Posts by Lou Gosselin

@An exploit can be critical for two reasons

That's correct, however because the exploit is physical, it's of limited practical use against general users of openssl. For example, on servers capable of decrypting their own data on bootup, physical access already implies data access.

Therefor a new physical attack vector, especially a difficult one, doesn't increase the group of unauthorized people capable of attacking the system.

This is problematic with DRM because the user who needs to open the content is supposed to be prohibited from knowing the encryption keys, however this goal is incompatible with encryption theory today which requires one to either have the keys or not.

Therefor DRM relies on faulty physical security and software obfuscation, which we already know are broken. We may yet discover an encryption algorithm weakness, but until we do another physical exploit only proves again that DRM is a faulty application of encryption for the purposes of true security.

@Ben 42

Thanks for responding.

"It depends on which password you're talking about."

Actually I was trying to understand what the password on lenovo laptops really protects.

"This seems to be what the article is referring to since replacing the motherboard wouldn't fix a forgotten HDD password."

Exactly, but when read in this context lenovo's statements about protecting data don't add up. Since they're willing to reset a user password to let the user boot up the machine, it would seem that protecting the data on the machine is not their concern. This is why I wondered if there was something special about these laptops I had overlooked.

@A level playing field

Microsoft does what every other big business does, uses it's sheer size to strong arm consumers and competitors to take control of markets. There's no denying that google and apple do it too. I don't want to be a "fan boy" for any of these big businesses, they're all corrupt and stop at nothing to make a buck even when it means off shoring jobs, letting quality slip, or bribing politicians for massive tax subsidies at our expense.

They're all very good at playing up public outrage towards each other as if just one company is responsible for all the problems, but really they all should be held accountable. A level playing field would offer much more choice since anyone could join the game regardless of political connections and financial affluence.

@Nitpick

You're absolutely right of course, it just got mixed up in parlance.

The firmware updater, which would likely run with root permissions, is able to update the bootloader which runs in "ring 0". For the purposes of installing trojans, root access is probably sufficient.

I own neither

http://www.theregister.co.uk/2010/01/25/playstation_cracked_wide_open/

"*Before anyone says it, making hardware modifications in order to be able to peek at the memory behind the hypervisor when running Linux doesn't really count as breaking the encryption."

Non of the modded consoles have broken encryption. Obviously, if they had broken the encryption, a hardware mod would be unnecessary. Both techniques would be a means to an end of running arbitrary software on the box, which is the goal.

The arbitrary software can be a game patch, a linux console, a home brew game, whatever.

@Apple hardware

Actually, now that apple's OS runs on commodity x86 platforms, it is quite trivial to "port" both the OS and VMs to "non apple hardware".

The incompatibilities which exist are 1) licensing and 2) deliberate technical impediments.

As for the technical impediments, those can be overcome as psystar and others have shown.

It will be news when Apple modifies their licensing to support non apple hardware.

Even Bulkier than 2008?

I sure hope it's not. Though I have no experience with 2010, the performance lost in moving from 2003 to 2008 is enough to make one want to pull their hair out waiting for VS to perform requested operation. That and it seems to lock it's own output files and stumble on itself during recompilation from time to time.

I sincerely would have hoped that the performance issues be addressed, but not from the sounds of it.

@Experts

"how come Opera as a closed-source browser is on more platforms than any other browser?"

I'll take you at your word that this is the case, but this says absolutely nothing about the quality or expertise of the open source community. It's not a fair assessment since many of the devices where opera is installed are closed platforms where open source developers are not welcome. I would argue that if these platforms were open and unlocked, then we would see a great deal of open source development on them.

For example, the iphone will likely never run mozilla or opera, but that's not because they don't have the expertise, it's because they're deliberately locked out.

@what's the problem

Consider two content distribution solutions, P2P versus centralized. With one, all traffic between ISP customers and a web host must travel over an expensive WAN for each consumer. With the other, ISP customers can exchange bulk files/streams locally with the WAN only needed to refresh stale content occasionally.

The peer to peer technologies developed in the past decade are faster, more robust, more efficient, and cheaper to operate than centralized servers. P2P can even use DRM to protect copyright as (in)effectively as centralized servers, so that's not a valid excuse to avoid P2P for content distribution.

Unfortunately google's business model of monitoring keywords and injecting customized ads into other people's content preclude it from effectively adopting the obviously better, more efficient P2P technology in bandwidth hungry applications like youtube. Viable P2P has existed in many forms since the days of napster without any commercial technical support whatsoever, so it's quite obvious the impediments are political rather than technical.

Now I wouldn't say google is alone in it's desire to build centralized services which they can control, but it is never the less guilty of pushing those centralized data centers in favor of P2P.

So, in a very real sense, depending on the proportion of bandwidth used by youtube, google's business model can be said to directly contribute to inefficient utilization of WANs. That's something we all end up paying for whether we want to or not.

This doesn't even touch on the argument that google consumes more bandwidth than it pays for as hinted in the article.

customer requests

I hear that, worse yet is when a client is made aware of vulnerabilities and declines to pay to fix them. I'm sure that I'm not the only programmer who's had the nightmare of inheriting a messy code base.

Bad code quality is a reflection of the trend for businesses to compete on price rather than quality. The problem is far more widespread than just software. Businesses can hire professionals who know what they're doing, or they can give the project to the cheapest developers to jerry-rig the thing together. There are plenty of us capable of doing the job right, but frankly until clients start to care about (and pay for) quality, our employment hinges on doing the work quick, dirty and cheap.

This is evidenced by the eagerness of western business to hand over critical business functions to offshore teams with whom they can neither communicate in real time nor communicate proficiently in the same language.

@sed gawk

Yours is the only reply worth responding to.

I agree wholeheartedly, that for a technology implementer such as yourself, there are many reasons use and contribute back to Linux.

However with regards to your statement about lock down...

"All of these were locked down tightly with only services related to management and application provisioning running. This resulted in a stable, secure, plug-in-and go device for the consumer and low management/deployment costs to the vendor."

I respectfully disagree, and I'll give you an instance where trusting the vendor doesn't work.

I purchased number of routers, which run linux, but prohibit user firmwares. They do not support wake on lan, which I'd like, but I was aware of this when I purchased them. I'd be content except for a persistent bug where all INFO packets on SIP ports are mutilated. It took a couple of tech support calls to finally acknowledge the bug. That was 8 months ago, and they still haven't fix their bug because I'm the small guy and they don't really care. The irony is that the new routers were indented to replace older models which did not have the bugs.

Due to their negligence, I've had to come up with my own solution (hack) of using non-standard SIP ports with these routers. I would have much preferred to compile my own firmware without the buggy SIP ALG and with WOL.

I also would never expect a vendor to support my custom firmware. Keep in mind that those of us willing and able to build our own firmwares generally don't care to go back to the vendor's firmware (ever), so I don't really buy the argument that we somehow cost the vendor more to use our own firmware.

Yes and No

I am one of those assembly language programmers possessing an "intimate knowledge of where the instructions meet the hardware". I am very fond of programming on bare metal, but I've had to incorporate platforms such as Java, .Net, PHP because that's where businesses are. This is where the security battles will need to be fought.

It's true that platforms have internal bugs (I'm looking at you PHP), and unmanaged languages can leave open low level overflow attacks (c). However in my experience most security bugs exist at a much higher level where low level hardware knowledge isn't applicable.

That said, I agree CS programs have been watered down, but this is a reaction to the markets no longer needing those skills. Until the market appreciates us more, I could not in good conscience advice a student to become an assembly language expert.

Sounds like flash isn't the real culprit

I despise flash as much as the next person. but in this case it sounds like flash was merely used to set the contents of memory to a known value. A separate exploit is still required.

Address randomization techniques serve only to make data structure overflows unpredictable (such that the attacker has a hard time figuring out where his malicious code will be loaded or should be loaded). Instead of running the hacker's code, randomization makes application crashes more likely. However the fundamental overflow bugs are still present.

Even with heap randomization, when enough of the heap can be initialized to contain malicious code, it could make successful overflow exploits much more likely. That's what it sounds like the case is here. Flash isn't the vulnerability, but a tool to prepare the heap for the attack.

In this regards, I wouldn't be surprised if other resources could be used in the same way to fill up the heap with binary code. A browser may allocate ram for java/javascripts/images/html/dom values/etc, any of which may actually be a wrapper for binary x86 code.

I value my freedom of choice, which is why I don't buy apple.

"Vendor lock is NOT a byproduct of Apple's success"

You have valid points, however I really have trouble believing that a much smaller apple would be capable of bringing such a restricted iphone/tabletpc platform to the market.

Ultimately, the only say I have is when I spend my own money on open products. If others buy into crippled products, that is their problem. Still, it disturbs me that, in the long run, buying patterns of other consumers can elevate locked platforms to the point where alternatives loose commercial viability and the locked platforms become the status quo.

I value my freedom of choice, which is why I don't buy apple.

@Engineering Director FAIL

"https can make your mail slower since encrypted data doesn't travel across the web as quickly as unencrypted data," Gmail Engineering Director Sam Schillace wrote

I noticed this as well. Especially as director of engineering, his words were poorly chosen. Though in his defense, maybe he was thinking that deep packet inspection at the ISPs would throttle the traffic because it was encrypted?

As for end to end HTTPS, that's a big duh. Plain HTTP has always been vulnerable to man in the middle, even if HTTPS is used to authenticate the HTTP session. Frankly we all should have know that well before the China incident.

@Fair Use?

The DMCA overrode that, people effectively don't have fair use rights any more.

In theory they do, but the technicalities of the DMCA mean they need to break the law in order to obtain a fair use copy.

@Big Yawn

That's what I was thinking, people who care about privacy lost it a long time ago.

Personally,

I prefer technical articles to the glamor articles which pass for news these days.

Technical articles are good, satirical entertainment is good, unfortunately I have to put up with the rest. The register used to stand out as a unique news source, but now I read it mostly as a matter of habit.

@Don't Panic

> 3) the control frequencies are not interfered with. Those are highly secure, and come from multiple redundant points.

Maybe you have inside information, but we're left to assume this is the case. For all we know it could be just as insecure.

> 4) hacking a drone, even if you could decrypt the signal, not only would rely on getting it to respond, but you'd have to know intimate details of the control signals.

Nobody should make this mistake, especially not the military. It's called security by obscurity. It doesn't work, just ask Skype.

> 5) it's not one computer, but 3, running on different hardware platforms and running on different OS. ALL THREE have to generate the same response at the same time in order for it to accept input. If one system goes rogue because it's been hacked, the other two ignore it, and the operator is informed a computer is down.

Again, maybe you have inside information, but this is presumptuous. And your paragraph contradicts itself internally. In your scenario, only two would need to be hacked. If it's the same application software being run on various platforms, it is likely that the application is equally vulnerable on each platform. If it's three separate application implementations, though not impossible, it would be incredibly difficult to ensure that each generates the exact same responses at the same time. This added complexity could actually increase the failure modes should the applications behave differently during a hack.

Besides, unless there are three separate control channels, it only needs to be hacked once to control all three implementations.

> Honestly, this is not a big deal.

I'm not panicking, but it is at the very least an embarrassment to have such a trivial vulnerability.