Your requests are, unfortunately, somewhat contradictory. You ask for a smarter AI (that doesn't put ranged units in front, for example) and then ask for one that processes faster. You complain about the late-game AI time (where the decision trees are *huge*), then say you want the AI to give a harder game without handicaps.
Don't get me wrong, I want to see optimizations too. But, I think they did a pretty decent job of balance, especially in the expansions (the original game was kind of bad in many ways, AI included). Diplomacy has gotten a *lot* better, partially because the AI's motivations are more transparent.The AI unit management is non-ideal, but it's rarely outright bad anymore (and can in fact be really good at specific goals, like "capture that barbarian camp"). As for handicaps, the AI *does* play dumber/friendlier at the lower difficulties, and always has; the point at which the AI starts needing to cheat, and the degree of its cheating, has crept up over time though.
Those are good critiques of Civ5. There are a more, of course, but *most* of them boil down to the original release of the game being, basically, too big a change for them to get it right.
Let me say that again: Civ 5 was *badly* flawed at release, because it was too big a change.
For example, in a game where each unit (and tile, since they go together) is so much more precious than they were before, the 10HP system (where even a curbstomp battle costs 10% of your health, and the enemy rolling just a *little* too well can easily kill a unit that should have been wounded but near-guaranteed to survive) is stupid. They fixed that in the first expansion, and it made combat *much* better.
Then there's the silliness where ranged units turn into melee units as they upgrade. That is, sadly, still present in a few units (chariot archers, etc.) but it's way less common than it once was, and there are actual ranged units in the late-game now.
The original culture system was undeniably silly. The new one is better in many ways, although the lines between things that give faith and things that give culture and things that give tourism still feels a bit arbitrary. I mean, shouldn't world wonders *inherently* give tourism? Shouldn't religious buildings have a cultural impact as well? It's weird.
On the other hand, there are good things that I think you missed, too. You complain about three ways to trade in C5:BNW, but I see more than that (unit transfers are not explicitly trades, but they achieve much the same thing, and AI goodwill is effectively a commodity you can sometimes trade) and Alpha Centauri had the same things (Econ tech + treaties, direct trade over comlink, vote-buying in council). The tech tree has plenty of absurdities, but what else is new? That's hardly something Civ5-specific, and the power level progressions throughout the game are pretty good.
If they prematurely (i.e. before they said they were going to) EOL their products, yet continue to have any meaningful funds, a lawsuit would almost certainly follow. Not a great way to make money.
There have been a number of sites. SSLLabs scanner has been updated to check for Heartbleed, and also will report when the cert validity starts (handy if you want to see whether they're using a new cert). https://www.ssllabs.com/ssltes... LastPass has a pretty decent scanner that just focuses on Heartbleed (without all the other info that you get from SSLLabs): https://lastpass.com/heartblee... There are some others out there as well, of course.
There's even one for client-side testing (almost as critical): Pacemaker is an awesome little POC script (python 2.x) for testing whether a *client* is vulnerable (many that use OpenSSL are...). https://github.com/Lekensteyn/...
0.9.8 doesn't support any protocol newer than TLS 1.0, so while it's safe from heartbleed it's also old and verging on deprecated.
Also, it's not that rare for software to use its own copy of OpenSSL, either is a bundled library or statically compiled into the program. I don't actually know of any Mac software that I'm sure does this, but that's not saying much since I don't use a Mac. Things I would expect to find it in are cross-platform programs that use OpenSSL but want a newer branch than 0.9.8 (Python maybe?)
Well, Microsoft's CAPI (CryptoAPI) actually, not IIS. IIS uses CAPI, but IIS is no more a crypto toolkit than Apache or lighttpd are. A vuln in CAPI (they've happened before) could also affect clients (IE, Outlook, anything else using the platform APIs...).
Besides, we're still waiting on a NSS issue. NSS isn't so much *broadly* used - I know of only a few product families that use it - as it is *heavily* used. The product families in question are Mozilla anything (Firefox, mostly; the N stands for "Netscape") and Chrome (for PCs). Very few browsers (though not zero; Chrome on Android 4.1 uses a vulnerable version of OpenSSL) are/were vulnerable to Heartbleed, but they'll get their turn eventually!
Clearly, the solution is railgun-based point defense! Sure, it'll have a lower rate of fire than the current CIWS units, but imagine the light show you'd get from the sparks when of a pair of opposing slugs run into each other at a combined mach 12 or so?
Impractical today, of course, but technology marches on. In the meantime, it isn't actually that hard to deflect the projectile enough... if you can hit it at any meaningful distance. That's going to be quite impractical (just hitting it at all is likely impractical) so for the moment, yeah. Add to that the ability to scale up the gun faster than people can realistically produce defense (my WAG there, but I suspect it's true nonetheless) and offense is taking a lead right now.
On the other hand, that's been true for a long time in a different way, which also brings me to the best defensive measure I can think of: a few hundred feet of H2O. Phalanx can't hit a torpedo, either...
Meanwhile, in some MOBAs (I don't like LoL, but I've played a bit and used to play DotA, still play HoN, and occasionally play DotA2 or Smite), "GG" has become a term of mockery. Not universally, of course, but I've seen it after one team gets massively more powerful than the other and rather than pushing to end the game, they ignore structures entirely and focus on just killing the opponents over and over again (thus drawing out the game), especially if some people on the other team refuse to forfeit (it happens). There's nothing remotely good about that game - it's trolling, pure and simple - but that won't stop the trolls from saying so.
Except, of course, that nobody has asserted that he couldn't be CEO. Many people said that he shouldn't, but nobody said he couldn't. Big difference.
Oh, and if you don't see how giving him direct control of HR and of Mozilla's finances (which could then be used to make contributions in the company's name) is a risk, you're an idiot. Mozilla is a pro-gay-rights organization, by company policy and internal culture. Eich's actions undermined Mozilla in *exactly* the same way (though not to the same degree) as if he were advocating death or criminalization.
Oh, and to a certain extent, Prop 8 was an attempt to criminalize gays. Married couples receive a large number of legal benefits (taxes being an obvious one). A gay couple who tried to claim those benefits would be criminals. That's the weakest part of my response to you (because they could simply not *try* to claim them, merely being deprived rather than criminalized), and I almost left it off, but it's worth considering. Similarly, under DOMA, a married gay couple who filed federal taxes as "married, filing jointly" would be considered to have committed tax fraud.
Oh, just an addendum: This works against clients, too. So if an attacker can get between your smartphone and the Internet - really easy if using a public WiFi access point, such as at a café - they can dump all the secrets that your client knows when it tries to connect to its server. This could be stored images, messages, passwords, cached details of any kind, and so on. This can happen even if the server is *not* vulnerable, so long as the client is.
You don't have to run it as root. You only have to run it such that nobody *except* root can start, spoof, or debug it. It needs to be something that "clients can trust it because compromising it would mean the OS is already compromised", not something that "the entire operating system trusts it, so that if it gets compromised it can compromise everything else". I realize what I said was unclear.
Besides, how is the attacker going to compromise it anyhow? It's not exposed to any remote services. Yes, it could be a local EoP vector if you ran it as root (so don't do that) but the only way *to* attack it is to already have arbitrary code execution on the machine.
Oh, and your "scatter parts of the password" idea is truly, incredibly, awful. Not only does that provide no real security (just obfuscation at best; it's still vulnerable to an attack like this with a bit more effort), it adds a lot of wasted effort. We're trying to build actual security here, not DRM...
Windows (NT, not sure about CE and pretty sure not 9x) and all forms of Unix and Unix-like systems have built-in mechanisms that can be used for secure IPC (where the less-trusted component can be verified securely). In fact, Windows has more than it knows what to do with, from named pipes to its various forms of Local Procedure Call.
An awful lot of mobile apps use it, though (I've heard rumors that this includes some mobile browsers). I just tested an app using the POC at https://github.com/Lekensteyn/... on a fairly sensitive app and it worked, dumping (decrypted) HTTPS requests/responses that the app had done, plus some SSL data. It works before the client (such as an app) has a chance to verify the server certificate, too; this makes MitM trivial.
One potential attack is to wait for an app to connect to a server over SSL, at which point a symmetric key will be generated. The attacker then MitM's the next connection the client tries to make and dumps memory. With some luck, this could include the symmetric key for the first connection, allowing the attacker to decrypt any recorded (or ongoing) traffic, and to intercept any ongoing communication using that key.
Sure, but that's A) obvious, and B) completely irrelevant to what I said (or what DarwinSurvivor said, for that matter). Oh, and whoever modded me down: thank you for proving my point about moderator intelligence.
Nobody is taking away his right to say anything. He made the contribution out of his personal funds, he can do so again. There are lots of organizations which would be happy to have him on board. Hell, he didn't even lose his previous C-level position at Mozilla out of it.
Your right to say something does not take away my right to give you the finger for saying so, or even to refuse to use your company's products because of it. Freedom of speech isn't freedom from the consequences of speech. You have the right to attempt to attempt to enforce bigotry at the government level; I have the right to object to giving you additional resources with which to do so. I can't actually directly take those resources from you, of course, but I can object.
Nobody is saying he didn't have a right to say what he did or even to donate money. We don't have to financially support the organization that pays him, though!
That's a future update (Update 2? Win8.2? Win 8.5? Win9? Who knows...) that was demoed as a "something we're working on". I wouldn't be surprised to see it by year's end, but it is *not* in Win8.1u1, despite the wild claims of a bunch of people who couldn't be bothered to actually pay attention to what MS was saying.
Live tiles have extremely limited interaction options. You can show some text, you can show an image, you can show a front and a back side. They aren't allowed to have any active code (the app can subscribe its tile to updates from a server, but that just means new text/image that the OS fetches and displays). Pretty big difference.
I've actually wondered about this too. Read overruns will crash a program just as badly as write overruns; Read AV in Windows [NT], Segmentation Fault in *nix (General Protection Fault in legacy Windows), etc. reading memory will tell you enough about the layout of memory to cherry-pick addresses pretty well, and probably to determine the ASLR mask, but you're still going to have the issue of what, within the heap, is allocated. You could probably do OK by starting from the stack (which is in a predictable enough location) and working from there, I guess?
Basically, an attacker can connect to many secure Internet services - could be a banking website, or your email server, or a server hosting software updates, or possibly your corporate VPN - and learn everything that the server knows. This includes the private key (sort of like a super-complex and super-secret password) that is used to *make* the service secure. The attacker can then get all the data that the server sees, ranging from normal user passwords to all your emails and banking info.
This vulnerability is many, many kinds of bad. I'm simplifying a lot here. Basically, an awful lot of data is at risk right now, because of this bug.
This site has a pretty great explanation that most people likely to be found on/. will be able to follow, even if not normally security types: http://heartbleed.com/
Assuming it uses a version of openssl that supports the relevant TLS feature, SSH servers are absolutely vulnerable. Connect to one, carry out the attack while it waits for you to authenticate; now you can steal its secret key. This is also a way that a malicious SSH server could attack the client; possibly stealing things like the client private keys (SSH being one of relatively few places where asymmetric client authentication is common).
Don't just encrypt them - move them out of process entirely. Have a security broker that knows your secrets, but doesn't talk to *anything* except local clients (on the assumption that if the attacker has arbitrary code execution, it's game over anyhow). Use inter-process communication to get secrets when needed, but preferably don't *ever* hold sensitive data in memory (for example, instead of using your private key directly, you ask he broker process to sign a binary blob for you, and it does so using your key and returns just the signature). Use "secure buffers" in managed code, or "secure zero" functions otherwise, to eliminate any sensitive data from memory as quickly as possible.
Yes, this used to sound paranoid. Actually, it still does sound paranoid. But, there's now a great example of a scenario where this is a Good Idea.
Of course, you have to make sure that broker is Really Damn Secure. Keep its attack surface minimal, make sure the mechanism by which it identifies whose key to use is extremely robust, and if possible make it a trusted part of the OS that is as secure from tampering as possible (Microsoft already has something like this built into Windows). There's also a question of how far to take it. For example, you could have the broker handle the symmetric encryption and decryption of TLS data (the bulk data part, after handshaking is completed) but that could impact performance a lot. Keeping the symmetric key in memory isn't so bad, really; it's ephemeral. However, if an attacker has a vuln like this and wants to read the traffic of a target user, they could attack the server while the user is using it, extract the symmetric key, and use it to decrypt the captured TLS stream. Keeping the key in-memory only while actually losing and (securely) purging it between response and the next request might be a good middle ground, perhaps?
No, you got it quite right. A server could grab browsing history, JS memory contents, stored passwords, and authentication cookies from a browser. It's not just web browsers, though; a malicious server could also steal email (from other email accounts) out of a mail client, and so on. For the handful of services that use client certificates, a server could steal the *client's* secret key.
Browsers (or other clients) that use multiple processes have some degree of safety, as this exploit can't read across process boundaries. It's also completely passive; just because every Chrome tab *can* get the cookies that are currently being used in every other Chrome tab doesn't mean that they are always loaded in each tab's process' address space (though I don't know if they are in practice or not).
Still, this is a grade-A clusterfuck security-wise. The ability for an unauthenticated attacker (all you need is an open TLS connection; that could be the login screen) to read memory off the other side of the connection is the kind of exploit you can make movie-grade "hacker" scenes out of. For a simple example you might see somebody pulling, you could use this exploit to decrypt any connection you recorded, assuming the server hadn't rotated its private key since then. If you can be fast enough and are in an intercept (MitM) position rather than just monitoring passively, you could even grab the keys in real-time and have complete control, invisibly, over the connection. From there, you could even read memory from the client and (continue reading from) the server at the same time!
You could probably do it automatically using a Raspberry Pi hiding behind the flowerpot in a café. I'm not joking.
I've been in the security world for years and I don't think I've ever seen so bad a vuln. Yes, things like "goto fail" were mind-blowingly stupid, but they still only let you MitM connections if you were in the right place at the right time. This one is strictly better and enables a huge number of alternative attacks.
How the fuck did this get modded up? Idiot mods (and "DarwinSurvivor", apparently) can't read a link, I guess...
The only way this could have been stupider is if it was actually the same link, instead of merely being a link that I could tell, just from the URL, was about exactly the same issue.
It need not be a revolution of our understanding; it might "simply" lend an incredible degree of support to a bunch of our current theories. We've got lots of theories about life that once existed on Earth but no longer does, and lots of theories about how life arose on Earth, and something like this could mean a ton for our ability to understand such things.
Would extraterrestrial life have its proteins folded the same way? Would it even use the same proteins? Would it have adapted a double-helix structure like DNA, or still be single-strand like RNA, or something else? What chemistry would it use (aerobic is not impossible, but seems unlikely - then again, I'm not a biologist)? There are many more questions that could be asked, and answered, by those who know more of this subject than I do... if we can, in fact, find such life.
On the other hand, if we can't, then that has some interesting implications as well. Are the "building blocks" of life present? If so, maybe life is extremely unlikely to ever spontaneously occur. Is that ocean completely sterile? If so, why is Earth different? What are the differences which could account for that difference, and how likely are they?
*MOST* of that is because the software expects to be running as Admin all the time. The vast majority of general use software can be coaxed into working on NT 6.x, sometimes just by changing ACLs on things that it wants access to (like being able to write to its home directory). Of course, to most people, if they double-click the icon which the installer put on their desktop and it doesn't work just like that, then "it doesn't work" and they complain.
With that said, there's definitely other stuff that changed. Older Windows versions allowed opening block devices directly if you have enough permissions, while newer versions require an extra call into the driver to enable a given user-mode process to do so. There have been some similar changes to low-level access to hardware, especially legacy hardware interfaces, in other places too..
Slashdot Mirror
Your requests are, unfortunately, somewhat contradictory. You ask for a smarter AI (that doesn't put ranged units in front, for example) and then ask for one that processes faster. You complain about the late-game AI time (where the decision trees are *huge*), then say you want the AI to give a harder game without handicaps.
Don't get me wrong, I want to see optimizations too. But, I think they did a pretty decent job of balance, especially in the expansions (the original game was kind of bad in many ways, AI included). Diplomacy has gotten a *lot* better, partially because the AI's motivations are more transparent.The AI unit management is non-ideal, but it's rarely outright bad anymore (and can in fact be really good at specific goals, like "capture that barbarian camp"). As for handicaps, the AI *does* play dumber/friendlier at the lower difficulties, and always has; the point at which the AI starts needing to cheat, and the degree of its cheating, has crept up over time though.
Those are good critiques of Civ5. There are a more, of course, but *most* of them boil down to the original release of the game being, basically, too big a change for them to get it right.
Let me say that again: Civ 5 was *badly* flawed at release, because it was too big a change.
For example, in a game where each unit (and tile, since they go together) is so much more precious than they were before, the 10HP system (where even a curbstomp battle costs 10% of your health, and the enemy rolling just a *little* too well can easily kill a unit that should have been wounded but near-guaranteed to survive) is stupid. They fixed that in the first expansion, and it made combat *much* better.
Then there's the silliness where ranged units turn into melee units as they upgrade. That is, sadly, still present in a few units (chariot archers, etc.) but it's way less common than it once was, and there are actual ranged units in the late-game now.
The original culture system was undeniably silly. The new one is better in many ways, although the lines between things that give faith and things that give culture and things that give tourism still feels a bit arbitrary. I mean, shouldn't world wonders *inherently* give tourism? Shouldn't religious buildings have a cultural impact as well? It's weird.
On the other hand, there are good things that I think you missed, too. You complain about three ways to trade in C5:BNW, but I see more than that (unit transfers are not explicitly trades, but they achieve much the same thing, and AI goodwill is effectively a commodity you can sometimes trade) and Alpha Centauri had the same things (Econ tech + treaties, direct trade over comlink, vote-buying in council). The tech tree has plenty of absurdities, but what else is new? That's hardly something Civ5-specific, and the power level progressions throughout the game are pretty good.
If they prematurely (i.e. before they said they were going to) EOL their products, yet continue to have any meaningful funds, a lawsuit would almost certainly follow. Not a great way to make money.
There have been a number of sites.
SSLLabs scanner has been updated to check for Heartbleed, and also will report when the cert validity starts (handy if you want to see whether they're using a new cert). https://www.ssllabs.com/ssltes...
LastPass has a pretty decent scanner that just focuses on Heartbleed (without all the other info that you get from SSLLabs): https://lastpass.com/heartblee...
There are some others out there as well, of course.
There's even one for client-side testing (almost as critical):
Pacemaker is an awesome little POC script (python 2.x) for testing whether a *client* is vulnerable (many that use OpenSSL are...). https://github.com/Lekensteyn/...
0.9.8 doesn't support any protocol newer than TLS 1.0, so while it's safe from heartbleed it's also old and verging on deprecated.
Also, it's not that rare for software to use its own copy of OpenSSL, either is a bundled library or statically compiled into the program. I don't actually know of any Mac software that I'm sure does this, but that's not saying much since I don't use a Mac. Things I would expect to find it in are cross-platform programs that use OpenSSL but want a newer branch than 0.9.8 (Python maybe?)
Well, Microsoft's CAPI (CryptoAPI) actually, not IIS. IIS uses CAPI, but IIS is no more a crypto toolkit than Apache or lighttpd are. A vuln in CAPI (they've happened before) could also affect clients (IE, Outlook, anything else using the platform APIs...).
Besides, we're still waiting on a NSS issue. NSS isn't so much *broadly* used - I know of only a few product families that use it - as it is *heavily* used. The product families in question are Mozilla anything (Firefox, mostly; the N stands for "Netscape") and Chrome (for PCs). Very few browsers (though not zero; Chrome on Android 4.1 uses a vulnerable version of OpenSSL) are/were vulnerable to Heartbleed, but they'll get their turn eventually!
Clearly, the solution is railgun-based point defense! Sure, it'll have a lower rate of fire than the current CIWS units, but imagine the light show you'd get from the sparks when of a pair of opposing slugs run into each other at a combined mach 12 or so?
Impractical today, of course, but technology marches on. In the meantime, it isn't actually that hard to deflect the projectile enough... if you can hit it at any meaningful distance. That's going to be quite impractical (just hitting it at all is likely impractical) so for the moment, yeah. Add to that the ability to scale up the gun faster than people can realistically produce defense (my WAG there, but I suspect it's true nonetheless) and offense is taking a lead right now.
On the other hand, that's been true for a long time in a different way, which also brings me to the best defensive measure I can think of: a few hundred feet of H2O. Phalanx can't hit a torpedo, either...
Meanwhile, in some MOBAs (I don't like LoL, but I've played a bit and used to play DotA, still play HoN, and occasionally play DotA2 or Smite), "GG" has become a term of mockery. Not universally, of course, but I've seen it after one team gets massively more powerful than the other and rather than pushing to end the game, they ignore structures entirely and focus on just killing the opponents over and over again (thus drawing out the game), especially if some people on the other team refuse to forfeit (it happens). There's nothing remotely good about that game - it's trolling, pure and simple - but that won't stop the trolls from saying so.
Except, of course, that nobody has asserted that he couldn't be CEO. Many people said that he shouldn't, but nobody said he couldn't. Big difference.
Oh, and if you don't see how giving him direct control of HR and of Mozilla's finances (which could then be used to make contributions in the company's name) is a risk, you're an idiot. Mozilla is a pro-gay-rights organization, by company policy and internal culture. Eich's actions undermined Mozilla in *exactly* the same way (though not to the same degree) as if he were advocating death or criminalization.
Oh, and to a certain extent, Prop 8 was an attempt to criminalize gays. Married couples receive a large number of legal benefits (taxes being an obvious one). A gay couple who tried to claim those benefits would be criminals. That's the weakest part of my response to you (because they could simply not *try* to claim them, merely being deprived rather than criminalized), and I almost left it off, but it's worth considering. Similarly, under DOMA, a married gay couple who filed federal taxes as "married, filing jointly" would be considered to have committed tax fraud.
Oh, just an addendum: This works against clients, too. So if an attacker can get between your smartphone and the Internet - really easy if using a public WiFi access point, such as at a café - they can dump all the secrets that your client knows when it tries to connect to its server. This could be stored images, messages, passwords, cached details of any kind, and so on. This can happen even if the server is *not* vulnerable, so long as the client is.
Seriously, scary bug.
You don't have to run it as root. You only have to run it such that nobody *except* root can start, spoof, or debug it. It needs to be something that "clients can trust it because compromising it would mean the OS is already compromised", not something that "the entire operating system trusts it, so that if it gets compromised it can compromise everything else". I realize what I said was unclear.
Besides, how is the attacker going to compromise it anyhow? It's not exposed to any remote services. Yes, it could be a local EoP vector if you ran it as root (so don't do that) but the only way *to* attack it is to already have arbitrary code execution on the machine.
Oh, and your "scatter parts of the password" idea is truly, incredibly, awful. Not only does that provide no real security (just obfuscation at best; it's still vulnerable to an attack like this with a bit more effort), it adds a lot of wasted effort. We're trying to build actual security here, not DRM...
Windows (NT, not sure about CE and pretty sure not 9x) and all forms of Unix and Unix-like systems have built-in mechanisms that can be used for secure IPC (where the less-trusted component can be verified securely). In fact, Windows has more than it knows what to do with, from named pipes to its various forms of Local Procedure Call.
An awful lot of mobile apps use it, though (I've heard rumors that this includes some mobile browsers). I just tested an app using the POC at https://github.com/Lekensteyn/... on a fairly sensitive app and it worked, dumping (decrypted) HTTPS requests/responses that the app had done, plus some SSL data. It works before the client (such as an app) has a chance to verify the server certificate, too; this makes MitM trivial.
One potential attack is to wait for an app to connect to a server over SSL, at which point a symmetric key will be generated. The attacker then MitM's the next connection the client tries to make and dumps memory. With some luck, this could include the symmetric key for the first connection, allowing the attacker to decrypt any recorded (or ongoing) traffic, and to intercept any ongoing communication using that key.
Sure, but that's A) obvious, and B) completely irrelevant to what I said (or what DarwinSurvivor said, for that matter). Oh, and whoever modded me down: thank you for proving my point about moderator intelligence.
Nobody is taking away his right to say anything. He made the contribution out of his personal funds, he can do so again. There are lots of organizations which would be happy to have him on board. Hell, he didn't even lose his previous C-level position at Mozilla out of it.
Your right to say something does not take away my right to give you the finger for saying so, or even to refuse to use your company's products because of it. Freedom of speech isn't freedom from the consequences of speech. You have the right to attempt to attempt to enforce bigotry at the government level; I have the right to object to giving you additional resources with which to do so. I can't actually directly take those resources from you, of course, but I can object.
Nobody is saying he didn't have a right to say what he did or even to donate money. We don't have to financially support the organization that pays him, though!
That's a future update (Update 2? Win8.2? Win 8.5? Win9? Who knows...) that was demoed as a "something we're working on". I wouldn't be surprised to see it by year's end, but it is *not* in Win8.1u1, despite the wild claims of a bunch of people who couldn't be bothered to actually pay attention to what MS was saying.
Live tiles have extremely limited interaction options. You can show some text, you can show an image, you can show a front and a back side. They aren't allowed to have any active code (the app can subscribe its tile to updates from a server, but that just means new text/image that the OS fetches and displays). Pretty big difference.
I've actually wondered about this too. Read overruns will crash a program just as badly as write overruns; Read AV in Windows [NT], Segmentation Fault in *nix (General Protection Fault in legacy Windows), etc. reading memory will tell you enough about the layout of memory to cherry-pick addresses pretty well, and probably to determine the ASLR mask, but you're still going to have the issue of what, within the heap, is allocated. You could probably do OK by starting from the stack (which is in a predictable enough location) and working from there, I guess?
Basically, an attacker can connect to many secure Internet services - could be a banking website, or your email server, or a server hosting software updates, or possibly your corporate VPN - and learn everything that the server knows. This includes the private key (sort of like a super-complex and super-secret password) that is used to *make* the service secure. The attacker can then get all the data that the server sees, ranging from normal user passwords to all your emails and banking info.
This vulnerability is many, many kinds of bad. I'm simplifying a lot here. Basically, an awful lot of data is at risk right now, because of this bug.
This site has a pretty great explanation that most people likely to be found on /. will be able to follow, even if not normally security types: http://heartbleed.com/
Assuming it uses a version of openssl that supports the relevant TLS feature, SSH servers are absolutely vulnerable. Connect to one, carry out the attack while it waits for you to authenticate; now you can steal its secret key. This is also a way that a malicious SSH server could attack the client; possibly stealing things like the client private keys (SSH being one of relatively few places where asymmetric client authentication is common).
Don't just encrypt them - move them out of process entirely. Have a security broker that knows your secrets, but doesn't talk to *anything* except local clients (on the assumption that if the attacker has arbitrary code execution, it's game over anyhow). Use inter-process communication to get secrets when needed, but preferably don't *ever* hold sensitive data in memory (for example, instead of using your private key directly, you ask he broker process to sign a binary blob for you, and it does so using your key and returns just the signature). Use "secure buffers" in managed code, or "secure zero" functions otherwise, to eliminate any sensitive data from memory as quickly as possible.
Yes, this used to sound paranoid. Actually, it still does sound paranoid. But, there's now a great example of a scenario where this is a Good Idea.
Of course, you have to make sure that broker is Really Damn Secure. Keep its attack surface minimal, make sure the mechanism by which it identifies whose key to use is extremely robust, and if possible make it a trusted part of the OS that is as secure from tampering as possible (Microsoft already has something like this built into Windows). There's also a question of how far to take it. For example, you could have the broker handle the symmetric encryption and decryption of TLS data (the bulk data part, after handshaking is completed) but that could impact performance a lot. Keeping the symmetric key in memory isn't so bad, really; it's ephemeral. However, if an attacker has a vuln like this and wants to read the traffic of a target user, they could attack the server while the user is using it, extract the symmetric key, and use it to decrypt the captured TLS stream. Keeping the key in-memory only while actually losing and (securely) purging it between response and the next request might be a good middle ground, perhaps?
No, you got it quite right. A server could grab browsing history, JS memory contents, stored passwords, and authentication cookies from a browser. It's not just web browsers, though; a malicious server could also steal email (from other email accounts) out of a mail client, and so on. For the handful of services that use client certificates, a server could steal the *client's* secret key.
Browsers (or other clients) that use multiple processes have some degree of safety, as this exploit can't read across process boundaries. It's also completely passive; just because every Chrome tab *can* get the cookies that are currently being used in every other Chrome tab doesn't mean that they are always loaded in each tab's process' address space (though I don't know if they are in practice or not).
Still, this is a grade-A clusterfuck security-wise. The ability for an unauthenticated attacker (all you need is an open TLS connection; that could be the login screen) to read memory off the other side of the connection is the kind of exploit you can make movie-grade "hacker" scenes out of. For a simple example you might see somebody pulling, you could use this exploit to decrypt any connection you recorded, assuming the server hadn't rotated its private key since then. If you can be fast enough and are in an intercept (MitM) position rather than just monitoring passively, you could even grab the keys in real-time and have complete control, invisibly, over the connection. From there, you could even read memory from the client and (continue reading from) the server at the same time!
You could probably do it automatically using a Raspberry Pi hiding behind the flowerpot in a café. I'm not joking.
I've been in the security world for years and I don't think I've ever seen so bad a vuln. Yes, things like "goto fail" were mind-blowingly stupid, but they still only let you MitM connections if you were in the right place at the right time. This one is strictly better and enables a huge number of alternative attacks.
How the fuck did this get modded up? Idiot mods (and "DarwinSurvivor", apparently) can't read a link, I guess...
The only way this could have been stupider is if it was actually the same link, instead of merely being a link that I could tell, just from the URL, was about exactly the same issue.
Morons.
It need not be a revolution of our understanding; it might "simply" lend an incredible degree of support to a bunch of our current theories. We've got lots of theories about life that once existed on Earth but no longer does, and lots of theories about how life arose on Earth, and something like this could mean a ton for our ability to understand such things.
Would extraterrestrial life have its proteins folded the same way? Would it even use the same proteins? Would it have adapted a double-helix structure like DNA, or still be single-strand like RNA, or something else? What chemistry would it use (aerobic is not impossible, but seems unlikely - then again, I'm not a biologist)? There are many more questions that could be asked, and answered, by those who know more of this subject than I do... if we can, in fact, find such life.
On the other hand, if we can't, then that has some interesting implications as well. Are the "building blocks" of life present? If so, maybe life is extremely unlikely to ever spontaneously occur. Is that ocean completely sterile? If so, why is Earth different? What are the differences which could account for that difference, and how likely are they?
*MOST* of that is because the software expects to be running as Admin all the time. The vast majority of general use software can be coaxed into working on NT 6.x, sometimes just by changing ACLs on things that it wants access to (like being able to write to its home directory). Of course, to most people, if they double-click the icon which the installer put on their desktop and it doesn't work just like that, then "it doesn't work" and they complain.
With that said, there's definitely other stuff that changed. Older Windows versions allowed opening block devices directly if you have enough permissions, while newer versions require an extra call into the driver to enable a given user-mode process to do so. There have been some similar changes to low-level access to hardware, especially legacy hardware interfaces, in other places too..