Linux.conf.au 2020 – Friday – Session 1 – Protocols / LumoSQL

The Fight to Keep the Watchers at Bay – Mark Nottingham

Disclaimer: I am not a security person, But in some sense we are all security people.

Why Secure the Internet

• In the beginning it was just researchers and a Academics
• Snowden was a watershed moment
• STRINT Workshop in 2014
• It’s not just your website, it’s the Javascript that somebody in injecting in front of it.

What has happened so far?

• http -> https
  • In 2010 even major services, demo of firesheep program to grab cookies and auth off Wifi
  • Injecting cookies in http flows
  • Needed to shift needle to https
  • http/2 big push to make encrypted-only , isn’t actually though browsers only support https.
  • “Secure Contexts” cool features only https
• Problem: Mixed Content
  • “Upgrading Insecure Requests” allow ad-hoc by pages
  • HTTPs is slow – istlsfastyet.com
  • Improvement in speed of implimentations
  • Let’s Encrypt
• Around 85-90% https as of Early 2020
• Some people were unhappy
  • Slow Satellite internet said they needed middle boxes to optimise http over slow links
  • People who did http shared caching
• TLS 1.2 -> TLS 1.3
  • Complex old protocol
  • Implementation monculture
  • Outdated Crypto
  • TLS 1.3
    • Simplify where possible
    • encrypt most of handshake
    • get good review of protocol
    • At around 30%
    • Lots of implementations
  • Some unhappy. Financial institutions needed to sniff secure transactions (and had bought expensive appliances to do this)
    • They ended up forkign their own protocol
• TCP -> QUIC
  • TCP is unencrypted, lots of leaks and room for in-betweens to play around
  • QUIC – all encrypted
  • Spin Bit – single bit of data can be used by providers to estimate packet loss and delay.
• DNS -> DOH
  • Lots of click data sold by ISPs
  • Countries hijacking DNS by countries to block stuff
  • DNS over https co be co-located by a popular website
  • Some were unhappy
    • Lots of pushback from governments and big companies
    • Industry unhappy about concentration of DNS handling
    • Have to decide who to trust
• SNI -> Encrypted SNI
  • Working progress, very complex
  • South Korea unhappy, was using it to block people
• Traffic Analysis
  • Packet length, frequency, destinations
  • TOR hard to tell. Looking at using multiplexing and fix-length records
• But the ends
  • Customer compromised or provider compromised (or otherwise sharing data)
• Observations
  • Cost and Control
    • Cost: Big technology spends no obsolete
    • Control: some people want to do stuff on the network
  • We have to design tthe Internet to the pessimistic case
  • You can’t expose application data to the path anymore
  • Well-defined interfaces and counterbalanced roles
  • Technology and Policy need to work togeather and keep each other in check
  • Making some people unhappy means you need some guiding principles

LumoSQL – updating SQLite for the modern age – Dan Shearer

LumoSQL = SQLite + LMDB – WAL

SQLite

• ” Is a replacement for fopen() “
• Key/Value stores.
  • Everyone used Sleepycat BDB – bought be Oracle and licensed changed
  • Many switched to LMDB (approx 2010)
• Howard Chu 2013 SQLightning faster than SLQite but changes not adopted into SQLite

LumoSQL

• Funded by NLNet Foundation
• Dan Shearer and Keith Maxwell

What isn’t working with SQLite ?

• Inappropriate/unsupported use cases
• Speed
• Corruption
• Encryption

What hasn’t been done so far

• Located code, started on github.com/LumoSQL
• Benchmarking tool for versions matrix
• Mapped out how the keywords store works
  • So different backend can be dropped in.
• Fixed bugs with the port and with lmdb

What’s Next

• First Release Feb 2020
• Add Multiple backends
• Implement two database advances