Reflections on Brilliant Digital: Single Points of 0wnership

← Back to Stories (view on slashdot.org)

Reflections on Brilliant Digital: Single Points of 0wnership

Posted by michael on Sunday April 7, 2002 @09:30AM from the zombie-hordes dept.

nweaver writes "Some reflection on Brilliant Digital's plans shows that they have inadvertently created a Single Point of 0wnership: a single machine or small group of machines which, if succesfully attacked, can be used to gain effective control of the Internet. The implications are rather scary: Even if you never touched KaZaA, your systems may be affected if someone manages to attack Brilliant Digital's update service. Who needs a Warhol Worm?".Updated by HeUnique: use these instructions to remove the Brilliant part.

6 of 278 comments (clear)

Min score:

Reason:

Sort:

Re:Any comments? by DCram · 2002-04-07 09:43 · Score: 5, Informative

From the article the other day on root DNS servers.
Story
For the "internet" to be greatly affected multiple root servers must be brought down.

"The DNS is built so that eight or more of the world's 13 master root servers would have to fail before ordinary Internet users started to see slowdowns, according to John Crain, manager of technical operations for the Internet Corporation for Assigned Names and Numbers (ICANN)."

--
If I were only smart enough to accomplish the things I dream about.. Or maybe too dumb to care.
Re:Doesn't XP already do this? by Anonymous Coward · 2002-04-07 10:16 · Score: 3, Informative

That's certainly a security risk with XP, basically they've extended RDP (which was available in W2K Server) onto the desktop. From an administration point of view this is a god-send. Additionally, I would note that by default RDP is not enabled on systems, and by default when you enable it, it's to allow someone you know to access your system, to whom you send an e-mail with a special link/key and then give them a password through a separate (we hope secure... but that's the end user's own issue) method. So far I haven't seen any proof-of-concepts for a sever compromise via RDP, and realistically speaking, this is a lot like SSH is to *nix... it gives you access to the 'command line' of windows... the gui... Certainly RDP is a security risk for everyone running it, but so is connecting to the Internet - from what I've seen there are many more, much larger vulnerabilities in m$ products than this one poses.
Re:what nonsense by FrostyWheaton · 2002-04-07 10:20 · Score: 3, Informative

How does it affect me, when I haven't installed the program?

The answer to this question is painfully simple: You are connected to and attempting to use the same network. Internet users, slashdot readers especially, should appreciate the effect that(tens/hundreds of) thousands of "other people" can have on such a network.

" You're telling me that if they get hacked, the entire Internet is at the mercy of the hackers. Why is that?"

Because, the actions of millions of compromised machines have the ability to bring internet traffic to a standstill. millions of boxes, spread throught the world all participating in a coordinated DoS attack, would be, as the article states, "unstoppable"

--
Comments should be like skirts. Short enough to keep your attention, but long enough to cover the subject
This all applies to Grokster as well by markh1967 · 2002-04-07 10:26 · Score: 3, Informative

Just to make people aware that the trojan is also distributed with other FastTrack browsers such as Grokster. It is not just confined to KaZaa. I've never downloaded or installed KaZaa but I am running Grokster (with the spyware removed and dummy cydoor dll in place) and I was infected as well. If you're running Grokster check out your Windows directory. If there's a folder in there called BDE and you aren't running the Borland Databse Engine then you're infected as well.

--
Input error. Replace user and press any key to continue.
Re:Already Exists by cscx · 2002-04-07 10:37 · Score: 4, Informative

No, see, Windows Update has security signatures on all of its packages. Plus, you are discounting that the auto-update feature is only available Windows ME and XP, and even so, it doesn't automatically install updates unless you explicitly set it to. That really narrows down the population. Don't forget all the corporate users who are subject to Windows Update corporate edition, where the admin decides which updates to install.

On the other hand, how many people are running Kazaa in comparison (on Win95, for example)? A lot more. What is worrysome is the corporate user running Kazaa behind an improperly set firewall. If he is on a large pipe, that can spell trouble. Imagine that problem multiplied by the number of users running Kazaa. Can you say "imagine a Beowulf cluster of DoS zombies?"
Re:Bah - hack Windows Update by evilquaker · 2002-04-07 11:07 · Score: 3, Informative

MS-bashing aside, I am certain that Microsoft has taken all reasonable precautions...
Why would you expect that? Recall that Windows Update got infected with Code Red, even though a security fix was available a month earlier...

--
To within half a percent, pi seconds is a nanocentury. -- Tom Duff