Bonum Certa Men Certa

Preserving Information About Debian's SSH Blunder (Amid Revelations About Edward Brocklesby (ejb) and "Proximity to Oxford and GCHQ")

posted by Roy Schestowitz on Jun 08, 2024

Not Edward Snowden but a very rogue actor

Re: Proposed change to Debian constitution

Remember that he got expelled for illegal activities, but almost nobody knew. Debian kept quiet about it.

MY WIFE and I both use Debian. Our Web sites also use Debian. Almost everything in our home uses Debian. So we're genuinely concerned, not "concern-trolling" (or acting as "controlled opposition"). My wife and I were bullied (for years) by someone who claims to be in Debian, but also seems to be in the Microsoft camp, not Debian. The bullying intensified greatly when we started reposting many old articles from Daniel Pocock, whereupon he filed a SLAPP-style lawsuit, trying to bankrupt us with 6-figure financial demands. Yet worse, the Debian Project is entrusting security or offloading the decision-making to people who are not only lacking qualifications but are openly (publicly) saying "social interaction with Debian-the-distribution makes me want to stab people" (nope, not a typo! Not making this up!).

Today I spoke to my mother, who was also attacked by these very vicious people. She's not even technical, so what on Earth do they want from her? Those who did this will regret what they did and we won't accept an apology. They will pay for it. We got the best lawyer in the area, according to his esteemed peers. We won't be intimidated or hold back.

This morning we republished an article from 16 years ago, albeit not in full. It's a good article and an external link to another fairly authoritative source was included. The full article has more technical bits, but the overall description of the issue matters more than a proof of concept (PoC). How did Debian get something so basic... so very wrong? There were even errors shown, but these were ignored or suppressed. The issue may be 16 years old, but when it comes to Edward Brocklesby (ejb) we're talking about decades back and in Snowden's NSA leaks we saw allusions to SSH too. I personally wrote about those at the time (2013-2014).

We'd like to quote extensively from this second article before it goes offline (the original will be gone one day; that's just how the Web works).

Last week, Debian announced that in September 2006 they accidentally broke the OpenSSL pseudo-random number generator while trying to silence a Valgrind warning. One effect this had is that the ssh-keygen program installed on recent Debian systems (and Debian-derived systems like Ubuntu) could only generate 32,767 different possible SSH keys of a given type and size, so there are a lot of people walking around with the same keys.

Many people have had fingers pointed at them, but it is not really interesting who made the mistake: everyone makes mistakes. What's interesting is the situation that encouraged making the mistake and that made it possible not to notice it for almost two years.

To do that, you have to understand the code involved and the details of the bug; those require understanding a little bit about entropy and random number generators.

Entropy

Entropy is a measure of how surprising a piece of data is. Jon Lester didn't pitch in last night's Red Sox game, but that's not surprising--he only pitches in every fifth game, so most nights he doesn't pitch. On Monday night, though, he did pitch and (surprise!) threw a no-hitter. No one expected that before the game: it was a high-entropy event.

Entropy can be measured in bits: a perfect coin flip produces 1 bit of entropy. A biased coin produces less: flipping a coin that comes up heads only 25% of the time produces only about 0.4 bits for tails and 2 bits for heads, or 0.8 bits of entropy on average. The exact details aren't too important. What is important is that entropy is a quantitative measure of the amount of unpredictability in a piece of data.

An ideal random byte sequence has entropy equal to its length, but most of the time we have to make do with lower-entropy sequences. For example, the dates of Major League no-hitters this year would be a very unpredictable sequence, but also a very short one. On the other hand, collecting the dates that Lester pitches for the Red Sox this year is fairly predictable—it's basically every fifth day—but there are still unexpected events like injuries and rain-outs that make it not completely predictable. The no-hitter sequence is very unpredictable but is very short. The Lester starts sequence is only a little unpredictable but so much longer that it likely has more total entropy.

Computers are faced with the same problem: they have access to long low-entropy (mostly predictable) sources, like the interarrival times between device interrupts or static sampled from a sound or video card, but they need high-entropy (completely unpredictable) byte sequences where every bit is completely unpredictable. To convert the former into the latter, a secure pseudo-random number generator uses a deterministic function that acts as an “entropy juicer.” It takes a large amount of low-entropy data, called the entropy pool, and then squeezes it to produce a smaller amount of high-entropy random byte sequences. Deterministic programs can't create entropy, so the amount of entropy coming out can't be greater than the amount of entropy going in. The generator has just condensed the entropy pool into a more concentrated form. Cryptographic hash functions like MD5 and SHA1 turn out to be good entropy juicers. They let every input bit have some effect on each output bit, so that no matter which input bits were the unpredictable ones, the output has a uniformly high entropy. (In fact this is the very essence of a hash function, which is why cryptographers just say hash function instead of made-up terms like entropy juicer.)

The bad part about entropy is that you can't actually measure it except in context: if you read a 32-bit number from /dev/random, as I just did, you're likely to be happy with 4016139919, but if you read ten more, you won't be happy if you keep getting 4016139919. (That last sentence is, technically, completely flawed, but you get the point. See also this comic and this comic.) The nice thing about entropy juicers is that as long as there's some entropy somewhere in the pool, they'll extract it. It never hurts to add some more data to the pool: either it will add to the collective entropy, or it will have no effect.

There's a lot more there inside the page, including finer and more technical details. It's not only about Debian but also distributions (or operating systems) based on Debian. It was a catastrophe at the time. However, like most of the Web (www), there's a vast level of amnesia, so it's hard to find press reports. We need to ensure that what happened in 2008 isn't getting lost or being progressively forgotten, downplayed and so on. "The citations are very important so as not to give the Microsofters an attack point," an associate noted, but at the same time we must respect Fair Use (legal doctrine). What we posted this morning was probably sufficient as the goal was to make this stick online and be easier to find. I remembered that incident very well, a lot of media covered it at the time, but right now it is HARD TO FIND. Either Google "forgets", deranks for "age", or the sites go offline (or change CMS, lose old material et cetera). Apparently Google doesn't even give/prioritise results anymore, it plagiarises sites and offers low-grade text, falsely portrayed as "AI" (stochastic parrot, LLM).

Here is one online copy that's a backup (archive.today), hopefully one that can stick for decades to come (the latter relies not on that one online copy being live).

"Make sure that one of the archives has it then," an associate has told me. Well, archive.ph has it, as do the TLD/suffix mirrors. We may need to cite it and quote key portions of it as Daniel Pocock progresses with his series (3 parts so far). To quote a key part: "One effect this had is that the ssh-keygen program installed on recent Debian systems (and Debian-derived systems like Ubuntu) could only generate 32,767 different possible SSH keys of a given type and size, so there are a lot of people walking around with the same keys."

People had to go through a lot of trouble at the time, not to mention feel paranoid that they may have already been cracked without knowing and without verifiable traces of an intrusion. What if a state actor was responsible for this? What if it was a FIVE-EYES agent, rather than the popular Chinese or Russian scapegoat? What if Debian knew about it but chose not to tell (just to save face)? This is what makes the Edward Brocklesby revelations so very damning.

We remind readers that the NSA's mathematicians often target the weakening of an RNG by lowering entropy (while giving an illusion of entropy - i.e. uncertainty or variance - being very high). That's a subject covered in parts in my Ph.D. thesis; I'm not unfamiliar with the science of entropy.

As Pocock progresses maybe we can collect and file links related to this from Snowden's stash, as some of it covered this topic before GCHQ's blackmail against the British press (and plunder by Pierre Omidyar) killed any remaining journalism on this subject.

In order to make a compelling timeline or sequence of events we'd have to dig up very old articles, if they're still online at all. But that's OK, we have time. To us, time isn't money because this site isn't a business. It's grotesque that we too became a target for blackmail, after we had been bullied and defamed for years. Why does Debian harbour such monsters/mobsters? Intimidating female users of Debian, then wondering why barely any women join Debian? We'll say more about Debian's mistreatment, even of its own developers, in the next article.

Other Recent Techrights' Posts

Slopwatch: Brian Fagioli, Google News, and Other LLM Slopfarms
Why does Google News keep promoting these fake articles?
Links 29/10/2025: Amazon Kept "Data Center Water Use Secret", "Abuse of Power" Against Media
Links for the day
Gemini Links 29/10/2025: "My Hardware Specs" and "Goodbye Debian…"
Links for the day
EPO Cocainegate: Feedback and Clarifications
Part III will come out soon
Links 29/10/2025: "US Military Is Destroying the Planet Beyond Imagination" and Boat Strikes Deemed Unlawful
Links for the day
Quality Comes First (Techrights Search)
It's generally working already, but we wish to polish it some more
Techrights Party Countdown
Late next week we'll be holding a party near our home
European Parliament and Council Directive on Privacy is Vanishing
"edited / censored some time more recently"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 28, 2025
IRC logs for Tuesday, October 28, 2025
Slopwatch: The March of Slopfarms, From UbuntuPIT to Linux Journal and to Various Fake Sites Still Promoted by Google News
It's so worrying to see what the Web has become
Links 29/10/2025: CISA, Ukraine, and Amazon Problems
Links for the day
[Teaser] The EPO's Spokesperson, a Cocaine User, Fancies Young Women
How's that for "optics" in the EU and Europe's second-largest institution?
How Will António Campinos Respond to the EPO's 'Cocainegate'?
That's the same thing we saw and still see when the press deals with enablers and partners of Jeffrey Epstein
Join Us Now and Share the News - Part IV: There Cannot be Free Software Without Free Press and Free Information
One day, one can hope, more people will recognise that for Software Freedom we need free press and free thinkers
Join Us Now and Share the News - Part III: Principled Stance Is Never Cheap
Protecting the truth and insisting that the general public is made aware of things that really happened isn't cheap
Join Us Now and Share the News - Part II: Because Scarcity of Accurate Information Breeds Collective Ignorance
we too will strive to share information that's aggressively suppressed
Gemini Links 28/10/2025: More New Arrivals at Geminispace, xkcd on "Document Forgery"
Links for the day
Join Us Now and Share the News - Part I: Defence of the Truth
This year we make a very strong, firm statement for truth, even if that means explaining our work to the top media judge in the country
Links 28/10/2025: Meta and Fentanylware (CheeTok) Age-Restricted Down Under, "Britain Needs China’s Money"
Links for the day
Links 28/10/2025: Mass Layoffs at Amazon and Charter to Cut 1,200 Jobs
Links for the day
The Cocaine Patent Office - Part II: The Person Who Planted Paid-for Fake News for the European Patent Office (EPO) is a Cocaine User, Friend of António Campinos, Now on Record as Having Been Arrested
Background: High-level manager at the European Patent Office caught in public with cocaine, arrested
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, October 27, 2025
IRC logs for Monday, October 27, 2025
Google News Drowning in Slop (and Slopfarms That Hijack About Half the Results)
Google News seems to be drowning in this stuff
Gemini Links 28/10/2025: "How to Maximize Your Positive Impact" and ASCII Art and Artist Attribution
Links for the day
PETA and Activism
Being staff or volunteer in PETA isn't easy
Big Blue, Huge Debt
debt will soar again
Links 27/10/2025: Mass Surveillance Sold as "AI", People Reluctant to Lose Physical Media
Links for the day
Parties and Milestones Again
we've begun putting up about 40 balloons
Techrights' 19th Anniversary: Bronze
Time to go back to preparing for this anniversary
Our Latest European Patent Office (EPO) Series Will Last Several Weeks, Will Ask the EPO Management and the European Union (EU) Very Difficult Questions
If nobody loses a job (or jobs) over this, then the EU basically became no better than Colombia or Nicaragua
Slopwatch: LinuxSecurity, UbuntuPIT, Brian Fagioli, and Google News
We focus on stories that are fake or LLM slop that disguises itself as "news" about Linux
Links 27/10/2025: Wikipedia Vandalism, Bruce Perens Opens up on Childhood
Links for the day
This Site Could Not be Done by LLMs Even If It Wanted to (Because It's Not a Parrot of What Other Sites Say)
LLMs have no knowledge or deep understanding
Microsoft is Disloyal Towards Its Most Loyal Employees
Against its most faithful enablers
19 Years, No Censorship
No factual information is ever going to be removed, more so if it is in the public interest
We Are Not a Conventional Site, That's Why They Hate (or Love) Us
Throughout the week this week we'll be focusing on the EPO
Following the Line of Cocaine All the Way to the Top
Even a million denials and spin-doctoring won't distract from the core issue
The Cocaine Patent Office - Part I: António Campinos Brought Corruption and Nepotism to the EPO, Then Came the Cocaine
High-level manager at the European Patent Office (EPO) caught in public with cocaine, the Office has some answering to do
Purchasing/Possessing Computers Isn't the Same as Controlling Computers
Let's strive to put computers back under the control of their users, no matter who purchased these (usually the users)
Gemini Links 27/10/2025: Alhena 5.4.3 and Fixing Bash
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 26, 2025
IRC logs for Sunday, October 26, 2025
Thankfully We've Made Copies of More Interesting Data From statCounter
If statCounter (the Web site or the 'webapp') vanished overnight, we'd still have something left of it
More Silent Layoffs at IBM/Red Hat
when the media counts such layoffs or presents tallies the numbers are very incomplete