Slashdot Mirror
Patched MS Bluetooth Flaw Exposes Even Disconnected PCs
An anonymous reader writes "Among the 22 security holes Microsoft issued updates to fix yesterday is a critical kernel-level Bluetooth flaw that could let nearby attackers break into vulnerable systems even when the targeted computer is not connected to a network. An attacker could use the bug to gain access to any unpatched, Bluetooth-enabled Windows Vista or Win7 computer within 100 meters (or much further with specialized tools), all before the target system even gets an alert that another computer is requesting a Bluetooth connection."
And thus we reach the point where XP is hardly targeted anymore, isn't vulnerable to the same bugs, is still under support for another three years, and Windows 8 comes out "later this year".
Tell me why I should be on 7 already, after having all my Vista testing thrown out of the window once already?
"even when the targeted computer is not connected to a network."
"target would merely need to have Bluetooth turned on."
Meh, not as scary as I thought. You shouldn't be running around with bluetooth on anyway. Also, if you're using a 'hidden' connection there's no real way for an attacker to find you is there?
So basically computers at risk are those who always leave bluetooth on and shown to everyone. Which unless you're trying to connect to a new device should be NEVER.
Microsoft already issued the patch. Yesterday. And systems without bluetooth capability are not affected.
Because 7 has features XP doesn't. Like support for the TRIM command for SSDs. Like an audio mixer that lets you set different volumes for each application, instead of each hardware output, which is floating point from the ground up. Like desktop rendering that is accelerated by your GPU. Like UAC. Like Aero Snap. Etc. It's not like Windows 7 is just a facelift on Windows XP, There are differences that aren't even hard to find.
From MS SB
The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Almost remote full admin access. Seriously how much worse can it get, guess your still safe from internet attacks but still.
Anyone found a page on the exploit, you can do the entire list of immature things to other peoples computers to all your friends with Bluetooth with this one.
A worm that infects computers within a 100 meters of itself? That's a novel way of bypassing firewalls. The exploit would need to be paired with a traditional network vulnerability for the worm to spread far from the point of origin though.
You mean all those super secure non-networked military computers that even have bluetooth adapters?
Is there another operating system that has per-application volume faders and a fully floating point audio path? Because I haven't seen any other OS that does... and I find that incredibly useful on a daily basis...
Right so basically.
"If I want to use lots of complicated or modern features, I need to use Windows 7"
But if I just want to chat with my buddies, browse the internet and write a document once in a while, and don't want to try linux XP is fine. Until it gets an open exploit which never gets closed.
Most of the public doesn't use SSDs, doesn't need volume for each application nor does it need GPU accelerated rendering.
I don't know about the "fully floating point audio path", but PulseAudio does support per-application volume faders.
It says it supports floating point sample types, but I don't know if that meets your criteria of being from the hardware up - I guess that would be a driver issue.
Sooooo you expect highly secure devices in military installations, cash machines, banks etc are blue tooth enabled and you think MS is the one that doesn't have a clue?
Most of the public could do all that on their phone. Most of the public don't particularly "need" computers. Seriously, when the hell did "computers should only do exactly what people need them to do the day they buy them and anything else is a waste" become such a fashionable sentiment?
Do all applications use PulseAudio though? The Windows 7 model is backwards compatible through to well... I haven't seen an application that doesn't get it's own fader no matter what audio model it uses, at which point the audio stream (even if the application generates an integer stream) is converted to floating point, so that the volume sliders aren't as nearly as lossy as they would be if they were dealing with integer-based audio... and then mixed in floating point... and then converted to whatever format the driver supports (which I suppose is usually integer... I haven't seen many floating point DACs...)
At the very least, it's nice to see some other operating systems playing catch up with that particular feature, because between when the vista betas that implemented the new audio model came out to the time it seems that functionality made it to other operating systems seems to have been a matter of years. I guess not everyone thinks its useful, or have ever even tried using such functionality.
And I would find that a complete waste of investment, personally. I don't have any problems with per-application faders (if you have more than one program playing sound simultaneously, of course it will sound a mess, and if you have that you can adjust those programs - a volume control is an almost universal widget on anything that plays audio) and certainly wouldn't ever use them.
If something is playing sound, it's because I need to hear it. I haven't touched the volume control panel in YEARS on this machine image that I use, only the hardware Up/Down buttons.
And floating-point audio path? Puh-lease. Is it running over oxygen-free, gold-plated processor registers? Otherwise I'm just not touching it... :-P
FreeBSD has had per-application volume controls for a while. It uses fixed-point arithmetic for the audio path, because that gives lower latency. Unless your source is floating point and your audio device supports floating point samples, then having a floating point audio path just involves translating from integer to float and back again, which isn't such a great selling point. And, yes, it is backwards compatible. Any application using the OSS 3 or 4 APIs (also supported on most other *NIX variants) gets this support. There's even a compatibility mode so that applications that use the OSS 3 APIs to modify the global mixer settings can be instructed to modify their own mixer settings.
Oh, and I didn't have to pay anything to upgrade to the FreeBSD version that supported this...
I am TheRaven on Soylent News
Because 7 has features XP doesn't. Like support for the TRIM command for SSDs. Like an audio mixer that lets you set different volumes for each application, instead of each hardware output, which is floating point from the ground up. Like desktop rendering that is accelerated by your GPU. Like UAC. Like Aero Snap. Etc. It's not like Windows 7 is just a facelift on Windows XP, There are differences that aren't even hard to find.
Not trolling, but why does an Operating System care about being "Floating Point"?
Is there another operating system that has per-application volume faders and a fully floating point audio path? Because I haven't seen any other OS that does... and I find that incredibly useful on a daily basis...
Don't know about the floating point thing, but OS X has per-application volumes; just not all in one place (which I will admit has always annoyed me).
I haven't seen an application that doesn't get its own fader no matter what audio model it uses
An app can request/get exclusive access to the audio card, and bypass everything including the volume control. But that's only used by audio authoring software.
My favorite Win7 audio feature in any case is the ability to redirect live audio. I can now watch a movie and while it's playing switch the audio to/from my headphones painlessly (earlier I would have to restart the movie, and sometimes the whole app). I don't have headphone jacks I can easily reach, so it saves me a bit of trouble.
Merely having bluetooth-capable hardware and software should not expose you to anything. Computers should be secure by default, out-the-box, and it is not unreasonable to expect this.
I am trolling
Having installed the three patches (KB2507938, KB25342531, and KB2555917) on a fully patched Windows 7 Dell Laptop, I immediately started experiencing BSODs. System Restore to the pre-patch state failed, but I was able to uninstall the patches through the add / remove utility. After the uninstall the BSODs immediately stopped. I have not had time to individually install each one to determine the culprit. But please take this as a heads-up.
None of those features, not even all of them together, are worth the price of a license.
Free Martian Whores!
I haven't seen an application that doesn't get its own fader no matter what audio model it uses
An app can request/get exclusive access to the audio card, and bypass everything including the volume control. But that's only used by audio authoring software.
My favorite Win7 audio feature in any case is the ability to redirect live audio. I can now watch a movie and while it's playing switch the audio to/from my headphones painlessly (earlier I would have to restart the movie, and sometimes the whole app). I don't have headphone jacks I can easily reach, so it saves me a bit of trouble.
how do you do that?
Wealth is the gift that keeps on giving.
most of the public need a fucking ipad. do you WANT to be most of the public?
Wealth is the gift that keeps on giving.
Most of the public doesn't use SSDs, doesn't need volume for each application nor does it need GPU accelerated rendering.
I'll give you the SSDs. GPU acceleration is not critical but still a nice-to-have even for the average Joe. Sound per application? This is a lot less esoteric than you'd expect -- all it takes is trying to Skype someone while you have ANY other application open and you'll see why you want that. Not sure how much use it gets by most people, but I like Aero Snap enough that I installed BetterTouchTool on my Mac just to get that one feature.
No, this is similar to saying "If your computer isn't plugged into a network, but you haven't disabled your internal NIC in device manager, your computer is vulnerable."
The lines are blurred a bit because Bluetooth is a wireless technology, but their point is you don't have to be actively connected to anything to get hacked.
losing yet another method of gaining access to a target PC...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
Not to mention the ability to quickly recover from a graphics driver crash. It's absolutely amazing when you see it happen. "Oh, my GPU crashed, the screen went black. And... it's back already, and it didn't even affect the game I was playing."
You're an immobile computer, remember?
Depends on what kind of audio card you have. Some support two audio streams, some do not. If you have the same Realtech chip I got then just set it to use separate audio streams for front/back panel, alternately you can also simply have two audio cards.
Then just right click the little speaker icon, select playback devices and change default. Any app that plays to the default playback device will then change to play to the new target.
If you, like me, have more than one audio card there can be a lot of outputs. Outputs you never use can be disabled/hidden by right clicking on them, and audio outputs you use can be renamed. So I got one called headphones, and one called Speakers. Changing between them takes me five mouse clicks.
Doom 3 was August 2004, XP was summer 2001. Windows 98 would have been 6 years old by then.
I agree that it's annoying when old software stops working and new software doesn't work, but it's impossible to maintain software and backwards compatibility for ever, and I think the balance we have is just about right.
Most of the public could do all that on their phone. Most of the public don't particularly "need" computers.
No, they couldn't. Browsing the internet or writing a document is horrible on most phones. Tablet, yes maybe.
To have a right to do a thing is not at all the same as to be right in doing it
Might be fun walking through a computer shop (or just some offices...) with this on... And coming near to one of those giant display walls at a trade fair would be still better...
95 is saferer
Windows 3.11 FTW
To have a right to do a thing is not at all the same as to be right in doing it
Sounds ridiculous for a system software used in military installations, cash machines, banks
Somehow I doubt that military or bank computers have bluetooth installed.
To have a right to do a thing is not at all the same as to be right in doing it
Windows 7 remembers the audio level on a per-executable basis. This means that I can set, for example, a game's sound settings once, and adjust the game's master volume in Windows. This is nice for when I want to turn the sound down to avoid disturbing my wife, but I don't want to adjust the music, sound effects, voice-overs, etc. individually within the game. Not all games have a master volume setting, and generally the Windows setting is easier to get to.
What if I'm playing music while browsing the web, and stumble on a Flash ad that blasts me with sound, and has no mute button? Or, worse, some ancient site that's blasting MIDI music?
On XP, my options are:
1. Block Flash (which, yes, I do already) - but that doesn't work if it's one of those ancient sites blasting MIDI music
2. Mute ALL sound, including my music
3. Navigate away from the page
On 7, I can pause my music, bring up the mixer, and mute my web browser only.
*Cough* hardware speaker volume.
Seriously, I don't adjust volumes in games (except to turn off music on some of them). Everything is at "max". And then I use either the master volume *in WINDOWS* (usually via some hotkey on laptops) or the speaker volume itself to bring it down to a decent level. I don't need the games to have volume settings, either internally or via some Windows hack, at all. It all "just works" and has since Windows 3.1! It's honestly not a problem that I, or anyone I support, has ever had - and can be a source of problems, and is nowhere NEAR a reason to upgrade an OS (not just because I'm sure you could dig up a audio mixer driver that could do just want you wanted if there was really a need for it).
And, working in schools where they use a lot of interactive "noisy" apps etc., I can't think of anything worse than a per-executable (and presumably per-user) volume setting. God, I get enough support calls now where someone has turned the volume too low to hear it, or locked it too high, and there's already the speaker-volume, master volume, mixer-volumes, and in-applications volumes to get them to check before you can tell a sound even works.
It'll play merry hell with diagnosis - the standard way to test sound is to put something like WMP playing the Windows startup sound on loop and then adjust everything until it's audible and the correct volume. I could spend 10 minutes doing that per workstation only to find that program X has been configured to do that differently to WMP via some Windows settings, or because a different user has logged on, or because the programs changed (hash or location, however Windows tracks it) and I need to redo all the settings for that for every user.
Seriously, people, it's a dumb idea that you're not using properly at all (or you wouldn't be trying to turn down all the in-game settings to cut one game's speech rather than just control a global volume knob) and, if you were (e.g. for level control because channel X is louder than channel Y), it's actually far more complex than it needs to be.
I dont think you understand what is being spoken here. Yes, individual APPS may have their own volume controls (such as itunes/mediaplayer/flash players/vlc) this is the app itself generating the sound at different volumes.
What Windows 7 (and i think Vista too) has is each application that plays sounds play to a "pipe" that is only associated with it. There is a system mixer that then mixes each pipe after applying a volume to it to a master pipe that is sent to the Audio Hardware. (Some audio hardware does the mixing for Windows, so it doesnt have to be done in software).
There is nothing new about this technology, the actual pipe & mixer framework is the same as what was available always since probably Windows 95, and exists on most other systems too (such as sound servers, etc). Its what allows two different applications to play sounds at the same time (not allowed if each application sent their sounds direct to the soundcard, unless the soundcard had multiple channels, and a hardware mixer)
What Windows 7 (and i think vista) does differently is that it exposes the "volume" for each mixer channel to the application so that the application can adujust its volume via that, instead of trying to incorporate their own volume processing. For example, windows Media player has its own volume control, but on Win7 it actually adjusts the OS provided application mixer, instead of doing its own processing. It centralises all of this processing, potentially giving the user better controll, as well as allowing for hardware mixers to be utilised saving some CPU usage.
The floating point mixing provides two possible advantages. When mixing integer streams there is the possibily of fidelity loss or noise when for example mixing two or more 16bit integer streams to a final 16 bit integer stream. Using fp helps curtail some of the losses, especially if the output hardware supports 24 bit resolution.
Have a nice day!
GPU accelleration goes beyond that, and has its uses for the average Joe. In the old days, each application would have to write onto an off screen buffer, which then the CPU woudl have to work out which ones are in front of each other, then finally copying onto the screen, although older Graphics Chipsets could help (via BITBLT, Bit Move, etc) when you have things such as transparency, etc, it gets pretty hairy for the CPU to process.
By offloading the entire window management onto the GPU, means the 3d capable GPU works out how to display each off screen window (after all its just a 3d plane now) and handles all the transparency stuff, etc.
I tested this back in 2006 with Vista, and saw that with full Aero, overall CPU usage did reduce in relation to screen redraw functions, even reducing its power requirements. Yes GPU usage did go up in comparision, but in the case of simple onboard GPUs the increase in power usage of the GPU was still less than the power saved on the CPU. And thigns were usably smoother.
Most modern user oriented Linix distros include Compiz, which also uses the GPU, and MacOS i bleive does similar tricks too.
Have a nice day!
The point, though, is that you don't have that problem with Linux at all. Update the os? Download and install. Old programs seldom stop working unless there's a major revision to the kernel or libraries, when that happens just download and install a newer version of the software or a compatible replacement. There are usually a dozen or more programs with similar functionalities for most stuff you'd need.
If you're a Gamer, though, you're going to need the latest hardware and the latest Windows OS. Your best bet there would be to have Linux installed for non-gaming needs, multi-boot with various versions of Windows so you could run your old games as well as new ones.
Free Martian Whores!
I am assuming you mean Floating point SOUND MIXING of sound channels.
Here are a few pages that talk about the issues in mixing two audio streams, and lead to the benefits of floating point mixing.
http://stackoverflow.com/questions/376036/algorithm-to-mix-sound
http://www.vttoth.com/digimix.htm
Have a nice day!
I am guessing that the MS/Dell/HP folks turn all the features on out of the box. Mainly because if they don't the people buying the hardware will think they got ripped off. Like the customer buys the new laptop and bluetooth don't work. So they return it in a fit of rage because they are not used to having to turn things like this on? What No BlueTooth? Why this Dell/HP/Compaq is a POS.
Windows still has the global volume setting as well. If you don't need the per-app volume settings, that's fine.
Having said that, there is one *other* thing this fixes:
An app can no longer directly change the system's audio volume. Instead, it changes its own volume slider. This is a nice change for those of us who don't keep the Windows and app volumes cranked to 100%, but the app insists on cranking its up to 100%.
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
No fun driving yet another Windows drops it's panties vulnerability into the ground. Instead let's make fun of Bluetooth and relate your worst Bluetooth experience.
Me first, I got the cell phone and the Garmin navigator talking via bluetooth. Love answering calls on the Garmin while driving. Hands free, sounds good, love it.
Ok, I do not love parking the truck, going into the convenience store, getting a call and the navigator picks it up when I open the flip phone. I cant hear them, they cant hear me cause their audio is routed to the fricking truck which is locked up out in the parking lot while I am picking out a 6 pack of beer.
looks like mine does not :(
serves me right for buying cheap acer.
Wealth is the gift that keeps on giving.
Seeing as I've never had a graphics driver crash in the last four updates of the nVidia driver that I'm using (going back - what - five years on this particular chip) - and haven't witnessed (or had reported) one in work either on several hundred machines - that's not a big selling point.
"Hey, when random programs crash we can carry on!" is pretty much what I expect of an OS, anyway, and the damn things shouldn't be crashing in the first place.
If you're that accustomed to complete driver crashes that you just treat it like a screen mode change, you really are setting yourself up for trouble. Something prompted that crash, and you have *zero* idea what because Windows just carried on like nothing was wrong. Could be bad programming, could be some exploit in your graphics drivers being taken advantage of, could be overheating, or bad electrical contact, or failing motherboard, or failing graphics card, or....
Seriously, it's a "nice" feature that I would hope never, ever, ever go activated, ever. And if it did, I'd much rather know about it before it corrupts data on the bus or breaks my hardware longterm. It's not a selling point - an OS doing it's only single bloody job in protecting the hardware from faultily-interfacing applications - it's a warning.
MS cares more about hiding hardware failure from you than it does about your data. Because at the end of the day, it has no idea what junk that failing, crashing driver spewed out to your graphics card to stop it responding and/or what the graphics card did about it before being reset. And graphics cards have DMA access to just about anything in main memory.
That, I'll give you.
That's gotta be worth at least 50p of anyone's money, being all of a few thousand lines of code at best. Now - how much is a Windows 7 license again?
i love that it works across sound devices - example playing pandora on the laptop speakers.. turn on my Bluetooth headphones (which are set to be primary audio when connected) and it is a seamless switch.. the on-board speaker goes dead and music in the head phones.. turn them off and easy auto switch back.
moving the live audio to other devices is a very nice feature for me..
'...if only "Jumping to a Conclusion" was an event in the Olympics.'
This "even disconnected" ./ title really got me wondering if there is a WakeOnBluetooth technology.
Well, I think it's pretty cool that the kernel can not only recover when random userspace programs crash, but also recover when those programs are third-party graphics drivers running in kernel space. And recover quickly, without taking anything else out.
It is not as if you are not told that the crash has occurred. You are told immediately after automatic recovery. Messages also appear in the event log. That's much more helpful than going to a blank screen with the keyboard unresponsive, killing all applications and leaving the user with no clue about what went wrong.
You're an immobile computer, remember?
Like desktop rendering that is accelerated by your GPU
One step forward, two steps back.
http://www.youtube.com/watch?v=ay-gqx18UTM
There are a bunch of videos/benchmarks like this, basically the GDI in vista/7 is a dog. Which might not be a problem except that basically all windows apps outside of games are GDI.
My phone is far better than any tablet at writing documents. My phone has a keyboard.
Tablets are toys intended to be used consuming media, not creating it.
Like every other OS. Granted, an interesting new attack vector/approach.
Vote monkeys into Congress. They are cheaper and more trustworthy.
I noticed newer OSes of Linux/Debian, Windows, Mac OS X, etc. have Bluetooth features. I wished I could yank them out since I don't have any Bluetooth devices or plan to. Why keep the bloats and possible security holes?
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
Like an audio mixer that lets you set different volumes for each application, instead of each hardware output
I guess I will post on this one too. Turns out that audio mixer adds significant audio latency. Google it!
The separate volume controls are nice, for the once in a million times I'm listening to music and watching youtube videos, but its a real deal breaker for people that want low latency audio.
I fail to see how a PC with an active wireless network standard enabled, can be considered "disconnected".
Bluetooth has long been a target of undesirable types, its just that a PC is a richer target than most peoples phones full of garbage apps.
You've never used an ATI card then. the damn drivers crash if you even think about doing something and yes I've got an ATI card (4200 onboard - 5670 dedicated) and still see the damn thing puke for no reason. It's getting better with the feedback from the OSS devs but it's still a bit fragile.
Mod me up/Mod me down: I wont frown as I've no crown
I remember installing windows without a firewall, where I'd have to sneakernet technet patches to the machine before enabling internet access. Looks like I need a faraday cage now.
At which point you set your application to use WASAPI in exclusive mode, and get all the low latency you want. A hell of a lot lower than WDM offers in Windows XP. Or you use ASIO. Or whatever. I mean, you probably don't need low latency from EVERY application, so it's not exactly borked is it? After all, Microsoft worked with companies like Cakewalk when they were designing their new audio stack back in the Vista days. Which is why there IS low latency support in the stack, and why there are less audio crackles when other stuff is happening in Vista/7 when compared to XP. Besides, there is so much FUD about latency in the audio path. I have a home studio, I deal with a need for low latency all the time... and frankly starting with Windows Vista this became a heck of a lot less painful to get working than it ever was with XP. And for my non-studio stuff, frankly it's not like video and audio are noticeably out of sync on my Win7 system, and that's with onboard audio, and a CRT monitor with pretty much no latency. So there are solutions when it's important, and features when it's not.
Not only that, because Windows 7 deals with communication vs. regular audio separately in terms of devices, you can set up a headset to be the default communication input/output when connected, and that will just fall back to the default in/out when not connected - so for instance, when someone calls you on skype and you're just browsing the web or something, and you're too lazy to put on your headset - why bother, all is quiet, not too much audio interference - then you hear the other person through your speakers, and your voice is picked up through the webcam mic. But if you're watching a movie, and someone calls, and you want to keep watching that movie - or even talk to someone while your friend keeps watching that movie... attach/connect your headset - and only the Skype audio will be routed to it, while the movie audio will stay playing through the speakers. It's actually a pretty well thought out system that addresses many use cases with ease.
Whereas with Windows XP you get none of those things. And frankly, Pulseaudio tries to be Windows 7/Vista audio. Pulseaudio came out in what, 2008/2009? Whereas Vista was available in 2006, and betas were available before then...
I guess that rule of thumb no longer rings true. Get it? Rings...
Having to work for a living is the root of all evil.
No. It is not. That is a myth. All of my C64, Atari 2600, SNES, NES, GENESIS, Vectrex, etc... Software runs just fine on Windows 7. My Windows XP software should run fine too.
Windows 3.0 is much safer, no network stack for reprobates to invade your computer by.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Bluetooth has always been a known attack vector. I remember one that affected symbian phones for example. I used to get the odd file transfer request on my phone from other people who were infected. I think this might have been it.. http://www.f-secure.com/v-descs/cabir.shtml
Oh, and I didn't have to pay anything to upgrade to the FreeBSD version that supported this...
You missed the memo - that upgrade was 50% of the normal price. ~
Most of the public could do all that on their phone. Most of the public don't particularly "need" computers.
No, they couldn't. Browsing the internet or writing a document is horrible on most phones. Tablet, yes maybe.
The HTC Desire Z (a phone with a real hardware keyboard) whips any tablet for browsing the internet. And it's possible to actually write documents on it. The keyboard is even localized - my version has a Finnish keyboard so I can type ä or ö without having to navigate through symbol menus.
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
2004. It only appeared in Ubuntu in 2008. Oh, and you could do per-app volume with dmix way back when ALSA came out first, over a decade ago.
At which point you set your application to use WASAPI in exclusive mode, and get all the low latency you want. A hell of a lot lower than WDM offers in Windows XP. Or you use ASIO.
Both of which are basically the same functionality, the former is just a Microsoft sanctioned API while the latter which works on pre vista machines is not. Again, they fixed the problem for the applications willing to rewrite their audio interface for a new API. Everyone else got screwed. Before vista, sweeping API changes like this would have been rolled into the previous versions of windows to ease developer pain, and provide a clear path forward. Today, if you want to write a new application for windows, you don't have a clear API to use for low latency unless you are willing to throw 45% (or whatever the current XP percentage of windows users is) of your potential customers away, or code for multiple APIs.