Slashdot Mirror

replying to myself with more info!
I have been running windows 7 embedded of bootable USB media for years now. makes for an excellent portable system with all my tools for fixing family windows machines on them. You can also manually create Windows 2 Go with win 8 pro manually so it doesn't have to be enterprise version (or at least you used to be able to, have not done that for a while).
http://technet.microsoft.com/e...

[Console makers] have secret guidelines for what content is acceptable

PCs don't

True, desktop allows unlimited sideloading, and Microsoft publishes its Windows Store guidelines. But carrying a 3DS would appear far more convenient than carrying a laptop.

As I understand this, a vulnerable server can expose its private SSL key to an attacker. With this private key, I can decrypt all of its encrypted SSL traffic.

As already mentioned, it's anything in the server's memory. Or the client's, since Heartbleed affects clients too.

Now, as I understand this so far, having the private key is great, but I need to be able to MITM the connection to decrypt anything.

It depends whether the connection is using perfect forward secrecy or not. If it's using PFS, then you need an active MITM to grab the session keys, so you can't decrypt old captured traffic and you need to keep your MITM up for new traffic. If there's no PFS, then all traffic ever sent with a given SSL cert can be decrypted with access to that cert's private key. All you need is to passively sniff it, then store it for later on the off-chance you ever get (or crack) the key.

(I'm going to write a small essay on this, because it's important but very poorly documented on the web.)

Given that, you'd think PFS would be common, but according to this study it's only available on 60-70% of web servers (they don't give a precise number, just 60% that support DHE and 18% that support ECDHE, but those two sets overlap), of which 80% prefer to use cipher suites without PFS, so about half of webservers either don't support PFS or typically won't use it. Slashdot doesn't, for example. Neither does microsoft.com. I guess that's just the homepage, but then windowsupdate.microsoft.com doesn't use it either. It's not supported on outlook.com's web, IMAP, POP3, or SMTP servers. addons.mozilla.org and marketplace.firefox.com also join the club, but their main website and the Firefox update sites do PFS at least. I couldn't find a Google property that didn't do PFS.

And on top of that, of those sites that do use it, 99.3% use 1024-bit DH parameters, which essentially lowers the length of their RSA keys to 1024 bits (which affects the 80% of sites with 2048-bit or longer RSA keys).

If you want to make sure you're actually using PFS, and with decent DH parameters, you generally need to make sure to configure it. Apache does this for you automatically from 2.4.7 onwards (before that, it'll use PFS but only with 1024-bit DH parameters). A lot of other software requires being fed DH parameters manually -- for instance, Courier's IMAP/SMTP servers, ZNC, ircd-hybrid etc. (And when was the last time you configured DH parameters for a server?)

You can check if any given connection supports PFS by looking at the cipher suite in use. If it starts with DHE or ECDHE, it has PFS. (The "E" at the end stands for ephemeral; if it says DH, ECDH, or doesn't mention either of those, then there's no PFS). You can check with e.g. CipherFox in Firefox, or using the openssl command-line tools:

$ openssl s_client -connect www.debian.org:443 | grep Cipher
        Cipher : DHE-RSA-AES256-GCM-SHA384

If you point it at servers you use regularly, you'll probably be pretty depressed at the results. I know I was when I was making that list above...

As I understand this, a vulnerable server can expose its private SSL key to an attacker. With this private key, I can decrypt all of its encrypted SSL traffic.

As already mentioned, it's anything in the server's memory. Or the client's, since Heartbleed affects clients too.

Now, as I understand this so far, having the private key is great, but I need to be able to MITM the connection to decrypt anything.

It depends whether the connection is using perfect forward secrecy or not. If it's using PFS, then you need an active MITM to grab the session keys, so you can't decrypt old captured traffic and you need to keep your MITM up for new traffic. If there's no PFS, then all traffic ever sent with a given SSL cert can be decrypted with access to that cert's private key. All you need is to passively sniff it, then store it for later on the off-chance you ever get (or crack) the key.

(I'm going to write a small essay on this, because it's important but very poorly documented on the web.)

Given that, you'd think PFS would be common, but according to this study it's only available on 60-70% of web servers (they don't give a precise number, just 60% that support DHE and 18% that support ECDHE, but those two sets overlap), of which 80% prefer to use cipher suites without PFS, so about half of webservers either don't support PFS or typically won't use it. Slashdot doesn't, for example. Neither does microsoft.com. I guess that's just the homepage, but then windowsupdate.microsoft.com doesn't use it either. It's not supported on outlook.com's web, IMAP, POP3, or SMTP servers. addons.mozilla.org and marketplace.firefox.com also join the club, but their main website and the Firefox update sites do PFS at least. I couldn't find a Google property that didn't do PFS.

And on top of that, of those sites that do use it, 99.3% use 1024-bit DH parameters, which essentially lowers the length of their RSA keys to 1024 bits (which affects the 80% of sites with 2048-bit or longer RSA keys).

If you want to make sure you're actually using PFS, and with decent DH parameters, you generally need to make sure to configure it. Apache does this for you automatically from 2.4.7 onwards (before that, it'll use PFS but only with 1024-bit DH parameters). A lot of other software requires being fed DH parameters manually -- for instance, Courier's IMAP/SMTP servers, ZNC, ircd-hybrid etc. (And when was the last time you configured DH parameters for a server?)

You can check if any given connection supports PFS by looking at the cipher suite in use. If it starts with DHE or ECDHE, it has PFS. (The "E" at the end stands for ephemeral; if it says DH, ECDH, or doesn't mention either of those, then there's no PFS). You can check with e.g. CipherFox in Firefox, or using the openssl command-line tools:

$ openssl s_client -connect www.debian.org:443 | grep Cipher
        Cipher : DHE-RSA-AES256-GCM-SHA384

If you point it at servers you use regularly, you'll probably be pretty depressed at the results. I know I was when I was making that list above...

7 is fine. MS list the Extended Support End Date as 1/14/2020. That will do.
How long have people been hanging on to XP? - 14 years and going? http://support.microsoft.com/l...

[quote]
As most people will have heard, Microsoft will end support for anyone who hasn't upgraded to Win8.1 Update 1 on May 8
[/quote]

So, how about a link to a press release from Microsoft for verification? It doesn't seem to be mentioned on their lifetime chart.(Windows Update Lifecycle)

Most organizations don't.

Because Microsoft provides it for free

According to this https://technet.microsoft.com/... only the server core versions
of the server products (2008,2012) did not have a vulnerable IE version included by default.

I recently ran across a bizarre claim that the average office worker's time is dominated by outlook (duh) but that Microsoft Word was number two at a paltry few minutes per day, and Powerpoint even less than that.

No mention of Excel?

Not that it matters. You don't choose an office suite for the "average worker." You choose what best serves the needs of your clerical staff as a whole, whether it be ten workers, a hundred, a thousand, or ten thousand.

casual users needs can be met by a wide variety of FOSS projects

FOSS remains solidly anchored in the era of the stand-alone office suite --- sans Outlook.

While Microsoft positions MS Office as simply one component of an integrated office system that sales to an enterprise of any size. Microsoft Office 365 for Health Organizations

Hampshire CC is at least a partially Microsoft environment, as their SAP ERP system is hosted on SQL Server (M$ have a case study from 2012 on the migration from Oracle/Unix), so their IT admins probably already have significant experience with the administration of MS packages.
http://www.microsoft.com/cases...

Based on the wording of their "Hantsweb" site detailing their software standards, the standard desktop OS is Windows 7, with Vista/XP being phased out or supported on a "best effort" basis and other operating systems not allowed to connect to the domain, so with the exception of any Unix admins left who used to look after their old database servers for the SAP environment, they are an exclusively MS shop possibly with some iOS expertise so that they can look after iPhones and iPads. They do not even support non-IE web browsers, having standardised on IE8...
http://www3.hants.gov.uk/itsch...

On that basis, the cost of user training and admin training for non-MS systems plus the added complexity of a platform change within the organisation is going to make the TCO of future MS solutions lower than an open-source alternative, especially if they get a good discount in return for another positive case-study.

The open source options may well be a better technical fit, once the pain of a platform migration is out of the way, though.

Actually, it's possible to remove all errors and imperfections, if you would be satisfied with being boring.

No. Software for which you can guarantee that no error exist is not only boring: it is useless.

To prevent the next Heartbleed, it's more productive to donate to LibreSSL.

You do not get my point. You may succeed in rendering it less probable. But you cannot prevent it.

I do get your point, and I disagree. Perhaps my point is not so clear, so I'll rephrase it: For a protocol as complicated as SSL, it's difficult to guarantee that a program is free of bugs, but it is possible to create a program free of exploits. With sufficient discipline in specific domains, it's also possible to create bug-free specifications. Computer programs are just math, and a lot of math can be proved. The key is to decompose programs into pieces that humans can reason about. That's what Crockford means by "error-resistant" programming.

I see that you're a Ruby programmer. It's difficult to create the Heartbleed vulnerability in Ruby. I guess you could do it if you did all your processing in a custom IO object "for performance reasons," like OpenSSL's custom malloc. That sort of silliness is all over the OpenSSL project, and that's what the LibreSSL project is eliminating. Now, the Ruby runtime itself is a complicated program and not bug-free, but every fix in the runtime eliminates a bunch of bugs in many Ruby programs.

Similarly, the OpenBSD project has a bunch of practices and programs to eliminate or mitigate the severity of exploits. At this point, I trust them more than I trust OpenSSL. So, we should support LibreSSL.

First of all ever app operates in it's own sandbox, so no app can access the data of another app.

Is this why users can't upload text documents created in a word processing app to a web form?

Secondly, yes, there's an app reviewer, assisted by automated tools, that's looking for whether your app does bad things.

I would like to know what this app reviewer currently considers to be "bad things", so that I know what applications I won't have any chance of finding in the App Store before I spend $299 plus tax on a device. Unlike Microsoft, which publishes its review guidelines for Windows Store and Windows Phone Store, Apple has chosen to keep this information behind the iOS Developer Program paywall. The widely leaked version of iOS Guidelines is three and a half years old.

Thirdly, things such as requesting your location, as in this Swype example, then the OS pops up a dialog asking permission when the app first tries to do it. You can allow it or deny it. And you can change the permission whenever you like via the settings app.

To what extent does Apple require that applications for iOS remain functional when the user has chosen to deny permission? For example, to what extent does Apple Maps or any other navigation application remain functional when the user has chosen to deny GPS location? Otherwise, an application could just show a static screen "To use this app, please open Settings and change Location to Allow." and sit there until the user presses the Home button.

So: compressing that file would mean you need a part of memory to actually perform the compression. That means the data you write is not only the state of the system but also the state of the compressor of your system.

I imagine a run-length (RLE) compressor and decompressor could fit well under 512 bytes. That means about one page would have to be swapped out before hibernation can begin.

Regarding deallocation of unused memory: most OSes can't do that. A process can only request more vm memory with sbrk(), it usually can't deallocate such memory again. (In other words malloc and free never give 'memory back to the OS')

Is "decommitting" something that Windows does and OpenBSD does (search this page for "munmap") and everyone else lacks?

It's on Windows Update, or you can download it at https://technet.microsoft.com/...

Thank you.

I was unsure whether the Windows Update servers had been taken down, so that some exceptional process was necressary, or just left running at the end-of-life {plus I.E. fix} patch level.

This week's IE vulnerability (https://technet.microsoft.com/security/bulletin/MS14-021) is not "rendered dead" by running as a non-admin. It (like many other vulns) is limited to the rights of the user account running IE, but it can still do anything you can, such as deleting all your photos or uploading your tax details somewhere. This fact actually benefits the rest of the internet more than it does the affected user. We appreciate that grandma's limited account keeps the box from becoming a complete zombie, but she's probably more upset by losing pictures of little Timmy than by Windows' system files getting corrupted.

Apple, on the other hand, forbids emulators that allow users to add their own software.

This claim is outdated

This brings me to another ideological point about the iPad with which I disagree. Google and Microsoft publish the guidelines of their respective app stores. Apple, on the other hand, treats its App Store Review Guidelines as a trade secret and locks them behind a $99 per year paywall. Is there a public log of important changes to the Guidelines that I should be reading?

and meanwhile wrong/ no longer true.

Several years ago, Apple pulled a Commodore 64 game from the App Store just because the user could reset the emulated C64 into BASIC and key in programs. I'm aware that Apple has loosened up since then to the point where Codea and Python exist. But I thought emulators on the iPad were shipped with a handful of ROM or disk images and locked down to run only those images because of restrictions in the Guidelines against downloading executable code. When did this change? Which emulators that run on the iPad let the user add his own images?

Microsoft released the patch for XP as well.

It's on Windows Update, or you can download it at https://technet.microsoft.com/library/security/ms14-021

Microsoft has been caught executing code in fonts before, so what you intended to be a joke isn't one. Where I work, we think this issue: https://technet.microsoft.com/... is what shutdown our Windows servers last fall the day after we installed a font we used when generating PDF files. Fortunately, the virus writers were incompetent and crashed Windows, or we probably would have never found the exploit. All of the servers handled credit card transactions and one did ACH transactions so the problem could have put my employer out of business.

From Page 3 of this:

The C++ STL, with its dyslexia-inducing syntax blizzard of colons and angle brackets, guarantees that if you try to declare any reasonable data structure, your first seven attempts will result
in compiler errors of Wagnerian fierceness:

Syntax error: unmatched thing in thing from std::nonstd::_ _map<_Cyrillic, _$$$dollars>const basic_string< epic_mystery,mongoose_traits < char>, _ _default_alloc_<casual_Fridays = maybe>>

That was a pretty good rant, but if you want a true description of the mind-melting Lovecraftian horror that is programming (from a Microsoft distributed systems engineer, no less), there is no better read than this article.

It's solving the "Byzantine Generals" problem ( https://research.microsoft.com... ), which in simple terms is how to reach consensus without trust. In the context of a payment network like Bitcoin, the consensus to be reached is which transactions have occurred, and therefore what account balance each user has. Prior to the Bitcoin network, the only known method was a trusted third party, such as a bank, who keeps a central ledger of transactions and balances. The problem with a middleman is they can extract excessive fees, or arbitrarily decide not do business with you.

Bitcoin solves the problem using a distributed public ledger, with a "proof of work" function and chained hashes for blocks of transactions. The distributed ledger means everyone has a copy, and can independently verify the history of transactions. The proof of work generates consensus by adopting the longest chain of blocks as the true history. It had the most work put into generating it. Chained hashes use the hash of the previous block as part of the data for the next block (along with new transactions). So any change to past data is detectable.

Since the software is open source, and anyone can create private keys and associated account addresses for themselves, nobody can tell you they won't open a checking account or give you a credit card. Finding block hashes and collecting the rewards and transaction fees is competitive, so fees are set by the market, and not by an oligarchic entity.

The Block Chain technology creates trusted records for transaction data in an untrustworthy environment. But since you can hash any kind of data whatsoever, not just financial transactions, you can keep trusted records for any kind of data. This has usefulness far beyond bitcoin itself, although few of those uses have been developed yet.

Care to cite any sources you have refuting this?

I was firmly under the impression XP updates are no more unless you are a huge company/government.

Source: http://windows.microsoft.com/e...

The solutions listed are: "Upgrade" to win8. Buy a new computer."

Whoops - you missed a couple:

Buy a Mac

Run Linux

Go Chrome

FTFY

I could really give a Rat's ass if Microsoft blew up every OS they had, because Microsoft is on the fast track to being the outlier, the misfit, the non standard OS.

Writing programs for specific versions of IE is just the sort of short sighted stupidity that tells us that Microsoft shills are just what we think they are - incomparably unintelligent. Did these asshats think that the web and it's technology was going to magically stop at IE 6? Unforgivible, and almost criminally stupid.

Quick now, come back with your "installed user base meme" before it becomes irrelevant. Let us all now bow before the superior Microsoft Operating system before it goes the way of Zeus or Dagon, or the idea that we should all eat shit, because all those houseflies cannot be wrong.

Care to cite any sources you have refuting this?

I was firmly under the impression XP updates are no more unless you are a huge company/government.

Source: http://windows.microsoft.com/e...

The solutions listed are:
"Upgrade" to win8.
Buy a new computer.

What the fuck makes you think they are 100% going to patch versions that work on XP?
I would even settle for why you believe it to be "likely not true"

Ha! I'd give you mod points for that if I could. That's the first time I have ever tried to post using the new Beta interface on a mobile and it munted the link badly.

http://technet.microsoft.com/en-us/library/hh849901.aspx is the link.

That requires powershell 3. Prior to that you could use: System.Net.WebClient but the Invoke-WebRequest is far easier.

http://technet.microsoft.com/e... Using an old version of powershell?

The article just notes that the hybrid approach doesn't magically address the problems in concurrent and parallel programming that other have claimed that they do. No where in the article does the author say that these approaches aren't useful. And I agree, you do need that purity to get those advantages for concurrent programming.

But, purity comes at a cost. Monads add a order of magnitude of complexity compared to imperative models of I/O. The author notes that other approaches to the problem of side effects are complex that "one shouldn't need a PhD in computer science to code", but I think he fails to notice that monadic I/O is also incredibly complicated to the average programmer as well. It does end becoming a domain specific language very quickly, and that can be a big hammer for a very small problem.

But, the fundamental argument is sound. If you really want those gains that pure functional languages can bring to concurrency, you have to embrace that model completely.

However, I don't buy the argument that other approaches won't have merit. I found this paper (http://research.microsoft.com/apps/pubs/default.aspx?id=170528/) to show that type extensions really may have some promise in augmenting imperative OO languages for concurrency.

Click the learn more link on that page. It's specifically for Windows XP.

If you continue to use Windows XP now that support has ended, your computer will still work but it might become more vulnerable to security risks and viruses. Internet Explorer 8 is also no longer supported, so if your Windows XP PC is connected to the Internet and you use Internet Explorer 8 to surf the web, you might be exposing your PC to additional threats. Also, as more software and hardware manufacturers continue to optimize for more recent versions of Windows, you can expect to encounter more apps and devices that do not work with Windows XP.

I don't see where it says Windows Server 2008 support is affected.

The security announcement for this exploit specifically mentions all affected supported software, include IE6 on Windows Server 2003 Service Pack 2.
Microsoft can't say "Yes we support the OS at this Service Pack level, exception this specific fundamental component that can not be removed, you need to install a different version of it that doesn't quite work the same."

Nope.

IE 8 and under are no longer supported

Nope.

IE 8 no longer is supported either

I did a re-image of a computer and saw this

Since corporations like my own use IE 8 with low rights mode with sandboxing and protected mode turned off so they can run compromised certificates for ancient java I wonder if we will get patched?

This is much scarier as we handle HIPPA and credit card information and can be hacked.

Word shape is an discredited model long ago abandoned by reading scientists because it doesn't fit the evidence. See The Science of Word Recognition for an introduction which discusses the currently most accepted model, parallel letter recognition.

If optical thunderbolt ever catches on you could use it to attach multiple terminals to a computer, such as routing uncompressed low-latency video signals throughout your home. Last I checked, there still is not a good way to do this over gigabit ethernet.

You mean like using a terminal server and some thin clients? Or do you mean using a digital signage system?

These things are all available, and none of them use Thunderbolt, not even in its optical variety.

Sercomm is Taiwanese.

Which is Chinese as far as China's government is concerned.
China doesn't even like to acknowledge it's existence. Ran into a fun example the other day - China won't let Microsoft give users the Taiwanese language pack. You can set the system to Chinese (Traditional, Taiwan) but you can't get the actual language pack unless your install has some undocumented flags for being installed/built/sold/OEM prepped/whatevered inside Taiwan's borders.

http://support.microsoft.com/k...
Consider the following scenario:

You have a PC with Windows 8 or Windows RT installed on it.
Through the Language applet in Control Panel, you add Chinese (Traditional, Taiwan) as an additional language to use in Windows.

In this scenario, no Windows display language is available for download. However, if you choose other regions that use Traditional Chinese such as Hong Kong SAR or Macao SAR, Windows display languages are available for download.

This behavior is by design. While the Chinese (Traditional, Taiwan) language pack can be found on PCs available in Taiwan, Microsoft is unable to release the language pack outside of Taiwan. For this reason, this language pack is not available on Windows Update and cannot be downloaded using the Language applet in Control Panel.

To resolve this issue, use the Chinese (Traditional, Hong Kong SAR) language pack instead. This language pack is intended for worldwide users of Traditional Chinese even though the region is shown as Hong Kong.

Their solution was to use read and write which won't even compile on win32

Actually, those POSIX functions do exist and work just fine on modern Windows. See here: "Functions like open, fopen, read, write and others are available in the Visual C++ run-time library."

(In case you were wondering, they work fine on MinGW, too.)

The OpenSSL code was probably written back in the Win9x days when you really did need to do things completely different on Windows. Now that the industry-standard functions are supported, why include extra, completely unnecessary cruft behind an #ifdef? The more code, the more difficult to maintain and the more potential for bugs. Some of the "Windows-specific" code in the OpenSSL code base was hacks to make it compile on Visual C++ 5.0. Do you have any idea how ridiculously outdated that is?

You'll have to use your web browser, then, when in Gentoo: OneNote Web App

yep

  "In Excel 2007, the maximum worksheet size is 1048576 rows by 16384 columns."

http://office.microsoft.com/en...

WSUS allows for you to track patches and installed software much easier. It works as a pretty good gatekeeper for that sort of stuff. I'd recommend it.

As for dealing with CAB boards, just use logic and reason to destroy them and crush their spirits.

Honestly, you don't keep up with current events. I don't care for Excel but it has supported a million rows since at least 2007 but hey, let's pretend make statements from outdated data. 40 Mb of hard drive space is huge!

http://office.microsoft.com/en-us/excel-help/excel-specifications-and-limits-HP010073849.aspx

I wonder how many government offices -- the U.S. Federal government has long been Microsoft's biggest customer -- couldn't get along just fine with an open source word processor, even considering all the proprietary-format documents they're stuck with for now.

Microsoft positions MS Office as part of an integrated solution for clerical work that scales to an enterprise of any size.

Microsoft Office 365 for Health Organizations

Microsoft has entered into a HIPAA Business Associate Agreement (BAA) with Texas, a pact that carries much more weight these days after the HIPAA omnibus rule was released in January.

Implementing Office 365 for such a large network should serve as a sign that the state is comfortable enough with cloud computing that 100,000 employees, including the state Health and Human Services System, will be using the services.

What will Texas Office 365 deal mean for healthcare security? [Feb 2013]

I would suggest writing a php look up page where all you need to do is copy and paste the requisite KB Patch number, and it have it scrub the http://support.microsoft.com/k... article for related information and paste it into Re canned Letter.

Patch Request for KB

This patch is critical to maintain a stable and update to systems environment. Failure to approve and install this patch will leave your systems vulnerable to

Please note that after applying this patch

Please sign off as approved or rejected

Approved by

Printed name
Signature:
Date:

Rejected by

Printed name
Signature:
Date:

Sincerely your system admin,

Copy & Paste your KBs then proof read each letter make small adjustments where needed. Must most KB description articles are close enough with proper php scripting you should have no trouble pulling the relevant info from the page in the variables. and customizing a script with the info they want to see.

Print and repeat. Hand them hard copies, drink beer,

After they sign off on about 30 of them they will get tired and just say just do what you think is best and go back to doing your job.

It seems that the process is not that bad (even though your description does look a lot worse). Subscribe to the Microsoft Security Bulletins and they have a full description of each patch that they put out on Patch Tuesday (e.g., https://technet.microsoft.com/...). The same goes with RHSA. Subscribe to the updates that you are interested in; these will most likely be your OS, web servers, app servers, other software installed. Similarly, most vendors run security patch announcements. There will likely be a lot of noise but in a couple of months you will know how to extract the information the change advisory board needs. Here's the positive aspect of CAB: if you screw something up, you have someone else to blame! ;-)

For .Net developers:

Code Magazine
MSDN Magazine
DNC Magazine(Not a print magazine, but it is a PDF that you can print out.)

General Computing:

CPU Magazine (not as good as it used to be, but still not bad)
Maximum PC

My local bookstore carries quite a few Linux magazines imported from Great Britain.

Otherwise known as "the only sane way to simulate exceptions in C". Seriously. Read up on how "goto" is used in low-level code bases such as OS kernels, instead of citing some vague memory of a 1960s paper without understanding its criticisms.

I agree that using the goto statement is about the only sensible way to simulate a try/throw/catch block in C (of course, you can wrap this in macros to simplify). But that's a serious flaw in the C language, and it means that the maintainers of the C standard should have updated the standard with conditional execution methods that allows this to be handled in a more elegant manner – maybe something like Windows structured exception handling.

But 6,740 of them? Really? I find it hard to believe that all were necessary, unless OpenSSL's code base is even more bloated than I've been led to believe.

Otherwise known as "making the thing go fast". Yes, I want the bignum library, or hashing algorithms, to use assembly. Things like SIMD make these tasks really effing fast and that is a good thing...

These days it's usually recommended to handle SIMD with compiler intrinsics, not inline assembly. You get the added power without having to do the whole inner loop on bare metal, or worry about your register usage conflicting with that of the compiler. (GCC's inline assembly syntax is almost incomprehensible.) Maybe, maybe, there are a tiny handful of inner loop situations where you need actual inline assembly, but don't jump to that conclusion ahead of time. They should have first written the algorithms in C, then tested and profiled, then if there were areas where more speed would be helpful, try compiler intrinsics to speed up and/or parallelize the bit-twiddling; and only then resort to inline assembly if that wasn't good enough. But OpenSSL was full of premature optimizations like their crappy fake malloc that was designed for unspecified systems that allegedly had poor performance with the system malloc. Why should we all have to put up with poor security because some idiot is still running a 386?

one reason that security-related code is best done in low level languages is that the implementer has absolute control over sensitive data. For example, consider an server which acquires a passphrase from the client for authentication purposes. If your implementation language is C, you can receive that passphrase into a char array on the stack, use it, and zero it out immediately.

That scenario actually explains why security-related code is best done in MANAGED languages using something like SecureString
http://msdn.microsoft.com/en-u... -- this way, you still have API control to zero it out immediately, but you also benefit from the fact that you can make it ReadOnly, the fact that it's encrypted, the fact that it was authored by someone who's more expert in security than you and has had more eyes to review it than your ad-hoc solution.

Yes yes of course but you're missing the point. We'll ignore that sarcasm doesn't carry and that the exploit mitigation stuff in OpenSSL has been repeated again and again without a hint of irony and so one may be lead to believe such a thing exists in OpenSSL.

First off,

And all those technical mitigations Theo is prattling on about would have helped if OpenSSL were cleaned up... AND if those technical mitigations were in Linux, not just OpenBSD.

Here's the thing: OpenBSD is a hobby OS. It's like Linux with grsecurity: yes they've mitigated all this shit ages ago, yes people run grsecurity in production, yes anything that grsecurity "would have prevented" is effectively unprotected because damn near no one runs grsecurity. If someone asked me to bet on whether there was more OpenBSD or more grsecurity in production on machines installed by system administrators starting from bare metal (i.e. not appliances that are mystery boxes that nobody reads the logs on nor updates nor understands anyway), I would avoid the bet.

OpenBSD's allocator is what we call "Proof of Concept". OpenBSD is what we call "Proof of Concept". It exists somewhere in real life, you can leverage it (I've leveraged proof-of-concept exploit code from Bugtraq in actual exploit kits), but it's not this ubiquitous thing that's out there enough to have an impact on the real world. BSDs are estimated to be about 1.0% of all servers on the Internet (as of February 2014, sorry don't have current numbers), OpenBSD a portion of that, FreeBSD a bigger portion. That means most of everyone interesting--Suntrust, Bank of America, slashdot, the NSA, Verisign, Microsoft, Google--is running a non-OpenBSD operating system with no such protections.

And again, the concept of allocation caching is common. Freelists are used when allocations are all the same size; that gripe is essentially that a valid data object is not valid because they dislike it. Plenty of software uses freelists, and freelists are a generalization of the object pool software design pattern used for database connection caching in ORMs, token caching in security systems, and network buffers (ring buffer...). I would be surprised if OpenBSD's libc and kernel didn't make use of freelists or object pools somewhere.

Also it's funny that you ignored the whole "this vulnerability would have happened basically everywhere anyway and the impact would have been the same even if all other code besides what's in this one function was perfect" thing. Mickens warned me about people like you:

Security people are like smarmy teenagers who listen to goth music: they are full of morbid and detailed monologues about the pervasive catastrophes that surround us, but they are much less interested in the practical topic of what people should do before we’re inevitably killed by ravens or a shortage of black mascara.

The “threat model” section of a security paper resembles the script for a telenovela that was written by a paranoid schizophrenic: there are elaborate narratives and grand conspiracy theories, and there are heroes and villains with fantastic (yet oddly constrained) powers that necessitate a grinding battle of emotional and technical attrition. In the real world, threat models are much simpler (see Figure 1). Basically, you’re either dealing with Mossad or not-Mossad. If your adversary is not-Mossad, then you’ll probably be fine if you pick a good password and don’t respond to emails from ChEaPestPAiNPi11s@virus-basket.biz.ru. If your adversary is the Mossad, YOU’RE GONNA DIE AND THERE’S NOTHING THAT YOU CAN DO ABOUT IT. The Mossad is not intimidated by the fact that you employ https://./ If the Mossad wants your data, they’re going to use a drone to replace your cellphone with a piece of uranium that

Well you're comparing phones/appliances to computers, so yes.

Windows has for many years now used a multiple-tier support strategy (the Windows Lifecycle policy). Microsoft supports an OS for 10 years, and during that period if they issue a service pack then they support the previous sub-version of Windows for 2 years. Windows 8.1 Update is about 30% of a service pack; the update contains a number of feature enhancements and on a code level it becomes a "base" OS that all future updates are built against. So unlike a normal security update, you can't skip Windows 8.1 Update and still get other security updates. This in turn can be interpreted as a violation of the Lifecycle Policy, as it's functionally a service pack and therefore Microsoft should continue providing security updates for Windows 8.1 (sans Update) for 2 years.

iOS on the other hand offers no such policy. You are expected to use the most recent version of the OS and Apple has never said any differently, full stop.

Never mind the huge difference between an OS for a disposable device, and an OS for computers that is expected to last for a decade or more and is interfaced with massive amounts of custom hardware and software. Unsurprisingly, the type of device and the expected use case for it is a big factor in how long an OS is supported and how OS updates are handled.

Microsoft only support the current service pack level and all those less than 24 months old for Windows Client and Server.
That's the agreement they've given to their customers.
They will drop support for 8.1 in 24 months time.

http://support.microsoft.com/l... .... wait a minute. They should at least update their support policy before cutting support.

Microsoft SHOULD have taken MVC design to its next logical level, and built upon .net instead of throwing it all away in the blighted name of Metro... common model and controller code across all Windows platforms, with different views for desktop, tablet, and maybe mobile devices whose displays are too small to treat like a tablet. They could have compiled the code to CLR, then had the installer itself compile it to native code optimized for the local platform. But no... they just *had* to ruin a good thing, and try to ram touch down everybody's throats.

This does not make sense to me at all. While I agree that's the way they should have taken (IMHO using MVVM instead of MVC), it is almost exactly the way they took. They didn't have all the ducks in row at the first iteration, but it was the plan all the way. They said so at the time.

You did not belive the FUD about Microsoft abandoning .NET did you? .NET is very, very much in the game. At /Build// Microsoft just announced Universal Apps.

MSDN has documentation

With universal apps you build one app for phone, tablets and laptops/desktops. The same app can share views and viewmodels (MVVM) across the form factors, or they can have completely different view/viewmodels. A view/viewmodel can also "adapt" to the formfactor - showing only primary and essential information on phones, more on tablets and include secondary/tertiary information on desktops.

When deployed, the universal apps are deployed as IL/CLR code. When a device installs an app, the cloud service will perform the compilation and serve a native app to the device, compiled for the architecture, memory requirements and core count. The delivery system will only serve resources used by the specific device, i.e. even if the universal app is distributed with extensive resources for desktop users, the package that is downloaded to a phone will strip those resources.

Metro was never mutually exclusive with .NET. Microsoft made plenty of blunders both with their messaging on Metro as well as the initial Dr. Jekyll-and-Hyde two-personality Windows 8. But they have been consistent on their messaging on .NET and apps.

“Yeah, that sounds bad. Have you checked the log files for errors?” I said, “Indeed, I would do that if I hadn’t broken every component that a logging system needs to log data. I have a network file system, and I have broken the network, and I have broken the file system, and my machines crash when I make eye contact with them. I HAVE NO TOOLS BECAUSE I’VE DESTROYED MY TOOLS WITH MY TOOLS. My only logging option is to hire monks to transcribe the subjective experience of watching my machines die as I weep tears of blood.”

Quote from here

MS Security Essentials is only free for personal and small business use (up to 10 PCs).

Sounds like the OP has at least 10 PCs, so I figured I'd throw this out here.

Source: http://windows.microsoft.com/e...