Freedom, Security and Privacy

Kyle Rankin

Chief Security Officer

Purism, SPC

Linux Journal Tech Editor, Columnist

Author of Linux Hardening in Hostile Networks

@kylerankin

https://kylerank.in/talks/security/freedom_security_privacy.html

Oxford Commas

• I'm a grammar nerd, do a lot of tech writing
• Oxford comma debate like arguing Kung Fu vs. Jujitsu
• Learn both, join MMA, defeat people w/ only one style
• I use Chicago Style when writing books, AP for magazines/web
• AP style appropriate for this presentation.

Introduction

• Freedom, security and privacy are interrelated
• Privacy important part of freedom
• Privacy often protected by security
• Link between freedom and security may be less obvious
• Security often relies on secrecy
• Secret=secure, proprietary=secret, therefore proprietary=secure?
• This talk: analyzing the link between all three.

Many Eyes Make Security Bugs Shallow?

• Core tenet of Free Software quality
• Some conclude many eyes make security bugs shallow
• Counterpoint: OpenSSL, Bash, Imagemagick
• Counter-Counterpoint: Flash, Acrobat Reader, IE
• Security bugs need the right eyes looking at the code
• Black-box or not, researchers will find bugs if they look.

When Security Reduces Freedom

• That time when Secure Boot was the only option.

Secure Booting: Now with Extra Freedom

• Free Software tamper-evident boot: Heads
• Stores BIOS measurements in TPM
• Files in /boot signed with your GPG key
• Alerts when BIOS or /boot files modified
• Keys completely under your control.

When Security Reduces Privacy

• Infoworld: "Snowden: NSA Planted Backdoors in Cisco Products"
• NSA intercepted Cisco products shipping overseas
• Implanted backdoors, repackaged with factory seal
• ZDNET: "NSA Suspected in Juniper Firewall Backdoor Mystery, but Questions Remain"
• Backdoor implanted in ScreenOS around mid-2012
• Allowed admin access and VPN decryption via SSH
• Plenty of other examples like this
• Hard-to-solve problem with closed security software.

Reproducible Builds

• FLOSS blazing trail in secure software with reproducible builds
• "Does the binary I get from my distro match upstream?"
• Lets you test for tampering/backdoors in binaries using freely-available code
• Download source, compile, compare results with public binary
• Debian working to make all packages reproducible
• Arch, Fedora, Qubes, Heads, Tails, coreboot, and others also working on own implementations
• Something you just can't do with proprietary software.

Why Not All Three?

• Freedom, Security and Privacy vs iOS and Android
• To protect your own security and privacy, you need freedom and control
• Without freedom, security and privacy requires full trust of vendors
• Vendors don't always have your best security/privacy interests
• Hard to revoke trust
• Picking FLOSS products gives you control of trust
• Reproducible builds mean you aren't required to trust even FLOSS vendors
• Adding freedom ultimately results in stronger security, privacy
• Freedom, security and privacy not just interrelated, but interdependent.

Thanks

Additional Resources

• This talk: https://kylerank.in/talks/security/freedom_security_privacy.html
• Heads tamper-evident boot software: https://github.com/osresearch/heads
• Infoworld: "Snowden: NSA Planted Backdoors in Cisco Products"
• ZDNET: "NSA Suspected in Juniper Firewall Backdoor Mystery, but Questions Remain"
• Reproducible builds: https://reproducible-builds.org/
• Debian reproducible builds: https://wiki.debian.org/ReproducibleBuilds