The Apple patches were simply additional frame validation measures. The claim that this confirms an exploit was possible is ridiculous, especially from a security researcher who damn well knows the difference. Furthermore, DOS attacks are not that exciting in the first place, but when it's wireless, which is inherently vulnerable to DOS, it's really a waste of time to use this as the subject of presentation.
It is not possible that he doesn't understand that the only point of contention is whether he had an exploit or not. If it's only a crash, then he deserves no credit for finding a security vulnerability. This is what he's whining about, right? Well, he knows how to get credit. Unfortunately, short of a confession, we may never know what went wrong. My guess is that had an exploit on an altered system, but it didn't work on a clean MacBook.
I agree that his actions are not anywhere close to "perfect", but the punishment given under this ridiculous law, is not in the neighborhood of justice either. I can only assume that the government thought it would be too hard to prove damages once someone hacked into computer systems, so they simply criminalized the attempt. I don't think a felony conviction, 5 years of probation, 60 days of full-time community service, 90 days in jail, $68K in restitution, and more than $100K in legal bills fits this crime in the absence of any damages, or even malice. At least one more of those is removed now, so he's a little closer to justice than before.
Try to understand that when you know that you intend no harm, it's easy to see your actions as harmless. I think those were different times, when companies were still trying to understand and come to grips with the threat of hackers - and Intel was a soulless mega-corporation. They still are, but I doubt they would take the same action today. They'd just terminate his contract with prejudice and move on.
After what he's been through, I'd say he deserves to put this behind him and have a beer with his friends. Cheers.
Re:It depends upon the requirements of the governm
on
Munich Migrating To Linux
·
· Score: 3, Informative
One of Munich's requirements seems to have been to become "independent of monopolists like Microsoft."
The actual requirement was to avoid vendor lock-in, for which the free distribution of Linux is very useful. Red Hat and Novell don't have to be monopolists to present the same danger of exorbitant support fees and lack of choice.
Disabling SSID broadcast doesn't give you any security, unless you are leaving the network completely open, and you don't want random people jumping on. Anybody who's looking for APs with a scan tool will see you immediately, regardless.
Stop. You are misinformed. The second item in the announcement, CVE-2006-3509, is for the Atheros driver. The third is for Apple's API on the same computers. We don't know if an exploit exists, and we don't know where the flaw might be if it does exist. We don't even know if it's patched, because Apple has said SecureWorks was not working with them. So, rather than recklessly speculate with the incomplete information available to us, let's see what Maynor and Ellch have to say about their possible exploit:
"This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers. Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook."
Where did 802.11a go? Why does it seem nobody is selling it any more?
80% of new client cards are 11a capable. Even the MacBooks have it, although they don't tell you. The problem seems to be AP manufacturers cut corners to make the cheapest router and saving a few bucks by going 11g-only is part of the deal. When they do get around to selling A/G APs, they charge double, because they figure you need 11a if you go out of your way to buy it. A high density wifi area could knock 11n down to 11g rates, or worse. A low cost A/G router would be a great product, but it would probably go virtually unnoticed next to those $20-after-rebate 11g-only APs. Too bad.
at least I know it'll work pretty much the same wherever I go.
Yeah, I hate it when my wireless card runs faster than I was expecting;-)
The Marvell gear appears to have issues at the moment, and the Airgo shouldn't even be in the comparison, since that's not 11n. What we don't see is how the new gear works with existing 11a/g access points and adapters. I'd say the Belkin and D-Link cards would make fine replacements for your 11g dinosaur.
By my math, if all I use is the gigabit rangemax, then my average is > 100Mbps. If it's my primary connection, I still might average more than twice 11g rates. It's not worth it to me for what they're asking is the only problem, but somewhere out there is someone who thinks they need a wireless link faster that 100base-T in one location. That person shouldn't worry too much about buying non-Buffalo draft-11n.
802.11s is the mesh standard. The first draft should be available July 2007 with the final spec maybe a year later. 11n and 11g do not do mesh, unless you count setting up repeater APs to a single wired AP.
You guessed wrong - completely. If your motivation was to help people stay informed, you'll need to rethink your methods.
Except for the Airgo, none of these are the Pre-N gear you heard about. They're all Draft-N. The Belkin product was the latest released of the group (you're thinking of Belkin's Pre-N product probably, not this one) The Airgo wanted to be 11n, but they lost the standards war, and now they make no reference to 11n at all.
I'd say it's likely that all of these will conform to the eventual 11n spec, except the Rangemax 240, which already doesn't. The industry is building product to the defacto standard, 802.11n draft 1.0, and the majority will have a vested interest in avoiding incompatibilities with the final standard.
Expect to have to wait a while until it all interoperates, and expect to do a few firmware upgrades. Of course, they all beg you to upgrade them when you turn them on, so that part shouldn't be hard.
You want both of them to be doing what they're doing
No, I don't want them to be bragging to the Washington Post ahead of a patch. I think we can agree on that one.
I don't want demos on video. I don't want phantom exploits, and on the off chance that there is an exploit I don't want Apple unfairly attacking people who report security flaws.
I'd say there's plenty here that we didn't want. I see you get a +5 for pretending otherwise.
We have no way of knowing what it shows. The video cuts to the close up - it should have zoomed instead. I wouldn't trust anyone who claims to know how the video was edited. If there were many takes, the mismatched scene may have been unintentional.
Obviously a video taped demo is better for promotion than as proof of an exploit. I don't condone the practice.
I believe this is the point we were discussing - "Legal ramifications aside." Given the inability of the FCC to effectively prosecute home users, should I set my AP to channel 14? Personally, I wouldn't bother.
Products sold in the U.S. will generally fix the behavior to conform to U.S. rules, and if the Country Code can be changed at all, it probably won't change the operation to add more channels or more power. APs from countries other than US and Japan are usually more flexible.
Some differences: FCC(US) limits average tx power to 27dBm on 1-11 ETSI(Europe) has a limit of 20dBm on 1-13, although individual countries could add further restrictions. MKK(Japan) 20dBm on 1-14
In 11a, there are greater differences: FCC - 17dBm on 36,40,44,48, 23dBm on 52,56,60,64, 30dBm on 149,153,157,161,165 ETSI - 20dBm on 36-64 and 27dBm on 100-140 MKK - 23dBm on 34,38,42,46 and possibly 20dBm on 100-140 plus a few other odd lower channels.
The actual rules are too extensive to list and they're constantly changing. If you have an older 11a Access Point, you might only see channels 36, 40, 44, and 48 available. Another big factor to consider is DFS. DFS applies to channels 52-64 and 100-140. It requires the AP to switch channels immediately when it detects a radio signal that might be Radar, and the user is not allowed to return to that channel for 30 minutes. Client devices must passively scan for APs and APs must scan the channel for radar for 1 minute before starting operation on that channel. The US is adding DFS requirements in July 2006. Fortunately they're adding the 100-140 channel range at the same time, so it's not all bad.
You might think that the upper channels (149-165) are ideal for higher power and no DFS, but I think that is the range that get interference from 5.8GHz cordless phones. I'd go with 52-64 pre-DFS rules. 11a has less range, but that also means less neighbor interference. There is less channel overlap. No microwave oven interference. There are no 11b stations to trigger 11b protection modes, or God forbid, a concurrent 11b user on the same AP as you. Most importantly, there are still fewer users of 11a. Where I live, I have neighbors across all of the 11b/g channels, but just a couple on 11a, so I can find an unused channel all to myself. This is much more important than any B.S. Speedburning, RangeMaxing, Super features which have always under-delivered with performance.
Anyway, I think you can see that the U.S. rules are pretty good, so there's not much reason to set the wrong country and violate FCC rules... unless you like that sort of thing.
Then they're flaunting their ability to exploit, not the laws of physics. Nice cover, but they got it wrong. The sentence refers to appearing to break the laws of physics, right? Flouting the law.
I would have suggested the Windows Install CD and Recovery Console for this Windows user (I'd give the details, but he's been told). You can't take for granted that a bootable floppy or even the floppy drive will be present.
The only advice he needs:
Stay away from Linux until you can get it preinstalled. If you're going to act like a complete beginner, then you should stick to running programs, not installing OSes.
You clearly don't get it. Even the developers say this is huge.
Ubuntu is poised to become to standard by which Linux distros are judged.
You mean the standard by which insecure distros are judged. Make no mistake, this will be a memorable embarrassment.
I downloaded... Dapper Drake 6.04, and was immediately impressed.
And yet they want to delay release because it's not ready. Maybe you're easily impressed?
Now, let the script kiddies...
This has nothing to do with script kiddies.
blah blah blah Slackware blah blah blah Gentoo...
Their are more reasons to run Gentoo than the performance increase, which you don't even want to admit to. Some people want to experiment. Others want some unique features and feel it's worth the extra work. Just because you've packed it in doesn't mean you have to scorn those who haven't. Ubuntu may be for human beings, but all humans are different. One size does not fit all.
I'm almost 40 years old, I just want a quick, stable system to work from.
Slashdot Mirror
Since "Hijack" details were clearly *not* revealed, by David Maynor's own account, the editor (Zonk) would do well to update his summary.
The Apple patches were simply additional frame validation measures. The claim that this confirms an exploit was possible is ridiculous, especially from a security researcher who damn well knows the difference. Furthermore, DOS attacks are not that exciting in the first place, but when it's wireless, which is inherently vulnerable to DOS, it's really a waste of time to use this as the subject of presentation.
It is not possible that he doesn't understand that the only point of contention is whether he had an exploit or not. If it's only a crash, then he deserves no credit for finding a security vulnerability. This is what he's whining about, right? Well, he knows how to get credit. Unfortunately, short of a confession, we may never know what went wrong. My guess is that had an exploit on an altered system, but it didn't work on a clean MacBook.
I agree that his actions are not anywhere close to "perfect", but the punishment given under this ridiculous law, is not in the neighborhood of justice either. I can only assume that the government thought it would be too hard to prove damages once someone hacked into computer systems, so they simply criminalized the attempt. I don't think a felony conviction, 5 years of probation, 60 days of full-time community service, 90 days in jail, $68K in restitution, and more than $100K in legal bills fits this crime in the absence of any damages, or even malice. At least one more of those is removed now, so he's a little closer to justice than before.
Try to understand that when you know that you intend no harm, it's easy to see your actions as harmless. I think those were different times, when companies were still trying to understand and come to grips with the threat of hackers - and Intel was a soulless mega-corporation. They still are, but I doubt they would take the same action today. They'd just terminate his contract with prejudice and move on.
After what he's been through, I'd say he deserves to put this behind him and have a beer with his friends. Cheers.
One of Munich's requirements seems to have been to become "independent of monopolists like Microsoft."
The actual requirement was to avoid vendor lock-in, for which the free distribution of Linux is very useful. Red Hat and Novell don't have to be monopolists to present the same danger of exorbitant support fees and lack of choice.
Disabling SSID broadcast doesn't give you any security, unless you are leaving the network completely open, and you don't want random people jumping on. Anybody who's looking for APs with a scan tool will see you immediately, regardless.
Stop. You are misinformed. The second item in the announcement, CVE-2006-3509, is for the Atheros driver. The third is for Apple's API on the same computers. We don't know if an exploit exists, and we don't know where the flaw might be if it does exist. We don't even know if it's patched, because Apple has said SecureWorks was not working with them. So, rather than recklessly speculate with the incomplete information available to us, let's see what Maynor and Ellch have to say about their possible exploit:
"This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers. Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook."
Still no exploit... still waiting for one...
Where did 802.11a go? Why does it seem nobody is selling it any more?
80% of new client cards are 11a capable. Even the MacBooks have it, although they don't tell you. The problem seems to be AP manufacturers cut corners to make the cheapest router and saving a few bucks by going 11g-only is part of the deal. When they do get around to selling A/G APs, they charge double, because they figure you need 11a if you go out of your way to buy it. A high density wifi area could knock 11n down to 11g rates, or worse. A low cost A/G router would be a great product, but it would probably go virtually unnoticed next to those $20-after-rebate 11g-only APs. Too bad.
11n raw data rate is 140 to 300Mbps for this generation. The 103Mbps measured in the test was actual TCP throughput.
at least I know it'll work pretty much the same wherever I go.
;-)
Yeah, I hate it when my wireless card runs faster than I was expecting
The Marvell gear appears to have issues at the moment, and the Airgo shouldn't even be in the comparison, since that's not 11n. What we don't see is how the new gear works with existing 11a/g access points and adapters. I'd say the Belkin and D-Link cards would make fine replacements for your 11g dinosaur.
By my math, if all I use is the gigabit rangemax, then my average is > 100Mbps. If it's my primary connection, I still might average more than twice 11g rates. It's not worth it to me for what they're asking is the only problem, but somewhere out there is someone who thinks they need a wireless link faster that 100base-T in one location. That person shouldn't worry too much about buying non-Buffalo draft-11n.
802.11s is the mesh standard. The first draft should be available July 2007 with the final spec maybe a year later. 11n and 11g do not do mesh, unless you count setting up repeater APs to a single wired AP.
You guessed wrong - completely. If your motivation was to help people stay informed, you'll need to rethink your methods.
Except for the Airgo, none of these are the Pre-N gear you heard about. They're all Draft-N. The Belkin product was the latest released of the group (you're thinking of Belkin's Pre-N product probably, not this one) The Airgo wanted to be 11n, but they lost the standards war, and now they make no reference to 11n at all.
I'd say it's likely that all of these will conform to the eventual 11n spec, except the Rangemax 240, which already doesn't. The industry is building product to the defacto standard, 802.11n draft 1.0, and the majority will have a vested interest in avoiding incompatibilities with the final standard.
Expect to have to wait a while until it all interoperates, and expect to do a few firmware upgrades. Of course, they all beg you to upgrade them when you turn them on, so that part shouldn't be hard.
You want both of them to be doing what they're doing
No, I don't want them to be bragging to the Washington Post ahead of a patch. I think we can agree on that one.
I don't want demos on video. I don't want phantom exploits, and on the off chance that there is an exploit I don't want Apple unfairly attacking people who report security flaws.
I'd say there's plenty here that we didn't want. I see you get a +5 for pretending otherwise.
If it is undetermined if it works, then the character of the source is relevant, as is the magnitude of his claim.
We have no way of knowing what it shows. The video cuts to the close up - it should have zoomed instead. I wouldn't trust anyone who claims to know how the video was edited. If there were many takes, the mismatched scene may have been unintentional.
Obviously a video taped demo is better for promotion than as proof of an exploit. I don't condone the practice.
I never expected it to take so long to have court rulings. We're still relying on people's opinion of what it means.
Get off my lawn, punk! ;-)
The 5-digit era appears to have ended in 1999, if nitric is an indicator: http://slashdot.org/~nitric
The 4-digit uids probably ended only months earlier. So, I give credit to everyone under 100000.
I believe this is the point we were discussing - "Legal ramifications aside." Given the inability of the FCC to effectively prosecute home users, should I set my AP to channel 14? Personally, I wouldn't bother.
Products sold in the U.S. will generally fix the behavior to conform to U.S. rules, and if the Country Code can be changed at all, it probably won't change the operation to add more channels or more power. APs from countries other than US and Japan are usually more flexible.
Some differences:
FCC(US) limits average tx power to 27dBm on 1-11
ETSI(Europe) has a limit of 20dBm on 1-13, although individual countries could add further restrictions.
MKK(Japan) 20dBm on 1-14
In 11a, there are greater differences:
FCC - 17dBm on 36,40,44,48, 23dBm on 52,56,60,64, 30dBm on 149,153,157,161,165
ETSI - 20dBm on 36-64 and 27dBm on 100-140
MKK - 23dBm on 34,38,42,46 and possibly 20dBm on 100-140 plus a few other odd lower channels.
The actual rules are too extensive to list and they're constantly changing. If you have an older 11a Access Point, you might only see channels 36, 40, 44, and 48 available. Another big factor to consider is DFS. DFS applies to channels 52-64 and 100-140. It requires the AP to switch channels immediately when it detects a radio signal that might be Radar, and the user is not allowed to return to that channel for 30 minutes. Client devices must passively scan for APs and APs must scan the channel for radar for 1 minute before starting operation on that channel. The US is adding DFS requirements in July 2006. Fortunately they're adding the 100-140 channel range at the same time, so it's not all bad.
You might think that the upper channels (149-165) are ideal for higher power and no DFS, but I think that is the range that get interference from 5.8GHz cordless phones. I'd go with 52-64 pre-DFS rules. 11a has less range, but that also means less neighbor interference. There is less channel overlap. No microwave oven interference. There are no 11b stations to trigger 11b protection modes, or God forbid, a concurrent 11b user on the same AP as you. Most importantly, there are still fewer users of 11a. Where I live, I have neighbors across all of the 11b/g channels, but just a couple on 11a, so I can find an unused channel all to myself. This is much more important than any B.S. Speedburning, RangeMaxing, Super features which have always under-delivered with performance.
Anyway, I think you can see that the U.S. rules are pretty good, so there's not much reason to set the wrong country and violate FCC rules... unless you like that sort of thing.
Then they're flaunting their ability to exploit, not the laws of physics. Nice cover, but they got it wrong. The sentence refers to appearing to break the laws of physics, right? Flouting the law.
Flouting, not flaunting. I don't expect the submitter or the editor to get it, but the commenters should.
Distributed on one CD. That does not qualify as bloated in my book.
If you had followed all instructions, you would still have your Windows installation CD. I'm quite sure they tell you to keep it.
If you borrowed one to do your installation, just borrow it again.
I would have suggested the Windows Install CD and Recovery Console for this Windows user (I'd give the details, but he's been told). You can't take for granted that a bootable floppy or even the floppy drive will be present.
The only advice he needs:
Stay away from Linux until you can get it preinstalled. If you're going to act like a complete beginner, then you should stick to running programs, not installing OSes.
You clearly don't get it. Even the developers say this is huge.
;-)
Ubuntu is poised to become to standard by which Linux distros are judged.
You mean the standard by which insecure distros are judged. Make no mistake, this will be a memorable embarrassment.
I downloaded... Dapper Drake 6.04, and was immediately impressed.
And yet they want to delay release because it's not ready. Maybe you're easily impressed?
Now, let the script kiddies...
This has nothing to do with script kiddies.
blah blah blah Slackware blah blah blah Gentoo...
Their are more reasons to run Gentoo than the performance increase, which you don't even want to admit to. Some people want to experiment. Others want some unique features and feel it's worth the extra work. Just because you've packed it in doesn't mean you have to scorn those who haven't. Ubuntu may be for human beings, but all humans are different. One size does not fit all.
I'm almost 40 years old, I just want a quick, stable system to work from.
Hey you kids! Get off my lawn!
That's true, but not a very good description of what happened.