Recently, Wikileaks released a large number of documents detailing system exploits the US Intelligence community uses to gain information from or otherwise monitor individuals. Because of this, we are seeing increased concerns about TrueOS security. We thought it best to discuss our overall security mindset and the recently discovered vulnerabilities in order to address any concerns these documents or related news stories create.
Note: As there is a large amount of data in the leak, and the promise of more releases over the coming months, we intend to update this post whenever we discover new exploits or vulnerabilities.
TrueOS Security Practices
- The TrueOS Project is committed to finding and patching any security vulnerabilities immediately upon discovery. Due to the rolling release model, TrueOS can update easily, providing security fixes to its users very quickly.
- The TrueOS project digitally signs all binary packages and installation images publicly distributed by the TrueOS team. In addition, the package utility on TrueOS automatically verifies each package, which ensures every package’s integrity from outside tampering.
- The TrueOS project incorporates a PGP key on all installation images available from the downloads section of the website. Additionally, md5 sums of the individual files are also available. This allows both verification that the whole file is received and confidence that the file is secure from third party tampering.
- TrueOS takes a minimalist stance in regards to system services automatically installed and enabled in the background, and services are kept up to date with the latest security fixes.
- TrueOS uses LibreSSL, avoiding many of the vulnerabilities present in OpenSSL.
The TrueOS handbook also provides a general description of the security features of TrueOS.
Specific vulnerabilities found in the Wikileaks documents, as of 3/8/17
- Bald Eagle: This is an exploit of the HAL utility. FreeBSD base does not use HAL. FreeBSD uses its own device notification system, called devd. However, using Linux-based desktops such as KDE, GNOME, MATE, CINNAMON, and XFCE installs and requires the use of HAL on FreeBSD. To see which FreeBSD packages and applications use HAL, check its entry on freshports. The default TrueOS installation, Lumina Desktop, and most smaller window managers do not require HAL.Additional: We do recommend switching from PC-BSD 10.3 to TrueOS in order to improve the security of your system.
- Sparrowhawk: Sparrowhawk is a method for individuals to monitor your system after gaining access to it. TrueOS incorporates security policies designed to prevent unauthorized users accessing your system. As such, Sparrowhawk isn’t considered as an exploit per se, as many would consider system utilities “hazardous” when available to an unauthorized user. The FreeBSD utility watch(8) is no exception. TrueOS will continue to provide security options such as the built-in firewall and SSH restrictions to prevent unauthorized access to your system.