Slashdot Mirror

Use afl.

The SQLite developers were also surprised by how many bugs OSS-Fuzz (and American Fuzzy Lop) have found in SQLite.

The best explanation I have is that OSS-Fuzz and AFL are exploring extreme corner-cases of the code where human-generated tests would never think to go. Fuzzing is great for finding bugs that involve totally unreasonable inputs that never happen in actual practice and which can only appear as part of a deliberate attack. Fuzzing has not found any bugs that would impact the day-to-day use of SQLite.

In other words, fuzzing finds an entirely different class of bugs from what the mountains of other test cases for SQLite are designed to find. This is a good thing. We encourage testing diversity.

Here is a list of issues found in SQLite by OSS-Fuzz (and now fixed): https://www.sqlite.org/src/sea...

There are a few cases of NULL pointer dereferences or other crashes that come about while unwinding the stack following an Out-Of-Memory error. Those kinds of errors are real, and we are grateful to OSS-Fuzz for finding them, even if they are seldom seen in the wild. Other issues were assertion faults that probably would not have resulting in a crash if assert() has been disabled (which is the case for all default builds of SQLite). And then there are things like https://www.sqlite.org/src/tim... which is not really a bug at all - OSS-Fuzz was submitting a funky recursive VIEW query that after unwinding all the nested views resulted in a very larger prepared statement, which took too long to process and so OSS-Fuzz timed out. SQLite was getting the correct answer, it was just taking too long. Since the submitted SQL was of no practical use, we "fixed" that problem by limiting the size of prepared statements to be about 100 times larger than any real SQL statement needs to be, rather than the default limit of about a 10 million times larger.

An example of a similar/better attack: http://lcamtuf.coredump.cx/swi...

That says in my address bar:

  data:text/html;-peak.us/banking_interface/%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20
  + more crap like that

Not sure I would trust that URL

I have asked on an internal mailing list. If the response is something I can share here, I will.

The response is basically that it's not worth fixing because there are so many other ways to do the same thing, many of them arguably better (for the attacker). Fixing this would require redesign of lots of stuff... and it couldn't prevent any of the other attacks that achieve the same thing, so it would be a lot of effort for no return.

An example of a similar/better attack: http://lcamtuf.coredump.cx/swi...

In that demonstration the example banking site is not HTTPS-protected, but the attack would work just as well if it were. There are other ways as well, I'm told (I'm not a web security guy).

My takeaway is that *every* time I type or submit sensitive data into a web page I must check the address bar. I actually do that anyway; this just reaffirms the importance of that habit.

The second link states passive OS fingerprinting, p0f, was developed by Michal Zalewski. http://lcamtuf.coredump.cx/p0f... shows your connection's fingerprint. It may be as easy as using a proxy such as Squid to perform the "spoofing."

When milling wood or modelling board (plastic composite with the approximate density of wood), CNC machines do not require much power. Potential damage is greatly limited over industrial machines that can mill steel. Home builds are practical and people have been doing it since before 3D printers were popular. A typical use-case for a low powered machine is to mill moulds. These would be used for plastic moulding but you could go another step and cast metals as well. Quality wise, there is really no comparison to most 3D printers. Try browsing the Guerrilla guide to CNC machining, mold making, and resin casting to see what can be done. It is very impressive.

Or you use fuzz testing.

Exactly. They have excellent tool developed by a talented researcher right there.

*) at not least yet listed on that "The bug-o-rama trophy case" table afl page.

Google can provide privacy

But they don't. They violate your privacy themselves, even when they're not cooperating with the government.

Like when? Automatically marking incoming emails as spam? Unlike your credit card, hotel, etc., Google keeps any data they collect to themselves, which is better than everyone else. Because they offer a lot of services they may collect too much data for your taste, but there are all sort of things they are accused of doing but don't do, such as rigging Chrome to send data back to them, Google glass always recording, etc.

The only cases I can find are a rogue employee using root powers to read someone's gmail (fired), and at a stretch you might be referring to PRISM. If you are, I have a lot to say on that subject.

Why are you fighting against the people who are fighting for privacy?

They aren't fighting for privacy in any meaningful sense. Occasionally they fight back as a PR move, but they've allowed all sorts of egregious privacy violations, and violate your privacy themselves.

Fighting back falls in two categories: legal and technical. Note that we need to fight on both, but the bad guys can win on whichever is weaker. I'm not a lawyer. Google published this video. My attitude is that we should fix the technical issues and hope that the lawyers will also fix the legal issues. We know that the NSA chose to bypass legal process, so there must be at least some things they want but can't get.

Google is working on end point security with Project zero, ChromeOS (secure boot + remote management), bug finding tools like afl and asan, etc. Google is working on transit security, they're upranking SSL sites, killing off SSL 3.0, killing off SHA-1, marking plain http as insecure, they invented and deployed Channel ID, Certificate pinning (which caught an intelligence agency they didn't know was attacking!). Their own networks were being snooped and they claim they now encrypt all traffic in and between data centers, but we only have their word on that. They also claim they were already planning to add encryption but reprioritized it when it was revealed that the NSA was already taking advantage of it. They're pushing for larger RSA keys, and for newer crypto entirely with features like forward secrecy. It could be argued that the newer crypto is more likely to have back doors, but as it stands there is no evidence that the NSA had any breakthrough technique for decrypting either new or old, they would just break into machines that have keys, or possibly factor smaller (1024 and less) RSA keys. Google deployed OTP and invented the U2F system which is better than OTP. As far as I'm aware, Google isn't doing much for DNS security (besides running Google DNS which has cache poisoning protection) or IP routing security (besides running Google Fiber), but perhaps they think those become irrelevant unless the attacker can also forge TLS keys.

All of those are security issues, which are tightly intertwined with privacy in that if your security can be penetrated then you lose your privacy. They also created "incognito mode", a pure privacy feature with no security implication

Visualization is also great for evaluating randomness; remember the images of broken RNG implementations a few years ago? http://lcamtuf.coredump.cx/new...

With MakerSlide, it's quite easy. There's a new version of the ShapeOko (Americas - http://www.shapeoko.com/ ) / eShapeOko (Europe - http://store.amberspyglass.co.uk/eshapeoko-mechanical-kit.html ) and it's quite easy to assemble / use, and can be used to build parts for robots as described in the ``Guerrilla guide to CNC machining, mold making, and resin casting (Home manufacturing tutorial for robot builders, model makers, and other hobbyists)'' http://lcamtuf.coredump.cx/gcnc/

The problem is, the run-time on these is so long, it's only justifiable for one-offs or prototypes.

Using a CNC machine to make molds for injection makes more sense now: http://lcamtuf.coredump.cx/gcnc/

But I'm still surprised not to see 3d printers:

  - in automotive service departments to print trim pieces in the right colour
  - paired w/ a 3d scanner in a hardware store --- customer brings in broken thing-a-ma-bob, it gets scanned, one is then directed to the right aisle for a replacement, or a quote to print a replacement is generated

The Guerrilla guide to CNC machining, mold making, and resin casting is probably one of best resources you can find.

The main point of casting from a 3D print is to change the material from being "3D printed plastic" to being any other flowable thing: metal, urethane, transparent resin epoxy, silicone, plaster of paris, etc. What your 3D printer is bringing to the table is the shape. So the key feature you're looking for, if you want to do molding and casting, is getting the right shape out. Material strength is relatively unimportant.

ABS has an impressive material strength, but if you're planning on casting, you should look into PLA printing instead. PLA's material strength sucks compared to ABS, but man is it easier to make good prints with it! You can get better resolution on it -- PLA at 0.1mm vs ABS at 0.2mm -- and the warping and curling issues are greatly reduced. It's a lot more reliable to work with.

The other big reason to use PLA is that it dissolves away in boiling water. Stick your PLA mold and whatever you casted into it into a crock pot for a day, and the PLA's gone.

Any 3D printer that can print ABS can also print PLA. Check out the MakerGear M2: Metal frame, way cheaper than a Makerbot, and it beat the Makerbot and several other contenders in Make Magazine's 3D printer roundup recently. Good accuracy, speed, and print quality. Good business ethics too (Makerbot's not so popular around here these days since they suddenly changed to closed source.)

As a note, if you're truly obsessed with getting the right shape, you should be looking at milling machines, not 3D printers. Milling machines go down to more like 0.001mm resolution. The process is detailed here.

Last, this is an awesome set of pictures showing lost PLA casting (plaster of paris -> metal)

This is great, but we need security at both ends here: prosecution to remove the economic incentive to invade people's privacy, and software security to increase the difficulty of doing so.

Here are two tests for vulnerability to history sniffing attacks, one CSS based and one based on cache timing:
http://www.mikeonads.com/2008/07/13/using-your-browser-url-history-estimate-gender/
http://lcamtuf.coredump.cx/cachetime/chrome.html

Unfortunately it seems Opera (12.11) is still vulnerable to the CSS leak. :(

A little bit more....
From http://lcamtuf.coredump.cx/newtcp/, which did some tests on TCP sequence prediction in what looks like 2001 (Win2k SP2 was current), IOS (Cisco), BSD, Mac OSX, and Windows were all fairly secure-- only on windows were they able to guess any of the sequence numbers, and only 12% of the time.

Dunno about you, but Im not really aware of a protocol that will work with 88% packet loss, even assuming you can find a Win2k SP2 machine to attempt attacking.

http://lcamtuf.coredump.cx/tangled/ Don't even think of building any non-trivial webapp before reading it.

For anyone interested in CNC milling and casting, both of which are tangentially related and informative to this, have a look at these excellent writings: http://lcamtuf.coredump.cx/guerrilla_cnc1.shtml http://lcamtuf.coredump.cx/guerrilla_cnc2.shtml

For anyone interested in CNC milling and casting, both of which are tangentially related and informative to this, have a look at these excellent writings: http://lcamtuf.coredump.cx/guerrilla_cnc1.shtml http://lcamtuf.coredump.cx/guerrilla_cnc2.shtml

This is like the google dude a while back who said "I gave you 5 days before releasing my hack" where 5 days was thursday night to monday over a US holiday.

According to this dude's timeline. He contacted them on December 20th, and got a real reply the next day. However, things generally move pretty slowly over the last week of the year... They ask him to hold off a bit, and instead he releases his info on New Years Day.

I repeat, if you base your tool release timeline over a major holiday, you are a dick.

According to the timeline, Microsoft too has also released patches for some but not all the bugs. This final delay appears to be because they had problems reproducing the crashes, which I think is probably due to the nature of this tool which makes reproducing the exact circumstances difficult. I can sympathise because I have had to find hard to reproduce bugs is the past.

Still I think that is correct that it should be all made public now, considering that the bad guys have already got the code.

fuzzer_timeline.txt OMG That's the best web site I ever saw on the WWW. Why are other websites not like this? No ads, no images, no crazy CSS. Just plain the information I need. I wish all links to articles on Slashdot would be like this site.

Chrome has recently also had the benefit of intensive security tests by both Mark Dowd (as a contractor) and Michal Zalewski (as employee). Of course, the have been tested by many others also, but if I could hire any 2 guys in the world to test my browser, those would be the two I would want. Combined with the security bug bounties (which are small, but notable for existing anyway), I'd give Google props for putting their money where their mouth is, and showing they care.

Having obtained my CCIE Security this year

Sorry, that means you're not an expert. Michal Zalewski is a security expert, if you think that label applies to you, show us your code and publications. Experts by definition do not need to take security courses!

What's more, if you go waving your certificate around, that's an open invitation to someone much smarter than you to rise to the challenge.

HTH

# Written and maintained by Michal Zalewski .

Couldn't have chosen a better person in my opinion. http://lcamtuf.coredump.cx/

Can't take that long to generate a few thousand points to plot to check distribution of their PRNG.

Linux was in the one published the prior year.

I wonder if this is a similar problem?

This service sounds suspiciously similar to running p0f. http://lcamtuf.coredump.cx/p0f.shtml

OT Question: is p0f the cat's meow or has it been bested?

RTFA...Try the demo's...It will reduce the FUD.

I tried the demo page/file and got no response whatever.

"2) Title : Firefox Cross-site IFRAME hijacking (MAJOR)
      Impact : keyboard snooping, content spoofing, etc
      Demo : http://lcamtuf.coredump.cx/ifsnatch/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=38268 6 [May 30]"
from:(http://lcamtuf.coredump.cx/ifsnatch/) which is from:2) Title : Firefox Cross-site IFRAME hijacking (MAJOR)
      Impact : keyboard snooping, content spoofing, etc
      Demo : http://lcamtuf.coredump.cx/ifsnatch/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=38268 6 [May 30]"

and this:"3) Title : Firefox file prompt delay bypass (MEDIUM)
      Impact : non-consentual download or execution of files
      Demo : http://lcamtuf.coredump.cx/ffclick2/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=37647 3 [Apr 04]"

I tried both link's test button and got no response whatever.

IMHO, this must be something related to running Windows, as my Kubuntu 7.04 Feisty w/ Firefox 2.0.04 (with NoScript, Adblock, Adblock Filterset, and Flashblock) just does not act on this.

I guess I need to install some version of Windows to experience this...I feel deprived and left out!

Does this work with Firefox w/ NoScript on Windows?

From past experience, I have no doubts that it works with any version of IE on any Windows platform.

RTFA...Try the demo's...It will reduce the FUD.

I tried the demo page/file and got no response whatever.

"2) Title : Firefox Cross-site IFRAME hijacking (MAJOR)
      Impact : keyboard snooping, content spoofing, etc
      Demo : http://lcamtuf.coredump.cx/ifsnatch/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=38268 6 [May 30]"
from:(http://lcamtuf.coredump.cx/ifsnatch/) which is from:2) Title : Firefox Cross-site IFRAME hijacking (MAJOR)
      Impact : keyboard snooping, content spoofing, etc
      Demo : http://lcamtuf.coredump.cx/ifsnatch/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=38268 6 [May 30]"

and this:"3) Title : Firefox file prompt delay bypass (MEDIUM)
      Impact : non-consentual download or execution of files
      Demo : http://lcamtuf.coredump.cx/ffclick2/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=37647 3 [Apr 04]"

I tried both link's test button and got no response whatever.

IMHO, this must be something related to running Windows, as my Kubuntu 7.04 Feisty w/ Firefox 2.0.04 (with NoScript, Adblock, Adblock Filterset, and Flashblock) just does not act on this.

I guess I need to install some version of Windows to experience this...I feel deprived and left out!

Does this work with Firefox w/ NoScript on Windows?

From past experience, I have no doubts that it works with any version of IE on any Windows platform.

RTFA...Try the demo's...It will reduce the FUD.

I tried the demo page/file and got no response whatever.

"2) Title : Firefox Cross-site IFRAME hijacking (MAJOR)
      Impact : keyboard snooping, content spoofing, etc
      Demo : http://lcamtuf.coredump.cx/ifsnatch/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=38268 6 [May 30]"
from:(http://lcamtuf.coredump.cx/ifsnatch/) which is from:2) Title : Firefox Cross-site IFRAME hijacking (MAJOR)
      Impact : keyboard snooping, content spoofing, etc
      Demo : http://lcamtuf.coredump.cx/ifsnatch/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=38268 6 [May 30]"

and this:"3) Title : Firefox file prompt delay bypass (MEDIUM)
      Impact : non-consentual download or execution of files
      Demo : http://lcamtuf.coredump.cx/ffclick2/
      Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=37647 3 [Apr 04]"

I tried both link's test button and got no response whatever.

IMHO, this must be something related to running Windows, as my Kubuntu 7.04 Feisty w/ Firefox 2.0.04 (with NoScript, Adblock, Adblock Filterset, and Flashblock) just does not act on this.

I guess I need to install some version of Windows to experience this...I feel deprived and left out!

Does this work with Firefox w/ NoScript on Windows?

From past experience, I have no doubts that it works with any version of IE on any Windows platform.

I am using the latest Firefox 1.5. I went to the demo page : http://lcamtuf.coredump.cx/ifsnatch/ . The first test shows that it is possible to rewrite the content of an iframe. That is rather dangerous in situations involving trusted messages.

The 2nd demo was supposed to snoop on the keyboad, but it invoked a pop-up, which was immediately blocked by the pop-up blocker. So unconfimed as far as I know. However, the demo page did open a CNN.com page.

Anyone has better "luck" to demo the keyboard snooping?

The first mistake is to think that anything mentioned even requires you to be a "superhacker". Identity theft is trivial. Stand on a street corner and say you're registering people for a contest, and put name, address, social security number on the form, and 90% of people who stop to fill it out will just put their SSN down. Stealing "software" and "media" hardly makes you a superhacker; hundreds of thousands of people do it every day, 99% have probably never even compiled a program. Virus writing isn't difficult either; it's finding the hole to exploit in the first place that CAN be difficult. But given an exploit, turning it into a virus isn't that tough.

Even when we take it up a notch and look at actually dangerous attackers, like people using widespread vulnerabilities to deploy custom rootkits, we're not talking about superhackers.

Then there's a class of people who, if they are inclined to be lawbreaking and antisocial, are superdangerous. Take a look at someone like Michal Zalewski, who's been pumping out advisories, proof of concepts, and gems like a hobby OS for...well, a long time. Can you imagine him in the wild as a black hat? Ugh, scary.

Then there's real superhackers. One former coworker built a railgun for fun, cracked DES (key recovery in 24 hours on a p3, given certain fairly common preconditions), cracked the remote management on a major commercial firewall (because we lost the password, and it was easier than going offsite for password recovery), then founded a security company, got rich when they got bought out, and moved onto toy around with things for nasa and the DoD. So, if someone like somehow finds their way onto - and stays on - a black hat path, well, the mere fact that securing something is harder than cracking it means he will always find a way in, if he wants to badly enough. I think they'd have to be unbalanced to stay black hat, since that sort of talent will either get them illegitimately rich enough that they'll avoid danger, or get them legitimately rich enough that they'll give up black hat activities to go legit.

But identity theft? Please. Peanuts. They're more likely to use large scale espionage to find some valuable nugget; perhaps upcoming M&A activites. Then they sell this info to a third party with plausible deniability and a lot of cash - say, George Soros (not that I'm saying he'd buy, but for example) - and let them profit massively off it and take a kickback. Just one significant score like that should be worth 7-8 figures. That's just one example out of a hundred scenarios where a true uberhacker could illegitimately profit. And they'd almost certainly only do it once, if money was their motivation.

I may have been too catty with my last response:

http://lcamtuf.coredump.cx/catty.shtml

Since all this extra spam is coming from botnets running on Windows, just block all email coming directly from a Windows box. I've been experimenting with host fingerprinting using p0f

    http://lcamtuf.coredump.cx/p0f.shtml

From this I can see that almost all spam comes from Windows. I'm in the process of configuring my postfix server so it will just reject any mail from a Windows box.

The only false positives I've seen so far, is a handful of legitimate emails that come from Windows Server 2003, so I may exempt that...

Note: I'm not advocating blocking email from Windows users, just email coming directly from a Windows box. If a windows user sends email through their ISP's mail server, it will get thrugoh just fine.

JavaScript is a programming language. It is turing complete. The halting problem for it, then, is undecidable, making it impossible for any browser to detect all infinite loops / large amounts of memory/cpu consumption.

If theory makes you gag, check out this thread on JavaScript Denial of Service for a list of concrete examples. All of the samples are extremely effective at taking out all browsers (IE, Firefox and Opera alike).

I am more concerned about pages that can crash browsers without the intervention of JavaScript. This includes imagecrash (may crash you!), mailto crash, and an huge XML file crash. They should be preventable.

Anyway, the reason why DoS's aren't actively pursued by the black-hat community is that it's very difficult to put them to good use. Sure, it will annoy someone, but it's hard to monetize, etc.

An anonymous reader writes (and /. copies into the lead-up to this story):

SecurityFocus reports an unpatched highly critical vulnerability in Firefox 2.0. This defect has been known since June 2006 but no patch has yet been made available. The developers claimed to have fixed the problem in 1.5.0.5 according to Secunia, but the problem still exists in 2.0 according to SecurityFocus (and I have witnessed the crash personally).

When I tried the link in the article Secunia points to as an exploit of that bug, I see that it tells me there are two testcases, one of which was fixed in Firefox 1.5.0.7 and 2.0 and the other is called "a denial-of-service condition that is an annoyance, but is not exploitable to compromise your system" but remains unfixed.

If security is the main reason users should switch to Firefox, how do we explain known vulnerabilities remaining unpatched across major releases?

This is the more important of the two questions and the easier to answer: security is not the main reason users should switch to any free software web browser (including, but not limited to, Firefox). Users should switch to a free software browser because users should switch to free software, and browsers are an important part of modern-day computing. Despite Mozilla's focus on "open source" values (speedy development, fewer bugs, other values that are designed to appeal chiefly to business managers) which are sometimes simply lies (as one can see with the bug that the anonymous poster brings up here), that's not the reason to value any free software. One ought to value Firefox as a contribution to a free society where people can treat friends as friends and build communities who share without having to do so in the dark in fear of being discovered as copyright infringers. Mozilla won't tell you this; they're too busy pushing aside software freedom for its own sake to talk about this. It's unfortunate they have not taken any time to teach their audience this while Microsoft worked on MSIE7. Ironically, software freedom is the one thing Firefox will always have over MSIE for as long as Firefox remains free software and MSIE remains proprietary; technical features can be reimplemented and even patented to prevent competition, but software freedom is something no proprietor can deliver. Catering to businesses who distribute free software can be helpful but such interests remain shallow.

..vulnerability reported by Security Focus doesn't seem to be effecting Firefox 2 on my machine..

See this demonstration (do NOT go here unless you are willing to crash your Web browser). It still crashes Firefox v2.0. This is related to this old security isssue. :(

From the article: What's smart about this attack is that it doesn't matter if you get a file "out of step" - if you start off with a particular file out of sequence, you'll just end up somewhere else in the chain instead. There is no right or wrong place to start with this one - the hackers will make sure you get your fill of infection files!

The basic idea of using multiple, completely unrelated vulnerabilities and attacks to achieve total control is not exactly that new. In fact, the ideas that feel so obvious to us today were quite novel back in the turn of the century. Michael Zalewski described a worm prototype that worked in somewhat similar manner more than six years ago.

On the occasions that I get to give lectures about computer security, I try to illustrate these very ideas. The rule #1: There are no local exploits; All vulnerabilities are remote, some may just require a piggy-bag step of first delivering extra code via other holes.

Easy. Just get yourself a basic box, connect it to the internet on a 100Mbps pipe, and get yourself a free 7TB of storage, with no risk of data loss due to your drives failing!

Cracking safes with thermal imaging

**** THE PROOF THAT RIAA/MPAA IS EVIL ****

      R I A A M P A A
    18 9 1 1 13 16 1 1 - as numbers
      9 9 1 1 4 7 1 1 - digits added
    \_____/ \_____/ \_____/ \_____/
      9 2 2 2 - digits added

Thus, "RIAAMPAA" is 9222.

Add 1995, the year O J Simpson was acquitted for double murder - the result is 11217.

Add 661 to it - this is the year Roman Empire was devastated by a plague, written backwards - you will get 11878.

Subtract 6861 from the number - this is the year Newton published wildly misunderstood "Principia", written backwards. It gives 5017.

Subtract 1351 from the number - this is the year Richard Roose was conveniently boiled to death for trying to poison an archbishop, written backwards. It gives 3666.

Subtract 1876, the year first crematorium in the United States opened. The result will be 1790.

The number 1790 is the year US patent system was established (eevil).

This clearly proves how evil the subject is. QED.

Courtesy of Evilfinder:
http://lcamtuf.coredump.cx/evilfinder/ef.shtml

looks like an implementation of Michael Zalewski's Juggling With Packets concept, the storing of data in buffers of publicly available services for use as a filesystem.

Lynx has had it's problems. You can crash some previous (recent) versions with very large tables. They can be empty tables too like this one.

http://lcamtuf.coredump.cx/p0f.shtml

See the evil finder to generate this sort of thing.

bind 8,9 and djbdns
original
update
You might want to check out some of his other stuff, too - http://lcamtuf.coredump.cx/

bind 8,9 and djbdns
original
update
You might want to check out some of his other stuff, too - http://lcamtuf.coredump.cx/