The security app is actually called SimWitty. It is a security information management system. We got our alpha release sprint sponsored, with t-shirts, tech support, and the like. Getting the app off the ground has been a lot of fun.
As soon as we can figure out how to integrate Redmine with Subversion and Visual Studio, source code will be online. Which reminds me, thank you to the Slashdot audience for the discussion on bug trackers. It was a big help and we tried several before setting on Redmine.
Useful trick? The most useful item on my BlackBerry is my Viigo RSS reader. Viigo has scores of built-in channels, as well as custom channels. I use it to read dozens of InfoSec blogs and, of course, Slashdot. Viigo delivers literally hundreds of posts to my BlackBerry daily.
Viigo's free but, if you have a few dollars, consider spending it on Rove mobile management. Rove (was Idokorro) allows you to remotely manage Windows and *nix hosts from the BlackBerry. Typing command line on the BlackBerry can be a pain, so be prepared to combine Rove with some custom scripts.
Of course, this is just the latest of Cornell's long standing reseach into passive dynamic walking. If anyone wants to build something like it yourself, hit the wayback machine to 1998.
If you want data automatically moved down to a slower tier, but it gets touched just once a day.
Data progression does the moving. DP only runs once a day by default, but you can change this schedule. You can also kick DP off manually. How? Ask Co-pilot.
better heat/vibration support, but not a user servicable component
Heat is key here. Have you ever stood next to a petabyte of storage? Or even a few terabytes? Most Sans kick off a lot of heat from all those disks. When looking San to Hvac, 1 TB to 1 ton is typical.
Xiotech's ISE mounts the disks on a very large aluminum alloy heat sink. The heat is wicked away from the drives. This makes for better heat dissipation and less heat on the disks, thus improving cooling and extending lifespan.
Xiotech had a petabyte of storage on the SNW expo floor. I stood right next to it, surrounded by the crowd. The heat? Next to none. There was no additional cooling required for the demo either. It was completely ambient temperature. The cost savings in HVAC must be rather impressive.
A hard drive can fail in many ways: sector, track, platter, head. ISE can fail just the one surface -- say, a platter -- and keep writing to the remaining device. The broken platter is removed from service while the remaining disk storage continues to be used until end of life.
This is all done automatically and transparently. What they are trying to eliminate is the time it takes for someone to physically swap out a disk.
If DEP/the NX/XD bit was actually turned on on Vista or XP by default, this would have no effect.
Would it? I am not so sure. DEP protects against execution from the stack. Instead, this exploit uses jmp (jump) to make calls against user32.dll. This is a different animal than what DEP is designed to catch.
Basically, an animated cursor is just one way to exploit a problem with Windows' GDI (graphical device interface) implementation. Windows runs this as part of the user's session and it is, in part, in kernel mode. Just like Jon Ellch and David Maynor showed with the Apple wireless driver exploit, if you can get access to the kernel, you can do pretty much anything you want. Any code you run will no longer be limited to the permissions of your user account.
And how! Almost all of my clients' machines are immune to this (though we patched anyways). Why? Because we disable anonymous connections (RestrictAnonymous registry key), which has been a recommended practice for YEARS.
See the tech advisory: "Windows 2000 systems are primarily at risk from this vulnerability. Windows 2000 customers who have installed the MS05-039 security update are not affected by this vulnerability. If an administrator has disabled anonymous connections by changing the default setting of the RestrictAnonymous registry key to a value of 2, Windows 2000 systems would not be vulnerable remotely from anonymous users."
"NPR's senior news analyst argues that the 'Real ID' proposal, as tacked onto the $82 billion supplementary spending bill for Iraq and foreign aid, is at best a half-mesaure that fails to undertake a full consideration of the merits of a national identification card."
Yes, I want reasons not to have the card. Simple, straightforward reasons. Not that I am for such a card. Rather, I do not see how this is any different than my existing driver's license.
IMO, this isn't a Microsoft problem, but lazy or ignorant 3rd party developers.
I wholeheartedly agree. Microsoft Windows 2000/03 does have a detailed security model. You can grant or deny privileges to just about any file or registry key.
Microsoft has provided information on the security model. MSDN provides best practices for coding including where to place user settings and why. Technet provides details on what to secure and why. So, why do software houses put out products that require elevated privileges? Why do administrators setup people to run their computers as administrators?
Laziness! If you are a programmer, I kindly ask you to review the MSDN documentation and write secure code. If you are a network administrator, I suggest you learn the OS and secure the computers.
Network admins can use tools like Sysinternals Filemon and Regmon to see what these crackpot applications are trying to write to. Then, grant the user privileges to these areas. Admins who take the easy way out by granting administrative privileges are just plain lazy.
"Adding a robust perception loop around the sense-response robot is the way to go, as far as I'm concerned."
Agreed. In fact, that was one avenue the BEAM folks and Mark Tilden began exploring. Their take was to develop a solid sense-response sub-layer, and then layer on the computing systems.
The BEAM name for the architecture was Horse-Rider.
Is this new news? Maybe to some. However, the problem with many of these new Microsoft engineers is that they do not read the manual or pay attention during the MCSE courses.
Just a few short days back, we were reading about how the good ol' USA is Losing its Scientific Dominance. Today, I read this charming comment from the article:
[The Human Genome Project] set aside 3% to 5% of federal research dollars to fund the study of these issues and to communicate with the public and encourage lots of openness and transparency. They were really our model for a proactive approcah to technology development.
Is it just me, or did she just say that the new model for research is to waste 5% of your grant funding on public marketing?
Slashdot Mirror
The security app is actually called SimWitty. It is a security information management system. We got our alpha release sprint sponsored, with t-shirts, tech support, and the like. Getting the app off the ground has been a lot of fun.
As soon as we can figure out how to integrate Redmine with Subversion and Visual Studio, source code will be online. Which reminds me, thank you to the Slashdot audience for the discussion on bug trackers. It was a big help and we tried several before setting on Redmine.
Regards,
J Wolfgang Goerlich
Useful trick? The most useful item on my BlackBerry is my Viigo RSS reader. Viigo has scores of built-in channels, as well as custom channels. I use it to read dozens of InfoSec blogs and, of course, Slashdot. Viigo delivers literally hundreds of posts to my BlackBerry daily.
Viigo's free but, if you have a few dollars, consider spending it on Rove mobile management. Rove (was Idokorro) allows you to remotely manage Windows and *nix hosts from the BlackBerry. Typing command line on the BlackBerry can be a pain, so be prepared to combine Rove with some custom scripts.
Excellent achievement.
Of course, this is just the latest of Cornell's long standing reseach into passive dynamic walking. If anyone wants to build something like it yourself, hit the wayback machine to 1998.
It might wobble and stagger, but Cornell's headless robot is providing insights into how humans walk
J Wolfgang Goerlich
If you want data automatically moved down to a slower tier, but it gets touched just once a day.
Data progression does the moving. DP only runs once a day by default, but you can change this schedule. You can also kick DP off manually. How? Ask Co-pilot.
J Wolfgang Goerlich
better heat/vibration support, but not a user servicable component
Heat is key here. Have you ever stood next to a petabyte of storage? Or even a few terabytes? Most Sans kick off a lot of heat from all those disks. When looking San to Hvac, 1 TB to 1 ton is typical.
Xiotech's ISE mounts the disks on a very large aluminum alloy heat sink. The heat is wicked away from the drives. This makes for better heat dissipation and less heat on the disks, thus improving cooling and extending lifespan.
Xiotech had a petabyte of storage on the SNW expo floor. I stood right next to it, surrounded by the crowd. The heat? Next to none. There was no additional cooling required for the demo either. It was completely ambient temperature. The cost savings in HVAC must be rather impressive.
J Wolfgang Goerlich
What is "Failing only one surface"
A hard drive can fail in many ways: sector, track, platter, head. ISE can fail just the one surface -- say, a platter -- and keep writing to the remaining device. The broken platter is removed from service while the remaining disk storage continues to be used until end of life.
This is all done automatically and transparently. What they are trying to eliminate is the time it takes for someone to physically swap out a disk.
J Wolfgang Goerlich
If DEP/the NX/XD bit was actually turned on on Vista or XP by default, this would have no effect.
Would it? I am not so sure. DEP protects against execution from the stack. Instead, this exploit uses jmp (jump) to make calls against user32.dll. This is a different animal than what DEP is designed to catch.
J Wolfgang Goerlich
Does anyone have a link to any information that actually explains how thi exploit works?
Here you go: Analysis of ANI "anih" Header Stack Overflow Vulnerability
Basically, an animated cursor is just one way to exploit a problem with Windows' GDI (graphical device interface) implementation. Windows runs this as part of the user's session and it is, in part, in kernel mode. Just like Jon Ellch and David Maynor showed with the Apple wireless driver exploit, if you can get access to the kernel, you can do pretty much anything you want. Any code you run will no longer be limited to the permissions of your user account.
J Wolfgang Goerlich
Check out the advertisements for September 20th. There is one for SubmitFire.com.
SubmitFire is the most effective method of generating traffic to your Website and improving your search results.
Isn't that a little odd, considering Google warns you to "avoid tricks intended to improve search engine rankings" on their Guidelines page?
Anything to make a buck, I suppose.
I blame it more on crappy IT administration.
And how! Almost all of my clients' machines are immune to this (though we patched anyways). Why? Because we disable anonymous connections (RestrictAnonymous registry key), which has been a recommended practice for YEARS.
See the tech advisory: "Windows 2000 systems are primarily at risk from this vulnerability. Windows 2000 customers who have installed the MS05-039 security update are not affected by this vulnerability. If an administrator has disabled anonymous connections by changing the default setting of the RestrictAnonymous registry key to a value of 2, Windows 2000 systems would not be vulnerable remotely from anonymous users."
http://support.microsoft.com/kb/q246261/
http://www.microsoft.com/technet/security/advisory /899588.mspx
The same thing happened with Slammer. The MSSQL servers we setup were immune out of the gate because they were setup properly from the get-go.
"You believe there's such a thing?
To a certain extent but, then, I have been accused of being an optimist.
"The points on the ican and no2id.net pages are simple..."
Certainly. However, no2id.net is clearly presenting a one-sided viewpoint.
"NPR's senior news analyst argues that the 'Real ID' proposal, as tacked onto the $82 billion supplementary spending bill for Iraq and foreign aid, is at best a half-mesaure that fails to undertake a full consideration of the merits of a national identification card."
http://www.npr.org/templates/story/story.php?story Id=4630875
Yes, I want reasons not to have the card. Simple, straightforward reasons. Not that I am for such a card. Rather, I do not see how this is any different than my existing driver's license.
Anyone have a non-biased link or news item?
Win2003's Regedit has ACL support. I wager that Longhorn's will, too.
IMO, this isn't a Microsoft problem, but lazy or ignorant 3rd party developers.
I wholeheartedly agree. Microsoft Windows 2000/03 does have a detailed security model. You can grant or deny privileges to just about any file or registry key.
Microsoft has provided information on the security model. MSDN provides best practices for coding including where to place user settings and why. Technet provides details on what to secure and why. So, why do software houses put out products that require elevated privileges? Why do administrators setup people to run their computers as administrators?
Laziness! If you are a programmer, I kindly ask you to review the MSDN documentation and write secure code. If you are a network administrator, I suggest you learn the OS and secure the computers.
Network admins can use tools like Sysinternals Filemon and Regmon to see what these crackpot applications are trying to write to. Then, grant the user privileges to these areas. Admins who take the easy way out by granting administrative privileges are just plain lazy.
My two cents,
J Wolfgang Goerlich
If you're in electronics, 2k4 is 2.4.
New Scientist has coverage. No registration required.
http://www.newscientist.com/article.ns?id=dn7185
J. Wolfgang Goerlich
PC Magazine has more details.
J Wolfgang Goerlich
You can pickup the parts from Solarbotics.com.
J Wolfgang Goerlich
"Adding a robust perception loop around the sense-response robot is the way to go, as far as I'm concerned."
Agreed. In fact, that was one avenue the BEAM folks and Mark Tilden began exploring. Their take was to develop a solid sense-response sub-layer, and then layer on the computing systems.
The BEAM name for the architecture was Horse-Rider.
J Wolfgang Goerlich
This is really old news. RHex has been around for at least a few years now.
Bob Full is one of the lead scientists on the RHex project. His biomimetic approach is amazing. See the following link for one of his lectures.
Robert Full: "Bipedal bugs, galloping ghosts and gripping geckos: BioInspiration for Rapid Running Robots"
http://www.princeton.edu/WebMedia/lectures/
J Wolfgang Goerlich
No 'Robot' from Lost in Space? (I can't remember his model number.)
The ship's robot was a model B9, class M3 robot (from The Ghost Planet and The Colonists episodes, respectively).
J Wolfgang Goerlich
"Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive."
Incorrect. Set the page file to 0 and watch Win2000/03 run dog slow. Or, configure Win2000/03 to erase its page file when the computer shuts down.
http://msdn.microsoft.com/library/default.asp?url= /library/en-us/gp/567.asp
Is this new news? Maybe to some. However, the problem with many of these new Microsoft engineers is that they do not read the manual or pay attention during the MCSE courses.
My two cents (and yes, I am an MCSE).
Just a few short days back, we were reading about how the good ol' USA is Losing its Scientific Dominance. Today, I read this charming comment from the article:
[The Human Genome Project] set aside 3% to 5% of federal research dollars to fund the study of these issues and to communicate with the public and encourage lots of openness and transparency. They were really our model for a proactive approcah to technology development.
Is it just me, or did she just say that the new model for research is to waste 5% of your grant funding on public marketing?
J Wolfgang Goerlich
OP comes from New Scientist, picked up by the Washington Post.
Check it out w/o registering:http://www.newscientist.com/news/news.jsp?id=ns99