Researcher's Death Hampers TCP Flaw Fix

← Back to Stories (view on slashdot.org)

Researcher's Death Hampers TCP Flaw Fix

Posted by timothy on Wednesday April 8, 2009 @09:03AM from the sad-news-and-bad-news dept.

linuxwrangler writes "Security researcher Jack Louis, who had discovered several serious security flaws in TCP software was killed in a fire on the ides of March, dealing a blow to efforts to repair the problem. Although he kept good notes and had communicated with a number of vendors, he died before fixes could be created and prior to completing research on a number of additional vulnerabilities. Much of the work has been taken over by Louis' friend and long-time colleague Robert E. Lee. The flaws have been around for a long time and would allow a low-bandwidth 'sockstress' attack to knock large machines off the net."

147 comments

Come on... by Jonah+Bomber · 2009-04-08 09:04 · Score: -1, Flamebait

April 1 was a week ago.
1. Re:Come on... by Sir_Lewk · 2009-04-08 09:10 · Score: 3, Insightful
  
  Screw off you insensitive clod.
  
  --
  "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
2. Re:Come on... by mamono · 2009-04-08 09:21 · Score: 1
  
  That was my first thought reading the summary. I mean come on:
  
  The Ides of March
  Colleague "Robert E Lee"
  Low bandwidth attack that can take down large servers?
  
  I suppose we should all beware the Ides of March. Et tu, Bruce Schneier, et tu?
3. Re:Come on... by JO_DIE_THE_STAR_F*** · 2009-04-08 09:25 · Score: 1
  
  Exactly what I thought when I first read this. There is just to much seemingly made up stuff in the story. He died on the ides of March, his colleague is Robert E. Lee, and even his name seems made up for some reason. I went so far as to check out his facebook memorial and this still seems off to me.
  
  Still condolences to his family.
4. Re:Come on... by Lennie · 2009-04-08 10:10 · Score: 1
  
  The attack is very real.
  
  --
  New things are always on the horizon
5. Re:Come on... by Anonymous Coward · 2009-04-08 12:29 · Score: 0
  
  It's worse than an April fools joke. It's the new Dan Brown novel!!!
6. Re:Come on... by nog_lorp · 2009-04-08 16:36 · Score: 1
  
  Meh. According to the link, Sockstress is simply making lots of completed TCP connections to the target. The "sneaky trick" is apparently just doing it raw, so the client OS doesn't waste memory tracking them.
7. Re:Come on... by Lennie · 2009-04-10 11:56 · Score: 1
  
  I don't think this is about how simple it is, but how hard it is to fix it, because that is the real problem. If people only need a simple DSL to DOS a server, this is bad news. Obviously, you can limit per IP, but DDOS also becomes much easier this way.
  So that's why I think it's very real, more real than say the whole BGP-security stuff. Yes it does happen and the impact might be big, but there are some fixes. But this might be a lot harder to fix.
  
  --
  New things are always on the horizon
Accidental Death? by nurb432 · 2009-04-08 09:04 · Score: 3, Funny

Or was he silenced?

--
---- Booth was a patriot ----
1. Re:Accidental Death? by MindlessAutomata · 2009-04-08 09:09 · Score: -1, Offtopic
  
  Jews did Jack Louis.
2. Re:Accidental Death? by Anonymous Coward · 2009-04-08 10:09 · Score: 0
  
  Ew.
3. Re:Accidental Death? by Anonymous Coward · 2009-04-08 12:34 · Score: -1, Troll
  
  It could have been autoerotic asphixiation, which was one of the rumors surounding the death of W. Richard Stevens. Interestingly, as many Slashdot old timers remember, many /. posts regarding the evidence in that case were deleted by Rob Malda. It seems that slashdot is willing to foresake journalism in order to cover up the curious events in the lives of favored uber-geeks.
4. Re:Accidental Death? by bridgeco · 2009-04-08 12:59 · Score: 1
  
  UDP strikes again!
  
  --
  Groucho not Karl.
5. Re:Accidental Death? by CarpetShark · 2009-04-08 14:02 · Score: 1
  
  Accidental Death? Or was he silenced?
  He was killed in a fire. Clearly his research led him to discover that TCP had a back door, created by fire Daemons who live on the Sun, due to jealousy over *BSDgirls' net-wide successes.
6. Re:Accidental Death? by Anonymous Coward · 2009-04-08 17:43 · Score: 0
  
  pics plz
7. Re:Accidental Death? by fractoid · 2009-04-08 18:43 · Score: 1
  
  So if R. at the start of a name signifies a robot, what does W. signify? :P
  
  --
  Rampant carbon sequestration destroyed the Dinosaurs' tropical paradise. I'm here to help repair the damage.
8. Re:Accidental Death? by geminidomino · 2009-04-09 00:25 · Score: 1
  
  http://wigen.net/data/bsdmascots/
9. Re:Accidental Death? by Anonymous Coward · 2009-04-09 04:00 · Score: 0
  
  What asshole marked this as funny? I'm sure his research pissed off a number of people. Just like the ad block list maintainer that recently died.
  There's plenty of reasons for foul play. People have killed others for far less.
  I'd want some type of investigation. Anyone who's involved in controversial work who dies at a young age is probably worth some level of investigation.
Geez by elrous0 · 2009-04-08 09:06 · Score: 1

Is there anything Robert E. Lee CAN'T do?

--
SJW: Someone who has run out of real oppression, and has to fake it.
1. Re:Geez by PotatoFarmer · 2009-04-08 09:08 · Score: 4, Funny
  
  Win the civil war?
  
  Sincerely,
  a smug Yankee.
2. Re:Geez by oldhack · 2009-04-08 09:10 · Score: 1
  
  Don't get killed in a fire?
  
  --
  Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
I blame the CSA by Hoi+Polloi · 2009-04-08 09:07 · Score: 4, Funny

Much of the work has been taken over by Louis' friend and long-time colleague Robert E. Lee.
Clearly this was the result of a conspiracy by veterans of the civil war. I hope the other researchers, Grant and Lincoln, hear about this.

--
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
1. Re:I blame the CSA by moderatorrater · 2009-04-08 10:16 · Score: 1
  
  Dare you impugn the honor of Robert E. Lee, good sir? He may be our enemy, but that doesn't mean he's not a gentleman!
2. Re:I blame the CSA by Anonymous Coward · 2009-04-08 10:18 · Score: 0
  
  The Canadian Safety Association had nothing to do with this, I assure you.
  With Love,
  Canada
  P.S: Please don't blame our country anymore, it's getting tired.
3. Re:I blame the CSA by Anonymous Coward · 2009-04-08 11:21 · Score: 0
  
  They would but Lincoln was told a secret so powerful it blew his mind, so he's left the project.
  Grant would find out about it but he's been distracted, his own series of tubes are out of wack.
4. Re:I blame the CSA by Dreadneck · 2009-04-08 12:11 · Score: 1
  
  CSA stands for the Confederate States of America. Had he been referring to Canada, he would have used a term of endearment such as 'Canuckistan'.
  
  --
  Power does not corrupt - power attracts the corrupt.
Robert E. Lee by verbalcontract · 2009-04-08 09:08 · Score: 5, Insightful

Was it necessary to refer to his colleague as Robert E. Lee? Now we're going to get a ton of "South will rise again" jokes.
1. Re:Robert E. Lee by Professor+Fate · 2009-04-08 09:22 · Score: 1
  
  Assuming this is accurate, the guy could go by Bob Lee or even Robert Lee. The only reason to add the E is for attention.
  
  --
  Push the button, Max!
2. Re:Robert E. Lee by Anonymous Coward · 2009-04-08 09:23 · Score: 0
  
  Was it necessary to refer to his colleague as Robert E. Lee? Now we're going to get a ton of "South will rise again" jokes.
  So I shouldn't say anything about Viagra being sold in bait shops?
3. Re:Robert E. Lee by Anonymous Coward · 2009-04-08 09:23 · Score: 2, Informative
  
  I knew jack pretty well, this flaw is legit. Robert E. Lee (aka jrl) was in fact his partner, but in many people's opinions, he rode jack's successes.
  This story is really very sad, jacks passing was something that happened in the middle of the night with no warning, he was in the prime of his life and a VERY bright guy.
  Robert E Lee is a real name by the way.
4. Re:Robert E. Lee by geekoid · 2009-04-08 10:10 · Score: 1
  
  AS if saying "The South will rise again." isn't a big enough joke.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
5. Re:Robert E. Lee by Anonymous Coward · 2009-04-08 10:11 · Score: 0
  
  How did he pass on? He wasn't all that old, 31/32 years old.
6. Re:Robert E. Lee by FishWithAHammer · 2009-04-08 10:47 · Score: 1
  
  Says right in the summary...
  
  --
  "You can either have software quality or you can have pointer arithmetic, but you cannot have both at the same time."
7. Re:Robert E. Lee by religious+freak · 2009-04-08 10:48 · Score: 1
  
  RTFS
  
  --
  If you can read this... 01110101 01110010 00100000 01100001 00100000 01100111 01100101 01100101 01101011
8. Re:Robert E. Lee by frank_adrian314159 · 2009-04-08 11:20 · Score: 1
  
  Now we're going to get a ton of "South will rise again" jokes.
  I hope they do rise again. This time we'll let them go.
  -- Another Smug Yankee
  
  --
  That is all.
9. Re:Robert E. Lee by Anonymous Coward · 2009-04-08 12:00 · Score: 0
  
  Keep thinking that when you lose your job but I keep working. Don't need you down here, already hosting too damn many of your cousins.
  Besides what would yankee land do without all that tax on your payroll, real estate, etc.
  --
  Southernboy
  ~G_d made Texas HOT to keep the sissies out.
10. Re:Robert E. Lee by Architect_sasyr · 2009-04-08 15:15 · Score: 1
  
  Which is what sockstress has been about since the beginning. With attacks known for years (go check out netkill.pl or read a couple chapters Fyodor wrote for the stealing the network books) being readily available, these guys came out with an "OMG TEH INT@RWEBZ BE D!3ING!" causing a mass of media hype - claiming they would release more details later and generally be good about it.
  
  But we've heard nothing of them since it happened (except for a few "coming soon" posts in the week or two afterwards), and now suddenly it's hyped again because some obscure researcher (and let's face it, unicornscan isn't that big compared to some of the better tools out there - and they've all been updated since 2007) died in what is admittedly a tragic situation (anyone killed before their time is tragic).
  
  All these guys do is generate hype, gain a bit more funding, then fade away again.
  
  --
  Me failed English...
  FreeBSD over Linux. If my comments seem odd, this may explain...
11. Re:Robert E. Lee by Culture20 · 2009-04-08 15:32 · Score: 1
  
  Robert E. Lee? Now we're going to get a ton of "South will rise again" jokes.
  Sir, this is Slashdot. The only way you'll get any rise in the south is with hot grits.
12. Re:Robert E. Lee by Anonymous Coward · 2009-04-08 19:24 · Score: 0
  
  1 generate hype about security flaw
  3 die burning in flame
  2 require founding
  4 ???
  5 profit!
13. Re:Robert E. Lee by Anonymous Coward · 2009-04-08 23:29 · Score: 0
  
  No crap it's full of Yankees now if it did it would win.
14. Re:Robert E. Lee by geminidomino · 2009-04-09 00:29 · Score: 1
  
  Me too.
  I'll go with whichever side doesn't take Washington DC.
  Now who gets to be smug? ;)
Dang low bus factors! by mrbene · 2009-04-08 09:08 · Score: 5, Interesting

Less than a week ago is was Rick752. Now this one. Definitely reinforces the importance of collaboration, and the fragile nature of ideas.
1. Re:Dang low bus factors! by Anonymous Coward · 2009-04-08 15:30 · Score: 0
  
  Who is John Galt?
Original /. story by stevied · 2009-04-08 09:10 · Score: 2, Informative

New Denial-of-Service Attack Is a Killer (01 October 2008)
1. Re:Original /. story by BitZtream · 2009-04-08 09:12 · Score: 1
  
  Still waiting for it to kill something ...
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
2. Re:Original /. story by Arancaytar · 2009-04-08 12:41 · Score: 1
  
  Still waiting for it to kill something ...
  The one person who was going to fix the flaw was killed under mysterious circumstances. COINCIDENCE? I THINK NOT!! :P
the fire was started by by circletimessquare · 2009-04-08 09:12 · Score: -1, Offtopic

marcus junius brutus
or perhaps ulysses s. grant

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
1. Re:the fire was started by by ducomputergeek · 2009-04-08 11:49 · Score: 1
  
  More likely it was Shermen
  
  --
  "The problem with socialism is eventually you run out of other people's money" - Thatcher.
Its been around for a while by ravster · 2009-04-08 09:13 · Score: 1

... so I guess this guy passing away shouldn't make us too worried.
Died of smoke inhalation by Anonymous Coward · 2009-04-08 09:15 · Score: 0

It's like his lungs were DoSed.
Beware the Ides of March! by Anonymous Coward · 2009-04-08 09:18 · Score: 2, Funny

Suspect is a guy name Brutus, last seen wearing a plain white bedsheet.
Now you know... by Gizzmonic · 2009-04-08 09:19 · Score: 1, Funny

It's not a joke when you tell someone to DIAF on the Internet. What if someone told him that before he died? Think of how guilty they'd feel now!

--
(-1, Raw and Uncut is the only way to read)
Brutus set the fire by Anonymous Coward · 2009-04-08 09:22 · Score: 0

He should have bewared the Ides of March.
1. Re:Brutus set the fire by Red+Flayer · 2009-04-08 09:26 · Score: 2, Funny
  
  He should have bewared the Ides of March.
  
  Idiot. The correct grammar is:
  
  He should have beworn the Ides of March.
  
  --
  "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
What the fuck by Godji · 2009-04-08 09:27 · Score: 5, Insightful

So a good scientist dies and all Slashdotters can do is attempt whoring out a +5 Funny with lame jokes?

My high regard for the Slashdot community is obviously misguided.

It's a great loss for the research community and my condolences go to his family. And really, that's a nasty way to go... :(
1. Re:What the fuck by momerath2003 · 2009-04-08 09:31 · Score: 5, Funny
  
  High regard for the Slashdot community? Wow, dude, you seriously are misguided.
  
  --
  I had but a simple dream, to destroy all humans.
2. Re:What the fuck by Idiomatick · 2009-04-08 09:32 · Score: 1
  
  Go for a !funny tag? or... peoplearejerkfaces
3. Re:What the fuck by Anonymous Coward · 2009-04-08 09:35 · Score: 0
  
  I hope you realize that whoring based on pseudo-moral smugness isn't much better than whoring based on lame jokes.
4. Re:What the fuck by Anonymous Coward · 2009-04-08 09:37 · Score: 0
  
  Being all serious won't bring him back.
5. Re:What the fuck by DeathMagnetic · 2009-04-08 09:42 · Score: 0
  
  My high regard for the Slashdot community...
  Well THERE'S your problem.
6. Re:What the fuck by Anonymous Coward · 2009-04-08 09:47 · Score: 0
  
  But it worked for Jesus!
7. Re:What the fuck by Anonymous Coward · 2009-04-08 09:48 · Score: 0
  
  From the photos/posts on his facebook site/friend's blog he seems to have been surrounded by friends and held in high regards.
  There is no greater tribute to this guy's life than the number of folks who appeared to know him and were felt they were privileged to call him a friend.
  He alos appears to have been an uber-geek. A rare mix - almost a unicorn.
8. Re:What the fuck by Haley's+Comet · 2009-04-08 09:54 · Score: 2, Interesting
  
  The upside to this (if there is to be one) is that most people can die in their sleep in a fire. Smoke inhalation can kill you without you waking up. Let's all hope he never awoke.
  
  On the utter downside, we all seem to be losing bright minds. We lost Hans Reiser, Rick752, PCLinuxOS lost N1PTT (Robert Green) just to name a few more.
  
  It just goes to show you how fragile life really is. Some chose to celebrate it with us other geeks and share some code and what not. I thank you all that do!
  
  Shitty year for us all I guess?
  
  --
  The Illuminati would kill me, but I'm not rich enough to take notice of.
9. Re:What the fuck by Tridus · 2009-04-08 09:55 · Score: 3, Insightful
  
  People react in different ways to news like this. There's nothing wrong with making jokes, especially since a lot of us had no idea who he was.
  200 posts of "my condolonces" doesn't make for interesting reading.
  
  --
  -- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
10. Re:What the fuck by eln · 2009-04-08 09:57 · Score: 4, Funny
  
  But it worked for Jesus!
  Actually, Jesus came back from the dead for the sole purpose of taking his revenge out on all those lamoids who kept shouting out "Hey Jesus, how's it hangin'?" while he was up there on the cross. He spent most of his time between the resurrection and his final ascension into Heaven giving out wedgies and telling people to "stop hitting themselves".
  Of course, much of that has been lost in the various translations of the Gospels.
11. Re:What the fuck by ivoras · 2009-04-08 10:01 · Score: 2, Insightful
  
  If statistic's having anything to say, he would probably, as a geek, rather be remembered for the "Great Ides Of March Slashdot Postfest" than for a bunch of eulogies and condolences from unknown people.
  
  --
  -- Sig down
12. Re:What the fuck by DittoBox · 2009-04-08 10:09 · Score: 1
  
  What's sad is the fact that +1 funny has no effect on karma at all.
  
  --
  Good. Cheap. Fast. Pick Two.
13. Re:What the fuck by DittoBox · 2009-04-08 10:11 · Score: 1
  
  Shit, that came out wrong. I meant to say that it's sad that people whore for karma that they won't even get, and do so regarding something so serious. I agree with the (now) GP, really a shame.
  
  --
  Good. Cheap. Fast. Pick Two.
14. Re:What the fuck by maxume · 2009-04-08 10:25 · Score: 5, Insightful
  
  150,000 strangers died today. Picking 5 of them and feeling bad about it is awful damn close to insanity.
  
  --
  Nerd rage is the funniest rage.
15. Re:What the fuck by Anonymous Coward · 2009-04-08 11:03 · Score: 3, Funny
  
  What, like RST in peace?
16. Re:What the fuck by summner · 2009-04-08 12:10 · Score: 2, Insightful
  
  I believe something has happened to the slashdot community in recent times. It seems as if it became polluted or diluted, with people thinking of themselves as geeks or nerds or whatever, but being neither.
  I see history repeat it self as it happened with Digg, the only difference - Digg started from level which slashdot is currently at.
  I think it might be a good time for me too look for new web 2.0 news source which has for instance some kind of IQ level discrimination. Or drop this unproductive habit of mine whatsoever.
  PS I hardly ever LoL'ed at any +5 Funny post here.
  PS/2 I really just don't get the culture of lol, a fucking smirk is not laughing out loud goddammit.
  
  A man has died, and you fucking joke about it because he had a friend named Robert E Lee. Well if it wasn't for your stupid American movies I wouldn't even have any idea who Lee was.
17. Re:What the fuck by Frankie70 · 2009-04-08 12:22 · Score: 1
  
  So a good scientist dies and all Slashdotters can do is attempt whoring out a +5 Funny with lame jokes?
  Technically, you can't call it whoring. Sleeping around, maybe.
  Because getting Moderated Funny doesn't increase your Karma.
  From the FAQ
  Note that being moderated Funny doesn't help your karma. You have to be smart, not just a smart-ass
18. Re:What the fuck by Archangel+Michael · 2009-04-08 15:13 · Score: 1
  
  PS/2? That machine sucked!
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
19. Re:What the fuck by celle · 2009-04-08 15:15 · Score: 1
  
  "I see history repeat it self as it happened with Digg, "
  Digg wasn't the first time either. Long ago, there was usenet, then the endless summer when the idiots showed up. Slashdot reached the endless summer long ago, and now it's just getting stupider.
20. Re:What the fuck by Anonymous Coward · 2009-04-08 15:18 · Score: 0
  
  I believe something has happened to the slashdot community in recent times.
  I believe they have caught 4chanititus /b/
21. Re:What the fuck by mattwarden · 2009-04-08 15:37 · Score: 1
  
  Did yelling at other people make you feel like a better person?
22. Re:What the fuck by Anonymous Coward · 2009-04-08 18:30 · Score: 0
  
  And really, that's a nasty way to go... :(
  Is there a good way? ;p
23. Re:What the fuck by sowth · 2009-04-08 19:14 · Score: 1
  
  I think a lot of the unfunny jokes and trolls and "first posts" are from actual children, and perhaps some mentally ill adults in the mix. Seriously who else would think some of the crap they write is funny or even worth the effort to write. It looks like the Internet has replaced the TV as the "universal babysitter." All of the "think of the children" idiots say we should censor the Internet, but really we should keep the children off the Internet. It wasn't built for them.
  If I ever get my forum going, I want to find a way to filter out anyone under the age of 17 or so.
  IQ level discrimination: maybe make the captcha also an IQ test too? Anyone not smart enough can't post.
24. Re:What the fuck by Anonymous Coward · 2009-04-08 19:46 · Score: 0
  
  Mod parent +5 funny!
25. Re:What the fuck by N3Roaster · 2009-04-08 19:57 · Score: 1
  
  It wasn't endless summer, it was eternal September. As in the month when students got their first computer and decided to let the Internet know that they knew nothing.
  
  --
  Remember RFC 873!
26. Re:What the fuck by roman_mir · 2009-04-08 22:54 · Score: 1
  
  There is over a million people, cowards and bots here, do you really believe that they are a community?
  
  --
  You can't handle the truth.
27. Re:What the fuck by Eunuchswear · 2009-04-09 02:12 · Score: 1
  
  I think it might be a good time for me too look for new web 2.0 news source which has for instance some kind of IQ level discrimination.
  Web 2.0? With IQ? Sorry, lost cause.
  
  --
  Watch this Heartland Institute video
28. Re:What the fuck by Anonymous Coward · 2009-04-09 02:13 · Score: 0
  
  Man, stop being a drag.
  It isn't our fault the inconsiderate prick decided to up and die, is it?
29. Re:What the fuck by solafide · 2009-04-09 02:15 · Score: 1
  
  ycombinator
30. Re:What the fuck by BurzumNazgul · 2009-04-09 04:18 · Score: 1
  
  149,995 useless strangers died today.
  
  --
  I can say [REDACTED] anytime I want!
But... by Roger+W+Moore · 2009-04-08 09:30 · Score: 5, Funny

I thought you Americans did win that one?
1. Re:But... by Sir_Lewk · 2009-04-08 09:38 · Score: -1, Redundant
  
  Both sides were Americans, that's why we call it the American Civil War.
  
  --
  "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
2. Re:But... by Anonymous Coward · 2009-04-08 09:45 · Score: 1, Funny
  
  As opposed to the American uncivil war?
3. Re:But... by Anonymous Coward · 2009-04-08 09:52 · Score: 0, Funny
  
  The one in Iraq?
4. Re:But... by PitaBred · 2009-04-08 09:56 · Score: 1
  
  Talk to a lot of people in rural Georgia and Alabama and such, and though they're Americans they'll still tell you they lost the war.
  
  --
  My blog. Good stuff (when I remember to update it). Read it.
5. Re:But... by Tomy · 2009-04-08 10:43 · Score: 1
  
  But they don't call it the Civil War, rather "The War of Northern Aggression," which apparently was fought for "States Rights."
6. Re:But... by the_denman · 2009-04-08 11:02 · Score: 1
  
  they didn't loose, they are just bideng their time till they can rise up again!
7. Re:But... by Hordeking · 2009-04-08 11:14 · Score: 1
  
  Both sides were Americans, that's why we call it the American Civil War.
  It wasn't very civil. And we lost. The president used it as a way to usurp power from the states beyond question.
  
  --
  Disclaimer: The opinions and actions of the US Gov't are in no way representative of those held by this author or its ci
8. Re:But... by Dreadneck · 2009-04-08 12:08 · Score: 1
  
  T-shirt idea:
  "Rebel Condoms - Because the South shall rise again." printed around a condom package with a rebel flag on it.
  
  --
  Power does not corrupt - power attracts the corrupt.
9. Re:But... by jgtg32a · 2009-04-08 12:09 · Score: 1
  
  I'm fairly certain that he's making a joke about the French and the last war they won was the revolution.
10. Re:But... by Anonymous Coward · 2009-04-08 12:21 · Score: 2, Funny
  
  LA
11. Re:But... by Anonymous Coward · 2009-04-08 12:35 · Score: 1, Insightful
  
  ... such as the right to own slaves.
12. Re:But... by Roger+W+Moore · 2009-04-08 14:54 · Score: 1
  
  Really? From what I heard it was far from civil.
13. Re:But... by Anonymous Coward · 2009-04-08 15:27 · Score: 0
  
  Oh riiiight,
  Because holding steadfast to slavery is soo much better.
14. Re:But... by Maestro485 · 2009-04-08 15:35 · Score: 2, Funny
  
  Dear guys, Words can not express how much I hate you guys. As we fight our way northward into the great unknown, only that one thing remains certain: that I hate you guys with every tired muscle in my Confederate body. We have taken Topeka and now I must rally the men onward to Missoura, because I will not stop until we have won it all and you guys are my slaves. Because, I hate you guys, I hate you guys so very very much. Yours, General Cartman Lee
15. Re:But... by Ihmhi · 2009-04-08 21:26 · Score: 1
  
  And now an appropriate response from a poem of that era, slightly modified to be relevant here.
  Whoosh to right of them,
  Whoosh to left of them,
  Whoosh in front of them
  Volley'd and whoosh'd.
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
16. Re:But... by Anonymous Coward · 2009-04-08 23:22 · Score: 0
  
  No Wall Street won that one and i am pretty sure they are going to win this one too, but don't worry in 100 years it will be known as the war for illegal immigration rights or something like that.
17. Re:But... by Hordeking · 2009-04-09 16:20 · Score: 1
  
  ... such as the right to own slaves.
  Slavery would have ended on its own. It was on the way out in other major countries, and mechanization would've rendered slaves impractical by 1900.
  
  --
  Disclaimer: The opinions and actions of the US Gov't are in no way representative of those held by this author or its ci
Here's the guy... by tjstork · 2009-04-08 09:36 · Score: 5, Informative

Well, everyone's having a good laugh at the expense of the death of this guy. May as well laugh at a picture of him.

--
This is my sig.
1. Re:Here's the guy... by Johnno74 · 2009-04-08 15:53 · Score: 1
  
  Is that him on the right or the left?
2. Re:Here's the guy... by Oricalchos · 2009-04-08 22:09 · Score: 1
  
  Aww, damn you. He was cute. :(
Naptha all over again by drwho · 2009-04-08 09:38 · Score: 3, Informative

This problem was demonstrated in 2000, with the NAPTHA software and its demonstration that the problem is not academic. Yes, before NAPTHA, there was some software that could demonstrate the issue but this software had issues itself (written in perl, kept state) which limited its effectiveness. SockStress is just NAPTHA revisited.
I have a fix for this problem, but there's not enough room in the margin to describe it.
1. Re:Naptha all over again by TubeSteak · 2009-04-08 11:32 · Score: 1
  
  Can you guarantee that the fix will be rolled out to everyone at the same time?
  Because this just seems like it's going to cause chaos once it is reverse engineered.
  See: Conficker which is attacking the estimated 30% of unpatched Windows PCs
  At some point, something epic is going to happen and we'll end up with:
  A. OSes take away your control over updates, or
  B. ISPs take away your access unless you are updated
  Then again, there's also the remote possibility that windows/linux will become resistant to remote and local exploits.
  
  --
  [Fuck Beta]
  o0t!
2. Re:Naptha all over again by pyrrhonist · 2009-04-08 12:04 · Score: 2, Informative
  
  Can you guarantee that the fix will be rolled out to everyone at the same time?
  The fix has already been rolled out long ago.
  Do you know what the fix is? Source address level filtering. It's that simple.
  This attack is less of a threat than SYN flooding attacks, because the attacker's address can't be spoofed. More information from Fyodor.
  
  --
  Show me on the doll where his noodly appendage touched you.
3. Re:Naptha all over again by drwho · 2009-04-08 12:48 · Score: 2, Insightful
  
  Source address level filtering does provide some level of protection against a SYN flood. The problem is, it is not universally implemented. Another problem is someone who doesn't care to hide their address. If you are doing more than a SYN flood, but more advanced TCP hijinx, you need to use your read IP address anyhow. So, it's not much of a fix. Neither is the recommendations which came out back in 2000, which was to increase the resource limits that the operating system imposed upon the IP stack. I could go on and on, on how each measure so far implemented has just raised the bar against these type of attacks, but hasn't really done much to prevent them. Yes, you might not be able to knock over a stock OpenBSD install with 1023 packets any more, but the problem persists.
4. Re:Naptha all over again by drwho · 2009-04-08 12:56 · Score: 3, Interesting
  
  My fix is on the server side. It does not require changes in the stack code of clients who would connect to it. Reverse-engineering it would gain the attackers nothing. An all-or-nothing fix would not be much of a fix. Neither would one which was successful based upon its obscurity.
  I am not telling you what it is because I am hoping that Microsoft will pay me some money to give them access to it. Apple as well (and Sun if they're still around). Once these are secured, I will open the invention to the FOSOSs. (Free Open Source Operating Systems). Call me greedy if you want, but I am tired of researching security and not getting paid for my hard work. That's why you haven't seen me by this handle or my real name posting security advisories for some time.
5. Re:Naptha all over again by Anonymous Coward · 2009-04-08 15:22 · Score: 0
  
  I'm sure that Microsoft will be happy to pay you well on condition that you DON'T allow free software implementations. NDA, blah, blah... so make sure you sell your soul for a decent price, eh?
6. Re:Naptha all over again by Anonymous Coward · 2009-04-08 16:03 · Score: 0
  
  I have a fix for this problem, but there's not enough room in the margin to describe it.
  Funny you should say that -- I just heard some stories about the some of the crazy people who tried to solve that in math today.
7. Re:Naptha all over again by pyrrhonist · 2009-04-08 16:18 · Score: 2, Interesting
  
  Source address level filtering does provide some level of protection against a SYN flood.
  My point was that this attack has to use a valid IP, because it needs to create a connection. It is therefore easier to block than a SYN flood, which could spoof any address or groups of addresses.
  
  The problem is, it is not universally implemented.
  That's news to me. Which commercial firewall hardware does not have this ability?
  
  Another problem is someone who doesn't care to hide their address. If you are doing more than a SYN flood, but more advanced TCP hijinx, you need to use your read IP address anyhow. So, it's not much of a fix.
  That's exactly what this attack entails. The attacker has to use their real address with this, so it's easier to block them at the firewall. You might have a problem with your bandwidth, but you'd have that same exact problem regardless of the fix you choose to implement. You'd also have that same problem during a SYN flood.
  
  Neither is the recommendations which came out back in 2000, which was to increase the resource limits that the operating system imposed upon the IP stack. I could go on and on, on how each measure so far implemented has just raised the bar against these type of attacks, but hasn't really done much to prevent them.
  If you read the alert from CERT-FI, it says:
  
  March 23 2009. Discussions have been ongoing with a number of vendors, and several of them are currently in various phases of patch development process. Judging by the current progress, CERT-FI is confident that functional fixes to mitigate the risk can be expected to be released during this year.
  (Which, BTW, if you expect to sell your solution to vendors, you'd better hurry up.)
  My point was that the collapse of the internet due to this attack has been completely exaggerated. As Fyodor explains, this type of attack has been known about for a long time, and it can be filtered.
  
  --
  Show me on the doll where his noodly appendage touched you.
8. Re:Naptha all over again by Anonymous Coward · 2009-04-08 16:31 · Score: 0
  
  Why is this modded informative?
9. Re:Naptha all over again by Anonymous Coward · 2009-04-09 00:22 · Score: 0
  
  You're not telling us because you're a filthy liar. And no-one wants to pay you because you're basically an unskilled poser.
10. Re:Naptha all over again by Anonymous Coward · 2009-04-09 02:13 · Score: 0
  
  Damn +4 informative, +4 interesting...
  Successful troll is successful...
Died in a fire by Reason58 · 2009-04-08 09:41 · Score: 3, Funny

You would think someone like that would have a firewall.
1. Re:Died in a fire by Anonymous Coward · 2009-04-08 10:44 · Score: 0
  
  twat
2. Re:Died in a fire by Rakshasa+Taisab · 2009-04-08 10:46 · Score: 1
  
  You assume he was on the other side of the firewall....
  
  --
  - These characters were randomly selected.
3. Re:Died in a fire by microbee · 2009-04-08 12:04 · Score: 1
  
  Firewalls won't protect against internal breach. The killer must be someone in the inner circle and familiar with his work (and vulnerabilities).
4. Re:Died in a fire by Dreadneck · 2009-04-08 12:18 · Score: 1
  
  What? Too soon?
  
  --
  Power does not corrupt - power attracts the corrupt.
rest in peace man by star3am · 2009-04-08 09:43 · Score: 0, Redundant

Someone really smart died in a fire, I am so sorry for your family, a great loss for humanity :( Estoy contento de estar vivo, gracias!
Not the Confederate! by Anonymous Coward · 2009-04-08 09:47 · Score: 0

How can we get these secrets of the vulnerabilities back form the general?!
Whoring out for +1 Funny Mods... by Burning1 · 2009-04-08 09:52 · Score: 1

Comment whoring for +1 funny mods is like pimping out your girlfriend for monopoly money.
1. Re:Whoring out for +1 Funny Mods... by RabidMoose · 2009-04-08 10:25 · Score: 1
  
  Hilarious, pointless, and likely to destroy somebody's life?
Obviously... by Anonymous Coward · 2009-04-08 09:55 · Score: 0

he had NO firewall.

I apologize for that joke. I realize I will burn in hell for that one.
woooooooooosh! by RiotingPacifist · 2009-04-08 09:56 · Score: 2, Insightful

n/t

--
IranAir Flight 655 never forget!
It's a shame. by techno-vampire · 2009-04-08 10:35 · Score: 1

It's a shame he had to die that way, burning to death must be horrible. I can also understand why there's going to be such a delay in fixing the TCP/IP issue: nobody ever plans for a developer being caught in a fire. Now, if he'd only managed to get hit by a bus, everything would have been OK, because everybody plans for that.

--
Good, inexpensive web hosting
1. Re:It's a shame. by Dreadneck · 2009-04-08 12:23 · Score: 2, Insightful
  
  I would imagine any death where you're aware that you're dying (i.e. not dying in your sleep or getting shot in the back of the head) is horrible.
  Honestly, what would you prefer? Being eaten alive? Drowning? Cancer? Airplane crash? Being hit by a car? Being stabbed? etc.
  Death sucks regardless of the circumstance, imho.
  
  --
  Power does not corrupt - power attracts the corrupt.
2. Re:It's a shame. by dogdick · 2009-04-08 13:55 · Score: -1
  
  Is there evidence to support your claim or are you just talking out of your ass?
3. Re:It's a shame. by JustOK · 2009-04-08 14:04 · Score: 1
  
  but if, and only if, he was wearing clean underwear.
  
  --
  rewriting history since 2109
4. Re:It's a shame. by afidel · 2009-04-08 14:07 · Score: 1
  
  Freezing to death, you kind of just slowly go to sleep.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
5. Re:It's a shame. by belmolis · 2009-04-08 14:57 · Score: 1
  
  The article says that he died of smoke inhalation. I'm sure that isn't fun, but it is not nearly as painful as burning to death. Fortunately, many fire victims actually die of smoke inhalation/lack of oxygen rather than from burns.
6. Re:It's a shame. by jthill · 2009-04-08 16:18 · Score: 1
  
  there's going to be such a delay in fixing the TCP/IP issue
  Yeah, the real nasty part is it isn't a TCP issue really.
  Forcing anomalies in session behavior causes the receiving system to dedicate resources to recovery tracking, and in host systems built by the insufficiently professional those resources are limited, provisioned to handle ~plausible~ loads.
  These guys say they got Windows to bork itself so hard a reboot wouldn't fix it. Different OS's are apparently vulnerable to different attacks — Windows, Linux and OS X all have different vulnerability sets — but they can DoS them all at well under 100 pps.
  I remember crashing UNIX by flooding the system with screen-refresh requests from a Tektronix storage-tube terminal that took a second or so to finish a screen erase. Really: you could crash the system from any shell prompt, in seconds, without ever running a command. This was thirty years ago. It seems similar bugs still survive in some form in all the bitty-box OS's.
  I'd be interested to know how IBM's OSes bear up.
  
  --
  As always, all IMO. Insert "I think" everywhere grammatically possible.
TCP is not software. by Anonymous Coward · 2009-04-08 10:49 · Score: 0

TCP is not software.
Its got software implementations, but still. Not Software.
1. Re:TCP is not software. by ClosedSource · 2009-04-08 11:51 · Score: 1
  
  TCP isn't a specification either. Has there ever been a clean-room implementation of Internet Protocols? I doubt a working implementation could be created based solely on RFC's.
Have you heard of my new band by RHSC · 2009-04-08 11:32 · Score: 0, Offtopic

Death Hampers!
TCP/IP fixes required somewhere else by Anonymous Coward · 2009-04-08 17:00 · Score: 0

Probably the other worlds need TCP/IP fixes more than Earth.
Could you help me out by mahadiga · 2009-04-08 17:53 · Score: 1

Hi, I prefer only Insightful, Informative, and Interesting comments. Could you help me in setting a filter for this comments in http://slashdot.org/my/comments

--
I'd like to buy homeland for our 10 million people. http://twitter.com/mahadiga
Or since you have IPTables... by Vekseid · 2009-04-08 19:02 · Score: 1

...just use connlimit. There are some slight flaws in it but there is certainly no need to allow someone to open a thousand connections.

--
Adult Role Playing Forum
Quote of the moment by chishm · 2009-04-08 20:03 · Score: 1

The current quote at the bottom of this /. page seems a bit in bad taste. Maybe the /. software has not only become sentient, but become an arse-hole too:

If all else fails, immortality can always be assured by spectacular error. -- John Kenneth Galbraith
Movie of the actual fire by Anonymous Coward · 2009-04-08 20:42 · Score: 0

Not so funny.
This is the story in the local newspaper:
http://www.blt.se/nyheter/tt_inrikes/man-och-hundar-doda-i-villabrand(1211157).gm
And here is a movie from the fire (click on the "Visa i mediaspelaren" link) :
http://www.blt.se/nyheter/blekinge/film-fran-branden-i-gagnekulla(1211116).gm
Very sad indeed!
Heaven Needed TCP/IP Fix by Anonymous Coward · 2009-04-08 20:54 · Score: 0

Lets just say Heaven needed a TCP/IP fix and called him there.
Robert E. Lee by AliasMarlowe · 2009-04-08 21:55 · Score: 1

And the security fix they were working on is to replace your firewall with a Stonewall (the brand name for this device, curously enough, is Jackson).

--
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
"knock large machines off the net" by Anonymous Coward · 2009-04-09 00:37 · Score: 0

Phew. Good thing I went with only 1U servers.
Aren't there any solid details yet? by Kynde · 2009-04-12 19:01 · Score: 1

Why is it that every description of this problem that I've read so far does not present a problem.
The sockstresss.com itself provides a horrible description of it in the front page. All it appears to do is open up multiple tcp sockets.
Apparently the source IPs are not spoofed, thus the syn cookies are not at play, so how can it not hit a max connections per source IP? Any tcp service worth didley must use that in some form or the other.
If someone has some (f)actual information about this, please, provide a few links...

--
1 Earth is warming, 2 It's us, 3 it's royally bad, 4 we need to take action NOW