* Posts by Logiker72

40 publicly visible posts • joined 7 Jun 2021

No change control? Without suitable planning, a change can be as good as an arrest

Logiker72

Re: Aerospace, Medical, Automotive, Railways

https://en.wikipedia.org/wiki/Flight_control_modes

http://peterklant.de/wp-content/uploads/2019/05/PF-2019-03-A380-Flightcontrol-System.pdf

https://en.wikipedia.org/wiki/DO-178B

https://en.wikipedia.org/wiki/Software_verification

Logiker72

Re: Aerospace, Medical, Automotive, Railways

Essentially, a safety-critical control unit does have an automated test system (often call HIL Simulator) which is testing each and every feature of the control unit, as specified in the requirements document. So for each piece of software there exists a mirroring piece of test case software in the HIL system.

https://de.wikipedia.org/wiki/Hardware_in_the_Loop

Each requirement is numbered and change controlled.

New requirements must be assessed. documented and tests written for the automated test.

Each new SW release must be fully tested against the automated test battery before it is tested in vehicle/test patient/aircraft.

Critical modules of software must have a sufficient battery of Module/Unit Tests to check the Module requirments. Which are also nicely written down in a system like DOORS or Polarion.

All test cases must be green before released into service with normal passengers/patients.

If you do this for IT-class software, you can have similar quality levels.

Logiker72

Aerospace, Medical, Automotive, Railways

These industries manage to specify, design, test and produce rather reliable and safe machinery. Including lots of complex software such as ABS brakes and flight control computers with full authority to move control surfaces, engine valves etc.

Boeing messed up MCAS, but thousands of other control unit types (and dozens of millions of instances) nicely work in cars, airplanes, patient monitors and so on. Most of us use an ABS brake every day.

So we know almost perfect quality is possible. It is a matter of documentation, skilled engineers, sufficient and skilled testing. Sufficient project funding and time, of course. That is the good news.

Bad news is that non-safety critical development operations are managed by cheapskates and idiots in most instances.

Some further reading:

https://en.wikipedia.org/wiki/V-Model

https://en.wikipedia.org/wiki/ISO_26262

Linus Torvalds tells kernel list poster to 'SHUT THE HELL UP' for saying COVID-19 vaccines create 'new humanoid race'

Logiker72

I am sure this is the line of thinking behind William Gates' pharma investments.

Logiker72

Linus Thorvalds and William Gates Agree

What does that mean ? Linux now also a quick&dirty technology show ?

An anti-drone system that sneezes targets to death? Would that be a DARPA project? You betcha

Logiker72

Re: Seems DARPA is several years behind the threat.

This is cutting edge technology. India had to pay premium for access to kill-capable robot AI technology.

Incremental HW costs for a lawn-mower-engine powered aircraft are certainly closer to 200k$.

Logiker72

Re: Armenian War

China is very impressed, too:

https://www.youtube.com/watch?v=SaahLPoSLoA

Logiker72

Re: Armenian War

https://www.youtube.com/watch?v=j4xr98ae5w0

Robots have already won a war, just the sleepy folks around the globe haven't figured yet.

Logiker72

Armenian War

If reports are to be believed, HAROP destroyed the Armenian tanks and even air defence guns/launchers. It won the war for the Turk(ic)s.

Armenia has ZSU23s and the more modern Truck-based radar flak weapon. Was apparently useless against heavy turkic jamming and the HAROPs which are operating like self-controlled robots.

Logiker72

Lame

The Israeli "IAI Harop" is not using helo rotors. Rather it is a miniature plane which comes down Stuka-/Kamikaze like in the final few seconds.

https://www.youtube.com/watch?v=9V9mbC-Esmg

Seems DARPA is several years behind the threat.

And dont believe for a second this is not a problem because Israel is on your side. Others can recreate the Harop with moderate resources and finances.

AWS Frankfurt experiences major breakdown that staff couldn’t fix for hours due to ‘environmental conditions’ on data centre floor

Logiker72

European Alternatives to Oligopoly

Hetzner

OVHCloud

1&1

And quite a few more, according to https://www.websiteplanet.com/fr/web-hosting/

I used Hetzner and OVHCloud. Both worked very nicely and reliably.

And yes, always have a suitable backup strategy. Data centers do burn down then and now. You need at least three copies of each important record/file. Each copy in a different location or preferrably, a different service provider.

Seven-year-old make-me-root bug in Linux service polkit patched

Logiker72

Linux Alternatives

OpenBSD

FreeBSD

seL4

FBI paid renegade developer $180k for backdoored AN0M chat app that brought down drug underworld

Logiker72

Re: A job well done

They usually do NOT do dumb things. Also, where does the fish smell come from ?

Logiker72

Bernie was a rookie. Look for Richard Fuld. He knew all the machinations had to go through lawyers.

He got a career in finance after hitting his commanding officer in the face.

Still living in his country castle. Not a day jail, as far as I know. Maybe three days in the air force...

Logiker72

Did you ever figure the FBI could protect defectors from much more dangerous orgs ?

Do you know their headcount ?

Logiker72

Day three: assume an army of grim looking, short-haired men in half-civil outfits showing up on your walk to work. Making you shut up.

Logiker72

Re: Mystery dev

If they can protect KGB defectors, they can protect this guy, too. The guy must keep a low profile, though. No facebooking, Instagramming etc.

Logiker72

"We have ways to protect our folks" - FBI.

Extra urgency in June's Patch Tuesday: Microsoft warns six more bugs are being exploited

Logiker72

All Adobe Bugs: C Artifacts

That is what I gather.

Recode the source in Rust !

China's ISCAS to build 2,000 RISC-V laptops by the end of 2022 as nation seeks to cut reliance on Arm, Intel chips

Logiker72

Re: Sponsored content?

You forgot their MIPS variant Loongson. I wonder why they dont push this horse, as this is their local champion ?

Logiker72

Re: Closed Source

They will always be able to purchase a few thousand high end CAE workstations by unofficial means.

But they have a hard time flooding the planet with hundreds of millions of Wintel laptops while Uncle embargoes them.

So they look for one more replacement, after the Loongson thing.

Logiker72

Re: Interesting thought...

Did it ever occur to you that there are very nice doors hidden in plain sight ?

It even worked very crudely in OpenSSL for a decade or so.

In Yacc they found a bug after 20 years.

Logiker72

Re: I'll buy one.

Where does Linux and Android come from, again ?

Logiker72

Yawn

Wake me up when they stop copying Android and Linux. And finally have some original ideas of their own.

Security researcher says attacks on Russian government have Chinese fingerprints – and typos, too

Logiker72

Go Deeper !

...into this rabbit hole. I am sure you can find North Koreans and Munichians down there !

Intel's latest patch set plugs some serious holes in CPU, Bluetooth, server, and – ironically – security lines

Logiker72

Lock ALL of it

...behind a firewall you can trust. Dont use Intel CPUs for the firewall.

Fastly 'fesses up to breaking the internet with an 'an undiscovered software bug' triggered by a customer

Logiker72

Re: If queasy, take it easy and just check to make sure it is nothing to do with you.

Hi Mars, you still try to find patterns in the randomness of half baked software ?

Why dont you try to find patterns in nature. Much more complex and interesting.

I always find it extremely refreshing to walk in the forest for some hours.

Cotswolds for you ?

Logiker72

Re: Fastly? We now know who they are, and where they live

Fastly sounds like a Donald Word.

Logiker72

DSL Modem, RPI, DynDNS

That is in most cases more than good enough to run your own Web server.

No need for a megacorp to control you.

Uncle Sam recovers 63.7 of 75 Bitcoins Colonial Pipeline paid to ransomware crew

Logiker72

Re: Something doesn't smell right about this

BTC is stored on ordinary computers. Said computers* have cyber weaknesses. FBI and the rest of gov own stashes of exploits. So they used an exploit to read the contents of the bad guy computer. As part of this operation, they got the wallet key and all other keymat, such as passphrase and account pw.

*yeah,even Linux and xBSD

What to do about open source vulnerabilities? Move fast, says Linux Foundation expert

Logiker72

FALSE

The interpreter can simply count instructions executed and the amount of octets allocated. File access primitives can limit the scope of files to be accessed. It will absolutel HALT after the max number of instructions executed.

No need for OS-level sandboxing. It would not hurt as an additional measure, though.

Logiker72

Re: Stop Using C and C++

Several people/orgs (including Microsoft) have made a statistical analysis of the CVE database and found that about 70% of exploitable bugs would not happen in a memory safe language. Mozilla invented Rust for the same reason.

You are free to do the same.

Finally, your attempt at godwinning the discussion is not ingenious.

References:

https://www.zdnet.com/article/microsoft-70-percent-of-all-security-bugs-are-memory-safety-issues/

https://www.techspot.com/news/85368-google-70-percent-serious-security-bugs-memory-safety.html

https://msrc-blog.microsoft.com/2019/07/18/we-need-a-safer-systems-programming-language/

Logiker72

"Turing Complete"

Even if you (say) create a turing complete scripting engine, you can still prove mathematically that ANY script will

A) consume only as many instructions it is allotted

B) consumes only as much memory as allotted

C) accesses only a small subset of files

Even if that script comes from a fully hostile adversary.

Logiker72

Non C OS Kernels

As the C fans will claim that all OS kernels must use C, here is a small list to prove otherwise:

https://en.m.wikipedia.org/wiki/ICL_2900_Series

https://en.wikipedia.org/wiki/Burroughs_large_systems

https://en.wikipedia.org/wiki/Singularity_(operating_system)

https://en.wikipedia.org/wiki/HP_Multi-Programming_Executive

Logiker72

Not Always

If an application developer uses pcre to check the input for being correct(read: secure), that is proper engineering.

If the pcre developers use C and have bugs in their code, that says something about the pcre devs.

Logiker72

K.I.S.S.

If you can decompose the system at hand into small parts, you might be able to prove the correctness of the small parts and then proof the correctness of the system as a whole.

Or the other way around: Excessive complexity bears insecurity.

Logiker72

Thanks

For pointing out that a large subclass of programs can indeed be proven correct. The "Turing" argument usually comes from people who want to absolve themselves from implementing any additional measures to improve security. Like C developers who are unhappy of learning Rust.

Logiker72

More Good Habits

+ formally defined data formats (e.g. EBNF, Regex)

+ strict scanners+parsers instead of "error tolerance"

+ integer types which generate exceptions on under- and over-flows

+ sandboxing apps. Why does Word (and the word virus you just contracted) have access to you engineering files ? AppArmor, Sandboxie, Apples sandbox, Linux security modules, ...

+ K.I.S.S. principle. The less features your SW has, the less bugs it will prolly have

+ fomally verified, minimalist OS kernels such as seL4. A bug in the tcp stack corrupts only the TCP subsystem and does not result in a takeover.

Logiker72

Stop Using C and C++

70% or more of the exploitable CVE bugs are related to the "undefined behaviour" which comes from the C and C++ languages. A simple index error in the kernel will often yield total control to an attacker. We had "ping of death" and "gethostbyname() kernel takeover".

Face it, all human programmers make mistakes, because they are tired, sick from the flu, had a squabble with the wife. etc. There will always be these 70% of bugs if we continue to use C and C++.

Mathematical proof is too expensive/unheard of for most application fields, so we can rationally exclude that option.

Rust, Swift, Java, C#, Vala and some others are the way to go.

Strong typing both at compile and runtime and we can eliminate 70% of bugs !

Here is Tony Hoare saying the same thing: https://www.infoq.com/presentations/Null-References-The-Billion-Dollar-Mistake-Tony-Hoare/