Privacy, Security Archive

A feature called System Management Mode included in modern x86 cpus opens the way to the land of kernel space and the quest for ring zero. Federico Biancuzzi interviews French researcher Loïc Duflot to learn about the System Management Mode attack, how to mitigate it, what hardware is vulnerable, and why we should be concerned with recent X Server bugs.

"Security and validation are critical issues in computing, and the next fifty years will be harder than the last. There are a number of proven programming techniques and design approaches which are already helping to harden our modern systems, but each of these must be carefully balanced with usability in order to be effective. In this talk, Alan Cox, fellow at Red Hat Linux, explores the future of what may be the biggest threat facing software engineers, the unverified user."

ISECOM is an open, collaborative, security research community established in January 2001. Recently, Pete Herzog, founder of ISECOM and creator of the OSSTMM, talked about the upcoming revision 3.0 of the Open Source Security Testing Methodology Manual. He discusses why we need a testing methodology, why use open source, the value of certifications, and plans for a new vulnerability scanner developed with a different approach than Nessus.

In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit."

"Security company Trustware has a product that takes a new approach on protecting the end users. BufferZone is centered on a concept of virtualization technology, that creates a whole new secluded environment on your computer. After installing the software, you are guided through a mini presentation that introduces you to the process of setting up your BufferZone. Although usage of terms like 'virtualization' and 'buffer' might be a bit complicated for the average PC user, the concept is very easy to comprehend and to setup."

As crazy as it sounds, a member of Microsoft's security team has blasted Apple for failing to coordinate its security efforts and to issue proper security advice. Stephen Toulouse, communications manager for Microsoft's security response team, has blogged that Apple needs a "security czar" to batten down the hatches against an growing number of attacks on the company's OS X.

Researchers at eEye Digital Security have pinpointed two high-risk vulnerabilities in iTunes and QuickTime that could put millions of Windows and Mac users at risk of code execution attacks. eEye issued two alerts on its upcoming advisories web page to warn of heap overflows and integer overflows in the two Apple products. eEye said the vulnerabilities affect QuickTime/iTunes on Windows NT, Windows 2000, Windows XP and Windows Server 2003. Mac OS X users are also vulnerable to the code execution attacks.

It's official, boys and girls: it's easier to kick in a door when it's open. "A test has revealed that a Linux server is far less likely to be compromised. In fact, unpatched Red Hat and SuSE servers were not breached at all during a six-week trial, while the equivalent Windows systems were compromised within hours. However, patching does make a difference. Patched versions of Windows fared far better, remaining untouched throughout the test, as did the Red Hat and Suse deployments."

Design flaws account for 50% of security problems. You can’t find design defects by staring at code—a higher-level understanding is required. That’s why architectural risk analysis plays an essential role in any solid software security program. Find out more about architectural risk analysis in this sample chapter. Also, Matthew Heusser and Sean McMillan are convinced that it takes smart people to develop good software that makes money. Where do you find smart people? You don't find them; you make them! Matt and Sean provide some fundamental rules for doing just that.

"In this HowTo I will show how to install and configure DenyHosts. DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. DenyHosts can be run by cron or as a daemon. In this tutorial I will run DenyHosts as a daemon."

After two years of work, since the 3.50 release, Fyodor announced the Nmap Security Scanner version 4.00. Changes since version 3.50 include a rewritten (for speed and memory efficiency) port scanning engine, ARP scanning, a brand new man page and install guide, runtime interaction, massive version detection improvements, MAC address spoofing, increased Windows performance, 500 new OS detection fingerprints, and completion time estimates. Dozens of other important changes - and future plans for Nmap - are listed in the release announcement. Fyodor also gave an interview on 4.00.

"This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of."

"The United States Computer Emergency Readiness Team released its year-end summary of computer vulnerabilities. While Windows is regarded as the most insecure operating system, the US-CERT found four times as many vulnerabilities specifically related to Unix and Linux. Of 5198 reported flaws, 812 were for the Windows, 2328 for Unix and Linux, and 2058 more affected more than one operating system. Notably missing from the list of Windows vulnerabilities is the recently discovered Windows Metafile issue. No vulnerabilities were listed for Apple's Mac OS X, however several had been disclosed during the year. Also, since OS X is based on Unix, it is vulnerable to some of the flaws associated with its core operating system." Note: The link is fixed. I have no idea what happened there, sorry guys!

BentUser takes a look at OS-level DRM in upcoming operating systems, particularly Windows Vista. Protected video path, PVP-UAB and PVP-OPM, have the potential to be really obnoxious, eclipsing any annoyances one experiences with current DRM technologies.