[Cryptech Tech] Roadmap & remarks about the opportunity of developing a secure TOR router on the Novena platform.

Benedikt Stockebrand bs at stepladder-it.com
Sun Aug 3 09:42:12 UTC 2014


Hi STMAN and list(s),

★ STMAN ★ <stman at riseup.net> writes:

> Thank you very much for your contribution Bernd, I fully agree with
> all what you said. C language is a problem, but it is also a standard.

and assembler was standard when some people developed C to overcome the
weaknesses of assembler, and so on.

Being "a standard" is no reason to continue using an inherently broken
tool; that said, C was originally meant for OS development and not
really for applications anyway.

I've taken a look at D some time ago, but it got rather quiet about it.
Maybe some time I'll find the time to give Go a chance, but I'm not sure
when, and if at all.

> Correcting efficiently C language « weaknesses » like intensive stack
> usage cannot be achieved securely through software technics : [...]

Neither can it be done in hardware without breaking some of the features
that C "offers" and which are useful in the context it was originally
designed for, i.e. an "architecture independent high-level macro
assembler".  And before the C fanboys here start to throw rocks: That's
not at all derogatory; instead, C proved to the world some 40 years ago
that such a thing, and writing an OS in it, was actually possible, while
other people still squabbled over using operating systems at all.

> Of course, we still need to link the code with some libraries like SSL
> and a TCP/IP stack, but understand that with no possibility to use the
> security breach mentionned above, any « standard low level attack » on
> this, even if not perfect (Containing overflows) would be blocked.

That's a _huge_ claim; hope you can back it with results some time.

The weaknesses with TCP/IP and especially SSL aren't all implementation
related anyway, but design problems.  They all suffer from significant
feature bloat, APIs that are a pain in the backside to use as is, and
implementations that weren't necessarily built with the level of
security awareness they would have deserved by our today's standards.

Or put more bluntly: You may be trying to fix a minor hole with lots of
enthusiasm but completely ignore the much larger holes elsewhere.  This
is good to get started, but it won't win you any much until you
eventually address all the issues involved.


Cheers,

    Benedikt

-- 
Benedikt Stockebrand,                   Stepladder IT Training+Consulting
Dipl.-Inform.                           http://www.stepladder-it.com/

          Business Grade IPv6 --- Consulting, Training, Projects

BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/


More information about the Tech mailing list