Is it the end of Ubuntu and desktop Linux?

Linux the kernel is alive and kicking in Android, but the demise of Ubuntu Desktop would mean that the user space of desktop Linux as we know it might eventually collapse, or more probably just get more and more obsolete over time (and thus irrelevant). Just like when in 2007 in Ubuntu (GNOME) there wasn’t a way to format a USB pendrive (without recurring to the terminal); that was the status of Linux Desktop - 5 years of delay compared to the rest of the world - before Canonical poured several millions into it.

They caught up, but it might be too late, given that the decline of desktop PCs has already started, so money to be made is not there anymore. It’s not a coincidence that Canonical is focused on mobile now.

“Remember we still don’t know if the Android rng fiasco was a “bug””
Alan Cox, commenting on Google+

TLS and perfect forward secrecy

Yesterday, I mentioned perfect forward secrecy (PFS) in the context of TLS. Since most people I talk to are unaware of what PFS is, I figured it out it’s better to explain.

Understanding PFS requires understanding of public key crypto, so I’ll try to keep it simple: PFS means that, at connection time, the browser and the server will run a Diffie-Hellman algorithm between them to negotiate a secret session key that a wiretapper can not deduce. This is the same thing that SSH does and has always had, by default. I would say: it’s the “correct” thing.

Surprisingly enough, TLS was designed in a way that this was not mandatory and not even initially encouraged. The problem of not running Diffie-Hellman is that the secrecy all depends on the server TLS private key; if that key is compromised, all present, future, and past connections to the server can be decrypted, So NSA can for instance starts dumping all non-PFS connections to example.com, while it sends the subpoena for the TLS private keys. Once they obtain the private keys, they can decrypt the data they have intercepted.

Sounds a stupid design choice? Well, then let’s remember that we’re still using RC4 as the only “safe” TLS cipher. In 2013. Now, that’s stupid.

This shows a connection to mail.google.com that is made with PFS:

image

ECDHE stands for elliptic-curve diffie-hellman.

Today, spare 10 minutes of the afternoon coffee, and make sure all your web servers have PFS enabled. This is a comprehensive guide that will explain you how to harden your web server not only for PFS, but also ciphers, TLS version, and whatnot.

Update: changed the suggested guide.