The scariest thing is actually that this kind of damage is being done by a worm that doesn't actually do anything except spread itself (as far as I know, anyway).
On the contrary, in addition to spreading itself, it launches spoofed keepalive packets to SQL Servers which then bounce around between the servers indefinitely.
That's how it managed to have such an impact on the Internet.
There was an article in Omni some years ago about 'deep time communication'
The big problem with deep time communication, though, is not so much media longevity, but communicating a message to people with whom you may not share any linguistic or cultural referent.
Is there anything in the works for use as a true archival media?
Paper:)
Seriously, though, long term archiving is a big problem. Most storage media haven't been around long enough to get reliable data on longevity. And even when they have, media forumaltions tend to change over time, so the data you have is of questionable use for evaluating the longevity of recordings made now.
I thought FreeBSD was extremely primitive to use compared to Linux. It was like being stuck in a 1980s time warp. It's too server-oriented for what I'm looking for at home and a lot of the BSDness just seems quirky as hell to me.
Not to disagree with the above comment, but just to comment on it...
A few years ago people could have (validly) made the same criticism about the Linux distros' suitability for desktop (vs server) use.
Give it time; Linux (for better or worse) has more mindshare than the BSDs, and it's reasonable for the BSDs to concentrate on applications where their currently popular, and where they excel, rather than trying to do everything at once. This is exactly the situation Linux was in a few years ago.
And despite the fact that Linux has more mindshare than the BSDs, most people who are familiar with both prefer their favourite BSD to Linux for server applications. (cf despite the fact that Windows has more mindshare than Linux, most people familiar with both prefer their favourite Linux distro to Windows for servers.)
Even now, the Linux distros are largely playing catchup with Microsoft as far as the desktop experience goes (and the BSDs are playing catchup with Linux).
Part of the art of systems administration is choosing the best tool for the job. My home system currently consists of a Windows 2000 desktop, and a couple of machines (a server and a firewall) running Debian GNU/Linux machines; and yet I'm a BSD advocate!
And he has a pop at linux, but linux isn't meant to be a whole product
Well, not directly. He does say that Wintel is the best whole product, and for many classes of users it currently is. That doesn't mean we can't change that, though.
It's also interesting to apply the whole product anaysis to infrastructure services. For many services, Linux or UNIX of some flavour is clearly the best whole product. It comes with the infrastructure services you need as standard (mail servers, DNS servers, etc), and there's a huge support network of people out there using these UNIX tools in a native UNIX environment. Yes, you *can* run these tools under Wintel, but Linux/UNIX is the best whole product.
Microsoft released a patch. Incompetent admins did not install it.
That's not the whole issue, though. the SQL Server Resolution Service (SRSS) had a couple of buffer ovreflows, which are being exploited by the current worm. Big deal; this is neither the first nor last time something like this will happen.
What makes it nasty is that SRSS has a keepalive function that echos packets back to the sender, to allow the sender to check if an SRSS is up. The problem is that if you send a packet to one SRSS, spoofed to appear to come from another SRSS, they will obviously bounce the packet back and forth between them as fast as they can. The worm is deliberately triggering this behaviour.
This is no worse that the traditional UDP Echo service; but in this day and age protocol designers should know better. Microsoft should be held accountable for their negligent design.
Nothing too unexpected or draconian here at least at first sight -- surprisingly reasonable, in fact.
This is very much what the home cinema press (here in the UK, at least) has been predicting for years, and it seems to be an improvement on the current impasse.
Currently, you receive an encrypted data stream through your digital cable or satellite system, and it's decoded by a smartcard, but you're never allowed to get your hands on the datastream at all.
Under this proposal, you'll be able to get your hands on the encrypted datastream, and pipe it around your home network, save it to disk, whatever. You'll still need a valid smartcard to be able to decrypt and view it, but you need one now already. It even sounds like they are thinking about not requireing you to have a smartcard for every TV (or keep moving your smartcard about), but instead allow one card to serve an entire home AV network.
As for 'closing the analog hole' with digital watermarking techniques, this really doesn't sound any different from a souped-up Macrovision. We already have analogue signals tagged with a 'do not record' marker, so there's nothing really new here.
Now, there are still ways they can screw this up; I'd really like them to drop the regional coding idea. And I hope that if I record a datastream for later viewing, that datastream doesn't become inaccessible to me if I subsequently cease to subscribe to the cable or satellite operator it was recorded from.
Overall though this sounds promising, and I feel moderately optimistic that this will end up being a system I can live with...
I think it would have been a better idea for these guys to just post the solutions and keep the exploit code itself as secret as possible.
But as far as I can tell from reading the parent (and linked) articles, there is no solution, short of disabling scripting (which breaks many web pages), or switching to another browser.
In my experience, Mozilla 1.0.1 and 1.1 are pretty stable. (Don't expect the betas to be stable though, they're not meant to be, and often aren't)
Also be aware that Mozilla prefers to be installed into an empty directory. Installing one Mozilla over another is not supported, and can sometimes result in an unstable Mozilla install.
However, also according to the article on the register, most of these bugs are in Mozilla 1.0, which makes this kind of old news. Mozilla 1.0.1 was specifically advertized as a security bug-fix release, and has been out for quite some time.
Given that they used the linux-wlan drivers, I suspect that this isn't a true AP (running in BSS mode), unless support for this is now in linux-wlan (they do say they use bleeding edge drivers).
Given they use Prism II hardware, I don't understand why they don't use the hostap drivers.
BSS mode has scalability advantages, because it solves the 'hidden sender' problem. ie even though 802.11 nodes always listen to check that the channel is clear before sending, there is a danger that two nodes at opposite extremes won't be able to hear each other, and will try to send at the same time, resulting in collisions. A true AP, running in BSS mode, helps aleviate this problem.)
You also need to be aware of the as yet unpublished changes in 802.1aa and 802.11i.
This is what concerns me about the whole WPA initiative. How are we to make reasoned decisions about whether to purchase and deploy WPA products if their security is based on unpublished standards.
I really hope the Wi-Fi Alliance and IEEE come to some kind of arrangement to allow these drafts to be sold to the public -- otherwise this is just another proprietory encryption scheme...
The IEEE 802 standards that form the basis of the Wi-Fi Alliance (IEEE 802.11,.11a,.11b, etc.) are available for FREE download from the getieee web site [ieee.org], six months after they are published in pdf by the IEEE Standards Association.
The Wi-Fi WPA standard is based on a draft IEEE standard. Draft standards are not available for free download. In fact, as I understand it most drafts are not available at all to people outside the working group (though some draft standards seem to be available for purchase -- how does this work?)
Hmm, thinking about this a bit more, I seem to recall that in 2.4 fragment reassemply is enabled whenever you use connection tracking in iptables.
I couldn't immediately find this in the doc, though. The bottom line is that 2.2 could always do this (configured as a global option), so I'd be astonished if this functionality isn't there somewhere in 2.4 and iptables.
This is something very useful I haven't seen implemented in a packet filter before... Reassembling fragments allows the filter to deal only with complete packets,
Infact its been out of patent for a while so its free for everyone.
You're missing my point. RSA was widely used, even when such use required a license. I'm just refuting the claim that no-one ever uses patented crypto.
I assume you have to intentionally misbalance it somewhat, so that it's still under considerable tension at the bottom. Reasons:
You can tether it at the bottom, to prevent it drifting up; the only way to prevent it drifting down is to expend fuel on booster rockets on the counterweight
You almost certainly want to keep the entire structure in tension, so the tension at the bottom must exceed the largest load that the structure will carry, otherwise the load would place the lower portion in compression
Hint: Encryption systems only become revolutionary after they've been in the public domain for 5-10 years. Even then, they won't get used if there's a patent attached.
That would explain why nobody ever used RSA then?
A patented system will be used if it's useful enough and the licensing cost is bearable.
To an extent, I agree with you. Forging e-mail addresses is wrong, and may potentially be illegal in some jurisdictions, although I have my doubts, particularly if the message clearly identified its true sender elsewhere (which I suspect it would have done -- the operators of the blacklist have no interest in trying to mislead you).
Your legal argument against them for preventing you from sending mail seems tenous in the extreme. They did not prevent you from sending e-mail. They published true and accurate information about the technical characteristics of your e-mail system, and someone else decided, based on this information, that they didn't wish to accept mail from you system. High profile US-based blacklist operators such as MAPS frequently defend themselves against such cases.
But to get to the point about vigilantism...
Misusing other people's mail servers to send spam for you is also wrong, and it seems to me that it would be illegal in many jurisdictions. For instance, it would be interesting to try and bring a case in the UK for an offense against the Computer Misuse Act 1990. I'm sure their is similar anti-hacking legislation in the US and elsewhere.
But this never happens. The reasons that people are taking are being forced to take steps to combat this illegal activity is that no-one else is. I don't really accept the analogy with vigilantes, but to the extent that the is a comparison, I'd say this: in a world without law or law enforcement, the existence of vigilantes is not only inevitable, but arguably beneficial.
As for the breaking the end-to-end nature of the Internet, I'm afraid that this is inevitable. If it's not done by blacklists, it will be done by filtering software in e-mail clients that just throws e-mail away. This is really insidious. You won't even get a bounce. You'll just find, one day, that a message you send to your father never arrives, because he has installed an off-the-shelf spam-protection package that spuriously decided to delete your message from his inbox because it's (rather rudimentory) pattern matching decided that your message contained particular combinations of words that are common in spam.
This is happening now. People who receive dozens of spam messages a day (and I'm not exagerating -- I do) are installing systems that throw the baby out with the bathwater.
E-mail doesn't work anymore as a reliable means of communication, at least to old-timers who've had their e-mail address for many years. Even if people delete the spam by hand, they're increasingly likely to delete legitimate mail by accident. And the situation is getting worse.
It's also clear that unless I have a clear enforceable right to prevent people sending me unwanted rubbish (and there's no reason to believe it's not going to be hundreds of messages a day in five years time), I'm going to have to stop accepting e-mail from most people. At which point e-mail becomes rather pointless, really.
So while I agree with a lot of what you say, I do think you're missing the point.
Slashdot Mirror
The scariest thing is actually that this kind of damage is being done by a worm that doesn't actually do anything except spread itself (as far as I know, anyway).
On the contrary, in addition to spreading itself, it launches spoofed keepalive packets to SQL Servers which then bounce around between the servers indefinitely.
That's how it managed to have such an impact on the Internet.
There was an article in Omni some years ago about 'deep time communication'
The big problem with deep time communication, though, is not so much media longevity, but communicating a message to people with whom you may not share any linguistic or cultural referent.
Is there anything in the works for use as a true archival media?
:)
Paper
Seriously, though, long term archiving is a big problem. Most storage media haven't been around long enough to get reliable data on longevity. And even when they have, media forumaltions tend to change over time, so the data you have is of questionable use for evaluating the longevity of recordings made now.
I thought FreeBSD was extremely primitive to use compared to Linux. It was like being stuck in a 1980s time warp. It's too server-oriented for what I'm looking for at home and a lot of the BSDness just seems quirky as hell to me.
Not to disagree with the above comment, but just to comment on it...
A few years ago people could have (validly) made the same criticism about the Linux distros' suitability for desktop (vs server) use.
Give it time; Linux (for better or worse) has more mindshare than the BSDs, and it's reasonable for the BSDs to concentrate on applications where their currently popular, and where they excel, rather than trying to do everything at once. This is exactly the situation Linux was in a few years ago.
And despite the fact that Linux has more mindshare than the BSDs, most people who are familiar with both prefer their favourite BSD to Linux for server applications. (cf despite the fact that Windows has more mindshare than Linux, most people familiar with both prefer their favourite Linux distro to Windows for servers.)
Even now, the Linux distros are largely playing catchup with Microsoft as far as the desktop experience goes (and the BSDs are playing catchup with Linux).
Part of the art of systems administration is choosing the best tool for the job. My home system currently consists of a Windows 2000 desktop, and a couple of machines (a server and a firewall) running Debian GNU/Linux machines; and yet I'm a BSD advocate!
And he has a pop at linux, but linux isn't meant to be a whole product
Well, not directly. He does say that Wintel is the best whole product, and for many classes of users it currently is. That doesn't mean we can't change that, though.
It's also interesting to apply the whole product anaysis to infrastructure services. For many services, Linux or UNIX of some flavour is clearly the best whole product. It comes with the infrastructure services you need as standard (mail servers, DNS servers, etc), and there's a huge support network of people out there using these UNIX tools in a native UNIX environment. Yes, you *can* run these tools under Wintel, but Linux/UNIX is the best whole product.
Microsoft released a patch. Incompetent admins did not install it.
That's not the whole issue, though. the SQL Server Resolution Service (SRSS) had a couple of buffer ovreflows, which are being exploited by the current worm. Big deal; this is neither the first nor last time something like this will happen.
What makes it nasty is that SRSS has a keepalive function that echos packets back to the sender, to allow the sender to check if an SRSS is up. The problem is that if you send a packet to one SRSS, spoofed to appear to come from another SRSS, they will obviously bounce the packet back and forth between them as fast as they can. The worm is deliberately triggering this behaviour.
This is no worse that the traditional UDP Echo service; but in this day and age protocol designers should know better. Microsoft should be held accountable for their negligent design.
Nothing too unexpected or draconian here at least at first sight -- surprisingly reasonable, in fact.
This is very much what the home cinema press (here in the UK, at least) has been predicting for years, and it seems to be an improvement on the current impasse.
Currently, you receive an encrypted data stream through your digital cable or satellite system, and it's decoded by a smartcard, but you're never allowed to get your hands on the datastream at all.
Under this proposal, you'll be able to get your hands on the encrypted datastream, and pipe it around your home network, save it to disk, whatever. You'll still need a valid smartcard to be able to decrypt and view it, but you need one now already. It even sounds like they are thinking about not requireing you to have a smartcard for every TV (or keep moving your smartcard about), but instead allow one card to serve an entire home AV network.
As for 'closing the analog hole' with digital watermarking techniques, this really doesn't sound any different from a souped-up Macrovision. We already have analogue signals tagged with a 'do not record' marker, so there's nothing really new here.
Now, there are still ways they can screw this up; I'd really like them to drop the regional coding idea. And I hope that if I record a datastream for later viewing, that datastream doesn't become inaccessible to me if I subsequently cease to subscribe to the cable or satellite operator it was recorded from.
Overall though this sounds promising, and I feel moderately optimistic that this will end up being a system I can live with...
-roy
I think it would have been a better idea for these guys to just post the solutions and keep the exploit code itself as secret as possible.
But as far as I can tell from reading the parent (and linked) articles, there is no solution, short of disabling scripting (which breaks many web pages), or switching to another browser.
In my experience, Mozilla 1.0.1 and 1.1 are pretty stable. (Don't expect the betas to be stable though, they're not meant to be, and often aren't)
Also be aware that Mozilla prefers to be installed into an empty directory. Installing one Mozilla over another is not supported, and can sometimes result in an unstable Mozilla install.
However, also according to the article on the register, most of these bugs are in Mozilla 1.0, which makes this kind of old news. Mozilla 1.0.1 was specifically advertized as a security bug-fix release, and has been out for quite some time.
Given that they used the linux-wlan drivers, I suspect that this isn't a true AP (running in BSS mode), unless support for this is now in linux-wlan (they do say they use bleeding edge drivers).
Given they use Prism II hardware, I don't understand why they don't use the hostap drivers.
BSS mode has scalability advantages, because it solves the 'hidden sender' problem. ie even though 802.11 nodes always listen to check that the channel is clear before sending, there is a danger that two nodes at opposite extremes won't be able to hear each other, and will try to send at the same time, resulting in collisions. A true AP, running in BSS mode, helps aleviate this problem.)
You also need to be aware of the as yet unpublished changes in 802.1aa and 802.11i.
This is what concerns me about the whole WPA initiative. How are we to make reasoned decisions about whether to purchase and deploy WPA products if their security is based on unpublished standards.
I really hope the Wi-Fi Alliance and IEEE come to some kind of arrangement to allow these drafts to be sold to the public -- otherwise this is just another proprietory encryption scheme...
The IEEE 802 standards that form the basis of the Wi-Fi Alliance (IEEE 802.11, .11a, .11b, etc.) are available for FREE download from the getieee web site [ieee.org], six months after they are published in pdf by the IEEE Standards Association.
The Wi-Fi WPA standard is based on a draft IEEE standard. Draft standards are not available for free download. In fact, as I understand it most drafts are not available at all to people outside the working group (though some draft standards seem to be available for purchase -- how does this work?)
Hmm, thinking about this a bit more, I seem to recall that in 2.4 fragment reassemply is enabled whenever you use connection tracking in iptables.
I couldn't immediately find this in the doc, though. The bottom line is that 2.2 could always do this (configured as a global option), so I'd be astonished if this functionality isn't there somewhere in 2.4 and iptables.
I don't know off hand how it's done these days. In 2.2 kernels, you used to say:
/proc/sys/net/ipv4/ip_always_defrag
echo 1 >
I believe WiFi alliance membership costs money.
Wi-Fi alliance membership costs $20,000 per year, according to their web site.
Are they available to the public, or only to Wi-Fi Alliance members.
This is something very useful I haven't seen implemented in a packet filter before ... Reassembling fragments allows the filter to deal only with complete packets,
Linux has been able to do this for a long time.
Infact its been out of patent for a while so its free for everyone.
You're missing my point. RSA was widely used, even when such use required a license. I'm just refuting the claim that no-one ever uses patented crypto.
Maybe he's becoming a Brit...
In British English, we would always say September the 11th even though we would write it September 11th or just September 11.
Though we'd generally prefer to say the 11th of September (which we would write 11th September or 11 September).
Hint: Encryption systems only become revolutionary after they've been in the public domain for 5-10 years. Even then, they won't get used if there's a patent attached.
That would explain why nobody ever used RSA then?
A patented system will be used if it's useful enough and the licensing cost is bearable.
Do these IM clients sufficiently encrypt their data stream (at let's say 3DES strength) ?
Otherwise they ain't suitable for non hobbyist use.
How many people use strong encrytion in e-mail? Is standard (unencrypted) Internet e-mail unsuitable for business use?
To an extent, I agree with you. Forging e-mail addresses is wrong, and may potentially be illegal in some jurisdictions, although I have my doubts, particularly if the message clearly identified its true sender elsewhere (which I suspect it would have done -- the operators of the blacklist have no interest in trying to mislead you).
Your legal argument against them for preventing you from sending mail seems tenous in the extreme. They did not prevent you from sending e-mail. They published true and accurate information about the technical characteristics of your e-mail system, and someone else decided, based on this information, that they didn't wish to accept mail from you system. High profile US-based blacklist operators such as MAPS frequently defend themselves against such cases.
But to get to the point about vigilantism...
Misusing other people's mail servers to send spam for you is also wrong, and it seems to me that it would be illegal in many jurisdictions. For instance, it would be interesting to try and bring a case in the UK for an offense against the Computer Misuse Act 1990. I'm sure their is similar anti-hacking legislation in the US and elsewhere.
But this never happens. The reasons that people are taking are being forced to take steps to combat this illegal activity is that no-one else is. I don't really accept the analogy with vigilantes, but to the extent that the is a comparison, I'd say this: in a world without law or law enforcement, the existence of vigilantes is not only inevitable, but arguably beneficial.
As for the breaking the end-to-end nature of the Internet, I'm afraid that this is inevitable. If it's not done by blacklists, it will be done by filtering software in e-mail clients that just throws e-mail away. This is really insidious. You won't even get a bounce. You'll just find, one day, that a message you send to your father never arrives, because he has installed an off-the-shelf spam-protection package that spuriously decided to delete your message from his inbox because it's (rather rudimentory) pattern matching decided that your message contained particular combinations of words that are common in spam.
This is happening now. People who receive dozens of spam messages a day (and I'm not exagerating -- I do) are installing systems that throw the baby out with the bathwater.
E-mail doesn't work anymore as a reliable means of communication, at least to old-timers who've had their e-mail address for many years. Even if people delete the spam by hand, they're increasingly likely to delete legitimate mail by accident. And the situation is getting worse.
It's also clear that unless I have a clear enforceable right to prevent people sending me unwanted rubbish (and there's no reason to believe it's not going to be hundreds of messages a day in five years time), I'm going to have to stop accepting e-mail from most people. At which point e-mail becomes rather pointless, really.
So while I agree with a lot of what you say, I do think you're missing the point.
you could built a cell phone that only needs a tuner and and ADC, the rest in software.
:)
If you don't mind having a bulky fan-cooled mobile phone with minimal battery life
Actually, I was under the impression that techniques like this were already in widespread use (albeit with DSP chips rather than x86 PCs)