For those of you who are actually the person described as 'best knowing Irktusk from Risk'. (this is all going from memory, and an aged one at that so it may not all still be true) Irktusk is the largest city in Siberia and from what I remember serves (served?) as the primary hub for the government, especially the military in Siberia. From what I remember, in the summer, the average temperature is like -18. I seem to remember Russian graffiti in Chechnya that said something like "Welcome to Hell -From Irktusk" supposedly from Russian troops.
No, it means that as the attacker, security through obscurity is not only advantageous but should be highly encouraged. It doesn't work when designing security, but it's quite effective in conjunction with other basic protections when used in limited cases for nefarious means. For instance, you know where to find resources on MD5, SHA-1, et cetera but do you know where to find resources about WQEWERSDF (the crappy but effective and thoroughly obfuscated hashing method i just made up)?
Consider that with the fact that the vast majority of everybody, but especially incident responders, sysadmins, et al can barely read strace output, must less reverse my backdoor, regardless of whether i pack it full of fun for the RCE or not.
You know, it certainly wouldn't make a news story, but the first rational response to this news isn't that microsoft is trying to assert ownership over linux (which is the impression i got from tfa), but rather that they licensed some form of interoperability to kyocera. For instance, ntfs support? any of the office formats? decent exchange inter-opability? some aspect of smb et al thats currently not in samba (hrm active directory in a stable branch of samba?), so on and so forth.
Then again however, that wouldn't make a sensationalist blog post.
Seriously, the blog post (not to be confused with news article) just made some shots in the dark at how they think it wouldve happened; i think it wouldve be easier to watch shipping records and you could sidestep privacy issues that way as well using open-source intel. Even the original blog post that this one quotes didn't cite sources for the falafel, it just used it as an example.
Finally, it also stated they attempted to use this data in combination with other data to see if they could come up with anything useful- this sounds totally okay by me, although I'd wonder how effective it would actually be (does a cell of 20 actually cause a significant jump in the purchases of product x?)
Either way the seething pile of bullshit that the blog-o-sphere is shows its absurdity and really brings into question peoples and organization that routinely quote as news, blogs that are totally devoid of any substantial argument based from something other than ones opinions
I'm not positive this is a new program, possibly a modification of an existing program as I seem to recall getting a 50% discount on an XP Pro disk maybe two to three years ago by letting microsoft/windows update detect that my version of windows was not legit, and then turning myself in. In doing so I had to promise not to do it again and fill out a check-box questionaire about where I obtained the software. I paid them the $150 or whatever it was (which I think is a fair price) and I got a legit copy of XP. I've never encountered any of the licensing issues despite installing the OS on at least half a dozen computers over the years (although to the best of my recollection never concurrently on more than one machine), and in general I've never had a problem.
Putting aside that you put OSX into that list (which is at least 5 years behind the security curve), Vista is honestly on par with a hardened linux (i.e. grsec/pax/etc) and openbsd. Over the past few years MS has actually made huge leaps towards better security, and the security of Vista shows it.
You state that the whether the security of windows is yet to be seen, but you neglect that Vista has been out for about a year now, without a single critical flaw found to date, nor a single reliably exploitable heap overflow, and so on. Really, anyone who refuses to see the about-face that ms has taken is guilty of just being blindly zealoted.
I think your partially right, I know they dislike XP home because it lacks some security features that were available in later editions, but they cant just EOL XP Home; additionally, I think this is yet another attempt at a successful software as a service venture, you can expect a lot of things to have integrated live support over the coming years.
CVE-2007-3123 - heap overflow
CVE-2007-3122 - AV scan bypass
CVE-2007-3023 - 'does not properly calculate the end of a certain buffer' (most likely an overflow of one kind or another)
CVE-2007-1997 - signedness bug leads to heap overflow
CVE-2007-0898 - arbitrary file overwrite (oh noes not those evil..'s)
That's excluding all of the vulns that are clearly DoS only's, which is amusing considering a DoS in your AV is potentially very damaging. That's only this year, there are tons for years past. Seriously, check your facts before opening your yap. ClamAV has been and continues to be bug ridden.
IIRC, the bugtraq post said something slightly different. They said something along the lines of 'under certain circumstances the mere cloaking of data may be incriminating [...]', which makes sense when taken out of the context of a criminal investigation. For instance, if your employer gets a tip that you're looking at porn all day and then when looking at your application they find a loop that they can't search, that may be enough for them (and they're not bound by the same rules as LEO). I *think* that's what they were trying to say.
Either way, the more absurd point is that they expect the forensics examiner to detect this manually, which brings into question why you'd be using their software in the first place. Overall their response was pretty damn lame.
I'm hesitant to say there is really any pretty C++ code out there, I do code security reviews for a living and have read a lot of code, and I don't think you can really have a useful C++ application that is also pretty. If I could ask Bjourne one question it would be 'Did you realize someone would have to read the code when the language was designed?' I mean things like placement news, templates, operator overloading, et cetera make the code horrible to read and are quite ugly imho.
I can't help but wonder where you read that rubbish. If you check chapter five in the intel developers manual, specifically the section titled 'fundamental data types' you will find the following sentence:
'The fundamental data types of the Intel architecture are bytes, words, doublewords and quadwords (see Figure 5.1). A byte is eight bits, a word is 2 bytes (16 bits), a doubleworld is 4 bytes (32 bits) and a quadword is 8 bytes (64 bits)'
That itself is pretty hard to argue against, but then when you consider the syntax of the instruction when you actually program in it, you also realize that a word on intel is 16-bits, i.e.
mov dword ptr [...], [...]
Or if you prefer at&t syntax it becomes even more prevalent, i.e.
movw 0xFFFF, %[...]
So really, I don't see how you or anyone else could claim a word size is >16-bits on an intel architecture, because its plainly not.
just for the record, you're not using the phrase 'word size' correctly, because both ia32 and amd64 have the same size word, 16-bits, with a dword being 32 and a qword being 64. i understood what you meant, but between that and talking about how smart apple is you lost any credibility i might've thought you had.
I would still be far more comfortable with the security of any of the BSDs, Linux, Mac OS X, Solaris, or any other flavor of UNIX
That's interesting, and I wonder why you've made those choices. For the record, I was 'raised' on Linux, it's where my heart is, but I audit code and write exploits for a living, so I get around the various operating systems. It's sad to say, but in all honesty Vista *is* indeed more secure from an exploit developers standpoint than almost all of the OSs you listed. Both FreeBSD and NetBSD are laughably ~10 years behind in security, and OSX is even worse (for instance it will be a *long* time before you see any real ASLR in OSX because of deficiencies in the Mach-O spec (think 1996 and a.out)), Solaris really isn't any better although I haven't kept up with them, they may be building everything w/ ASLR and SSP these days.
Here's what I experienced yesterday on XP SP2 against an application that was compiled with VisualStudio 2005 (so we're not even talking about Vista, which has more security features). I found *4* remotely exploitable vulnerabilities in this application in a very short timeline, the first wasn't exploitable because wvsprintf() truncates at 1k (it seems this is obscure but documented behavior from quite a ways back), and all of the other three were basic stack overflows and none of them were exploitable because VS2005: reordered local variables so I didn't overwrite any other variables, moved the SEH record to the other side of my buffer (allocate space first, then mov eax, fs:[0] push eax), and finally the/Gs stuff (stack cookies) kept me from being able to touch the return address.
So think about this, seriously, security enhancements in Windows or their compiler stopped four real-life bring-down-the-house remote vulnerabilities, the only ones that I know of that could've done that in your list would've been OpenBSD and Linux with third party patches (i.e. grsec/pax).
What I had to realize, and what you and everyone else should realize is that over the past few years Microsoft has thrown *a lot* of money at their security problems and purchased a huge chunk of the 'underground' industry, and as such have made an incredibly impressive about face.
Oh. Thank you, I (obviously) wasn't as informed as I thought, and who the intended target nutjobs were exactly was a matter of speculation on my part, I just assumed it was left-leaning nutjobs, thank you for your observation/correction.
Eh, I haven't done anything serious to come up with actual statistics, it was just something I noticed one day and while it hasn't always been true, it's largely been true, or true more often than not, just something I found interesting. As for what conclusions I draw from it, I'm not sure, I could be reading into it too much, I don't think so, I think honestly its just a subtle way of saying that atheism is unamerican or at least implying it, or I guess more accurately it makes it easier for people to discount their opinions because 'you know how those europeans are', et cetera.
Like I said, I may be reading into it too much, but I don't think I am, Fox is real big about that type of stuff, when they were doing the stories/et cetera on 'the war against christmas' they brought orthodox Jews on several times to talk about how they thought it was wrong (the war against christmas that is), when I've seen pieces that deal with more ethnic situations, they tend to bring someone who would be considered empathetic to the subject on (i.e. a black guy to talk about the problems with affirmative action), and so on.
Uh, hi, you've got your facts entirely wrong. He was an right-wing nut job going to use them again the left wing nutjobs, not vice versa. Furthermore, I am not a liar because what they reported on tv when they first presented the story didnt say what that article says, now since then they've gone and posted a story on their website that reports the story as it was, that doesn't change the fact that on TV they didnt present that.
Thats akin to me filling out a background check form and saying I'm not a convicted felon, then on a second form later disclosing it. It doesn't change the fact that I didn't initially disclose it. Everything else you said is foolish/very obviously has an agenda and not worth being addressed.
That's now what they were saying on TV, when i saw the report a day or two back they werent addressing the subject at all.
even more interesting is that the article says:
However, ABC News reported that the 19-year-old told authorities he was making the bombs to stop protesters from disrupting the funeral.
Which underscores something else FOX likes to do, they distance themselves from aspects of the news that they don't agree with, notice that this isn't saying 'he was doing xyz', as every other article I've read has said, but rather 'ABC News reported that he was doing xyz', this is akin to the nigerian yellow cake stuff with the 'The Brittish Government has said...', or how if you notice almost every time Fox news has an athiest on, the person has a British accent, et cetera.
I'm not really sure how you can say that objectively, I'm a non-republican/non-democrat who regularly watches fox news just because I find the way that they present things somewhat genius, it's kind of like watching Goebbels in action. A good example of their 'slant' is in how they reported the story about the kid who planned on bringing bombs to Falwell's funeral. What I saw on Fox news was that a college student has been arrested after he was caught with bombs in his car, that he intended to bring to Falwell's funeral. With that and other coverage of Falwell's passing it implied that the guy was some left-wing nut who wanted to bomb his funeral, when in actuality the kid was a student of Falwell's university and intended to bring the bombs to 'keep protestors from disturbing the funeral', which makes him a right-wing nut who is obviously totally out of touch with reality. Stuff like that, which an omission of a couple words completely changes the story, puts an incredible slant and spin on the story and honestly borders on outright disinformation.
Honestly, I think if you paid a little closer attention to what they report, how they report it and what they don't report I think you would find their slant pretty incredible, and as I said, their tactics somewhat genius.
This is absurd, the author has obviously never been to Redmond, or dealt with the hordes of Windows-only developers, or had a conversation with your average MCSE, et cetera. If you've ever spent time in an airport on a trip to Redmond and make the mistake of telling someone, you end up in a conversation with everyone from the Seattle area, who all, strangely enough, know Bill Gates life history, and then you get there and listen to everyone talk about how great Microsoft is, when you mention that Google maps led you astray, you get told you should've used MS Live instead.
Microsoft has a culture, and thinking otherwise is just wishful thinking.
Slashdot Mirror
persistent typos ;]
For those of you who are actually the person described as 'best knowing Irktusk from Risk'. (this is all going from memory, and an aged one at that so it may not all still be true) Irktusk is the largest city in Siberia and from what I remember serves (served?) as the primary hub for the government, especially the military in Siberia. From what I remember, in the summer, the average temperature is like -18. I seem to remember Russian graffiti in Chechnya that said something like "Welcome to Hell -From Irktusk" supposedly from Russian troops.
No, it means that as the attacker, security through obscurity is not only advantageous but should be highly encouraged. It doesn't work when designing security, but it's quite effective in conjunction with other basic protections when used in limited cases for nefarious means. For instance, you know where to find resources on MD5, SHA-1, et cetera but do you know where to find resources about WQEWERSDF (the crappy but effective and thoroughly obfuscated hashing method i just made up)?
Consider that with the fact that the vast majority of everybody, but especially incident responders, sysadmins, et al can barely read strace output, must less reverse my backdoor, regardless of whether i pack it full of fun for the RCE or not.
You know, it certainly wouldn't make a news story, but the first rational response to this news isn't that microsoft is trying to assert ownership over linux (which is the impression i got from tfa), but rather that they licensed some form of interoperability to kyocera. For instance, ntfs support? any of the office formats? decent exchange inter-opability? some aspect of smb et al thats currently not in samba (hrm active directory in a stable branch of samba?), so on and so forth.
Then again however, that wouldn't make a sensationalist blog post.
Seriously, the blog post (not to be confused with news article) just made some shots in the dark at how they think it wouldve happened; i think it wouldve be easier to watch shipping records and you could sidestep privacy issues that way as well using open-source intel. Even the original blog post that this one quotes didn't cite sources for the falafel, it just used it as an example.
Finally, it also stated they attempted to use this data in combination with other data to see if they could come up with anything useful- this sounds totally okay by me, although I'd wonder how effective it would actually be (does a cell of 20 actually cause a significant jump in the purchases of product x?)
Either way the seething pile of bullshit that the blog-o-sphere is shows its absurdity and really brings into question peoples and organization that routinely quote as news, blogs that are totally devoid of any substantial argument based from something other than ones opinions
I'm not positive this is a new program, possibly a modification of an existing program as I seem to recall getting a 50% discount on an XP Pro disk maybe two to three years ago by letting microsoft/windows update detect that my version of windows was not legit, and then turning myself in. In doing so I had to promise not to do it again and fill out a check-box questionaire about where I obtained the software. I paid them the $150 or whatever it was (which I think is a fair price) and I got a legit copy of XP. I've never encountered any of the licensing issues despite installing the OS on at least half a dozen computers over the years (although to the best of my recollection never concurrently on more than one machine), and in general I've never had a problem.
Putting aside that you put OSX into that list (which is at least 5 years behind the security curve), Vista is honestly on par with a hardened linux (i.e. grsec/pax/etc) and openbsd. Over the past few years MS has actually made huge leaps towards better security, and the security of Vista shows it. You state that the whether the security of windows is yet to be seen, but you neglect that Vista has been out for about a year now, without a single critical flaw found to date, nor a single reliably exploitable heap overflow, and so on. Really, anyone who refuses to see the about-face that ms has taken is guilty of just being blindly zealoted.
But I also really like Cocoa and Objective-C, Any credibility you had went out the window when you said you liked obj-c.
I think your partially right, I know they dislike XP home because it lacks some security features that were available in later editions, but they cant just EOL XP Home; additionally, I think this is yet another attempt at a successful software as a service venture, you can expect a lot of things to have integrated live support over the coming years.
CVE-2007-3123 - heap overflow CVE-2007-3122 - AV scan bypass CVE-2007-3023 - 'does not properly calculate the end of a certain buffer' (most likely an overflow of one kind or another) CVE-2007-1997 - signedness bug leads to heap overflow CVE-2007-0898 - arbitrary file overwrite (oh noes not those evil ..'s)
That's excluding all of the vulns that are clearly DoS only's, which is amusing considering a DoS in your AV is potentially very damaging. That's only this year, there are tons for years past. Seriously, check your facts before opening your yap. ClamAV has been and continues to be bug ridden.
It's a horrible AV program, unless you don't count the fact it will get you owned
IIRC, the bugtraq post said something slightly different. They said something along the lines of 'under certain circumstances the mere cloaking of data may be incriminating [...]', which makes sense when taken out of the context of a criminal investigation. For instance, if your employer gets a tip that you're looking at porn all day and then when looking at your application they find a loop that they can't search, that may be enough for them (and they're not bound by the same rules as LEO). I *think* that's what they were trying to say.
Either way, the more absurd point is that they expect the forensics examiner to detect this manually, which brings into question why you'd be using their software in the first place. Overall their response was pretty damn lame.
there is no company really, read the guys blog some and realize what he is about.
I'm hesitant to say there is really any pretty C++ code out there, I do code security reviews for a living and have read a lot of code, and I don't think you can really have a useful C++ application that is also pretty. If I could ask Bjourne one question it would be 'Did you realize someone would have to read the code when the language was designed?' I mean things like placement news, templates, operator overloading, et cetera make the code horrible to read and are quite ugly imho.
That was my thoughts exactly, pretty much all of them are potentially federal offenses.
I guess my first example wouldve made more sense if I had actually used a word instead of a dword, so i.e.:
mov word ax, 0xFFFF
and in the at&t syntax I needed to put a $ in front of the immediate value
I can't help but wonder where you read that rubbish. If you check chapter five in the intel developers manual, specifically the section titled 'fundamental data types' you will find the following sentence:
'The fundamental data types of the Intel architecture are bytes, words, doublewords and quadwords (see Figure 5.1). A byte is eight bits, a word is 2 bytes (16 bits), a doubleworld is 4 bytes (32 bits) and a quadword is 8 bytes (64 bits)'
That itself is pretty hard to argue against, but then when you consider the syntax of the instruction when you actually program in it, you also realize that a word on intel is 16-bits, i.e.
mov dword ptr [...], [...]
Or if you prefer at&t syntax it becomes even more prevalent, i.e.
movw 0xFFFF, %[...]
So really, I don't see how you or anyone else could claim a word size is >16-bits on an intel architecture, because its plainly not.
just for the record, you're not using the phrase 'word size' correctly, because both ia32 and amd64 have the same size word, 16-bits, with a dword being 32 and a qword being 64. i understood what you meant, but between that and talking about how smart apple is you lost any credibility i might've thought you had.
I would still be far more comfortable with the security of any of the BSDs, Linux, Mac OS X, Solaris, or any other flavor of UNIX
/Gs stuff (stack cookies) kept me from being able to touch the return address.
That's interesting, and I wonder why you've made those choices. For the record, I was 'raised' on Linux, it's where my heart is, but I audit code and write exploits for a living, so I get around the various operating systems. It's sad to say, but in all honesty Vista *is* indeed more secure from an exploit developers standpoint than almost all of the OSs you listed. Both FreeBSD and NetBSD are laughably ~10 years behind in security, and OSX is even worse (for instance it will be a *long* time before you see any real ASLR in OSX because of deficiencies in the Mach-O spec (think 1996 and a.out)), Solaris really isn't any better although I haven't kept up with them, they may be building everything w/ ASLR and SSP these days.
Here's what I experienced yesterday on XP SP2 against an application that was compiled with VisualStudio 2005 (so we're not even talking about Vista, which has more security features). I found *4* remotely exploitable vulnerabilities in this application in a very short timeline, the first wasn't exploitable because wvsprintf() truncates at 1k (it seems this is obscure but documented behavior from quite a ways back), and all of the other three were basic stack overflows and none of them were exploitable because VS2005: reordered local variables so I didn't overwrite any other variables, moved the SEH record to the other side of my buffer (allocate space first, then mov eax, fs:[0] push eax), and finally the
So think about this, seriously, security enhancements in Windows or their compiler stopped four real-life bring-down-the-house remote vulnerabilities, the only ones that I know of that could've done that in your list would've been OpenBSD and Linux with third party patches (i.e. grsec/pax).
What I had to realize, and what you and everyone else should realize is that over the past few years Microsoft has thrown *a lot* of money at their security problems and purchased a huge chunk of the 'underground' industry, and as such have made an incredibly impressive about face.
Oh. Thank you, I (obviously) wasn't as informed as I thought, and who the intended target nutjobs were exactly was a matter of speculation on my part, I just assumed it was left-leaning nutjobs, thank you for your observation/correction.
Eh, I haven't done anything serious to come up with actual statistics, it was just something I noticed one day and while it hasn't always been true, it's largely been true, or true more often than not, just something I found interesting. As for what conclusions I draw from it, I'm not sure, I could be reading into it too much, I don't think so, I think honestly its just a subtle way of saying that atheism is unamerican or at least implying it, or I guess more accurately it makes it easier for people to discount their opinions because 'you know how those europeans are', et cetera.
Like I said, I may be reading into it too much, but I don't think I am, Fox is real big about that type of stuff, when they were doing the stories/et cetera on 'the war against christmas' they brought orthodox Jews on several times to talk about how they thought it was wrong (the war against christmas that is), when I've seen pieces that deal with more ethnic situations, they tend to bring someone who would be considered empathetic to the subject on (i.e. a black guy to talk about the problems with affirmative action), and so on.
Uh, hi, you've got your facts entirely wrong. He was an right-wing nut job going to use them again the left wing nutjobs, not vice versa. Furthermore, I am not a liar because what they reported on tv when they first presented the story didnt say what that article says, now since then they've gone and posted a story on their website that reports the story as it was, that doesn't change the fact that on TV they didnt present that. Thats akin to me filling out a background check form and saying I'm not a convicted felon, then on a second form later disclosing it. It doesn't change the fact that I didn't initially disclose it. Everything else you said is foolish/very obviously has an agenda and not worth being addressed.
That's now what they were saying on TV, when i saw the report a day or two back they werent addressing the subject at all. even more interesting is that the article says:
...', or how if you notice almost every time Fox news has an athiest on, the person has a British accent, et cetera.
However, ABC News reported that the 19-year-old told authorities he was making the bombs to stop protesters from disrupting the funeral.
Which underscores something else FOX likes to do, they distance themselves from aspects of the news that they don't agree with, notice that this isn't saying 'he was doing xyz', as every other article I've read has said, but rather 'ABC News reported that he was doing xyz', this is akin to the nigerian yellow cake stuff with the 'The Brittish Government has said
I'm not really sure how you can say that objectively, I'm a non-republican/non-democrat who regularly watches fox news just because I find the way that they present things somewhat genius, it's kind of like watching Goebbels in action. A good example of their 'slant' is in how they reported the story about the kid who planned on bringing bombs to Falwell's funeral. What I saw on Fox news was that a college student has been arrested after he was caught with bombs in his car, that he intended to bring to Falwell's funeral. With that and other coverage of Falwell's passing it implied that the guy was some left-wing nut who wanted to bomb his funeral, when in actuality the kid was a student of Falwell's university and intended to bring the bombs to 'keep protestors from disturbing the funeral', which makes him a right-wing nut who is obviously totally out of touch with reality. Stuff like that, which an omission of a couple words completely changes the story, puts an incredible slant and spin on the story and honestly borders on outright disinformation.
Honestly, I think if you paid a little closer attention to what they report, how they report it and what they don't report I think you would find their slant pretty incredible, and as I said, their tactics somewhat genius.
This is absurd, the author has obviously never been to Redmond, or dealt with the hordes of Windows-only developers, or had a conversation with your average MCSE, et cetera. If you've ever spent time in an airport on a trip to Redmond and make the mistake of telling someone, you end up in a conversation with everyone from the Seattle area, who all, strangely enough, know Bill Gates life history, and then you get there and listen to everyone talk about how great Microsoft is, when you mention that Google maps led you astray, you get told you should've used MS Live instead.
Microsoft has a culture, and thinking otherwise is just wishful thinking.