Making Feathercoin daemon more robust to network exploitation

robep00

As posted in this thread : [url=http://forum.feathercoin.com/index.php/topic,5810.0.html]http://forum.feathercoin.com/index.php/topic,5810.0.html[/url],

we want to make the crypto coins software more robust against hacking in general.
One concern I have in particular is the homogeneity of the network at the moment. Typically, an exploit will work against a specific error in the code and will gain execution under certain conditions. To prevent an exploit to succeed, we can try to change it’s environment in a way that will make it fail.

In an effort to have different runtime versions running out there, I thought I could at least try to compile feathercoind with another compiler. Then, maybe add some more security features.

So far, we’ve got feathercoind and bitcoind compiled/running built using clang with the -fsanitize=address option flag. Although the cost is slower execution time, it is much safer from buffer overflow exploitation and makes the runtime code different from other nodes.

This is one example of what we can do.

Any ideas will help the community :)

Tomorrow I will do my best to post the steps to build feathercoind with clang/asan (Address sanitizer).

Kevlar

Good stuff, but there hasn’t actually be an instance of an exploit in the client of this nature, has there?

Regardless, this is a great step in the right direction. Keep up the good work.

robep00

No instance attested of an exploit running out there, but sometimes I wonder.

In any case, if a worm spread it will be too late to take action.

Thanks for your support :)

wrapper

Your post was close to an FMEA, there was no priority analysis or comparison of the effectiveness of any action to prevent this fault. All maintenance actions need to be against the Cause of failure not the symptom, to be affective.

Preventative measures can be taken, but analysis also opens up the potential of premature attack, especially if there are no resources to implement defence. Why do all the work for the attacker?

That is one reason Feathercoin has kept with the Bitcoin protocol unless forced to act on real attack vector.

The other thing is, these have already been noted as modes of Failure, development of the forum and community is one of the Task that has been implement to guard against this possibility of failure already.

Condition monitoring of a fault is usually the most effective option if there is a monitor-able symptom available. Planned Maintenance is next, Last of all, and most dangerous, is Design Out.

This is because design out is prone to unknown difficulties and you always have to deal with consequential bugs.
Another mode of failure Feathercoin is experiencing is diversion from it’s core development area. At the moment forum expertise is thinning due to it being spread supporting the massive influx of new members. This is an Current, actual fault heppening now, we need to deal with on a high priority basis.

The action we have taken is to educate and bring on new members. Updating the web site and adding guides.

Also, this post should have been posted in the [b]Attacks and Security[/b] section of the forum. The technical development area was specifically set up to develop feathercoind and feathercoin-Qt, there are other forum areas for other related topics.

Ideas are great, implementation is the difficult part. I am involved because the real actions of the Feathercoin members and volunteer team deserves all the support I can give.

Refs:
[url=http://en.wikipedia.org/wiki/FMECA]http://en.wikipedia.org/wiki/FMECA[/url]
[url=http://en.wikipedia.org/wiki/Software_development]http://en.wikipedia.org/wiki/Software_development[/url]

robep00

[quote name=“wrapper0feather” post=“43467” timestamp=“1386860838”]
Your post was close to an FMEA, there was no priority analysis or comparison of the effectiveness of any action to prevent this fault. All maintenance actions need to be against the Cause of failure not the symptom, to be affective.
[/quote]

I admit I did not provide any background. My judgement is based on my 26 years of experience in computer security and the fact that I have seen over and over through my life technologies exploited. In the end, it boils down to motivation by the attackers.
I think we can say that anything crypto currencies is already under attack. Network exploitation is just awaiting.

[quote]
Preventative measures can be taken, but analysis also opens up the potential of premature attack, especially if there are no resources to implement defence. Why do all the work for the attacker?
[/quote]
I am not proposing to do work for the attackers, they, like me, already know how to tackle and exploit a software stack.
I am only proposing to hardened some nodes on the network. I can attest that I am running one with added security features already, but I am only one and I would like to share the know how with others.

[quote]
That is one reason Feathercoin has kept with the Bitcoin protocol unless forced to act on real attack vector.
[/quote]
I agree with you this, the idea to start from something proven working is certainly good combined with the fact that Feathercoin was put together really fast with very little time and resources. Nothing wrong there. It remains that ‘all’ crypto coins are using the same protocol out there.

[quote]
The other thing is, these have already been noted as modes of Failure, development of the forum and community is one of the Task that has been implement to guard against this possibility of failure already.
[/quote]
I will check those out.

[quote]
Condition monitoring of a fault is usually the most effective option if there is a monitor-able symptom available. Planned Maintenance is next, Last of all, and most dangerous, is Design Out.

This is because design out is prone to unknown difficulties and you always have to deal with consequential bugs.
Another mode of failure Feathercoin is experiencing is diversion from it’s core development area. At the moment forum expertise is thinning due to it being spread supporting the massive influx of new members. This is an Current, actual fault heppening now, we need to deal with on a high priority basis.
[/quote]
I understand very well and I support you.
In the meantime, we are all vulnerable to worm attacks that I described in the forum.
The actions I am taking are not taking away any resources from the Feathercoin community and it is not my intention. I am putting my time where I think it is worth it.

[quote]
The action we have taken is to educate and bring on new members. Updating the web site and adding guides.
[/quote]
Great work :)

[quote]
Also, this post should have been posted in the [b]Attacks and Security[/b] section of the forum. The technical development area was specifically set up to develop feathercoind and feathercoin-Qt, there are other forum areas for other related topics.
[/quote]
I want to apologize about this. I just found it. Somehow I lost track of it. Any moderator could move this thread in it?

[quote]
Ideas are great, implementation is the difficult part. I am involved because the real actions of the Feathercoin members and volunteer team deserves all the support I can give.
[/quote]
Cool :)