Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
, 11 tweets, 3 min read Read on Twitter
So, I took a look at swiss online voting system code that someone leaked, and having written, deployed and audited large enterprise java code...that thing triggers every flag.
The core reencryption mixnet code is spread across dozens of different files, not included the auxiliary/utility/deployment packages.

Also this work in progress is reassuring * a "packed" ciphertext can be mixed, and the data can be recovered, but the proofs dont verify."" src="/images/1px.png" data-src="https://pbs.twimg.com/media/DzofYx9UcAAMYGY.png">
The code looks like it is doing the right things, but this is code that was not written to be easily audited which is concerning for such a security sensitive system.

(tbf it's hard to write enterprise java in an easily audible way, but I've seen it done)
Part of my job used to be "here is a large enterprise system and some documentation, certify that the team are following good security practice and highlight any vulnerabilities and risks"

If someone had given me this system, I'd be feeling pretty confident I'd find stuff.
oh ffs, how about some basic defense in depth people. This is not how you start a function designed to verify a proof as being correct.

*headdesk*
If anyone can point me towards the tests for the proof code that would be good because....I can't find any.
I've just spent an hour of my precious life trying to determine the encryption parameters used in the above proofs and I still have no clue, every example config/parameter that relates to it seems to be no where close to sensible or secure - which is a big flag by itself.
See also this subthread:
I feel like this old tweet of mine on reviewing crypto code is relevant:

Anyway, if this was an actual review, instead of me being having a perverted sense of a relaxing Sunday, then I would probably be prioritizing packages and writing a diplomatically worded email to the team about time constraints.

Thankfully that is not my job this time.
the scoping doc for the public pen test is about as expected.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Sarah Jamie Lewis
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @SarahJamieLewis see all

Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
There is an entire javascript package dedicated to collecting entropy in that codebase.

Hope that was well audited.
It's like a beautiful red flag fractal where the closer you look at any particular red flag the more you find red flags.
Definitely want to make sure that clients using a browser that has been out of extended support for 5 years are generating secure random numbers too.
Read 10 tweets
Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
What a helpful note that is totally indicative of software that is well designed and will likely have no security issues.
It's a public holiday and I'm trying very hard not to go diving into this code.
Seriously....
Read 9 tweets
Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
Some people in this thread asked what I meant by "code that was not written to be easily audited", and asked how they can write audible code.

So join me on this fine Sunday evening as I wax lyrical about writing code that is easy to audit.

First, let me make a distinction between "secure" code and "security driven" code. While the primary purpose of most audits is to "find security bugs", the main driver of that work is determining if the code is "security driven".
Mistakes happen. All the time. Even the best engineering teams on the planet sometimes screw up.

The goal of security driven design is to minimize the impact of mistakes.
Read 17 tweets

Related threads

Profile picture
Matthew Green
@matthew_d_green
So I’m a little torn. Yesterday for fun (yes, I have bad work-life balance) I took a look at some of the @swisspost e-voting code that the agency recently provided under bug bounty. Apparently it’s being used in real elections. 1/
I did maybe an hour’s poking with @SarahJamieLewis, who also has bad work/life balance, and in that hour we found a whole bunch of non-cryptographically-secure parameters being used in their test code. So we commented on it. 2/
Woke up to a tweet from @swisspost informing me that I “may have missed” a note on page 48 of their 163-page protocol spec, that informs the reader of the “production parameters”. They’re not included in the code. 3/
Read 17 tweets
Profile picture
Bruno Borges
@brunoborges
#Java's death will be due to SEO mess, lack of centralized docs, outdated tutorials & no one-stop-shop place to find it all

- go.java
- openjdk.java.net
- oracle.com/java
- java.oracle.com
- java.com
- docs.oracle.com/javase/
- go.java

This site was supposed to be the answer, but it only raises even more questions. The information here is mostly marketing-related, and has pointers to other online locations, outside go.java.

Potential: very high.
Reality: waste of TLD.
- openjdk.java.net

The Java source, no doubt. Yet, devs who want to just learn/code Java apps will only find binaries downloads. Nothing else serves the average Java software developer. "Developer's Guide" is for contributors.

Potential: high.
Reality: confusion.
Read 8 tweets
Profile picture
Christine Pelosi
@sfpelosi
Outtakes from the #DNC Executive Meeting in #PuertoRico (thread)

Chair promises a 2020 process that is fair. Will release a protocol on debates soon; expect debates in summer 2019 . Will decide by March 2019 the Host City for 2020 Convention: Houston, Miami Beach, or Milwaukee.
We have worked hard to rebuild trust on our presidential process. Rules and Bylaws Cttee working with early states on rules. A key rule change ends superdelegates voting 1st round absent consensus candidate BUT elected officials can still be PLEOs & not run against constituents.
The PLEO Party Leader Elected Official designation is for pledged delegates who are Members of Congress Governors etc who want a first round #DNC convention vote but don’t want to run against activist to get there.
Read 29 tweets
Profile picture
Cyrus Toulabi
@CyrusToulabi
#FLAG: I don't want to read too far into it, but for the jury in the Manafort trial to be asking for the definition of "reasonable doubt," after one day of deliberation, is concerning, at least for me...
#TBH: I hate to say this, but I've been skeptical of this jury from the beginning.

How are there 12 individuals in the Alexandria, Virginia area (just outside of D.C.) who had never heard of Paul Manafort?

Either they are particularly ignorant individuals, or someone's lying...
#FTR: If Justice is not served at the conclusion of this trial...

No one is more to blame than Judge Ellis.
Read 5 tweets
Profile picture
blmohr
@blmohr
1/ [thread]
Diebold deals, Scytl cryptography, Russian investments raise questions about Roskam win
2/ On Nov. 7, 2006, Peter Roskam beat Tammy Duckworth by 4,810 votes.
3/ According to polls leading up to the race, the two were tied or Duckworth lead through the middle of October. Then it teetered toward Roskam for a few weeks until it went back to Duckworth. A month before the race, the Zogby/Reuters poll had Duckworth at +14.
Read 88 tweets
Profile picture
Xah Lee
@xah_lee
learn How Compiler Works in 20 minutes xahlee.info/parser/compile…
What's the Difference Between BNF, EBNF, ABNF?
xahlee.info/parser/bnf_ebn…
#golang #haskell #lisp #python
this, still the best book on writing a compiler. Though, not as clear and broad as i thought.
there are thievery pdf versions online, but all code/formula are screwed. You better buy the real thing.
Dragon Book Table of Contents
xahlee.info/parser/dragon_…
Read 46 tweets

Trending hashtags

#Collusion #cabala #RWgyaanis #ocaml #Julia #Trads #Python #ItsTime #EconRight #d3js #CleanEnergy #Mathematica #Education #BoreRight #botnets #BrahmanicalRWs #ComeyCYA #chabad #JS #EP2019 #JavaScript #core #emacs #RecordStoreDay #TBH
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!