Submission + - Plumber Injection Attack in Bowser’s Castle (ksplice.com) 1
An anonymous reader writes: Security Advisory SMB-1985-0001: Plumber Injection Attack in Bowser’s Castle
Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser's Castle. An Italian plumber could exploit this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for unspecified other impact.
This vulnerability is demonstrated by "happylee-supermariobros,warped.fm2". Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A patch has been made available.
Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser's Castle. An Italian plumber could exploit this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for unspecified other impact.
This vulnerability is demonstrated by "happylee-supermariobros,warped.fm2". Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A patch has been made available.
Submission + - Zombie children: an intro to Linux process states (ksplice.com)
An anonymous reader writes: Ksplice gives us a hands-on introduction to Linux process states: learn how disown works, make your own army of zombie children, and give yourself a temporary load average of 500 by creating processes in an uninterruptible sleep.
Submission + - Ksplice apparently running on 100,000 servers (ksplice.com)
quartertime writes: Remember Ksplice, the startup that has been claiming they have technology to make rebootless updates for the Linux kernel? When they launched their commercial product last year, we weren't sure whether people would pay $4/month for it.
Well, it turns out that the answer is yes — according to their birthday blog post about having reached all 7 continents, more than 2 million rebootless updates have been installed on over 100,000 production servers.
Personally, I'm looking forward to when IBM's Watson starts updating its own code to fix all the bugs introduced by us humans.
Well, it turns out that the answer is yes — according to their birthday blog post about having reached all 7 continents, more than 2 million rebootless updates have been installed on over 100,000 production servers.
Personally, I'm looking forward to when IBM's Watson starts updating its own code to fix all the bugs introduced by us humans.
Submission + - One year of rebootless kernel updates on Linux (ksplice.com)
An anonymous reader writes: One year ago, nobody believed you could update your kernel without rebooting.
It's been a year since we reported on the launch of Ksplice Uptrack, a subscription service for rebootless kernel updates on Linux. In that time they've deployed on 100,000 production servers, shipped 2 million rebootless kernel updates, and seen adoption on all 7 continents. I'm personally holding out until there are rebootless updates IN SPACE.
It's been a year since we reported on the launch of Ksplice Uptrack, a subscription service for rebootless kernel updates on Linux. In that time they've deployed on 100,000 production servers, shipped 2 million rebootless kernel updates, and seen adoption on all 7 continents. I'm personally holding out until there are rebootless updates IN SPACE.
Submission + - Simultaneous Tx/Rx Radios Developed (stanford.edu)
ericn32 writes: Researchers at Stanford University have developed a radio technology that could lead to significant improvements in radio signal throughput. Currently, radios must transmit and receive simultaneously on different channels, or alternate transmission on a single channel, due to the fact that a radio may become "overwhelmed" by the signal it is transmitting and not listen to incoming signals. These radios overcome this problem by ignoring the noise they produce and can simultaneously transmit to another radio while receiving signals from another on the same channel.
Stanford University News via ZDNet
Stanford University News via ZDNet
Submission + - Firefox 5 To Integrate Tab Web Apps (conceivablytech.com)
An anonymous reader writes: We are hearing that Firefox 4 is now scheduled for a late March release and that the company has some issues fixing the right bugs as more non-blocking than blocking bugs are patched. However, on a positive note, the UI design team has posted some intriguing mockups of partial Firefox 5 interfaces. The big change will be the creation of a site-specific browser, which turns websites into tab apps within Firefox 5. This is the first time we are seeing Mozilla ideas how to deal with the app-ification of the Internet and a strategy to keep the web browser relevant.
Submission + - Valve beats Google, Apple for profits per employee (examiner.com)
AndrewGOO9 writes: It should come with little surprise that Gabe Newell is well on his way to being one of the wealthiest men in gaming. In an age when console gamers would have many believe that the PC was on it's way out the door, Newell and Valve's Steam stand as sentinels of the platform, offering a ridiculous amount of content to the 30 million users. With the lion's share of the downloadable market on the PC, it's no wonder that Steam has become the go-to for many and an incredible financial opportunity for Newell and Valve.
Submission + - Why the NSA builds its own hardware 1
quartertime writes: Remember Reflections on Trusting Trust, the seminal paper describing how to hide a nearly undetectable backdoor inside the C compiler? A new piece describes how to hide a nearly undetectable backdoor in a PCI card. The mechanism is to install some code in the PCI expansion ROM, which is run as part of
BIOS initialization, which patches the BIOS to patch grub to patch the kernel to insert a remote backdoor. I wonder whether with China's dominance of the computer assembly industry, this method has already been used as part of their espionage efforts? This I think makes clear why the NSA has its own chip fabrication plant.
BIOS initialization, which patches the BIOS to patch grub to patch the kernel to insert a remote backdoor. I wonder whether with China's dominance of the computer assembly industry, this method has already been used as part of their espionage efforts? This I think makes clear why the NSA has its own chip fabrication plant.
Submission + - Why the NSA builds its own hardware
quartertime writes: Remember Reflections on Trusting Trust, the classic paper describing how to hide a nearly undetectable backdoor inside the C compiler? Here's an interesting piece about how to hide a nearly undetectable backdoor inside hardware. The post describes how to install a backdoor in the expansion ROM of a PCI card, which during the boot process patches the BIOS to patch grub to patch the kernel to give the controller remote root access. Because the backdoor is actually housed in the hardware, even if the victim reinstalls the operating from CD, they won't clear out the backdoor. I wonder whether China, with its dominant position in the computer hardware assembly business, has already used this technique for espionage? This perhaps explains why the NSA has its own chip fabrication plant.
Submission + - Why the NSA builds its own hardware
quartertime writes: Remember Reflections on Trusting Trust, the seminal paper describing how to hide a nearly undetectable backdoor in a compiler? Here's a piece about how to hide a nearly undetectable backdoor in hardware. One can install a backdoor in the expansion ROM of a PCI card, which patches the BIOS to patch grub to patch the kernel to grant the attacker remote root access. Even after the victim reinstalls the operating system from CD, the backdoor will still be there. Given that China builds much of the world's computer hardware, I wonder whether this sort of thing is already part of the Chinese espionage playbook?
Submission + - Analysis of a hardware backdoor (ksplice.com)
An anonymous reader writes: Remember Reflections on Trusting Trust? We know we can't trust our compilers, or our operating systems, or our userspace software. Now even our hardware might be out to get us. This post describes how to install a backdoor in the "expansion ROM" of a PCI card, which patches the BIOS to patch GRUB to patch the Linux kernel to give the controller remote root access. The upshot is that even if the compromise is detected and the victim reinstalls the operating from CD, the backdoor will still be there. Now you know why the NSA builds all its own hardware!
Submission + - What Do You Do With A Disruptive Discovery? 3
jcohen writes: Suppose that you've just discovered a way of making a computationally hard bit of math very, very easy. You've written out your proof, you've verified it, you've written code, and now, say, you're factorizing colossal primes at the rate of 1,000 per second. What's next? The consequences could be huge. How do you get another set of eyes on it to make sure that you're not just another crackpot, and that your results are right? Do you disclose your discovery? How? To whom? To your country's intelligence agency? To the public? What are the conceivable answers to these questions that would have the best consequences for you or for the world?
Submission + - Linux kernel exploit aggressively rooting machines (seclists.org)
An anonymous reader writes: Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and "Ac1db1tch3z" (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a "rebootless" version of the patch.
Submission + - Second major hole in Linux being exploited in wild
quartertime writes: CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel has been quite a doozy! The bug affects all 64-bit kernels going back to 2.6.26 (and was also backported into RHEL 5's 2.6.18 kernel) and wasn't fixed until last week — shortly before "Ac1db1tch3z" published code to let any local user become root. The exploit works on most versions of Red Hat, Debian and Ubuntu. Several vendors, including Ubuntu and Debian but not Red Hat, have rushed out new kernels to address this bug over the last 2 days. Red Hat's recommended workaround, it turns out, didn't actually close the hole — it just makes the published exploit not work. And Ac1db1tch3z's exploit is more malicious than your typical demo exploit: it leaves a backdoor behind for itself to exploit later even if the hole is patched. Hot-updates vendor Ksplice wrote a tool to see if your system has the backdoor installed (meaning you've been exploited) and has rushed out a "rebootless" patch to plug the hole in advance of Red Hat's own fix.
(Today's earlier article on the H-Online on CVE-2010-3301 incorrectly refers to the workaround Red Hat has recommended for CVE-2010-3081 as a workaround for CVE-2010-3301. The workaround is not effective for either vulnerability.)
(Today's earlier article on the H-Online on CVE-2010-3301 incorrectly refers to the workaround Red Hat has recommended for CVE-2010-3081 as a workaround for CVE-2010-3301. The workaround is not effective for either vulnerability.)
