Why are P2P networks such a security nightmare? Because they can support very fast worms, very stealthy worms, and/or very easy to write worms.
1: Given a "client->server" vulnerability (one that can be exploited by the initial initiator of communication), you can write a very fast topological worm. Probably ~1 minute to infect all on-nodes of a monoculture peer to peer network.
2: Given a "server->client" vulnerability (one that can be exploited by the responder to information requests), you can write a probably fast contageon worm. Best guess is probably ~1 day to ~1 week to infect everything, but very, VERY stealthy.
3: No vulnerability at all, a "bait worm" which is simply a smarter version of Gnuman or similar such nasties.
As a security person, I hate these peer to peer applications: there are so many worm strategies which can exploit these, creating fast and stealthy attacks.
As such, if I was in charge of corporate security administration, I'd ban them completely. At the universities, I'd packet-shape-them into a much lower priority.
Unfortunatly, they are growing considerably more stealthy as a result of these legal attacks and the effects of packet-shapers. This may be a good thing for those who want their 1337 WAR3Z, D00D!!, but is rather unfortunate for those who want to create secure systems.
Two of the attacks are DoS: You crash the server, end of story. One, the buffer overflow, can potentially execute code.
The only "gotcha" in that exploit is that an attacker needs to control a DNS server which the victim DNS server queries. Thus it is a passive attack, the victim must query you, not the other way around.
That is why the attacker uses a passive worm: The worm infects a DNS server, which in addition to being the local DNS server, serves as the authoritative master DNS server for some domains. When another DNS server queries the infected authoritative master, the authoritative master's response is designed to compromise the requesting server.
This compromise is followed by a transfer of the worm code itself, and now the victimized server is now infected as well.
As I said, this doesn't scan, which makes it particularly nice and stealthy.
You could also make an active scanning worm as follow: There are 2 kinds of nodes, authoritative DNS servers and other DNS servers. If you infect an authoritative DNS server, the worm knows it. Otherwise, it knows the authoritative DNS server it was infected from.
The worm "scans" by sending DNS queries (ideally with forged from addresses) which will trigger a lookup from the known corrupted authoritative server. This can then go through the net, rather noisily, and infect all servers which accept remote queries. This process can be sped up considerably by looking through the local cache for a list of all DNS servers that the corrupted machine knows about. Rough guess? Less than an hour to infect everything which can listen to the net, and you still have the passive attack to get DNS machines behind firewalls etc.
The fortunate thing: Although the possible worms are either very fast (lots of vulnerable machines, topological speedup from using the cache) or very stealthy (no scanning at all, a contageon strategy), both techniques require a fair amount of BIND specific programming to develop and release: You need to not only craft the exploit, but keep bind running and transmit the exploit.
So no kiddiot can simply drop exploit code into scalper.c and get it to work, instead there is a considerable amount of programming needed. So we do have a significant time window to patch machines, but they do need to be patched because it is a very "worm friendly" exploit pattern.
The potential for a passive worm is actually fairly high, given that the exploit needs to come in response to a DNS query: The worm infects a DNS server, and waits for queries. It responds to those queries from other DNS servers by attempting to infect them.
The nasty parts: Enough people dual-use their DNS servers (serving as both authoritative master for outside and for their own lookups) that you could get lots of authoritative masters. It also does NOT scan.
It could be made even stealtier if the exploit, on failure, would still function. On success, it of course functions normally. This might be harder, but, if so, it would be really REALLY hard to detect such a worm.
It would take a bit of writing to get right, so there is a good window in which to patch your machines. So patch SOON.
These jokers charge $3 to rent a movie (roughly the same as Blockbuster), but you can only watch it in a 24 hour period. And even when done, it plays on your computer, not your TV. Do you want to pay $3.00 to watch Rollerball?
And, as I have mentioned before, you can't beat Blockbuster's bandwidth. Period. It is so much faster to walk to the video store and rent your movie then it is to wait for the download to complete.
I don't see how 700 MB downloads, for $4 and expiring after 24 hours, are worth it for anyone? They are trying to compete against Blockbuster, which is both cheaper, higher quality (DVD), and has much more bandwidth:
Remember, if it takes you 15 minutes through BlockBuster and back, with a 5 GB DVD, you are getting a nice 5 MB/second transfer.
The root DNS servers are required to go from the TLD to the actual TLD's nameservers, eg to go from ".com" to the.com root nameservers. As a result, although critical, their results are cached with very, VERY long cache timeouts (TLD DNS servers seldom change).
Thus the hour long attack was not enough to meaningfully disrupt things, as most lookups would not require querying the root, unless you were asking for some oddball TLD like.su.
Change the attack to be several hours, or a few days, and then cache entries start to expire and people are unable to look up new domain names. But that attack would be harder to sustain, as infected/compromised machines could be removed.
It is an interesting question who or how this was achieved. THere seems to be a lot of scanning for open windows shares (Yet Another Worm? Who knows) also going on in the past couple of days, but there is no clue if it is related.
If they did not, the X-box could be a real money-loser. After all, how many computer geeks would pay ~$250 for a linux box which costs Microsoft a good $50 in losses?
A) Patenting requires a few thousand dollars easily. Questionable value if what you have turns out to be valueless.
B) The fundimental building blocks for crypto these days are all patent free: You have free hashes, free block cyphers (AES), free public key (RSA). There is no reason for someone theses days to choose a patent-entangled encryption primitive.
C) A one time pad is not vulnerable to known plaintext. I don't know what the poster is talking about. Since one time pads are never reused, the known plaintext tells NO information about the rest of the pad.
D) For the US, you can publish THEN patent, you do have a year between when there is a public disclosure and when you can patent it. This does NOT apply to non-US patents. But since the US is at least half the market, who cares about the rest?
D is really critical, because the post does raise many "snake oil" warning flags. If it's NOT snake oil, he can disclose it and patent it after people at least get a look at it. If it IS snake-oil, then it can be shot down before spending the k$s needed to patent it.
Market Stauration has been seen coming since around 2000 or before, combined with the end to the "software gets slower" Corrolary to Moore's law ("Groves Giveth and Gates Taketh away"). For the last couple of years, the IT bubble covered up many of these effects.
Now that the bubble is gone, Mr Bill's Corrolary has (mostly) failed, and the market is obviously saturated, when are Intel/AMD/Microsoft going to admit to this, and what are the general industry plans to deal with this, beyond the obvious software rental model?
Too much money!!
on
Tiny Boxen
·
· Score: 5, Informative
300 to 400 euros is WAY too much money for what you get, when you compare with things like the Via Epia motherboard (available for $130 at outpost.
The Via Epia has an 800 Mhz x86 processor, SDRAM slots, is 18 cm on a side, and has practically everything you need but memory, storage and an ATX power supply. They even have a completely fanless 500 MHz version (althouh you can't get that version from Fry's).
Buy a copy of Patent it yourself, by Nolo press, eg at Amazon. It is a VERY good text on how to go through the patent process, both with and without a lawyer.
His view, capsule summary
on
Mr Anti-Google
·
· Score: 2
"Google ranks my muckraking site rather low with regard to searches on indivduals, so the algorithms they are using must be EVIL! EVIL!"
Claim 5: The method of claim 1 wherein said first values have the highest frequency of occurrence in said digital signals, wherein said second values have the next highest frequency of occurrence in said digital signals, and wherein said other values have the lowest frequency of occurrence in said digital signals.
The argument is that this claim covers spectral partitioning techniques, which are the basic ideas behind the DCT as used in Jpg, and the decomosition in wavelet partitionings. The basic idea used is to separate out the high frequency and low frequency components, and you encode the relivant components first.
Thus you can EASILY argue that this patent claim covers jpg (DCT) and wavelet based compression algorithms. It doesn't matter HOW the image is decomposed into spectral components, be it DCT or wavelet, for purposes of this patent.
Also, its going to be a bit of a hunt for prior art, because it was filed in 1986.
IANAL
Design similar to one seen on Junkyard Wars
on
Lego Trebuchet
·
· Score: 4, Interesting
The "Floating Arm" trebuchet design was used on an episode of Junkyard Wars.
IN that design, the arm has two wheels, and runs on a track along the top of the trebuchet, while the counterweight drops purely downwards down a vertical track.
It wouldn't be suitable in midaeval times (due to the wheel on the arm), but is quite easy to do for modern designs, and nicely effective (as you no longer have the big counterweight swinging along, but only going up and down, something easier to engineer for with Legos).
The price is getting STEEP for these highly hyped titles. No way.
And I haven't liked an RTS since Total Annihilation, mostly because it's the only one which got the interface right and had units which are reasonably intelligent in responding to the enemy without user intervention.
This is the size of the INSTRUCTION which is encoded, not the datapath.
Unfortunatly, transmeta is hampered by several factors.
The first is that 256b will require the translator to discover 8 translated instructions (assuming a 32b instruction size) which can be executed in parallel to get good performance. This is a TOUGH barrier, the reality is probably closer to 2-4. Also, the way to get more instructions to issue is through speculation, but too much speculation really hurts power.
Secondly, the transmeta cache for translations and translating code is so small that it hurts quality. Transmeta would do better with OS cooperation, giving a larger hunk of memory to store more and better translations, and to enable more sophisticated translating algorithms. But that breaks the x86 compatability model.
Third, they have lost the battle on performance, and power doesn't matter: Intel can outfab them and if REALLY low power was required/useful in the x86 world, Intel could crush them by simply dusting off the old Pentium core, process shrinking it to.12 uM, and shove it out the door. Remember, if you shrink the processor power to 0, everything ELSE still burns alot: screen, drive, I/O, even in an ultrasmall notebook.
Fourth, transmetas claims in the past have been so full of hot air, so why should we believe anything they say now?
The Oceanstore project at Berkeley is aiming to do just that: create a distributed storage model to provide a global, distributed, persistant storage resource.
I don't see the point, when any "deactivated" cellphone can still be used (and is legally required to) be able to call 911 on the networks they can access.
Slashdot Mirror
Why are P2P networks such a security nightmare? Because they can support very fast worms, very stealthy worms, and/or very easy to write worms.
1: Given a "client->server" vulnerability (one that can be exploited by the initial initiator of communication), you can write a very fast topological worm. Probably ~1 minute to infect all on-nodes of a monoculture peer to peer network.
2: Given a "server->client" vulnerability (one that can be exploited by the responder to information requests), you can write a probably fast contageon worm. Best guess is probably ~1 day to ~1 week to infect everything, but very, VERY stealthy.
3: No vulnerability at all, a "bait worm" which is simply a smarter version of Gnuman or similar such nasties.
As a security person, I hate these peer to peer applications: there are so many worm strategies which can exploit these, creating fast and stealthy attacks.
As such, if I was in charge of corporate security administration, I'd ban them completely. At the universities, I'd packet-shape-them into a much lower priority.
Unfortunatly, they are growing considerably more stealthy as a result of these legal attacks and the effects of packet-shapers. This may be a good thing for those who want their 1337 WAR3Z, D00D!!, but is rather unfortunate for those who want to create secure systems.
"Fairy tales do not tell children that dragons exist. They tell children that dragons can be beaten"
Two of the attacks are DoS: You crash the server, end of story. One, the buffer overflow, can potentially execute code.
The only "gotcha" in that exploit is that an attacker needs to control a DNS server which the victim DNS server queries. Thus it is a passive attack, the victim must query you, not the other way around.
That is why the attacker uses a passive worm: The worm infects a DNS server, which in addition to being the local DNS server, serves as the authoritative master DNS server for some domains. When another DNS server queries the infected authoritative master, the authoritative master's response is designed to compromise the requesting server.
This compromise is followed by a transfer of the worm code itself, and now the victimized server is now infected as well.
As I said, this doesn't scan, which makes it particularly nice and stealthy.
You could also make an active scanning worm as follow: There are 2 kinds of nodes, authoritative DNS servers and other DNS servers. If you infect an authoritative DNS server, the worm knows it. Otherwise, it knows the authoritative DNS server it was infected from.
The worm "scans" by sending DNS queries (ideally with forged from addresses) which will trigger a lookup from the known corrupted authoritative server. This can then go through the net, rather noisily, and infect all servers which accept remote queries. This process can be sped up considerably by looking through the local cache for a list of all DNS servers that the corrupted machine knows about. Rough guess? Less than an hour to infect everything which can listen to the net, and you still have the passive attack to get DNS machines behind firewalls etc.
The fortunate thing: Although the possible worms are either very fast (lots of vulnerable machines, topological speedup from using the cache) or very stealthy (no scanning at all, a contageon strategy), both techniques require a fair amount of BIND specific programming to develop and release: You need to not only craft the exploit, but keep bind running and transmit the exploit.
So no kiddiot can simply drop exploit code into scalper.c and get it to work, instead there is a considerable amount of programming needed. So we do have a significant time window to patch machines, but they do need to be patched because it is a very "worm friendly" exploit pattern.
The potential for a passive worm is actually fairly high, given that the exploit needs to come in response to a DNS query: The worm infects a DNS server, and waits for queries. It responds to those queries from other DNS servers by attempting to infect them.
The nasty parts: Enough people dual-use their DNS servers (serving as both authoritative master for outside and for their own lookups) that you could get lots of authoritative masters. It also does NOT scan.
It could be made even stealtier if the exploit, on failure, would still function. On success, it of course functions normally. This might be harder, but, if so, it would be really REALLY hard to detect such a worm.
It would take a bit of writing to get right, so there is a good window in which to patch your machines. So patch SOON.
These jokers charge $3 to rent a movie (roughly the same as Blockbuster), but you can only watch it in a 24 hour period. And even when done, it plays on your computer, not your TV. Do you want to pay $3.00 to watch Rollerball?
And, as I have mentioned before, you can't beat Blockbuster's bandwidth. Period. It is so much faster to walk to the video store and rent your movie then it is to wait for the download to complete.
Hell, I remember running a dual head/dual monitor setup back on an old, dusty Mac II with 2 video cards.
Why has it taken >15 years for the Windows world to finally catch up?
I don't see how 700 MB downloads, for $4 and expiring after 24 hours, are worth it for anyone? They are trying to compete against Blockbuster, which is both cheaper, higher quality (DVD), and has much more bandwidth:
Remember, if it takes you 15 minutes through BlockBuster and back, with a 5 GB DVD, you are getting a nice 5 MB/second transfer.
A better cittion on worms and their strategies: How to 0wn the Internet in your Spare Time by Stuart Staniford, Vern Paxson, and myself.
The warhol paper largely got rolled into the "0wn the Internet" paper.
The root DNS servers are required to go from the TLD to the actual TLD's nameservers, eg to go from ".com" to the .com root nameservers. As a result, although critical, their results are cached with very, VERY long cache timeouts (TLD DNS servers seldom change).
.su.
Thus the hour long attack was not enough to meaningfully disrupt things, as most lookups would not require querying the root, unless you were asking for some oddball TLD like
Change the attack to be several hours, or a few days, and then cache entries start to expire and people are unable to look up new domain names. But that attack would be harder to sustain, as infected/compromised machines could be removed.
It is an interesting question who or how this was achieved. THere seems to be a lot of scanning for open windows shares (Yet Another Worm? Who knows) also going on in the past couple of days, but there is no clue if it is related.
If they did not, the X-box could be a real money-loser. After all, how many computer geeks would pay ~$250 for a linux box which costs Microsoft a good $50 in losses?
A) Patenting requires a few thousand dollars easily. Questionable value if what you have turns out to be valueless.
B) The fundimental building blocks for crypto these days are all patent free: You have free hashes, free block cyphers (AES), free public key (RSA). There is no reason for someone theses days to choose a patent-entangled encryption primitive.
C) A one time pad is not vulnerable to known plaintext. I don't know what the poster is talking about. Since one time pads are never reused, the known plaintext tells NO information about the rest of the pad.
D) For the US, you can publish THEN patent, you do have a year between when there is a public disclosure and when you can patent it. This does NOT apply to non-US patents. But since the US is at least half the market, who cares about the rest?
D is really critical, because the post does raise many "snake oil" warning flags. If it's NOT snake oil, he can disclose it and patent it after people at least get a look at it. If it IS snake-oil, then it can be shot down before spending the k$s needed to patent it.
Market Stauration has been seen coming since around 2000 or before, combined with the end to the "software gets slower" Corrolary to Moore's law ("Groves Giveth and Gates Taketh away"). For the last couple of years, the IT bubble covered up many of these effects.
Now that the bubble is gone, Mr Bill's Corrolary has (mostly) failed, and the market is obviously saturated, when are Intel/AMD/Microsoft going to admit to this, and what are the general industry plans to deal with this, beyond the obvious software rental model?
300 to 400 euros is WAY too much money for what you get, when you compare with things like the Via Epia motherboard (available for $130 at outpost. The Via Epia has an 800 Mhz x86 processor, SDRAM slots, is 18 cm on a side, and has practically everything you need but memory, storage and an ATX power supply. They even have a completely fanless 500 MHz version (althouh you can't get that version from Fry's).
The cover image
Buy a copy of Patent it yourself, by Nolo press, eg at Amazon. It is a VERY good text on how to go through the patent process, both with and without a lawyer.
"Google ranks my muckraking site rather low with regard to searches on indivduals, so the algorithms they are using must be EVIL! EVIL!"
http://www.yaledailynews.com/"
Claim 5: The method of claim 1 wherein said first values have the highest frequency of occurrence in said digital signals, wherein said second values have the next highest frequency of occurrence in said digital signals, and wherein said other values have the lowest frequency of occurrence in said digital signals.
The argument is that this claim covers spectral partitioning techniques, which are the basic ideas behind the DCT as used in Jpg, and the decomosition in wavelet partitionings. The basic idea used is to separate out the high frequency and low frequency components, and you encode the relivant components first.
Thus you can EASILY argue that this patent claim covers jpg (DCT) and wavelet based compression algorithms. It doesn't matter HOW the image is decomposed into spectral components, be it DCT or wavelet, for purposes of this patent.
Also, its going to be a bit of a hunt for prior art, because it was filed in 1986.
IANAL
The "Floating Arm" trebuchet design was used on an episode of Junkyard Wars.
IN that design, the arm has two wheels, and runs on a track along the top of the trebuchet, while the counterweight drops purely downwards down a vertical track.
It wouldn't be suitable in midaeval times (due to the wheel on the arm), but is quite easy to do for modern designs, and nicely effective (as you no longer have the big counterweight swinging along, but only going up and down, something easier to engineer for with Legos).
I saw this several years ago, "Block Print Lithography", an article in Science. They were able to do, at the time, 80nm resolution features in metal.
It has serious problem however in producing the blocks to use in the printing, and aligning them properly in use.
The price is getting STEEP for these highly hyped titles. No way.
And I haven't liked an RTS since Total Annihilation, mostly because it's the only one which got the interface right and had units which are reasonably intelligent in responding to the enemy without user intervention.
This is the size of the INSTRUCTION which is encoded, not the datapath.
.12 uM, and shove it out the door. Remember, if you shrink the processor power to 0, everything ELSE still burns alot: screen, drive, I/O, even in an ultrasmall notebook.
Unfortunatly, transmeta is hampered by several factors.
The first is that 256b will require the translator to discover 8 translated instructions (assuming a 32b instruction size) which can be executed in parallel to get good performance. This is a TOUGH barrier, the reality is probably closer to 2-4. Also, the way to get more instructions to issue is through speculation, but too much speculation really hurts power.
Secondly, the transmeta cache for translations and translating code is so small that it hurts quality. Transmeta would do better with OS cooperation, giving a larger hunk of memory to store more and better translations, and to enable more sophisticated translating algorithms. But that breaks the x86 compatability model.
Third, they have lost the battle on performance, and power doesn't matter: Intel can outfab them and if REALLY low power was required/useful in the x86 world, Intel could crush them by simply dusting off the old Pentium core, process shrinking it to
Fourth, transmetas claims in the past have been so full of hot air, so why should we believe anything they say now?
The Oceanstore project at Berkeley is aiming to do just that: create a distributed storage model to provide a global, distributed, persistant storage resource.
I don't see the point, when any "deactivated" cellphone can still be used (and is legally required to) be able to call 911 on the networks they can access.