Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Faith-based approach to law making (Score 5, Informative) 477

by MillionthMonkey (#49185633) Attached to: White House Threatens Veto Over EPA "Secret Science" Bills

If you want a faith based approach to law making, just be forthright about it.

One of the sponsors of the Secret Science Reform Act was Rep. Paul Broun from Georgia. Here's what he's had to say on that topic:

God's word is true. I've come to understand that. All that stuff I was taught about evolution, embryology, Big Bang theory, all that is lies straight from the pit of hell. It's lies to try to keep me and all the folks who are taught that from understanding that they need a Savior. There's a lot of scientific data that I found out as a scientist that actually show that this is really a young Earth. I believe that the Earth is about 9,000 years old. I believe that it was created in six days as we know them. That's what the Bible says. And what I've come to learn is that it's the manufacturer's handbook, is what I call it. It teaches us how to run our lives individually. How to run our families, how to run our churches. But it teaches us how to run all our public policy and everything in society. And that's the reason, as your congressman, I hold the Holy Bible as being the major directions to me of how I vote in Washington, D.C., and I'll continue to do that.

He does want a "faith based approach to law making", but at least he's been "forthright about it".

Comment: Re:Great product bloodlines (Score 1) 55

by PopeRatzo (#49185413) Attached to: A Versatile and Rugged MIDI Mini-Keyboard (Video)

The QuNexus also has control voltage outputs for directly triggering analog/modular gear.

That is great news. I've got a room full of old modular synths, like a Serge suitcase model and an early Arp.2600. Not to mention a Steiner-Parker that looks like it should have a 1930's phone operator sitting at it.

I've built some home-brew triggering controllers, but none of them are anywhere near as good as what McMillan makes.

Comment: Re:"Clean power foes"? (Score 1) 256

He's very "anti-clean-energy".

"With the coldest winter ever recorded, with snow setting record levels up and down the coast, the Nobel committee should take the Nobel Prize back from Al Gore," the tycoon told members of his Trump National Golf Club in Westchester in a recent speech. "Gore wants us to clean up our factories and plants in order to protect us from global warming, when China and other countries couldn't care less. It would make us totally noncompetitive in the manufacturing world, and China, Japan and India are laughing at America's stupidity." The crowd of 500 stood up and cheered.

Comment: Re:What could possibly go wrong? (Score 1) 124

by swillden (#49182821) Attached to: Linux 4.0 Getting No-Reboot Patching

If someone gains root, they can swap out the on-disk boot image that contains the kernel, and wait for someone else to reboot it as part of normal maintenance.

Assuming there isn't something that prevents the boot image from being replaced. See my other, more extensive, comment in this thread.

Comment: Re:What could possibly go wrong? (Score 3, Informative) 124

by swillden (#49181487) Attached to: Linux 4.0 Getting No-Reboot Patching

But what you're saying is that rebooting is somehow a magic cure-all that guarantees the system isn't infected somehow

Don't be condescending. I'm not saying rebooting is a magic anything.

Whether or not this matters depends on the threat model and why the attacker is interested in patching the kernel. For example, one purpose would be to disable other kernel security features, such as SELinux, or dm-verity. Most SELinux rules are configured and the configuration can be altered by root, but some are compiled into the kernel and can only be modified by modifying the kernel. Altering the persistent kernel image may not be possible for a variety of reasons (read-only media, SecureBoot, etc.). In addition, in security-sensitive and mission-critical contexts an unexpected reboot may well be noticed.

I don't understand your assertion about SecureBoot. Are you referring to some known vulnerability of some particular secure boot system? Given a decent implementation of secure/verified boot, an attacker should not be able to convince the system to boot a modified kernel image, which means that run-time modification of the kernel is the only option if the attacker needs to bypass some kernel security enforcement.

In general, the security model of a high-security Linux system assumes that the kernel is more trustworthy than root. The ability for root to modify the running kernel invalidates this assumption, which most definitely is a security issue.

In the context of a system without mandatory access controls there may not be any reason to care, since once an attacker has obtained root there probably isn't any limit to what he can do.

Comment: Re:What could possibly go wrong? (Score 2) 124

by swillden (#49180351) Attached to: Linux 4.0 Getting No-Reboot Patching

It's no more a risk than current patching that requires a reboot, except that you don't have the downtime of a reboot.

Sure, if your concern is error, rather than malice. An attacker who gains root could use this to dynamically patch a backdoor into the running kernel. Rebooting the machine would potentially enable someone to notice.

As another poster noted, though, you can already dynamically patch the kernel for malicious purposes by loading a malicious module, assuming that hasn't been disabled. In contexts where security is crucial, I would disable both dynamic module loading and run-time patching.

Comment: Re:Pretty pointless (Score 1) 323

by swillden (#49179733) Attached to: Ask Slashdot: How Does One Verify Hard Drive Firmware?

I assume the communication companies were handing over a lot more than the NSLs can demand in the spirit of cooperation and that is why the retroactive immunity was necessary

The GP wasn't suggesting that excessive data was handed over, he said that an NSL could be used to demand installation of a backdoor. If I were a vendor, even one who really wanted to be cooperative, I'd balk at that, because the chances of something like a backdoor being discovered are too high. It would be actively sabotaging my customers, and not just to the NSA... a backdoor can't distinguish between users, it lets in anyone who figures it out. And, of course, if the existence of the backdoor were published it would do serious damage to my business.

Even companies who want to cooperate are going to be reluctant to do potentially business-destroying favors for the government. There would be a great deal of incentive to fall back on the law and refuse on the grounds that the law doesn't authorize such requests.

Comment: Re:FDE on Android doesn't work as of yet (Score 1) 119

by swillden (#49179701) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

I'm skeptical that an Android device would survive running flat out for two years to crack a PIN. The heat and battery life issues I experienced when I tested it demonstrate clearly that mobile devices simply aren't designed to run full-speed 24x7.

Also, it should be pointed out that the attack I described is far from easy to carry out. Among other things, it requires dumping the contents of flash, which basically requires removing the flash chips from the mainboard without damaging it, then either putting the flash chips back or installing new flash, then the device must be unlocked, a custom, hostile OS flashed, and finally the attacker can start the multi-year process.

Note that the 630-day figure I cited is on average. It would take twice that long for a guaranteed break.

Finally, if you add one more character to your passcode (7-character alphanumeric), the crack time jumps from 630 days on average to 124 years.

I agree that Lollipop FDE still needs some improvement, but it's already quite good.

Comment: Re:"Clean power foes"? (Score 3, Informative) 256

Dunald Trump has been trying to prevent Scotland from building an offshore wind farm because he says they would ruin the view from a golf course he's building on a protected area of sand dunes. Trump also thinks that wind farms cause something called Wind Turbine Syndrome.

Matter cannot be created or destroyed, nor can it be returned without a receipt.

Working...