Backdooring Git. John Menerick August 2015



Similar documents
Version Control with Git. Dylan Nugent

Version Control using Git and Github. Joseph Rivera

Annoyances with our current source control Can it get more comfortable? Git Appendix. Git vs Subversion. Andrey Kotlarski 13.XII.

Version Control with Git

Version Control with Git. Kate Hedstrom ARSC, UAF

Version Control with Git. Linux Users Group UT Arlington. Rohit Rawat

Git Basics. Christopher Simpkins Chris Simpkins (Georgia Tech) CS 2340 Objects and Design CS / 22

Git. A Distributed Version Control System. Carlos García Campos carlosgc@gsyc.es

Version control. with git and GitHub. Karl Broman. Biostatistics & Medical Informatics, UW Madison

Introduction to the Git Version Control System

CPSC 491. Today: Source code control. Source Code (Version) Control. Exercise: g., no git, subversion, cvs, etc.)

Version Control Systems: SVN and GIT. How do VCS support SW development teams?

Advanced Computing Tools for Applied Research Chapter 4. Version control

Version Control! Scenarios, Working with Git!

The Hitchhiker s Guide to Github: SAS Programming Goes Social Jiangtang Hu d-wise Technologies, Inc., Morrisville, NC

Version Control with Svn, Git and git-svn. Kate Hedstrom ARSC, UAF

Introduction to Git. Markus Kötter Notes. Leinelab Workshop July 28, 2015

CSCB07 Software Design Version Control

MOOSE-Based Application Development on GitLab

Version Uncontrolled! : How to Manage Your Version Control

Software Configuration Management and Continuous Integration

Version Control. Version Control

Version Control with Git

Version control with GIT

Lab Exercise Part II: Git: A distributed version control system

Miguel A. Figueroa Villanueva Xabriel J. Collazo Mojica. ICOM 5047 Capstone Miguel A. Figueroa Villanueva University of Puerto Rico Mayagüez Campus

Improving your Drupal Development workflow with Continuous Integration

PKI, Git and SVN. Adam Young. Presented by. Senior Software Engineer, Red Hat. License Licensed under

Is This Your Pipe? Hijacking the Build Pipeline

Software Version Control With Mercurial and Tortoise Hg

Continuous Integration and Delivery at NSIDC

Introduction to Version Control

Mobile Development with Git, Gerrit & Jenkins

Data management on HPC platforms

GitLab as an Alternative Development Platform for Github.com

Zero-Touch Drupal Deployment

Source Code Control & Bugtracking

Git, Quilt and Other Kernel Maintenance Tools

Tutorial on Smartphone Security

1. History 2. Structure 3. Git Comparison 4. File Storage 5. File Tracking 6. Staging 7. Queues (MQ) 8. Merge Tools 9. Interfaces

Distributed Version Control with Mercurial and git

An Introduction to Mercurial Version Control Software

Firenze. Iottly, open source Internet of Things distribution

Gitflow process. Adapt Learning: Gitflow process. Document control

Automatic Pull Request Integration

Security Considerations in Cloud Deployments Matthew Garrett

IBM PROTECTIER: FROM BACKUP TO RECOVERY

Software configuration management

OpenStack CI: flow, tools and more

In depth study - Dev teams tooling

Pervasive Computing und. Informationssicherheit

Software Engineering Process. Kevin Cathey

Git Basics. Christian Hanser. Institute for Applied Information Processing and Communications Graz University of Technology. 6.

Double Feature Talk. 1) Intro to SSL 2) Git Basics for Devs & Designers

An Introduction to Mercurial Version Control Software

Introducing Xcode Source Control

Theme 1 Software Processes. Software Configuration Management

Platform as a Service and Container Clouds

Software development. Outline. Outline. Version control. Version control. Several users work on a same project. Collaborative software development

The Risks of Cloud Storage

Source Control Systems

Solution Spotlight KEY OPPORTUNITIES AND PITFALLS ON THE ROAD TO CONTINUOUS DELIVERY

FEEG Applied Programming 3 - Version Control and Git II

Introduction to the course, Eclipse and Python

Avoid software project horror stories. Check the reality value of the estimate first!

SOFTWARE DEVELOPMENT BASICS SED

Using Git with Rational Team Concert and Rational ClearCase in enterprise environments

Cloud Backup and Recovery

Introduction to Software Engineering (2+1 SWS) Winter Term 2009 / 2010 Dr. Michael Eichberg Vertretungsprofessur Software Engineering Department of

MAXIMUM PROTECTION, MINIMUM DOWNTIME

The Cordova Development Lifecycle

Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities

Work. MATLAB Source Control Using Git

Distributed Version Control

STABLE & SECURE BANK lab writeup. Page 1 of 21

Collateral Effects of Cyberwar

Git Internals. Source code control and beyond by Scott Chacon

Flat Rate Per Claim -vs- Percentage Billing Fees. A Devil's Advocate View

An Introduction to Git Version Control for SAS Programmers

Developer Workshop Marc Dumontier McMaster/OSCAR-EMR

How To Get Smart Cards From Atos

How To Manage Energy At An Energy Efficient Cost

Energy Management in a Cloud Computing Environment

Source code management systems

Collaborative Software Development Using R-Forge

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Disaster Recovery Planning. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

Transcription:

Backdooring Git John Menerick August 2015

Legal Disclaimer

Thank you for coming

What we are covering

What we are not covering

What we are not covering

Name the Quote Software is like sex; it is better when it is free Linus Torvalds #

Setting the Stage

Good luck!

Revision control vs. Source Control Source control == source code change management #

Wrong Tool for the Job

Right Tool for the Job

Distributed vs. Centralized

Helfe!

Trends

Git

Definition 1 While it works, angel sings and light shines from above - Global information tracker #

Definition 2 When it dies, fire erupts from under your feet - Goddamn idiot truckload of sh*t #

Hitler Uses Git

Rings of Trust

Name the Quote If you have ever done any security work - and it did not involve the concept of network of trust - it wasn t security work, it was - <insert word my mother would not approve me stating>. I don t know what you were doing. But trust me, it s the only way you can do security. it s the only way you can do development. Linus Torvalds #

Typical Trust Relationships

Morons Since you do not want everybody to write to the central repository because most people are morons, you create this class of people who are ostensibly not morons. And most of the time what happens is that you make that class too small, because it is really hard to know if a person is smart or not, and even if you make it too small, you will have problems. So this whole commit access issue, which some companies are able to ignore by just giving everybody commit access, is a huge psychological barrier and causes endless hours of politics in most open source projects #

Empircal Study

SVN

Git

Not Scientific CVE Search

GitLab

GitLab 0day

Functionality or Backdoor?

2003 Linux backdoor

2003 Linux backdoor

2003 Linux backdoor

Old School Cloud Repository Hacks

New School Cloud Repository Hacks

New School Cloud Repository Hacks

New School Cloud Repository Hacks

New School Cloud Repository Hacks

New School Cloud Repository Hacks

Story Time

Sit back and relax

Corruption

It wasn t me

It wasn t me

It wasn t me

Feelings

Trust

Crypto to the rescue

Crypto to the rescue

My voice is my passport Verify me

GPG Trust Model

GPG Trust Model

Embedded Signatures

No More Than One Signature Per Commit

Backdooring

Simple Scenario * User "Alice" clones the canonical repo so they can work on a bugfix. They branch locally, and then push their local branch to a branch on a public repository somewhere. * User "Alice" does not have direct commit access to the canonical repository, so they contact a committer, "Bob". "Bob" adds a remote in his working copy pointing to Alice's remote; after review of the changes, Bob merges the branch to their development branch. * Later, Bob pushes his development branch to the canonical repository. The question that arises is: how do we know that Alice has signed a CLA? How does Bob know that Alice has signed a CLA? #

Danger Zone

Ambiguity

Transitive Policy Checks

Transitive Policy Checks

Trust your peer? trusting the pushing client's assertions as to the signature status is meaningless from a security perspective. #

Demo

Has this been seen in the wild?

No? from hashlib import sha1 def githash(data): s = sha1() s.update("blob %u\0" % len(data)) s.update(data) return s.hexdigest() #

No? If all 6.5 billion humans on Earth were programming, and every second, each one was producing code that was the equivalent of the entire Linux kernel history (3.6 million Git objects) and pushing it into one enormous Git repository, it would take roughly 2 years until that repository contained enough objects to have a 50% probability of a single SHA-1 object collision.. A higher probability exists that every member of your programming team will be attacked and killed by wolves in unrelated incidents on the same night. #

No?

Yes? https://github.com/bradfitz/gitbrute #

Yes?

Yes?

Yes?

Signed commit metrics on the popular git services vs. not signed commits

Tools

CLI

To a close

One More Thing

One More Thing from RockStar import RockStar activity = RockStar(days=4061) activity.make_me_a_rockstar() #

One More Thing from RockStar import RockStar activity = RockStar(days=4061) activity.make_me_a_rockstar() #

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information