Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <uuhg0r$3dd$1@ciao.gmane.io>
Date: Tue, 2 Apr 2024 17:41:47 -0000 (UTC)
From: Tavis Ormandy <taviso@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: finding similar compromises (was Re: From xz to ibus: more
 questionable tarballs)

On 2024-04-02, Tavis Ormandy wrote:
> On 2024-04-01, HW42 wrote:
>> Hi Jan,
>>
>> great that you are looking for further problems. (Just to be clear, I'm
>> not associated with ibus in any way.)
>>
>
> Yes, agreed. In the interests of discussing things in the open after
> just complaining about embargoes... :)
>
> It occurred to me that I could grep around in an SKS dump for any keys
> that had similar options that Jia Tan used -- algorithm preferences and
> so on -- and see if any jumped out as suspicious.
>

FYI, of the 22,885,940 signature packets in my SKS dump, 1186 had the
same options as Jia's (algo, keylen, expiry, prefs).

Around 26 were made +/- a month of Jias, I checked them all manually.

Around ~11 had github accounts that matched the user id -- no obvious
malice. A few were package signing keys, but browsing the releases they
seem okay to me.

There was a cluster from Warwick students, I'm thinking they use the
same distribution as Jia? e.g, these all look similar:

    E1FE439D3D8EE51B
    5DB5A25F19EE1E29
    70A3969D7067B537
    9471FAF63F9D494D

Note: You can fetch them with something like gpg --recv-key xxx

In summary, nothing suspicious jumps out, I'm just documenting it here
to save anyone else the effort.

If I extend the search for keys generated at any time (not just close to
when Jia's key was generated), there are 1,186 matches. That's probably
too much to check manually, but I'll check the user\d+@...e-email
ones this afternoon....

$ grep -cP '<\w+\d+@.*\>' matches.txt
58

I guess it's alo possible Jia just entered "5y" manually at the
--full-generate-key prompt, or doesn't use that expiration consistently.
If so, there are 26,871 matching keys to check :(

Anyway, I feel like my eyeballs did their part :)

Tavis.

-- 
 _o)            $ lynx lock.cmpxchg8b.com
 /\\  _o)  _o)  $ finger taviso@....org
_\_V _( ) _( )  @taviso

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.