Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Researcher's Death Hampers TCP Flaw Fix

timothy posted more than 5 years ago | from the sad-news-and-bad-news dept.

Security 147

linuxwrangler writes "Security researcher Jack Louis, who had discovered several serious security flaws in TCP software was killed in a fire on the ides of March, dealing a blow to efforts to repair the problem. Although he kept good notes and had communicated with a number of vendors, he died before fixes could be created and prior to completing research on a number of additional vulnerabilities. Much of the work has been taken over by Louis' friend and long-time colleague Robert E. Lee. The flaws have been around for a long time and would allow a low-bandwidth 'sockstress' attack to knock large machines off the net."

cancel ×

147 comments

Sorry! There are no comments related to the filter you selected.

Come on... (-1, Flamebait)

Jonah Bomber (535788) | more than 5 years ago | (#27509569)

April 1 was a week ago.

Re:Come on... (3, Insightful)

Sir_Lewk (967686) | more than 5 years ago | (#27509675)

Screw off you insensitive clod.

Re:Come on... (1)

mamono (706685) | more than 5 years ago | (#27509845)

That was my first thought reading the summary. I mean come on:

The Ides of March
Colleague "Robert E Lee"
Low bandwidth attack that can take down large servers?

I suppose we should all beware the Ides of March. Et tu, Bruce Schneier, et tu?

Re:Come on... (1)

Lennie (16154) | more than 5 years ago | (#27510583)

The attack is very real.

Re:Come on... (1)

JO_DIE_THE_STAR_F*** (1163877) | more than 5 years ago | (#27509895)

Exactly what I thought when I first read this. There is just to much seemingly made up stuff in the story. He died on the ides of March, his colleague is Robert E. Lee, and even his name seems made up for some reason. I went so far as to check out his facebook memorial and this still seems off to me.

Still condolences to his family.

Re:Come on... (0)

Anonymous Coward | more than 5 years ago | (#27512205)

It's worse than an April fools joke. It's the new Dan Brown novel!!!

Accidental Death? (3, Funny)

nurb432 (527695) | more than 5 years ago | (#27509575)

Or was he silenced?

Re:Accidental Death? (-1, Offtopic)

MindlessAutomata (1282944) | more than 5 years ago | (#27509665)

Jews did Jack Louis.

Re:Accidental Death? (0)

Anonymous Coward | more than 5 years ago | (#27510571)

Ew.

Re:Accidental Death? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27512251)

It could have been autoerotic asphixiation, which was one of the rumors surounding the death of W. Richard Stevens. Interestingly, as many Slashdot old timers remember, many /. posts regarding the evidence in that case were deleted by Rob Malda. It seems that slashdot is willing to foresake journalism in order to cover up the curious events in the lives of favored uber-geeks.

Re:Accidental Death? (1)

bridgeco (1385677) | more than 5 years ago | (#27512447)

UDP strikes again!

Re:Accidental Death? (1)

CarpetShark (865376) | more than 5 years ago | (#27512887)

Accidental Death? Or was he silenced?

He was killed in a fire. Clearly his research led him to discover that TCP had a back door, created by fire Daemons who live on the Sun, due to jealousy over *BSDgirls' net-wide successes.

Geez (1)

elrous0 (869638) | more than 5 years ago | (#27509611)

Is there anything Robert E. Lee CAN'T do?

Re:Geez (4, Funny)

PotatoFarmer (1250696) | more than 5 years ago | (#27509643)

Win the civil war?

Sincerely,
a smug Yankee.

But... (5, Funny)

Roger W Moore (538166) | more than 5 years ago | (#27509947)

I thought you Americans did win that one?

Re:But... (-1, Redundant)

Sir_Lewk (967686) | more than 5 years ago | (#27510085)

Both sides were Americans, that's why we call it the American Civil War.

Re:But... (1, Funny)

Anonymous Coward | more than 5 years ago | (#27510167)

As opposed to the American uncivil war?

Re:But... (0, Funny)

Anonymous Coward | more than 5 years ago | (#27510273)

The one in Iraq?

Re:But... (2, Funny)

Anonymous Coward | more than 5 years ago | (#27512141)

LA

woooooooooosh! (2, Insightful)

RiotingPacifist (1228016) | more than 5 years ago | (#27510361)

n/t

Re:But... (1)

Hordeking (1237940) | more than 5 years ago | (#27511419)

Both sides were Americans, that's why we call it the American Civil War.

It wasn't very civil. And we lost. The president used it as a way to usurp power from the states beyond question.

Re:But... (1, Insightful)

Anonymous Coward | more than 5 years ago | (#27512259)

... such as the right to own slaves.

Re:But... (1)

jgtg32a (1173373) | more than 5 years ago | (#27512031)

I'm fairly certain that he's making a joke about the French and the last war they won was the revolution.

Re:But... (1)

Roger W Moore (538166) | more than 5 years ago | (#27513205)

Really? From what I heard it was far from civil.

Re:But... (1)

PitaBred (632671) | more than 5 years ago | (#27510365)

Talk to a lot of people in rural Georgia and Alabama and such, and though they're Americans they'll still tell you they lost the war.

Re:But... (1)

Tomy (34647) | more than 5 years ago | (#27511037)

But they don't call it the Civil War, rather "The War of Northern Aggression," which apparently was fought for "States Rights."

Re:But... (1)

the_denman (800425) | more than 5 years ago | (#27511289)

they didn't loose, they are just bideng their time till they can rise up again!

Re:But... (1)

Dreadneck (982170) | more than 5 years ago | (#27512019)

T-shirt idea:

"Rebel Condoms - Because the South shall rise again." printed around a condom package with a rebel flag on it.

Re:Geez (1)

oldhack (1037484) | more than 5 years ago | (#27509687)

Don't get killed in a fire?

I blame the CSA (4, Funny)

Hoi Polloi (522990) | more than 5 years ago | (#27509641)

Much of the work has been taken over by Louis' friend and long-time colleague Robert E. Lee.

Clearly this was the result of a conspiracy by veterans of the civil war. I hope the other researchers, Grant and Lincoln, hear about this.

Re:I blame the CSA (1)

moderatorrater (1095745) | more than 5 years ago | (#27510661)

Dare you impugn the honor of Robert E. Lee, good sir? He may be our enemy, but that doesn't mean he's not a gentleman!

Re:I blame the CSA (0)

Anonymous Coward | more than 5 years ago | (#27510677)

The Canadian Safety Association had nothing to do with this, I assure you.

With Love,
Canada

P.S: Please don't blame our country anymore, it's getting tired.

Re:I blame the CSA (1)

Dreadneck (982170) | more than 5 years ago | (#27512051)

CSA stands for the Confederate States of America. Had he been referring to Canada, he would have used a term of endearment such as 'Canuckistan'.

Re:I blame the CSA (0)

Anonymous Coward | more than 5 years ago | (#27511497)

They would but Lincoln was told a secret so powerful it blew his mind, so he's left the project.

Grant would find out about it but he's been distracted, his own series of tubes are out of wack.

Robert E. Lee (5, Insightful)

verbalcontract (909922) | more than 5 years ago | (#27509645)

Was it necessary to refer to his colleague as Robert E. Lee? Now we're going to get a ton of "South will rise again" jokes.

Re:Robert E. Lee (1)

Professor Fate (1075913) | more than 5 years ago | (#27509865)

Assuming this is accurate, the guy could go by Bob Lee or even Robert Lee. The only reason to add the E is for attention.

Re:Robert E. Lee (0)

Anonymous Coward | more than 5 years ago | (#27509877)

Was it necessary to refer to his colleague as Robert E. Lee? Now we're going to get a ton of "South will rise again" jokes.

So I shouldn't say anything about Viagra being sold in bait shops?

Re:Robert E. Lee (2, Informative)

Anonymous Coward | more than 5 years ago | (#27509879)

I knew jack pretty well, this flaw is legit. Robert E. Lee (aka jrl) was in fact his partner, but in many people's opinions, he rode jack's successes.

This story is really very sad, jacks passing was something that happened in the middle of the night with no warning, he was in the prime of his life and a VERY bright guy.

Robert E Lee is a real name by the way.

Re:Robert E. Lee (0)

Anonymous Coward | more than 5 years ago | (#27510603)

How did he pass on? He wasn't all that old, 31/32 years old.

Re:Robert E. Lee (1)

FishWithAHammer (957772) | more than 5 years ago | (#27511097)

Says right in the summary...

Re:Robert E. Lee (1)

religious freak (1005821) | more than 5 years ago | (#27511111)

RTFS

Re:Robert E. Lee (1)

geekoid (135745) | more than 5 years ago | (#27510587)

AS if saying "The South will rise again." isn't a big enough joke.

Re:Robert E. Lee (0)

Anonymous Coward | more than 5 years ago | (#27511945)

Keep thinking that when you lose your job but I keep working. Don't need you down here, already hosting too damn many of your cousins.

Besides what would yankee land do without all that tax on your payroll, real estate, etc.

--
Southernboy
~G_d made Texas HOT to keep the sissies out.

Re:Robert E. Lee (1)

frank_adrian314159 (469671) | more than 5 years ago | (#27511485)

Now we're going to get a ton of "South will rise again" jokes.

I hope they do rise again. This time we'll let them go.

-- Another Smug Yankee

Dang low bus factors! (5, Interesting)

mrbene (1380531) | more than 5 years ago | (#27509649)

Less than a week ago is was Rick752 [slashdot.org] . Now this one. Definitely reinforces the importance of collaboration, and the fragile nature of ideas.

Original /. story (2, Informative)

stevied (169) | more than 5 years ago | (#27509683)

New Denial-of-Service Attack Is a Killer [slashdot.org] (01 October 2008)

Re:Original /. story (1)

BitZtream (692029) | more than 5 years ago | (#27509729)

Still waiting for it to kill something ...

Re:Original /. story (1)

Arancaytar (966377) | more than 5 years ago | (#27512293)

Still waiting for it to kill something ...

The one person who was going to fix the flaw was killed under mysterious circumstances. COINCIDENCE? I THINK NOT!! :P

the fire was started by (-1, Offtopic)

circletimessquare (444983) | more than 5 years ago | (#27509725)

marcus junius brutus

or perhaps ulysses s. grant

Re:the fire was started by (1)

ducomputergeek (595742) | more than 5 years ago | (#27511813)

More likely it was Shermen

Its been around for a while (1)

ravster (1358439) | more than 5 years ago | (#27509733)

... so I guess this guy passing away shouldn't make us too worried.

Died of smoke inhalation (0)

Anonymous Coward | more than 5 years ago | (#27509759)

It's like his lungs were DoSed.

Beware the Ides of March! (2, Funny)

Anonymous Coward | more than 5 years ago | (#27509787)

Suspect is a guy name Brutus, last seen wearing a plain white bedsheet.

Now you know... (1, Funny)

Gizzmonic (412910) | more than 5 years ago | (#27509807)

It's not a joke when you tell someone to DIAF on the Internet. What if someone told him that before he died? Think of how guilty they'd feel now!

Brutus set the fire (0)

Anonymous Coward | more than 5 years ago | (#27509863)

He should have bewared the Ides of March.

Re:Brutus set the fire (2, Funny)

Red Flayer (890720) | more than 5 years ago | (#27509905)

He should have bewared the Ides of March.

Idiot. The correct grammar is:

He should have beworn the Ides of March.

What the fuck (5, Insightful)

Godji (957148) | more than 5 years ago | (#27509909)

So a good scientist dies and all Slashdotters can do is attempt whoring out a +5 Funny with lame jokes?

My high regard for the Slashdot community is obviously misguided.

It's a great loss for the research community and my condolences go to his family. And really, that's a nasty way to go... :(

Re:What the fuck (5, Funny)

momerath2003 (606823) | more than 5 years ago | (#27509959)

High regard for the Slashdot community? Wow, dude, you seriously are misguided.

Re:What the fuck (2, Insightful)

summner (735993) | more than 5 years ago | (#27512041)

I believe something has happened to the slashdot community in recent times. It seems as if it became polluted or diluted, with people thinking of themselves as geeks or nerds or whatever, but being neither.
I see history repeat it self as it happened with Digg, the only difference - Digg started from level which slashdot is currently at.
I think it might be a good time for me too look for new web 2.0 news source which has for instance some kind of IQ level discrimination. Or drop this unproductive habit of mine whatsoever.
PS I hardly ever LoL'ed at any +5 Funny post here.
PS/2 I really just don't get the culture of lol, a fucking smirk is not laughing out loud goddammit.

A man has died, and you fucking joke about it because he had a friend named Robert E Lee. Well if it wasn't for your stupid American movies I wouldn't even have any idea who Lee was.

Re:What the fuck (1)

Archangel Michael (180766) | more than 5 years ago | (#27513341)

PS/2? That machine sucked!

Re:What the fuck (1)

Idiomatick (976696) | more than 5 years ago | (#27509979)

Go for a !funny tag? or... peoplearejerkfaces

Re:What the fuck (0)

Anonymous Coward | more than 5 years ago | (#27510015)

I hope you realize that whoring based on pseudo-moral smugness isn't much better than whoring based on lame jokes.

Re:What the fuck (0)

Anonymous Coward | more than 5 years ago | (#27510065)

Being all serious won't bring him back.

Re:What the fuck (0)

Anonymous Coward | more than 5 years ago | (#27510209)

But it worked for Jesus!

Re:What the fuck (4, Funny)

eln (21727) | more than 5 years ago | (#27510379)

But it worked for Jesus!

Actually, Jesus came back from the dead for the sole purpose of taking his revenge out on all those lamoids who kept shouting out "Hey Jesus, how's it hangin'?" while he was up there on the cross. He spent most of his time between the resurrection and his final ascension into Heaven giving out wedgies and telling people to "stop hitting themselves".

Of course, much of that has been lost in the various translations of the Gospels.

Re:What the fuck (0)

DeathMagnetic (1365763) | more than 5 years ago | (#27510131)

My high regard for the Slashdot community...

Well THERE'S your problem.

Re:What the fuck (0)

Anonymous Coward | more than 5 years ago | (#27510223)

From the photos/posts on his facebook site/friend's blog he seems to have been surrounded by friends and held in high regards.
There is no greater tribute to this guy's life than the number of folks who appeared to know him and were felt they were privileged to call him a friend.

He alos appears to have been an uber-geek. A rare mix - almost a unicorn.

Whoring out for +1 Funny Mods... (1)

Burning1 (204959) | more than 5 years ago | (#27510275)

Comment whoring for +1 funny mods is like pimping out your girlfriend for monopoly money.

Re:Whoring out for +1 Funny Mods... (1)

RabidMoose (746680) | more than 5 years ago | (#27510777)

Hilarious, pointless, and likely to destroy somebody's life?

Re:What the fuck (2, Interesting)

Haley's Comet (897242) | more than 5 years ago | (#27510307)

The upside to this (if there is to be one) is that most people can die in their sleep in a fire. Smoke inhalation can kill you without you waking up. Let's all hope he never awoke.

On the utter downside, we all seem to be losing bright minds. We lost Hans Reiser [wired.com] , Rick752 [slashdot.org] , PCLinuxOS lost N1PTT (Robert Green) [pclinuxos.com] just to name a few more.

It just goes to show you how fragile life really is. Some chose to celebrate it with us other geeks and share some code and what not. I thank you all that do!

Shitty year for us all I guess?

Re:What the fuck (5, Insightful)

maxume (22995) | more than 5 years ago | (#27510781)

150,000 strangers died today. Picking 5 of them and feeling bad about it is awful damn close to insanity.

Re:What the fuck (3, Insightful)

Tridus (79566) | more than 5 years ago | (#27510337)

People react in different ways to news like this. There's nothing wrong with making jokes, especially since a lot of us had no idea who he was.

200 posts of "my condolonces" doesn't make for interesting reading.

Re:What the fuck (2, Insightful)

ivoras (455934) | more than 5 years ago | (#27510451)

If statistic's having anything to say, he would probably, as a geek, rather be remembered for the "Great Ides Of March Slashdot Postfest" than for a bunch of eulogies and condolences from unknown people.

Re:What the fuck (1)

DittoBox (978894) | more than 5 years ago | (#27510577)

What's sad is the fact that +1 funny has no effect on karma at all.

Re:What the fuck (1)

DittoBox (978894) | more than 5 years ago | (#27510597)

Shit, that came out wrong. I meant to say that it's sad that people whore for karma that they won't even get, and do so regarding something so serious. I agree with the (now) GP, really a shame.

Re:What the fuck (3, Funny)

Anonymous Coward | more than 5 years ago | (#27511297)

What, like RST in peace?

Re:What the fuck (1)

Frankie70 (803801) | more than 5 years ago | (#27512149)

So a good scientist dies and all Slashdotters can do is attempt whoring out a +5 Funny with lame jokes?

Technically, you can't call it whoring. Sleeping around, maybe.
Because getting Moderated Funny doesn't increase your Karma.

From the FAQ [slashdot.org]
Note that being moderated Funny doesn't help your karma. You have to be smart, not just a smart-ass

Here's the guy... (5, Informative)

tjstork (137384) | more than 5 years ago | (#27510041)

Well, everyone's having a good laugh at the expense of the death of this guy. May as well laugh at a picture of him. [unicornscan.org]

Naptha all over again (3, Informative)

drwho (4190) | more than 5 years ago | (#27510083)

This problem was demonstrated in 2000, with the NAPTHA software and its demonstration that the problem is not academic. Yes, before NAPTHA, there was some software that could demonstrate the issue but this software had issues itself (written in perl, kept state) which limited its effectiveness. SockStress is just NAPTHA revisited.

I have a fix for this problem, but there's not enough room in the margin to describe it.

Re:Naptha all over again (1)

TubeSteak (669689) | more than 5 years ago | (#27511623)

Can you guarantee that the fix will be rolled out to everyone at the same time?

Because this just seems like it's going to cause chaos once it is reverse engineered.
See: Conficker [wikipedia.org] which is attacking the estimated 30% of unpatched Windows PCs

At some point, something epic is going to happen and we'll end up with:
A. OSes take away your control over updates, or
B. ISPs take away your access unless you are updated

Then again, there's also the remote possibility that windows/linux will become resistant to remote and local exploits.

Re:Naptha all over again (2, Informative)

pyrrhonist (701154) | more than 5 years ago | (#27511977)

Can you guarantee that the fix will be rolled out to everyone at the same time?

The fix has already been rolled out long ago.

Do you know what the fix is? Source address level filtering [www.cert.fi] . It's that simple.

This attack is less of a threat than SYN flooding attacks, because the attacker's address can't be spoofed. More information from Fyodor [insecure.org] .

Re:Naptha all over again (2, Insightful)

drwho (4190) | more than 5 years ago | (#27512343)

Source address level filtering does provide some level of protection against a SYN flood. The problem is, it is not universally implemented. Another problem is someone who doesn't care to hide their address. If you are doing more than a SYN flood, but more advanced TCP hijinx, you need to use your read IP address anyhow. So, it's not much of a fix. Neither is the recommendations which came out back in 2000, which was to increase the resource limits that the operating system imposed upon the IP stack. I could go on and on, on how each measure so far implemented has just raised the bar against these type of attacks, but hasn't really done much to prevent them. Yes, you might not be able to knock over a stock OpenBSD install with 1023 packets any more, but the problem persists.

Re:Naptha all over again (3, Interesting)

drwho (4190) | more than 5 years ago | (#27512403)

My fix is on the server side. It does not require changes in the stack code of clients who would connect to it. Reverse-engineering it would gain the attackers nothing. An all-or-nothing fix would not be much of a fix. Neither would one which was successful based upon its obscurity.

I am not telling you what it is because I am hoping that Microsoft will pay me some money to give them access to it. Apple as well (and Sun if they're still around). Once these are secured, I will open the invention to the FOSOSs. (Free Open Source Operating Systems). Call me greedy if you want, but I am tired of researching security and not getting paid for my hard work. That's why you haven't seen me by this handle or my real name posting security advisories for some time.

Died in a fire (3, Funny)

Reason58 (775044) | more than 5 years ago | (#27510105)

You would think someone like that would have a firewall.

Re:Died in a fire (0)

Anonymous Coward | more than 5 years ago | (#27511059)

twat

Re:Died in a fire (1)

Dreadneck (982170) | more than 5 years ago | (#27512109)

What? Too soon?

Re:Died in a fire (1)

Rakshasa Taisab (244699) | more than 5 years ago | (#27511095)

You assume he was on the other side of the firewall....

Re:Died in a fire (1)

microbee (682094) | more than 5 years ago | (#27511983)

Firewalls won't protect against internal breach. The killer must be someone in the inner circle and familiar with his work (and vulnerabilities).

rest in peace man (0, Redundant)

star3am (1151041) | more than 5 years ago | (#27510145)

Someone really smart died in a fire, I am so sorry for your family, a great loss for humanity :( Estoy contento de estar vivo, gracias!

Not the Confederate! (0)

Anonymous Coward | more than 5 years ago | (#27510211)

How can we get these secrets of the vulnerabilities back form the general?!

Obviously... (0)

Anonymous Coward | more than 5 years ago | (#27510331)

he had NO firewall.

I apologize for that joke. I realize I will burn in hell for that one.

It's a shame. (1)

techno-vampire (666512) | more than 5 years ago | (#27510929)

It's a shame he had to die that way, burning to death must be horrible. I can also understand why there's going to be such a delay in fixing the TCP/IP issue: nobody ever plans for a developer being caught in a fire. Now, if he'd only managed to get hit by a bus, everything would have been OK, because everybody plans for that.

Re:It's a shame. (2, Insightful)

Dreadneck (982170) | more than 5 years ago | (#27512161)

I would imagine any death where you're aware that you're dying (i.e. not dying in your sleep or getting shot in the back of the head) is horrible.

Honestly, what would you prefer? Being eaten alive? Drowning? Cancer? Airplane crash? Being hit by a car? Being stabbed? etc.

Death sucks regardless of the circumstance, imho.

Re:It's a shame. (1)

dogdick (1290032) | more than 5 years ago | (#27512821)

Is there evidence to support your claim or are you just talking out of your ass?

Re:It's a shame. (1)

afidel (530433) | more than 5 years ago | (#27512927)

Freezing to death, you kind of just slowly go to sleep.

Re:It's a shame. (1)

JustOK (667959) | more than 5 years ago | (#27512901)

but if, and only if, he was wearing clean underwear.

Re:It's a shame. (1)

belmolis (702863) | more than 5 years ago | (#27513229)

The article says that he died of smoke inhalation. I'm sure that isn't fun, but it is not nearly as painful as burning to death. Fortunately, many fire victims actually die of smoke inhalation/lack of oxygen rather than from burns.

TCP is not software. (0)

Anonymous Coward | more than 5 years ago | (#27511119)

TCP is not software.
Its got software implementations, but still. Not Software.

Re:TCP is not software. (1)

ClosedSource (238333) | more than 5 years ago | (#27511831)

TCP isn't a specification either. Has there ever been a clean-room implementation of Internet Protocols? I doubt a working implementation could be created based solely on RFC's.

Have you heard of my new band (0, Offtopic)

RHSC (1019802) | more than 5 years ago | (#27511627)

Death Hampers!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>