Funny that he say that, today in the EusecWest security conference, a security researcher is presenting a generic rootkit that works in nearly all the cisco routers. Is a pretty shocking piece of information in that he can pwn a huge piece of the internet infrastructure, and now the supply chain of routers and network appliances must be strictly controlled. I don't know wy nobody submitted it to front page yet.
Interesting, but I heard of this technique at the Ekoparty 2007 conference (link), in a talk given by Rodrigo Rubira Branco (BSDaemon), so is nothing new in the security field. Except if there is a working proof of concept this time.
Great! FreeBSD is grown a lot lately, the default installation is over 800 MB. OpenBSD and NetBSD had remained small, fast and streamlined Operative Systems.
But it was fun, to show that even the all-mighty google can make mistakes. Btw, i dedicate this bug to my Girlfriend that forgive me the long nights that tookme to find and exploit this bug. I love you glow!:" (She read slashdot daily, my girlfriend is that cool)
Exactly, many people will sell you tons of software to *improve* your security when that software itself is generally the source of many vulnerabilities. Virtualization software is on example, the other, that surprised me when i found out, was anti-virus software.
Every software layer has bugs, and a sizable number of these bugs, are explotable security bugs.
PS: I work for Core Security with those guys. Kudos to Gera who discovered and Nico who Exploited it!
Fedora manages to run wine without a executable heap or a executable stack (Maybe it has specific settings for wine, java, and others packages). I don't find exploits, just write them. If i found one, I of course report it, look at my home page:)
Trust me, I write exploits for unix on my daily job. Ubuntu is the most easy target. Stack executable by default? come on... Fedora core and OpenBSD are very tought bitches in comparision.
There are unofficial patches to make it work with 2.6.23 in the Phoronix forum. Also, i got compiz-fusion working (With a little tweaking) on Gutsy perfectly. So much for the "Ati drivers suck" meme.
I am from Argentina, is really not so nice this time of year. We have the same crazy taxes and the same corruption but our salaries are lower (I make about u$s 1000/Month as a Senior Software Developer) and we have a rampant inflation. Good luck triying to sell a big Cisco Router here.
Seriously, It's a kickass developer machine, with a gcc toolchain, Wifi, 3d Acceleration, and *tons* of really good quality games for u$s 180, you can't beat it. And it's very cool. Something that anything with Windows Mobile in it isn't.
Slashdot Mirror
http://www.phoronix-test-suite.com/
Funny that he say that, today in the EusecWest security conference, a security researcher is presenting a generic rootkit that works in nearly all the cisco routers.
Is a pretty shocking piece of information in that he can pwn a huge piece of the internet infrastructure, and now the supply chain of routers and network appliances must be strictly controlled.
I don't know wy nobody submitted it to front page yet.
Interesting, but I heard of this technique at the Ekoparty 2007 conference (link), in a talk given by Rodrigo Rubira Branco (BSDaemon), so is nothing new in the security field. Except if there is a working proof of concept this time.
Great! FreeBSD is grown a lot lately, the default installation is over 800 MB.
OpenBSD and NetBSD had remained small, fast and streamlined Operative Systems.
And the dune wars called "Jihads" in the book, go figure...
But it was fun, to show that even the all-mighty google can make mistakes. :" (She read slashdot daily, my girlfriend is that cool)
Btw, i dedicate this bug to my Girlfriend that forgive me the long nights that tookme to find and exploit this bug.
I love you glow!
Exactly, many people will sell you tons of software to *improve* your security when that software itself is generally the source of many vulnerabilities. Virtualization software is on example, the other, that surprised me when i found out, was anti-virus software.
Every software layer has bugs, and a sizable number of these bugs, are explotable security bugs.
PS: I work for Core Security with those guys. Kudos to Gera who discovered and Nico who Exploited it!
Lol Leaf insects dont exist.
If i'm not mistaken, the OpenBSD 4.2 release was also dedicated to Jun-Ichiro "itojun" Hagino, it was a big loss for the BSDs.
Fedora manages to run wine without a executable heap or a executable stack (Maybe it has specific settings for wine, java, and others packages). :)
I don't find exploits, just write them. If i found one, I of course report it, look at my home page
Trust me, I write exploits for unix on my daily job. Ubuntu is the most easy target. Stack executable by default? come on... Fedora core and OpenBSD are very tought bitches in comparision.
You sir, wins 2 internets.
d008960fa6b395dca1c8362165bb31be!
"WHERE IS SARAH CONNOR"
The bundled emulator is some version of qemu-arm. Just do a 'strings ./emulator'
There are unofficial patches to make it work with 2.6.23 in the Phoronix forum. Also, i got compiz-fusion working (With a little tweaking) on Gutsy perfectly. So much for the "Ati drivers suck" meme.
Found it, is a little buried here, Don't know why.
The site still has not upgraded and shows the same old 8.40.4 driver. There is some official download link? or is TFA talking about some beta version?
Checkout LocoRoco for PsP, and it's so good that is coming for PS3 this year.
I am from Argentina, is really not so nice this time of year. We have the same crazy taxes and the same corruption but our salaries are lower (I make about u$s 1000/Month as a Senior Software Developer) and we have a rampant inflation. Good luck triying to sell a big Cisco Router here.
Seriously, It's a kickass developer machine, with a gcc toolchain, Wifi, 3d Acceleration, and *tons* of really good quality games for u$s 180, you can't beat it.
And it's very cool. Something that anything with Windows Mobile in it isn't.
HP nx9420 here, ATI mobility 1600.
GLXGears: 2392 FPS, always.
Funny, but 3D seems to work fine with the new Ati drivers and Ubuntu x86.
But video (Mplayer, totem) works very bad. I have the Driver v8.38
Bill Gates exploits YOU!
Is not fair!
just finished make xconfig;make from 2.6.22!