to test that that certain aspects of the OS have not been tampered with (like the kernel or boot loader). In our context, 'trusted' is going to mean that we trust the computer described because we've built as much of the tech stack as possible, either with our own two hands or in concert with a group of other people that we interact with often enough to be able to say that they probably aren't plants from certain agencies that shall remain nameless. In other words, we trust it slightly farther than we can throw a Buick without the assistance of powered armor. It also serves as an identifier for this hypothetical project as a whole, because trying to name it something evocative, cute, or creative does the intellectual exercise a disservice. It is my sincere wish that this series of articles (and any comments added to expand upon or correct the text) inspires a group of people to work out exactly how to build a general purpose computer from as close to the ground up as possible and make it happen.

Next post: We get practical.

This work by The Doctor [412/724/301/703][ZS] is published under a Creative Commons By Attribution / Noncommercial / Share Alike v3.0 License.