). This is prone to break various things
(multithreading, longjmp) and I am afraid a hypothetical implementation
would have to be quite heavyweight and messy in order to avoid breaking
them.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up
On Thu, 12 Jul 2012, Georgi Guninski wrote:
> Helped by m$, Fedora are actively working this to become true [2] [3]
Don't blame Sophie for her choice.
Blame Nazis for making her choose.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is com
uting to
> security breaches, etc. Whenever possible, IPv6
> address-/netblock-related information should be transmitted in written
> form, not verbally.
Spelling alphabets have been invented during WW1 (or even earlier). It
would be absolutely inappropriate to use such an antiquated soluti
aid firewall with well-formed,
> programatically-generated traffic.
Yup. We all know servers handle traffic without any of those
pesky state-tables that can be filled up with well-formed,
programatically-generated traffic.
--
Pavel Kankovsky aka Peak / Jeremiah 9:2
bits must be hashed) or to find it in some kind of cache
of verified certs (a positive result is needed here, therefore all bits
must be checked and match).
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(t
O(l) operations.
\Omega(l) + O(l) = \Omega(l).
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
___
Full-Disclosure - We believe in it.
Ch
zing feat in a printed book but the wonders of modern technology
will make it possible soon.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
_
On Sat, 18 Dec 2010, Victor Rigo wrote:
> It's not ineptness, it's what you get when you right software that can
> actually do stuff.
The bad news is security's made of the stuff one CAN'T do.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21
n of a set*id program with a transition to a
domain whose privilege to execute files is restricted.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
as far as to propose to erase ANY environment
variable upon the execution of set*id program. At least unless it is
allowed EXPLICITLY.)
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 2
On Sun, 19 Sep 2010, Georgi Guninski wrote:
> On Sun, Sep 19, 2010 at 06:21:35PM +0200, Pavel Kankovsky wrote:
> > On the other hand, It is possible to "detect all bad programs" if it is
> > allowed to err on the safe side and mistake some good programs for bad
> >
programs for bad
programs. An extreme example is to call all programs bad unless their
exact code appears on the list of known good programs.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edi
vendor improperly using strcpy?
Providing a very dangerous API to developers and advising them to avoid
the most straightforward way of using it is like giving a hand grenade to
kids and advising them to be very careful when they play with it.
--
Pavel Kankovsky aka Peak
e without your explicit approval.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
___
Full-Disclosure - We believe in it.
Charter: http://
<http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.117.5890>
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
___
Full-Disc
h
as Jacobi symbol).
An oracle can help you crack RSA private keys but it needs to be a
DECRYPTION oracle (viz Bleichenbacher attack).
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)...&
On Thu, 26 Aug 2010, Dan Kaminsky wrote:
> The question is whether they're supposed to execute code in this
> particular context.
I think the question ought to be: what authority and privileges shall be
granted to the code when it is executed?
--
Pavel Kankovs
s into executable files themselves.
This happens quite often and I find it very disturbing.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
___
; or "302 Object
> moved" answer) outputs double quote in Location header in plain (not in URL
> encoding) form.
Would you mind showing us the actual HTTP response generated your
script.php, esp. its body?
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
ills but I
admit I have not found a clear example affecting IT infrastructure
directly.
Replace interrupted power supply with expired domain registration and
you'll be able to find dozens of incidents, all of them affecting IT for
obvious reasons--and some of them involving big names like Mic
articular way it is used.
> Expiration is one of a number of serious and genuinely unique
> operational hazards in X.509.
When you fail to pay your electric bill every month, they will cut
your power supply. All your computers will stop working. Is it a
"genuinely unique operational hazard"
e lesson to be learned I talked about.
BTW: Between? What makes you think you have simply two contexts? :)
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
_
uld make up for the one-time cost of
> renewing some certs prematurely.
Many (if not most) CAs let you renew a certificate two or three months
before its expiration and give you the remaining time back. One who needs
to renew one certificate every other day can do it once in 2 or 3 months
in ba
On Sat, 17 Jul 2010, Dan Kaminsky wrote:
> In reality, it's a time bomb, of the sort that usually doesn't exist.
Have you never heard of passports?
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm).
s-than signs because we still
have not learned to keep control data and user data segregated.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
__
(*) In-band signalling in telephone networks.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
___
Full-Disclosure - We believe in i
makes a handful of login attempts against every indivial server, and
disconnects to never be seen again. The whole scenario repeats with a new
IP every minute or so. The set of servers is quite small, only cca 15 out
of many tens available in our whole network.
--
Pavel Kankovsky ak
e de Vigenere). :)
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok
quot;working" :) But point taken.
> The system needs to meet its functional requirements entirely the same
> after.
Sometimes the vulnerability itself is a functional requirement (or
considered to be one of them). Has anyone mentioned ActiveX?
--
Pavel Kankovsky aka Peak
contradict P-completeness of HORN-SAT because the
transformation of the original problem is allowed to make changes to its
input--such as to negate one of variables and turn a question of
nonequivalence into a question of equivalence (expressible with a Horn
formula).
--
Pavel Kankovsky aka Peak
system needs to work entirely the same after.
Not entirely. You want to get rid of the vulnerability.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
It might not work with up-to-date OpenSSL.
Fixing that is left as an exercise for the reader.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
#include
#include
#include
#include
eleased eight years ago. In other words, everyone has been screwed over
for eight years but no one paid attention to it until recently. This is
THE BAD THING. The fact kiddies may have learned about it a few days
earlier is mere annoyance.
--
Pavel Kankovsky aka Peak
me ago
and, indeed, I was able to do strange things with modifiers (Shift et al.)
but I do not recall whether it was possible to inhibit Ctrl+Alt+Del.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(
alue" might be very far from "optimal".
Secundo: Does "however deployed" includes "defunct"?
Tertio: User experience?!
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \
inaries to a server that is supposed to archive them for
future reference. Should these binaries be scanned by an anti-virus?
What do you think?
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..."
de
trojan. This means we can simplify the question as follows: Can antivirus
prevent an arbitrary piece of malicious code from entering the network?
And the answer is simple: No, it cannot. Stop fastening screws with a
hammer. It has never worked.
--
Pavel Kankovsky aka Peak
oaded page and able
to make arbitrary changes as per (1)?
The crash is a real (DoS) attack against the browser if and only if
the answer to both questions is negative. (Assuming the crash has no
consequences other than the loss of the page loaded into the crashed
tab.)
--
Pavel Kank
nu.org/philosophy/right-to-read.html
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21th century edition /
___
Full-Disclosure - We believe in it.
Charter: http://l
ort.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windows(tm)..." \ 21th century edition /
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
e vulnerable code (or protocol specification
or whatever) itself? After all, the vulnerable code (or protocol or
whatever) contains all the information needed to exploit it!
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up into our MS Windo
) without much
trouble.
> USB is probably safe.
B in USB stands for a bus. You could probably do some interesting tricks
when you find yourself attached to the same bus as a trusted device (like
a keyboard).
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
&
m_.
Cough, cough...
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
___
Full-Disclosure - We believe in it.
Charter: http://lists.
ly, the right way provides too few (if any) opportunities to
sell new shiny boxes so it is very unappealing for the "security
industry".
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open
important) components, never the other way.
It was not difficult. Was it?
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
nding inputs.
No. There has to be at least one output having an infinite number of
corresponding inputs but this does not have to hold for all output values.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare
On Sat, 26 May 2007 [EMAIL PROTECTED] wrote:
> On Sat, 26 May 2007 11:42:46 +0200, Pavel Kankovsky said:
> > From a theoretical POV, it might be possible do it with a program
> > requiring all memory of the tested system [...] to compute a correct
> > result. Several diffi
time into account
and allowing the simulation of extra memory as long as it is impossible
to do it quickly enough.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
___
Wow! I have always suspected their software is so bloated that it is going
to suffer a gravitational collapse sooner or later. Now it's official.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for a
1)q = pq(p-1).
QED.
Ok. Your "gypothesis" holds (sort of). We can factor N when we know its
factors. What a breakthrough. Perhaps Bill Gates will mention it in
"The Road Ahead II".
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resis
se a
program running for N units of time cannot consume more than N units of
memory (*) but this upper bound is too loose for most programs doing any
useful work.
(*) Or less than log_2(N) units of memory unless it is going to 1. read
more inputs from the outer world or 2. loop forever.
--Pavel Kan
ned. Please help make the gcc
> people fix this!
Helping people fix their broken code and teach them how to write
correct code might be more productive imho. :P
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and pr
onjecture.
It is obvious the problem (cracking MD5) can be reduced to SAT. But can
you reduce SAT to the problem? I am afraid it is impossible. (CNF formulas
of arbitrary complexity vs. a linear chain of fixed width linking multiple
instances of a fixed logical circuit. Who wins?)
--Pavel K
nd the vulnerabilities
themselves (or to hire someone else to do it under a NDA).
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
___
Full-Disclos
. Perhaps some Byzantine
"security-breach tolerant" systems?
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
___
Full-Disclosure
be able to make legal copies covered by fair use
either but who cares about fair use?
(**) Whether they could trust their computers before they inserted an
infected CD into them is an interesting but different question.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
*.metasploit.com requests.
The solution is easy: do not hardwire the domain, make it configurable,
and let people (who care) set up their own servers with their own domain
names.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your sour
e
"Root access on the target machine"? Are you serious?
Isn't "DBA access on the target database engine" enough for you?
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile
malware).
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-discl
server as soon as it sends the request
and replace it with a fresh "untainted" process handling (interpreting and
displaying) the server's response (of course, we'd have to trust the
server to never send the password back to the client, e.g to be 100% free
of XSS bugs...).
--P
mingly innocent piece of data
passed to that native code might trigger a bug (perhaps even a buffer
overflow) in it...
Unlikely (read: less likely than a direct attack vector) but still
possible.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is fut
. (The use of MAC to protect integrity is, in fact, an
afterthought.)
Properly implemented and configured MAC can prevent the leakage of
confidential (i.e. sensitive personal) information to (unauthorized) web
sites.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
&qu
ged code is very hard or
> even impossible (at least in the current Windows Architecture), so the
> only solution that I am seeing at the moment is to create sandboxes for
> managed and verifiable code.
I may be difficult on MS Windows. Been there, done that several times on
other platfor
> server so that the session can be set up. IOW, you get around the
> problems of trusting a cert, but you're back to storing passwords in
> plaintext.)
A moderate dose of modular exponentiation magic can overcome the need
to store plaintext passwords on the server. See SRP
arginal cases like when you want to build an
executable file intended to run on someone else's computer...)
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
ve also added Nmap as "potentially unwanted
> application" (http://vil.mcafeesecurity.com/vil/content/v_100955.htm)
[...]
Are we making a list?
You can add Symantec reporting a copy of Netcat as a "hacking tool".
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/
n't know what this stands for, and neither did the people at Cisco I
spoke with", esp. the 2nd part, is something I find rather unbelievable.
Perhaps Lynn did not talk to the right people at Cisco. Or perhaps Cisco
has already finished its transformation to the modern kind of bussines a
protecting Web servers and the computer running SQL Server"
(the other things they did were not supposed to protect them or what?).
No tweaking, indeed.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your
offer a service to sacrifice one
of their own PHBs instead of the client's one.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
___
F
69 matches
Mail list logo
