Anaconda 22.17+ enforces "good" passwords
by Chris Murphy
Hi,
First some background:
Anaconda 22.17+ has started to enforce the following:
+- Don't allow weak LUKS passwords either (bcl)
+- Don't allow weak passwords (text mode). (sbueno+anaconda)
+- Remove the press done twice to exit text (bcl)
+- Don't allow weak user passwords (bcl)
test@ list 1st announcement of change, and the ensuing 91 (and
counting) email thread which you're welcome to skip as I'll attempt to
cover the salient points in this email:
https://lists.fedoraproject.org/pipermail/test/2015-January/124827.html
The impetus behind the change are the two scope bullets in this rejected change:
https://fedoraproject.org/wiki/Changes/SSHD_PermitRootLogin_no
A FESCO ticket has been opened asking for review:
https://fedorahosted.org/fesco/ticket/1412
And then some points:
- I think it'll make users angry. The test@ list is overwhelmingly
against the change, and I expect they're more tolerant and
understanding compared to the wider community.
- On Windows and OS X server variants, remote access (in-bound)
services are disabled by default. It's expected to use an OOB method
to initially connect to a server (or even VM) and enable the desired
services.
- libpwquality is what's being used to "grade" the quality of the
passwords used in anaconda. This has been referred to as having
capricious behavior in the test@ thread. In a 2 day old build of
boot.iso which contains the current version of libpwquality and
anaconda 22.17, I'm finding the following:
The gibberish password that an infamous xkcd comic strip railed against
# pwscore
Tr0ub4dor&3
67 ##anaconda=good
8 actually random lowercase latin characters.
# pwscore
liampres
4
# pwscore
amptiato
4
# pwscore
tempeadj
1
# pwscore
clungerm
1
8 random characters mixed case, numbers, specials.
# pwscore
CHYtU$W3
27
# pwscore
ja#P2etw
27
# pwscore
6*T!MsjD
21
Portions of widely published phrases, lowercase latin characters.
# pwscore
correcthorse
41 ##anaconda=fair
# pwscore
batterystaple
55
# pwscore
correcthorsebatterystaple
100
# pwscore
onceuponatimetherewasa
100
# pwscore
itwasthebestoftimes
100
# pwscore
lookbeforeyouleap
90
# pwscore
dropdeadgorgeous
75
I don't have an easy way to prove this, but in a millions+ attempt
brute force attack, I find it difficult to believe that
correcthorsebatterystaple is not attempted, but 6*T!MsjD is attempted.
I had recently read that up to 100 character dictionary only word
based passwords were routinely attempted in brute force attacks.
I think the change improperly shifts burden to all users without
respect to their use case, in a manner inconsistent with the device
control they've come to expect: no password requirements at all on
mobile devices, and very minimalist ones on Windows and OS X. I don't
see how being an outliar in this area, even among Linux distros,
helps.
Conclusion: I think the concerning services need to be disabled by
default, and use OOB management to enable those services, since it's a
long standing practice elsewhere. If we can do better than this, fine,
but not by shifting the security burden.
Thanks,
--
Chris Murphy
8 years, 6 months
- 7
- 52
boston-area security event that might be of interest Boston College
by Matthew Miller
I mentioned this before but I figured a reminder might be appreciated.
:)
----- Forwarded message from David Millar <david.millar(a)bc.edu> -----
> Date: Thu, 5 Feb 2015 17:46:29 -0500
> From: David Millar <david.millar(a)bc.edu>
> To: security-camp(a)mit.edu
> Subject: [security-camp] Registration Open: Winter 2015 Security Camp at
> Boston College
>
> Hello! We are pleased to invite you to Winter, 2015 Security Camp @
> Boston College. This event is a unique opportunity for security
> professionals at area schools responsible for networks and computer
> systems to assemble and to exchange knowledge, insights, and
> solutions.
>
> Security Camp will again be held in Higgins Hall at Boston College, on
> Thursday, March 5, 2015. It will run from 9:00 a.m. - 4:45 p.m., with
> check-in beginning at 8:30 a.m. Our make up date in case of snow is
> Friday, March 6, 2015.
>
> All who are interested in the topics being presented are encouraged to
> attend. The goal of Boston College's Security Camp is to target the
> interests and needs of our community of professionals working in an
> academic environment. Every effort has been made to enlist a diverse
> group of computer security experts including those who can uniquely
> contribute to security discussions. Your presence will help promote a
> rich experience and successful 2015 camp!
>
> Featured topics for this year include:
> -Identity Management
> -Managing Nessus vulnerability scanning programs - panel discussion
> -Mitigating distributed denial of service attacks
> -Data breach insurance
> -Docker - open platform secure application sandbox runtime and packaging
>
> For full details and registration information, visit:
> http://www.bc.edu/securitycamp
>
> Please register as soon as possible as space is limited. Registration
> ends on Sunday, March 1st.
>
> We look forward to you joining us at Boston College on March 5!
>
> David Millar
> Security Camp Administrator
> Boston College
> _______________________________________________
> security-camp mailing list
> security-camp(a)mit.edu
> https://mailman.mit.edu/mailman/listinfo/security-camp
>
----- End forwarded message -----
--
Matthew Miller
<mattdm(a)fedoraproject.org>
Fedora Project Leader
8 years, 7 months
- 1
- 0
System crypto policies vs gnutls upstream compatibility
by Daniel P. Berrange
There have been many bugs filed against apps using crypto libraries to
update them to use the system crypto policy by default. I'm currently
looking at how to address the one filed against GTK-VNC
https://bugzilla.redhat.com/show_bug.cgi?id=1179301
The current GTK-VNC code sets the priority conditionally depending on
wht VNC auth mech chosen earlier:
gnutls_priority_set_direct(priv->tls_session,
anonDH ? "NORMAL" : "NORMAL:+ANON-DH",
NULL)
So I can't just use gnutls_set_default_priority(), unless there's a way
to ask for "+ANON-DH" separately afterwards ?
At first I thought I could just replace "NORMAL" with "@SYSTEM". Looking
at the GNUTLS upstream code though, the "@SYSTEM" string is only ever
defined in the external crypto policy file and GNUTLS does not appear to
install any such file by default. So I can't use "@SYSTEM" unconditionally
when building against newer gnutls versions, as I can't rely on it existing
even ifi gnutls is new enough.
So it seems like either these crypto policy changes require apps to carry
Fedora/RHEL specific patches, or to pass in the default crypto policy
name as a configure arg perhaps & rely on distro maintainers to set it
when needed (eg ./configure --crypto-policy=@SYSTEM).
Anyone have any better suggestions for cleanly supporting the new system
crypto policies in upstream apps while maintaining compat across distros
and old gnutls versions, assunming gnutls_set_default_priority is out of
the question?
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
8 years, 7 months
- 2
- 1
Re: Android Emulator not working with 3.18.3-201.fc21 and onwards
by Sudhir Khanger
On Saturday, February 07, 2015 10:15:17 AM you wrote:
> I have just tested it ... it works just fine here with the 3.18 kernel.
Are you using Android Studio or Eclipse with ADT? What hardware profile, api
level and GPU enabled/disabled profiles are you using for your avds?
I deleted all avds on my system and created new ones with default profiles.
Nexus 4 avds work from API 10 to 19 but API 21 doesn't work.
Nexus 5 & 6 hardware profiles don't work with any APIs.
I have tried both arm and x86 ones and enabled/disabled GPU, and also tried
starting with snapshots.
All profiles worked in 3.17 kernel series and some work and some don't in
3.18. None of the API 21 are working.
--
Regards,
Sudhir Khanger,
sudhirkhanger.com,
github.com/donniezazen,
5577 8CDB A059 085D 1D60 807F 8C00 45D9 F5EF C394.
8 years, 7 months
- 1
- 0
TLS scan results for January 2015
by Hubert Kario
This time we have reached few milestones. First of all, we’re very close to
half (46.8%) of the servers in Alexa top 1 million supporting TLS with valid
certificates. Of that, over half support and prefer NIST P-256 ECDHE key
exchange and just under a half of servers have certificates signed with
SHA-256.
More on my blog here:
https://securitypitfalls.wordpress.com/2015/02/01/january-2015-scan-results/
SSL/TLS survey of 468782 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)
Supported Ciphers Count Percent
-------------------------+---------+-------
3DES 379700 80.9971
3DES Only 439 0.0936
AES 441928 94.2715
AES Only 7037 1.5011
AES-CBC Only 4003 0.8539
AES-GCM 266888 56.9322
AES-GCM Only 20 0.0043
CAMELLIA 194963 41.5893
CAMELLIA Only 1 0.0002
CHACHA20 14394 3.0705
Insecure 88248 18.825
RC4 377778 80.5871
RC4 Only 3712 0.7918
RC4 Preferred 64613 13.7832
RC4 forced in TLS1.1+ 41031 8.7527
x:FF 29 RC4 Only 541 0.1154
x:FF 29 RC4 Preferred 70622 15.065
x:FF 29 incompatible 136 0.029
y:DHE-RSA-SEED-SHA 103049 21.9823
y:IDEA-CBC-MD5 2923 0.6235
y:IDEA-CBC-SHA 85417 18.221
y:SEED-SHA 102704 21.9087
z:ADH-AES128-GCM-SHA256 340 0.0725
z:ADH-AES128-SHA 968 0.2065
z:ADH-AES128-SHA256 284 0.0606
z:ADH-AES256-GCM-SHA384 346 0.0738
z:ADH-AES256-SHA 980 0.2091
z:ADH-AES256-SHA256 285 0.0608
z:ADH-CAMELLIA128-SHA 426 0.0909
z:ADH-CAMELLIA256-SHA 435 0.0928
z:ADH-DES-CBC-SHA 374 0.0798
z:ADH-DES-CBC3-SHA 995 0.2123
z:ADH-RC4-MD5 771 0.1645
z:ADH-SEED-SHA 281 0.0599
z:AECDH-AES128-SHA 14166 3.0219
z:AECDH-AES256-SHA 14171 3.0229
z:AECDH-DES-CBC3-SHA 14128 3.0138
z:AECDH-NULL-SHA 30 0.0064
z:AECDH-RC4-SHA 13177 2.8109
z:DES-CBC-MD5 18509 3.9483
z:DES-CBC-SHA 50349 10.7404
z:DES-CBC3-MD5 33636 7.1752
z:ECDHE-RSA-NULL-SHA 36 0.0077
z:EDH-RSA-DES-CBC-SHA 42662 9.1006
z:EXP-ADH-DES-CBC-SHA 304 0.0648
z:EXP-ADH-RC4-MD5 307 0.0655
z:EXP-DES-CBC-SHA 35818 7.6407
z:EXP-EDH-RSA-DES-CBC-SHA 25232 5.3825
z:EXP-RC2-CBC-MD5 40481 8.6354
z:EXP-RC4-MD5 43298 9.2363
z:EXP1024-DES-CBC-SHA 9341 1.9926
z:EXP1024-RC4-SHA 9490 2.0244
z:NULL-MD5 272 0.058
z:NULL-SHA 271 0.0578
z:NULL-SHA256 10 0.0021
z:RC2-CBC-MD5 18871 4.0255
z:RC4-64-MD5 1585 0.3381
Cipher ordering Count Percent
-------------------------+---------+-------
Client side 140561 29.9843
Server side 328221 70.0157
Supported Handshakes Count Percent
-------------------------+---------+-------
ADH 1076 0.2295
AECDH 14190 3.027
DHE 245202 52.3062
ECDHE 294046 62.7255
ECDHE and DHE 143454 30.6014
RSA 437715 93.3728
Supported PFS Count Percent PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits 214522 45.7616 87.4879
DH,1536bits 1 0.0002 0.0004
DH,2048bits 28062 5.9862 11.4444
DH,2226bits 1 0.0002 0.0004
DH,2236bits 3 0.0006 0.0012
DH,3072bits 12 0.0026 0.0049
DH,3248bits 2 0.0004 0.0008
DH,4096bits 1773 0.3782 0.7231
DH,512bits 25325 5.4023 10.3282
DH,768bits 754 0.1608 0.3075
DH,8192bits 1 0.0002 0.0004
ECDH,B-163,163bits 7 0.0015 0.0024
ECDH,B-571,570bits 635 0.1355 0.216
ECDH,K-163,163bits 1 0.0002 0.0003
ECDH,P-224,224bits 47 0.01 0.016
ECDH,P-256,256bits 288396 61.5203 98.0785
ECDH,P-384,384bits 1689 0.3603 0.5744
ECDH,P-521,521bits 4134 0.8819 1.4059
Prefer DH,1024bits 97828 20.8685 39.8969
Prefer DH,2048bits 2713 0.5787 1.1064
Prefer DH,2236bits 2 0.0004 0.0008
Prefer DH,4096bits 92 0.0196 0.0375
Prefer DH,512bits 5 0.0011 0.002
Prefer DH,768bits 425 0.0907 0.1733
Prefer ECDH,B-163,163bits 7 0.0015 0.0024
Prefer ECDH,B-571,570bits 472 0.1007 0.1605
Prefer ECDH,P-224,224bits 18 0.0038 0.0061
Prefer ECDH,P-256,256bits 236264 50.3995 80.3493
Prefer ECDH,P-384,384bits 1629 0.3475 0.554
Prefer ECDH,P-521,521bits 3807 0.8121 1.2947
Prefer PFS 343262 73.2242 0
Support PFS 395794 84.4303 0
Supported ECC curves Count Percent
-------------------------+---------+--------
brainpoolP256r1 26 0.0055
brainpoolP384r1 26 0.0055
brainpoolP512r1 26 0.0055
prime192v1 651 0.1389
prime256v1 293388 62.5852
prime256v1 Only 255238 54.4471
secp160k1 620 0.1323
secp160r1 620 0.1323
secp160r2 620 0.1323
secp192k1 643 0.1372
secp224k1 674 0.1438
secp224r1 1052 0.2244
secp224r1 Only 1 0.0002
secp256k1 688 0.1468
secp384r1 38294 8.1688
secp384r1 Only 149 0.0318
secp521r1 9560 2.0393
secp521r1 Only 78 0.0166
sect163k1 619 0.132
sect163k1 Only 2 0.0004
sect163r1 617 0.1316
sect163r2 624 0.1331
sect163r2 Only 7 0.0015
sect193r1 617 0.1316
sect193r2 617 0.1316
sect233k1 663 0.1414
sect233r1 663 0.1414
sect239k1 663 0.1414
sect283k1 663 0.1414
sect283r1 663 0.1414
sect409k1 663 0.1414
sect409r1 663 0.1414
sect571k1 678 0.1446
sect571r1 678 0.1446
Unsupported curve fallback Count Percent
------------------------------+---------+--------
False 74840 15.9648
True 178977 38.1792
order-specific 4 0.0009
unknown 214961 45.8552
ECC curve ordering Count Percent
-------------------------+---------+--------
client 1535 0.3274
inconclusive-noecc 10 0.0021
server 292089 62.3081
unknown 175148 37.3624
TLSv1.2 PFS supported sigalgs Count Percent
------------------------------+---------+--------
ECDSA-SHA1 27584 5.8842
ECDSA-SHA224 27586 5.8846
ECDSA-SHA256 27589 5.8853
ECDSA-SHA384 27589 5.8853
ECDSA-SHA512 27592 5.8859
ECDSA-SHA512 Only 3 0.0006
RSA-MD5 129219 27.5648
RSA-MD5 Only 1 0.0002
RSA-SHA1 264047 56.3262
RSA-SHA1 Only 39893 8.5099
RSA-SHA224 218373 46.5831
RSA-SHA256 226747 48.3694
RSA-SHA256 Only 2201 0.4695
RSA-SHA384 218786 46.6712
RSA-SHA512 218825 46.6795
RSA-SHA512 Only 35 0.0075
TLSv1.2 PFS ordering Count Percent
------------------------------+---------+--------
client 200794 42.8331
indeterminate 7 0.0015
intolerant 1232 0.2628
order-fallback 4 0.0009
server 92359 19.7019
unsupported 38359 8.1827
TLSv1.2 PFS sigalg fallback Count Percent
------------------------------+---------+--------
ECDSA SHA1 27581 5.8835
ECDSA intolerant 18 0.0038
ECDSA pfs-rsa-SHA512 1 0.0002
RSA False 127614 27.2225
RSA SHA1 118594 25.2983
RSA intolerant 19071 4.0682
RSA pfs-ecdsa-SHA512 2 0.0004
RSA soft-nopfs 1735 0.3701
Renegotiation Count Percent
-------------------------+---------+--------
False 10263 2.1893
insecure 26115 5.5708
secure 432404 92.2399
Compression Count Percent
-------------------------+---------+--------
1 (zlib compression) 17088 3.6452
False 10263 2.1893
NONE 441431 94.1655
TLS session ticket hint Count Percent
-------------------------+---------+--------
1 2 0.0004
1 only 2 0.0004
2 2 0.0004
2 only 2 0.0004
5 1 0.0002
5 only 1 0.0002
10 7 0.0015
10 only 7 0.0015
15 6 0.0013
15 only 6 0.0013
30 8 0.0017
30 only 7 0.0015
60 59 0.0126
60 only 54 0.0115
65 1 0.0002
65 only 1 0.0002
70 3 0.0006
100 14 0.003
100 only 14 0.003
120 20 0.0043
120 only 20 0.0043
128 3 0.0006
128 only 3 0.0006
180 37 0.0079
180 only 36 0.0077
240 3 0.0006
240 only 3 0.0006
256 1 0.0002
256 only 1 0.0002
300 197397 42.1085
300 only 187977 40.099
360 1 0.0002
360 only 1 0.0002
400 2 0.0004
400 only 2 0.0004
420 34 0.0073
420 only 28 0.006
480 11 0.0023
480 only 11 0.0023
600 14041 2.9952
600 only 13846 2.9536
720 1 0.0002
720 only 1 0.0002
900 517 0.1103
900 only 503 0.1073
960 2 0.0004
960 only 2 0.0004
1000 1 0.0002
1000 only 1 0.0002
1200 259 0.0552
1200 only 255 0.0544
1500 11 0.0023
1500 only 10 0.0021
1800 271 0.0578
1800 only 262 0.0559
2100 1 0.0002
2100 only 1 0.0002
2400 2 0.0004
2400 only 2 0.0004
2520 1 0.0002
2520 only 1 0.0002
2700 6 0.0013
2700 only 6 0.0013
3000 9 0.0019
3000 only 9 0.0019
3600 317 0.0676
3600 only 297 0.0634
5400 3 0.0006
6000 4 0.0009
6000 only 4 0.0009
7200 12206 2.6038
7200 only 9111 1.9435
10800 15 0.0032
10800 only 9 0.0019
14400 1229 0.2622
14400 only 1229 0.2622
18000 3 0.0006
18000 only 3 0.0006
21600 3169 0.676
21600 only 3169 0.676
28800 10 0.0021
28800 only 9 0.0019
36000 938 0.2001
36000 only 932 0.1988
43200 2190 0.4672
43200 only 2190 0.4672
60000 1 0.0002
60000 only 1 0.0002
64800 44686 9.5324
64800 only 44673 9.5296
72000 7 0.0015
72000 only 7 0.0015
84600 1 0.0002
84600 only 1 0.0002
86000 34 0.0073
86000 only 34 0.0073
86400 206 0.0439
86400 only 204 0.0435
93600 1 0.0002
93600 only 1 0.0002
100800 14125 3.0131
100800 only 14122 3.0125
129600 11 0.0023
129600 only 11 0.0023
172800 1 0.0002
172800 only 1 0.0002
600000 1 0.0002
600000 only 1 0.0002
604800 1 0.0002
604800 only 1 0.0002
864000 6 0.0013
864000 only 6 0.0013
None 189285 40.378
None only 177289 37.8191
Certificate sig alg Count Percent
-------------------------+---------+--------
None 15085 3.2179
ecdsa-with-SHA256 27569 5.881
sha1WithRSAEncryption 260100 55.4842
sha256WithRSAEncryption 181166 38.6461
sha512WithRSAEncryption 8 0.0017
Certificate key size Count Percent
-------------------------+---------+--------
ECDSA 256 27597 5.887
ECDSA 384 3 0.0006
RSA 1024 1100 0.2347
RSA 10240 4 0.0009
RSA 2028 1 0.0002
RSA 2047 1 0.0002
RSA 2048 424764 90.6101
RSA 2049 3 0.0006
RSA 2056 5 0.0011
RSA 2058 2 0.0004
RSA 2064 1 0.0002
RSA 2080 2 0.0004
RSA 2084 11 0.0023
RSA 2096 1 0.0002
RSA 2345 1 0.0002
RSA 2408 2 0.0004
RSA 2432 5 0.0011
RSA 2612 1 0.0002
RSA 3071 1 0.0002
RSA 3072 72 0.0154
RSA 3102 1 0.0002
RSA 3248 3 0.0006
RSA 3600 1 0.0002
RSA 4042 1 0.0002
RSA 4048 2 0.0004
RSA 4056 35 0.0075
RSA 4086 2 0.0004
RSA 4092 3 0.0006
RSA 4096 15196 3.2416
RSA 4098 2 0.0004
RSA 8192 4 0.0009
RSA/ECDSA Dual Stack 35 0.0075
OCSP stapling Count Percent
-------------------------+---------+--------
Supported 79939 17.0525
Unsupported 388843 82.9475
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 33923 7.2364
SSL2 Only 81 0.0173
SSL3 165570 35.3192
SSL3 Only 1467 0.3129
SSL3 or TLS1 Only 100568 21.453
SSL3 or lower Only 1518 0.3238
TLS1 466356 99.4825
TLS1 Only 52609 11.2225
TLS1 or lower Only 131814 28.1184
TLS1.1 322576 68.8115
TLS1.1 Only 7 0.0015
TLS1.1 or up Only 613 0.1308
TLS1.2 332743 70.9803
TLS1.2 Only 464 0.099
TLS1.2, 1.0 but not 1.1 12283 2.6202
Statistics from 494138 chains provided by 657485 hosts
Server provided chains Count Percent
-------------------------+---------+-------
complete 439749 66.8835
incomplete 25522 3.8818
untrusted 192214 29.2347
Trusted chain statistics
========================
Chain length Count Percent
-------------------------+---------+-------
2 1550 0.3137
3 459587 93.0078
4 32976 6.6734
5 25 0.0051
CA key size in chains Count
-------------------------+---------
ECDSA 256 27473
ECDSA 384 27471
RSA 1024 26220
RSA 2045 1
RSA 2048 866093
RSA 4096 72494
Chains with CA key Count Percent
-------------------------+---------+-------
ECDSA 256 27473 5.5598
ECDSA 384 27471 5.5594
RSA 1024 26219 5.306
RSA 2045 1 0.0002
RSA 2048 465353 94.1747
RSA 4096 72026 14.5761
Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384 27473
sha1WithRSAEncryption 318089
sha256WithRSAEncryption 119575
sha384WithRSAEncryption 60453
sha512WithRSAEncryption 24
Eff. host cert chain LoS Count Percent
-------------------------+---------+-------
80 294492 59.5971
112 172174 34.8433
128 27472 5.5596
Scan performed between 17th and 30th of January 2015.
--
Regards,
Hubert Kario
8 years, 7 months
- 1
- 0
- ← Newer
- 1
- Older →