I’m here at SuperComputing 2006 (SC06, booth #1938) and whilst wandering around during the exhibition setup yesterday (Sunday) spotted that the folks running the NOC (( Network Operations Center )) for the conference (called SCinet) are running Bro to capture passwords that are going across the network in the clear and publishing them on a set of screens on their booth.
They’re also up on the web here:
https://scinet.supercomp.org/security/passwords06.html
I like these folks style.. 🙂
LWN is reporting the release of information about and a proof of concept exploit for a root exploit bug in the binary nVidia drivers.
There are two NVIDIA graphics drivers for Linux: a closed-source binary blob driver provided by NVIDIA (which provides acceleration) and an open-source driver (which lacks acceleration). NVIDIA’s binary blob driver contains an error in its accelerated rendering of glyphs (text character data) that can be exploited to write arbitrary data to anywhere in memory. The open-source driver is not vulnerable.
1. Affected system(s):
KNOWN VULNERABLE:
o NVIDIA Driver For Linux v8774
o NVIDIA Driver For Linux v8762
PROBABLY VULNERABLE:
o NVIDIA Driver for FreeBSD
o NVIDIA Driver for Solaris
o Earlier versions
KNOWN FIXED:
o None
nVidia have been somewhat tardy in addressing the issue:
There have been multiple public reports of this NVIDIA bug on the NVNews forum [1,2] and elsewhere, dating back to 2004 [3]. NVIDIA’s first public acknowledgement of this bug was on July 7th, 2006. In a public posting [1] on the NVNews forum, an NVIDIA employee reported having reproduced the problem, assigned it bug ID 239065, and promised a fix would be forthcoming.
That was July – there is still no fix.
Dear gods, it’s the 80’s all over again, only this time with ATM’s..
In the operator manual freely available on the Web site of a Canadian reseller, a section titled “Programming” provides the specific key sequence that will pop up a screen on the ATM that asks for the master password. It then lists three default passwords – master, service and operator – that could be used to hijack and possibly rig a machine. (emphasis added)
Lets try this again – default passwords are bad, OK ? Sheesh…
Looks like Google is working on a new service to allow users to add labels to topics that they (hopefully) know something about. The idea then is that other people then subscribe to your labels if they feel you are accurate and that then influences their search results. Sort of like routing by rumour protocols in computer networks.
So their intention is to get around the fact that webmasters don’t put explicit semantic markup in their pages yet by exploiting the fact that it’s much easier to get other people who know about topics to provide annotations for existing pages through a third party site that (many) others can then use in their normal searches.
I guess the first thing there that springs to mind for me is “what an opportunity for guerrilla marketing” – PR companies subscribe as “ordinary people”, but skew their recommendations towards the people paying them. If that sounds far fetched then don’t forget that techniques like this have been around for over 2 decades – consider it the marketeers version of computer security’s “social engineering“.
Initially found via the Evolving Trends blog.
The BBC has a report that’s meant to be about free security software for Windows (but doesn’t really say anything substantive on that matter) which contains a rather illuminating section on Microsofts latest adventure in security:
Laura Yecies of Zone Labs said: “Microsoft is certainly making it more difficult for the independent security vendors right now.
What a surprise! So what are they doing ?
“They’re essentially trying to take control of the security user interface functions.
Probably under the guise of “improving” Vista’s security (not that they’ve got a great track record in IT security anyway), but it leads into this rather nice piece of irony.
“Fortunately we have a pretty crack team which is finding new and innovative ways to continue to provide a very important security layer to our users.”
I couldn’t put it any better than the BBC themselves:
So the antivirus people are having to hack Windows so they can get close enough to protect it.
Of course Microsoft themselves would have no vested interest in stopping other peoples security software from working on Vista, would they ?
At the same time as Microsoft starts closing off parts of the operating system to security software vendors, it has also released its own security product known as OneCare. The all in one package is designed to look after your computer and all your data, leaving the whole gamut of security on Microsoft’s shoulders.
Can you say “monopolistic practices” ? I knew you could..
This is almost a program falling for the SULFNBK.EXE hoax.
From ZDNet:
Some Windows 2003 users have been experiencing problems with the operating system after CA antivirus software wrongly detected part of the operating system as malicious software last week.
I could beg to differ with about detecting Windoze as malicious software being wrong..
CA could spin this in one of two ways, either the eTrust virus checker signature for Win32/Lassrv.B had an unfortunate bug that caused unwanted side effects, or, the virus checker was taking extreme proactive measures to protect the rest of us from Windows systems being used as spam sources and denial of service zombie botnets. 🙂
From El Reg:
Speaking in Australia this week, Microsoft Senior Program Manager Steve Riley effectively revealed Windows Media Player 11 will not play HD content from HD DVD or BD sources unless it’s running under a 64-bit version of Vista. According to Riley, 32-bit mode is too open to hacks designed to bypass the optical discs’ copy-protection mechanisms.
Given MS’s current current track record with security, it remains to be seen how effective this push to use the UnTrusting Computing platform will be for this..
According to Riley, the decision to drop 32-bit HD DVD and BD playback from WMP 11 was made because “the media companies asked us to do this”. What’s more, he added, “they don’t want any of their HD content to play in [32-bit] at all, because of all of the unsigned malware that runs in kernel mode can get around content protection”.
So presumably anyone else not MS who wants to beg leave to create an official player is going to have to play along with the media companies attempts to wrest control of your computer from you.
It also probably means that Apple Mac users will have to buy 64-bit Intel Macs if they want to be able to watch this new content and high quality (as I don’t believe that the PowerPC line of processors supports the lock in that Hollywood requires).
With Sony and Toshiba supporting BD and HD DVD playback, respectively, on select PCs running 32-bit Windows XP, playing content from pre-recorded discs may not seem to be much of a problem. But it will become more of an issue once content companies begin enforcing region coding and HDCP compliance for full-resolution output. That may require new software for playback, and the updated code could well meet Hollywood’s demand for 64-bit computing.
Given that I don’t run Windows anyway, the whole question is likely to be moot..
The BBC is reporting that Google will try and warn people about pages they return that may contain malware.
Initially the warnings seen via the search site will be generic and simply alert people to the fact that a site has been flagged as dangerous. Eventually the warnings will become more detailed as Stop Badware researchers visit harmful sites and analyse how they try to subvert users’ machines.
I had a play with one example that the BBC quotes:
A research report released in May 2006 looked at the safety of the results returned by a search and found that, on average, 4-6% of the sites had harmful content on them. For some keywords, such as “free screensavers” the number of potentially dangerous sites leapt to 64%.
But I couldn’t get it to warn me – perhaps it’s because Google knows I’m not running Windows ? 🙂
This is a type of information attack where the attacker is attempting to bury an unfavourable article in search results through posting a large number of other articles that contain the keywords that they wish to obfuscate.
It used to be the joke was “Friends don’t let friends do Windows” – well now it’s a case of many a true word spoken in jest.
The UK anti-virus company Sophos is reportedly recommending that you don’t use Windows any more due to its increasing vulnerability to attack.
Security threats to PCs with Microsoft Windows have increased so much that computer users should consider using a Mac, says a leading security firm.
As someone who is constantly having to fight spam because of Windows PC’s that have become infected by viruses, trojans and other malware I second the call – please think twice before buying a Windows PC!