Slashdot Mirror


Secretly Monopolizing the CPU Without Being Root

An anonymous reader writes "This year's Usenix security symposium includes a paper that implements a "cheat" utility, which allows any non-privileged user to run his/her program, e.g., like so 'cheat 99% program' thereby insuring that the programs would get 99% of the CPU cycles, regardless of the presence of any other applications in the system, and in some cases (like Linux), in a way that keeps the program invisible from CPU monitoring tools (like 'top'). The utility exclusively uses standard interfaces and can be trivially implemented by any beginner non-privileged programmer. Recent efforts to improve the support for multimedia applications make systems more susceptible to the attack. All prevalent operating systems but Mac OS X are vulnerable, though by this kerneltrap story, it appears that the new CFS Linux scheduler attempts to address the problem that were raised by the paper."

10 of 250 comments (clear)

  1. A Useful Tool by Bios_Hakr · · Score: 4, Funny

    I run several websites off of a single host. If I need to login to do maintenance during peak hours, I'm slowed by Apache and MySQL. This would be a nice utility if it were wrapped into SUDO.

    --
    I'd rather you do it wrong, than for me to have to do it at all.
    1. Re:A Useful Tool by lecithin · · Score: 4, Funny

      alias renice 'echo Renice\? You must mean kill -9.; kill -9 \!*'

      --
      It could be worse, it could be Monday.
  2. What the?! by Rik+Sweeney · · Score: 4, Funny

    Using up 99% of the CPU's easy!

    #include

    int main(int argc, char *argv[])
    {
          while (1) {}

          return 0;
    }

  3. Re:What does this mean? by Da+Fokka · · Score: 5, Funny

    If you reply, do so only to what I explicitly wrote. If I didn't write it, don't assume or infer it.


    You gun-toting marxist redneck zealot astroturfers make me sick!

  4. Inevitable reply by lilomar · · Score: 4, Funny

    My mother is a gun-toting marxist redneck zealot astroturfer, you insensitive clod!

    --
    The creator of this post (Jacob Smith) hereby releases it, and all of his other posts, into the public domain.
    1. Re:Inevitable reply by Some_Llama · · Score: 4, Funny

      My mother is a Clod! you insensitive.. um.. nevermind.

  5. Re:The "sue" command by db32 · · Score: 4, Funny

    This is an outrage. You cannot 'sue' without lawyerd! What about the required functionality of 'sue --counter' and 'appeal'?!

    --
    The only change I can believe in is what I find in my couch cushions.
  6. Re:Google-cache article by Bobb+Sledd · · Score: 4, Funny

    and for those who dont have the time to read the paper...

    it works by avoiding running during the exact moment of a clock tick (which would be the moment when CPU usage...


    --Uhm... (looks at watch...) Say, I really don't have time for wordy summaries... could you maybe cut this down into about 10 words or less? Hurry it up! I ain't got all day!

    --
    "They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
  7. Re:Google-cache article by brunascle · · Score: 5, Funny

    it run when OS not looking

  8. Re:First announced exploit.. by Minwee · · Score: 4, Funny

    Somewhere a middle school English teacher is crying, and doesn't know why.

    Do you think this might be related to that incident where thousands of English teachers all burst into flames moments after the first SMS-enabled phone was released?