Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Critical Security Hole in Linux Wi-Fi

CmdrTaco posted more than 7 years ago | from the nobody's-perfect dept.

Security 262

thisispurefud writes "A flaw has been found in a major Linux Wi-Fi driver that can allow an attacker to run malicious code and take control of a laptop, even when it is not on a Wi-Fi network."

Sorry! There are no comments related to the filter you selected.

patched already (4, Insightful)

yagu (721525) | more than 7 years ago | (#18741577)

So here is a Linux driver problem, a patch is available, though not widely dispersed. The news here is that even in a largely neglected (though it shouldn't be) slice of the Open Source technology, specifically the deadly difficult wi-fi landscape, bugs are found and fixed right away (at least that's the gist of part of the article).

I'm more afraid of the neglected patches MSFT deems behind closed doors as not important enough to reveal to the public. How many zero-day exploits is MSFT discussing behind those closed doors right now, and what are they deciding about the fate of security to my machines?

I know I'm spinning here, but I don't find it much of a stretch to interpret this as good PR for the Linux world -- they find problems, they fix them.

(It doesn't seem to fix the other problem... I'm so sad and tired of trying to get laptops running linux reliably with wi-fi, I barely even bother messing with it anymore... If I want wireless linux on a laptop, I'm doing via Vmware's bridge. It shouldn't be like this.)

Re:patched already (2, Informative)

LinuxGeek (6139) | more than 7 years ago | (#18741615)

Wireless support was one of my main requirements when picking my newest laptop. Good support for Atheros cards and as we know, they get patched quickly when flaws are found.

Re:patched already (1)

dvice_null (981029) | more than 7 years ago | (#18741631)

> It doesn't seem to fix the other problem

Usually security fixes are not ment to fix all the bugs in a software.

Re:patched already (1, Informative)

FauxPasIII (75900) | more than 7 years ago | (#18741633)

While I echo your congratulations on a good response to this bug, I should point out that the driver in question is MadWifi; it's mostly closed source.

Re:patched already (3, Informative)

QuietLagoon (813062) | more than 7 years ago | (#18741723)

MadWiFi source code can be found here [madwifi.org] .

The module in question is found here [madwifi.org] . (slow to load)

Re:patched already (4, Informative)

FauxPasIII (75900) | more than 7 years ago | (#18742389)

> MadWiFi source code can be found here.

Or rather, a small open-source Linux compatibility shim around the actual, binary only driver.

Look further into that link you pasted:

http://madwifi.org/browser/trunk/hal/public [madwifi.org]

Those .uu files are binary objects stored as text, and they make up the majority of the driver. This same binary driver is also used by some of the BSDs, with a different open-source shim.

> The module in question is found here. (slow to load)

Ah, so the flaw is in the open source shim part. Fooey. =/

As an aside, and as I suspect you might already know, there is an effort to replace the binary-only part of that driver with Free software, and the Madwifi people have cooperated as much as they're able. They even host the development in their own repository:

http://madwifi.org/browser/branches/madwifi-old-op enhal [madwifi.org]

Cheers!

A Famous Binary Blob (1)

Erris (531066) | more than 7 years ago | (#18742337)

I should point out that the driver in question is MadWifi; it's mostly closed source.

Indeed, we've been here before [wikipedia.org] . Stuff like this makes me feel better about the few inconveniences I've had to put up with to use Debian. It is difficult to find hardware that works, but that's nothing next to getting nailed like a Windoze user.

This is why it's important to distinguish between "Linux" and "Free Software". Sooner or later the message will get through over nonsense like the popularity argument and other FUD presented in PC World.

Re:A Famous Binary Blob (0)

Anonymous Coward | more than 7 years ago | (#18742437)

The most common meaning of "free" is $0.00. "Free as in Freedom" or "Free as in speech" make a nice slogan but don't change the perception for everybody with a free (as in already installed) copy of windows. RMS should have used a less ambiguous word (like Freedom or Liberty). And so should everyone else.

Mod parent down (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18741697)

It is pathetic how anything negative found against linux is turned into a flamefest against Microsoft. Vulnerabilities like this just show that the more usage an application has the more holes will be found.

The parent should be modded flamebait, Microsoft has nothing to do with this discussion and bringing it up with the intention of only criticizing it is obvious flamebait.

Re:Mod parent down (3, Insightful)

j35ter (895427) | more than 7 years ago | (#18742265)

Sorry chap, people start bashing on linux (and its users) as soon as any kind of vulnerability is found.
In this case, the vulnerability is in a 3rd party driver and not in the kernel itself. Nevertheless the not-so-techie reader just reads "Linux vulnerability".

Btw. Dont forget that the public is used to hear about Windows vulnerabilities, they dont notice them anymore.

Re:Mod parent down (1)

Anonymous Coward | more than 7 years ago | (#18742325)

I'm talking about slashdot, not your average non-techie. Everytime there is anything remotely negative about linux on slashdot it is spun into a microsoft flamefest. Any comment slightly negative (and that doesn't also put down microsoft) is lost in the see of +5 ones modded up for ranting against microsoft.

Re:patched already (0, Informative)

Anonymous Coward | more than 7 years ago | (#18741745)

"I know I'm spinning here, but I don't find it much of a stretch to interpret this as good PR for the Linux world -- they find problems, they fix them."

Of course. That's what fanboys do!

There's more to the world than Microsoft. (4, Insightful)

Vellmont (569020) | more than 7 years ago | (#18741797)

It's interesting that people start talking about Microsoft right away in reaction to this hole, as if the only thing that matters here is how this flaw relates to Microsoft.

What I see is more the horrible state of software security. A security model that relies on all the writers of driver code in your computer to do their job right is a poor security model.


I know I'm spinning here, but I don't find it much of a stretch to interpret this as good PR for the Linux world -- they find problems, they fix them.

Great.. I guess I'd rather have the Linux World where there aren't any serious problems to begin with. The larger picture here is that computer security kinda sucks, not that Microsoft is better/worse at it than Linux is.

I'm so sad and tired of trying to get laptops running linux reliably with wi-fi, I barely even bother messing with it anymore

Huh. I've had very good luck recently with Ubuntu. The built in wifi in my laptop worked out of the box with Ubuntu, and two other cards I own worked as well.

It hasn't always been like this of course. A couple years ago WiFi support was extremely lacking.

Re:There's more to the world than Microsoft. (0)

Anonymous Coward | more than 7 years ago | (#18742075)

"A security model that relies on all the writers of driver code in your computer to do their job right is a poor security model."

So, all security models that do not allow independent review of code is a poor security model. Closed source, then.

Re:There's more to the world than Microsoft. (4, Insightful)

FooBarWidget (556006) | more than 7 years ago | (#18742109)

I think the fact that computer security sucks implies that one of these is true:
1. It just isn't possible to make software ultra-secure and free of vulnerabilities. I.e. you cannot expect *any* piece to be 100% secure, ever.
2. It is possible, but the costs of making software ultra-secure is so high that it's not worth it. Customers would rather pay a lower price for a slightly less secure system than a much larger price for a 100% secure system.

Re:There's more to the world than Microsoft. (2, Insightful)

jimicus (737525) | more than 7 years ago | (#18742641)

I suspect the latter is the case - but that suspicion is based mainly on computer science theory (which amongst other things holds that it's quite possible to mathematically verify that a function will behave as expected under all circumstances).

In the real world, there are just too many variables, both in software and hardware - OSs and hardware are much more complicated than they were 20 years ago - for that to be practical unless you're prepared to sacrifice a lot of functionality (ie. use a platform that's 20 years old in design terms). And as soon as you have to exchange data with some other organisation, your data is subject to their vulnerabilities.

For a real-world example of what can be done to make software reliable (security and reliability arguably being two sides of the same coin), see NASA's development process. They're well known for using hardware that's antiquated by modern standards, and they spend ages on designing and testing their software to death - but the sheer cost attached must be astronomical (pun fully intended).

Re:There's more to the world than Microsoft. (0)

Anonymous Coward | more than 7 years ago | (#18742759)

3. There isn't a free market where customers can pick and choose between price and security. I could probably think of a dozen more choices. You thinking is very limited if you honestly believe that 1 or 2 must be true.

Re:There's more to the world than Microsoft. (1)

FMota91 (1050752) | more than 7 years ago | (#18742135)

There's more to the world than Microsoft.
Huh, what?

Re:There's more to the world than Microsoft. (4, Interesting)

TheRaven64 (641858) | more than 7 years ago | (#18742239)

The biggest problem with this kind of thing is not the operating system security model, it's the hardware. A device in most consumer machines can issue DMA requests that allow it to read or write arbitrary addresses in physical memory. No matter how isolated the driver is, the device itself can still poke at your memory. This can be addressed by adding an IOMMU, which allows the kernel to assign a virtual address range to the device, and prevents it from accessing random areas of memory. Once you have this, it's possible to isolate drivers more and impose a good security model on them, but without it, anything you do is a bit pointless.

The good news is that the rise of virtualisation means that IOMMUs are going to become a lot more common in the next few years.

Re:There's more to the world than Microsoft. (0)

xenocide2 (231786) | more than 7 years ago | (#18742293)

"What I see is more the horrible state of software security. A security model that relies on all the writers of driver code in your computer to do their job right is a poor security model."

I'm not sure how separating drivers into a user process would make things more secure. At best, such a system would require both a remote exploit and a local exploit to do the same thing. At worst, it does nothing -- botnets don't do much that require special privileges. The only difference is that instead of talking about how an attacker could do anything with your computer, we'd be talking about how they can do most anything.

Re:There's more to the world than Microsoft. (3, Informative)

Richard W.M. Jones (591125) | more than 7 years ago | (#18742317)

What I see is more the horrible state of software security. A security model that relies on all the writers of driver code in your computer to do their job right is a poor security model.

You're right. Unfortunately with the current design of PC hardware it's difficult to provide protection from poorly written drivers. For example, it's very common for drivers to be able to (a) initiate DMA transfers to/from any part of physical memory, and (b) lock the PCI bus by messing with the bus arbitration. You can do things like having an exokernel [wikipedia.org] -- small trusted multiplexers go in the kernel and the larger parts of your drivers sit (untrusted) in userspace, but performance generally sucks. Some hardware (eg. graphics cards) makes it hard even to do this.

Luckily virtualisation is driving better solutions, and they're coming to a PC near you soon (in fact, they've already come to the PCs I'm using daily, but those are test articles). Primarily with virtualisation we want to be able to hand off devices to untrusted guest operating systems. For example give each guest its own physical network card. That won't work too well if guests can stomp on each others memory using DMA transfers. The new hardware actually has hardware support to stop the guests doing bad things.

Look at Intel's VT-d [intel.com] for example.

Rich.

Propaganda (AKA PR) (0, Flamebait)

bussdriver (620565) | more than 7 years ago | (#18742519)

There is a huge propaganda (AKA PR) machine for microsoft powerful enough to keep most users (>50%) on windows even if microsoft stopped upgrading and kept us at windows 98.

Its understandable that anybody using alternatives has to explain or promote their alternatives because:

A) the ignorant ask them WHY

B) their competence is questioned (it must be the best if everybody uses it right??)

C) little is reported unless its negative(free) except for paying customers (advertisers or large chunk of the readers)

D) a small user base hurts any platform and increases how often they have to put up with A and B

What we should be highlighting is the horrible hardware vendors who give next to no help and often write poor quality drivers in general. This problem is a windows issue as well.

Re:There's more to the world than Microsoft. (1)

fuzz6y (240555) | more than 7 years ago | (#18742643)

Great.. I guess I'd rather have the Linux World where there aren't any serious problems to begin with.
and I'd like to be able to drive my car to Jupiter.

Only on Slashdot.... (0)

Anonymous Coward | more than 7 years ago | (#18741835)

can a story about a critical security flaw in Linux be spun into an anti - Microsoft rant. Truly pathetic, and frankly, disgusting.

Re:Only on Slashdot.... (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#18741899)

Yes, I know. The people here are 90% worthless and the
any informed comments by people who know what they're talking about
mention just the tips of the iceberg of much larger topics.

Slashdot is the yardstick for bad IT forums. You'll always hear, "At least it's better than slashdot."

Are you smart? Then why do you want your comments to be found next to that of lonely bored IT people?

Re:Only on Slashdot.... (0)

Anonymous Coward | more than 7 years ago | (#18742103)

Where else is better? Everything else I find has the same blatant propoganda and groupthink as slashdot. At least slashdot has a large amount of comments (some actually good) to read. Where else do you go?

Re:Only on Slashdot.... (0)

Anonymous Coward | more than 7 years ago | (#18742243)

http://www.google.com/search?q=%22At+least+it's+be tter+than+slashdot%22 [google.com] , byotch! Slashdot is the yardstick for good forums: lively discussion, interesting topics, and a well-informed audience. Most of all, well-developed trolls, like yourself.

Re:Only on Slashdot.... (0)

Anonymous Coward | more than 7 years ago | (#18742315)

Most of all, well-developed trolls, like yourself.

Are you saying he has a large wang?

Re:Only on Slashdot.... (0)

Anonymous Coward | more than 7 years ago | (#18742353)

If length is measured by how far you put it up your own ass, then yes.

Re:patched already (3, Insightful)

delire (809063) | more than 7 years ago | (#18742387)

Wireless support on Linux is great if you simply do a little research and don't pick a card that doesn't work. [leenooks.com] You can't take a Linux unfriendly wireless adapter to water and make it drink, so don't waste your time.

Wireless works out-of-the-box (or soon after) - with a recent distribution of Linux - on most laptops these days.

Patched! (1)

LinuxGeek (6139) | more than 7 years ago | (#18741585)

Already been patched, read TFA. My laptop has been patched for a while already, so have most people that actually pay attention to security posts.

Re:Patched! (2, Interesting)

Ayal.Rosenthal (1070472) | more than 7 years ago | (#18741715)

My concern is that you are right - "so have most people that actually pay attention to security posts." The strong benefit of Linux vis-a-vis MSFT (and its not price) is that as an open system you have an nearly unlimited pool of the best computer code writing minds constantly updating and improving upon one another's kernel code around the world. But, if when errors are uncovered and corrections made, patches are only known to that pool of people then mass users will be exposed to significant security risk. The average Joe running Linux will suffer and that hurts the entire community in both reputation and user adoption rates.

Fixed! (4, Insightful)

tjwhaynes (114792) | more than 7 years ago | (#18742011)

My concern is that you are right - "so have most people that actually pay attention to security posts." The strong benefit of Linux vis-a-vis MSFT (and its not price) is that as an open system you have an nearly unlimited pool of the best computer code writing minds constantly updating and improving upon one another's kernel code around the world.But, if when errors are uncovered and corrections made, patches are only known to that pool of people then mass users will be exposed to significant security risk. The average Joe running Linux will suffer and that hurts the entire community in both reputation and user adoption rates.

You are overlooking the way that most Joe Linux users get their updates - automatically. When security flaws are found and patches are delivered, you can guarantee that the people who package that software at Redhat, Ubuntu, Debian and other major distributions are aware of the update. Those security patches will be tested and rolled out into the main update repositories, probably within 24 hours to all the mirrors worldwide. The automatic update daemon on Joe User's modern Linux distro will be downloading the update within the next 24 hours or sooner. From security patch being announced to patched home computer in 48 hours in the worst-case scenario.

One of the nicest things about the distro's automatic updates is that this applies to ALL packages in the distro. I don't need to worry about Apache needing it's own updater. So no - the average Joe running Linux does not suffer - he gets informed about the update or even has it applied without manual intervention depending on the settings. Joe benefits and so does the community who recognise that fixing security flaws promptly is key.

Cheers,
Toby Haynes

Re:Fixed! -not! (5, Interesting)

quixote9 (999874) | more than 7 years ago | (#18742409)

Um, "Joe Linux" here, chiming in. I run Fedora, which was pre-installed on oddball hardware. If Fedora has automatic updates like Ubuntu, and if they just work, I sure as hell haven't heard about them. The Fedora repository is about 10% of the way to useful. 15%, when I'm feeling charitable. I'm on Core 3 because I haven't found a distro that can deal with my system, and, since I'm a biology geek not a computer geek, I have no idea what to do or the time to spend finding out.

It gets worse. I don't even know if I'm running a madwifi driver or not. I looked at the running processes, but there's nothing obvious there. I don't know if madwifi is called something else in the process list. I do know I have a Atheros chip.

The point I'm trying to make is more than just displaying ignorance. The point is that it may be hard for those of you who are close to the subject to realize just how opaque it is to those of us who aren't. If you're in the know, share their knowledge. It's kind of frustrating, from my perspective, to hear, "It's all automatic, and if it's not, you're just too hopeless to deal with."

(All that said, you're quite right that when updates are applied automatically and effectively, both the clueless and the clued benefit. That's why I'm getting my next system with Ubuntu on it!)

Re:Fixed! -not! (1)

Arkaic (784460) | more than 7 years ago | (#18742677)

Fedora does use up2date for automatic notification of patches. Your problem, however, is that FC3 is no longer supported, so there will be no more official updates for it.

Madwifi is pretty much the only game in town if you are using linux drivers for atheros chipsets. Unless you want to use ndiswrapper for windows binary drivers (bleh), which would not be installed by default.

rpm -qa|grep madwifi
grep madwifi /var/log/rpmpkgs

I concede that the above information will probably not be known by the "average" linux user who justs wants a point and click desktop environment. I love KDE, but I ALWAYS have a konsole session open. ;)

Re:Fixed! -not! (1)

PitaBred (632671) | more than 7 years ago | (#18742731)

https://www.scientificlinux.org/ [scientificlinux.org]

Might be worth a look for you at least ;) I've never used it, I just know about it.

Re:Patched! (0)

Anonymous Coward | more than 7 years ago | (#18741729)

"Wi-Fi Bug Found in Linux" exclaims the headline... ...and a patch already exists, whispers the middle of the article, and goes on to say there's a lack of drivers for Linux.

Just typical FUD. Nothing to see here, move it along folks.

yes. only losers spend their time 'working' (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#18741919)

we should instead spend our time downloading source patches and recompiling vast quantities of C code. thats productive.

Re:yes. only losers spend their time 'working' (1)

LinuxGeek (6139) | more than 7 years ago | (#18742023)

I shouldn't reply to your trolling comment, but you may be half serious. To get this important security patch, I only had to click a button called Install Updates. Yup, that took me away from important duties for quite some time.

cool! just like windows! (0)

Anonymous Coward | more than 7 years ago | (#18742057)

oh wait...

Re:Patched! (0, Insightful)

Anonymous Coward | more than 7 years ago | (#18742223)

Your signature is a fucking disgrace. Mother Theresa was a monster. Instead of setting up real hospitals with real facilities, she just set up massive death houses. She thought that people's suffering in their final hours would bring them closer to God.

Change your sig, for the love of Christ.

Any clue on the extent? (1)

pcmanjon (735165) | more than 7 years ago | (#18741589)

What if you ifdown the wireless interface when not in use, can this prevent an exploit? It seems like it would unload the interface, but the kernel drivers would still be present. Does the kernel still monitor the wireless signals regardless of the ifup status?

I'm lucky my laptop has a switch on the side, when switched OFF wireless networking seems to be disabled. It seems to be a hardware disconnect for the antenna.

Dunno? (1, Informative)

Anonymous Coward | more than 7 years ago | (#18741955)

Just modprobe -r ath-pci (or rmmod ath-pci).

Silly leenooks user (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18741595)

from the nobody's-perfect dept.

Apple is.

thisispurefud? (0, Redundant)

linvir (970218) | more than 7 years ago | (#18741605)

No it's not. Holy shit. Can't we even talk about security holes any more without it being FUD?

Re:thisispurefud? (1)

FauxPasIII (75900) | more than 7 years ago | (#18741617)

That's the guy's name, you ninnyhammer.

PC World Article?! (1, Troll)

Rufus211 (221883) | more than 7 years ago | (#18741623)

Thanks for the useless link. Anyone with a link to an actual advisory, LKML post, lwn, etc that might have some actual information in it?

Re:PC World Article?! (1)

ThisNukes4u (752508) | more than 7 years ago | (#18741883)

Pretty sure this is the vuln talked about in TFA:http://lwn.net/Vulnerabilities/230286/

madwifi links. (4, Informative)

Erris (531066) | more than 7 years ago | (#18742095)

The madwifi howto is here [madwifi.org] . It seems that you can type, "lsmod | grep ath_pci" to find out if you are running the supposedly exploited module. My simple Etch system does not have this or wlanconfig tools by default, though those tools look very nice and I'm sure this little problem will be fixed quickly.

I have to agree with you about the uselessness of the PC World article. Besides not having any useful information, it's filled with FUD about free software wifi and confused "popularity argument" babble. In short it's more of a, "everyone else has these problems too, so Windoze away," pacifier than it is a news article.

List of devices. (1)

Erris (531066) | more than 7 years ago | (#18742145)

For further peace of mind, you can check this list of devices [passys.nl] and "lspci" to see if further action is required.

Non Free and Binary Blobs Strike Again. (1)

Erris (531066) | more than 7 years ago | (#18742465)

Finally, note that free software distributions like Debian, clearly label n binary blobs [wikipedia.org] required by the Madwifi drivers as non free [debian.org] and these are not included by default.

The point that PC World misses is that non free has problems in both the Linux and Windoze world. The magic of GNU/Linux is that it's Free Software [fsf.org] . When you mix in binary blobs, you are once again a helpless user. Others have noticed [wikipedia.org] that Atheros does not release specifications required to build drivers. That's too bad, but they are not the least friendly wireless company.

Linux Wi-Fi? What Linux Wi-Fi? (1, Funny)

Anonymous Coward | more than 7 years ago | (#18741627)

A bug in Linux Wi-Fi doesn't matter. No one can get the fucking thing to work anyway.

Re:Linux Wi-Fi? What Linux Wi-Fi? (2, Informative)

xenocide2 (231786) | more than 7 years ago | (#18742209)

Actually, I had more trouble getting my wireless card to work in Windows XP than Ubuntu 5.10. Turns out not every wireless card supports Windows' wifi config tool, and mine was one of them. For some reason, nobody seems to tell hardware vendors that their Value-add software feels more like value subtract.

Of course, I did have the foresight to ask my friends about what works on Linux, which I'm sure helped tremendously. However the laptop I bought didn't really let me choose a wifi card, and it still works with Ubuntu. Of course, Ubuntu takes a much more friendly stance on closed source drivers than Debian or Fedora, and that also helps a great deal. I'm pretty sure neither of my wifi devices work out of the box with Fedora (one more reason I didnt switch back to Fedora after trying out Ubuntu).

In other news.. (2, Insightful)

Ckwop (707653) | more than 7 years ago | (#18741643)

... take a look at Microsoft's patches this month. [bbc.co.uk]

It doesn't matter which operating system you use - they all contains buffer overflows. In a way, the consumer is to blame for this. BSD has been whiling with little to no market-share despite the fact it's free. Nobody it seems wants software that's secure out of the box and stays secure.

People want features and features are the enemy of security. So the status-quo continues even though we've known how to fix these issues for forty years.

Simon

Re:In other news.. (1, Offtopic)

jeevesbond (1066726) | more than 7 years ago | (#18741737)

People want features and features are the enemy of security.

But isn't an OS without features a brick? I can understand not using the features we don't need, but wireless is sought after and really useful. Moaning about people using it is not going to help, following that argument to its logical conclusion would have us all back working with pen and paper. That's not an idea I relish since my typing is far better than my handwriting. :)

BSD has been whiling with little to no market-share despite the fact it's free.

Does this exploit affect BSD too? I was under the impression that the lack of FreeBSD success was due to it's project lead being a total git. Also OSX is based on BSD but still suffers plenty of security problems [info-pull.com] .

I don't know about the FreeBSD lead... (1)

BitwizeGHC (145393) | more than 7 years ago | (#18742019)

but if he is a total git I bet he's got nothing on Theo de Raadt (OpenBSD projet lead). OpenBSD itself is a tank, however.

Re:In other news.. (3, Informative)

Glytch (4881) | more than 7 years ago | (#18742037)

Perhaps you're thinking of OpenBSD's Theo de Raadt? He's a confirmed git. Smart and dedicated, but definitely lacking interpersonal skills.

Re:In other news.. (1)

jeevesbond (1066726) | more than 7 years ago | (#18742211)

Ah yes, sorry. That's who I was thinking of.

Re:In other news.. (1)

mackertm (515083) | more than 7 years ago | (#18741795)

Well, typically I use Windows, I've played around with Linux a bit, and might get a Mac the next time I'm due for a new laptop... But I have to admit I've never even really considered BSD. Isn't it dead or dying or something?

Re:In other news.. (1)

DeadChobi (740395) | more than 7 years ago | (#18742119)

Netcraft confirms it.

Re:In other news.. (0)

Anonymous Coward | more than 7 years ago | (#18742393)

Actually, that's a newb, that's not netcraft.

Re:In other news.. (2, Funny)

Nezer (92629) | more than 7 years ago | (#18741861)

In a way, the consumer is to blame for this.


Hmm... And here I am thinking the developers should take the blame for bugs.

Thanks for clearing this up. ;-)

Re:In other news.. (1)

Ant P. (974313) | more than 7 years ago | (#18741927)

OpenBSD had an remote exploit in the IPv6 stack a few weeks ago, does that make it worthless for security too?

Re:In other news.. (4, Informative)

TheRealMindChild (743925) | more than 7 years ago | (#18742205)

they all contains buffer overflows

Actually, this kind of crap goes away when you stop using NULL terminated strings and put in size checks.

  • Start using a BSTR or std::string or christ, even CString.
  • If you're going to use a char * as a string, stop using strcpy/strcat/sprintf/strfindthelawngnome and start using strncpy/strncat/snprintf/strfoundthelawngnome
  • If you have to pass a char * as a parameter of some function, also add a parameter that indicates the size of the memory (EX: 'bool IsStringSexy(char *mystring, ULONG mystringlen)')
  • Don't rely that a setting read from some arbitrary place (registry, file) is undeniably correct to laying out structures of memory [LOOKING AT YOU IE AND FIREFOX AND WORD AND EVERY OTHER APP THAT CRASHED DUE TO A MALFORMED DOCUMENT]

Re:In other news.. (1)

The_Wilschon (782534) | more than 7 years ago | (#18742307)

Or how about this: DON'T USE C. Have a small interpreter for a (provably) safe, high-level language, written in C or something else that you can compile to machine code. Keep the interpreter small enough that you can actually check it over quite thoroughly for all kinds of security holes and bugs. Then write everything else in that high-level language.

The cause of an awful lot of security holes is just the simple fact that people write in a language which is much lower level than what they really need. This forces them to reinvent the wheel constantly, and along with the wheel, they reinvent a lot of security holes.

Complex Hack (5, Funny)

dekkerdreyer (1007957) | more than 7 years ago | (#18741651)

Luckily this hack isn't for the ordinary Linux user. The hack requires WPA encryption to be activated. As anyone who uses Linux knows, WPA requires recompiling the kernel, compiling wireless tools, compiling wpasupplicant, recompiling both when you find that the default configuration for wpasupplicant is to not use WPA (wtf?), and finally modifying a handful of cryptic configuration files. Once that's done, WPA is still not likely to work with a particular kernel, hardware, and wireless card combination.

Once again, Linux is safe from such a common attack because only seven people have successfully set up WPA. If this had been a Windows flaw, where every machine natively understands WPA and no work at the command prompt is needed, this would be disastrous.

This shows that Linux has been taking the right stand. By making the machine difficult to get running, it's unlikely that the machine will be able to connect to anything and become infected. Windows made the mistake of making the machine easy to use, allowing for simply network connection and ease of ownership (OWN3D).

Re:Complex Hack (1, Interesting)

chord.wav (599850) | more than 7 years ago | (#18741749)

The Windows being ease to use is not a mistake. It's a business decision. Even for their server products, they chose to go that way. And, if you ask me, they didn't do that bad, given the market share they have.

Not Overly Complex Hack (3, Interesting)

LinuxGeek (6139) | more than 7 years ago | (#18741763)

Humorous, but if someone wants a quick and painless route, check out Ubuntu. I running 7.04 beta on my laptop and wifi works well with my two very different APs in WPA(psk) mode. Installed and working, no tweaking, no manual compiling, no config file fiddling required. After running Linux for 12+ years I am quite happy with the state of Ubuntu.

Re:Not Overly Complex Hack (1)

pizpot (622748) | more than 7 years ago | (#18742157)

my experience this weekend
1. buy $30 retailplus wireless usb dongle with zd1211 chipset
2. install ubuntu7.04 (or fedora core 7 worked same way)
3. install zd1211 driver module by checking it off in Synaptic Installer
4. install updates by saying yes to update manager
5. reboot
6. bliss

Re:Not Overly Complex Hack (1)

pizpot (622748) | more than 7 years ago | (#18742633)

oh yeah, the laptop had no working wired card due to borken...

step -1: plug usb printer-style cable from cable modem to usb port
step 0: get online for updates and even while installing from cd!!

who knew that usb port on my cable modem was for anything?

Tag.. (5, Funny)

Anonymous Coward | more than 7 years ago | (#18741661)

DefectiveByDesign? Oh wait ... wrong OS.

Flaw? Patched? Microsoft? Linux? (0)

PixieDust (971386) | more than 7 years ago | (#18741675)

While I agree, very good response on getting this patched, and Linux does seem to have a better overall response time to patch needs, they're needing it more and more these days.

I find it pretty interesting that security advisories over the last several months have been on primarily non-MS platforms. Mac, Linux, Solaris, etc. have had many more security advisories than MS Windows has had to endure, and Microsoft, while certainly not leading that pack for response time, also isn't dead last. I invite you all to check This site [packetstormsecurity.org] which is April's list of security advisories. I remember seeing a review on security a short time ago dealing with response time from various OS Vendors, and while MS wasn't leading the pack in anything, they weren't dead last in anything either.

I personally think Linux has a lot of potential, and is a pretty decent OS. But it's not ready for primetime just because of the average user. Windows has a tough enough time with security because of the user (let's face it, 90% of problems are the user's fault). Sure, exploits exist, but you have to DO something. Users don't download patches. Users click on anything with an OK box. Same applies here. How many "users" running Linux are even going to know about this vulnerability, let alone patch it. Ok, if they've auto-updates on, perhaps they will fetch it in their next batch? In which case, good, and kudos to the distro for making that part painless for the user.

I've always wondered about Linux's wifi security, but that was primarily because of having to wrap up the driver of most wifi cards. Just seemed to me like a door just begging to be broken down. Apparently I wasn't the only one.

Re:Flaw? Patched? Microsoft? Linux? (1)

DeadChobi (740395) | more than 7 years ago | (#18742137)

Just to continue on in the stereotypical "not ready for primetime exchange" my mother uses Ubuntu.

Re:Flaw? Patched? Microsoft? Linux? (2, Insightful)

eli pabst (948845) | more than 7 years ago | (#18742585)

Mac, Linux, Solaris, etc. have had many more security advisories than MS Windows has had to endure
I'm not sure where you are getting that idea, but according to secunia, Microsoft and Redhat have had exactly 3 vulnerabilities this month, with Microsoft vulns being more critical. Sure there was the Solaris telnetd vuln that made headlines, but I think it's just your perception. Plus I also think you're failing to take into account the ANI cursor overflow at the end of March which was a big deal.

Sure, exploits exist, but you have to DO something.
That's not true. Look at the ANI bug, it was actively being exploited in the wild on web pages that injected the overflow using the iframe tag. All you had to do was visit a website, no clicking required.

How many "users" running Linux are even going to know about this vulnerability, let alone patch it.
Again this seems like a case of selective memory to me. Remember the Intel wireless vulnerability that came out just before the Maynor-Apple announcement? Well if you have a Intel wireless chipset on your windows PC, you have to manually install a new driver from Intel, there is no Microsoft patch and it will *not* appear in windows update even if you have auto-updates turned on. So I fail to see how that's any different. In fact a number of Linux distros actually do have updates available for this Madwifi vuln.

Ummmm, no. (2, Informative)

khasim (1285) | more than 7 years ago | (#18742697)

First off, I'm posting this from Ubuntu (Feisty Fawn).

But it's not ready for primetime just because of the average user.

Okay, what is it about the "average user" that makes Linux not ready for prime time?

Windows has a tough enough time with security because of the user (let's face it, 90% of problems are the user's fault).

Okay, now you're talking about Windows. And I'll disagree about 90% of Microsoft's security problems being the fault of the users. The default install of a system should be secure enough WITHOUT requiring the users to know how to secure it.

Sure, exploits exist, but you have to DO something.

And by "something" you mean "plug it into the Internet as it was advertised".

Meanwhile, Ubuntu ships with NO open ports by DEFAULT. So I can plug it straight into the Internet in it's default configuration.

Users don't download patches. Users click on anything with an OK box. Same applies here.

And with Ubuntu's default installation, that is not a problem.

But it is a problem with Windows.

But you say that that means that Linux is not ready for prime time.

Users will always install vulnerable apps. You cannot compare two systems based upon what the admins of those systems can or cannot do with them. Instead, compare the default installations and how their security models are implemented.

First reported December 2006 (4, Informative)

QuietLagoon (813062) | more than 7 years ago | (#18741683)

Here [mitre.org] is a reference to a more informative report.

I am a bit confused... (5, Informative)

Skiron (735617) | more than 7 years ago | (#18741731)

... this was fixed 4 months ago?

http://madwifi.org/changeset/1842 [madwifi.org]

Fixed Dec 15th on my box (5, Informative)

swillden (191260) | more than 7 years ago | (#18742195)

... this was fixed 4 months ago?

It looks that way to me.

Unless this is a different vulnerability, Debian applied the fix [debian.org] over four months ago, two days after the patch was available, and eight days after the vulnerability was first reported [grok.org.uk]

I saw the article and immediately started aptitude to get the fix, only to discover that I already got it, two weeks before Christmas. Nice.

Madwifi? (1)

Zarhan (415465) | more than 7 years ago | (#18741741)

AFAIK, Atheros drivers aren't even in main kernel tree yet. For the last few years they have seemed to be in perpetual pre-release (0.xx) versions..

Re:Madwifi? (0)

Anonymous Coward | more than 7 years ago | (#18741783)

I would expect they're not in the main kernel due to licensing problems (the drivers contain a binary firmware blob), not due to the version number.

my view on WiFi are mostly unprintable (0)

Anonymous Coward | more than 7 years ago | (#18741853)

And I can't help but laugh at all these security problems with wireless. Since the technology came out it has been plagued with problems. I do work from... work (what a surprise) and from home. I'm not working in my car, nor while I'm walking. I enjoy the moments when I'm neither at work nor at home to do something else than being behind a (small) computer's screen.

I know that for some people having a lot is mandatory and I pitty them: have fun with all these security troubles, with your small screen and with your bad keyboard (insert here a reply about how your laptop's screen is better than a 23" displaying 1920x1200 and why your laptop's toy keyboard is better than a mechanical one... But you won't convince me).

The only laptops I'll ever buy (say when I need to do demos at customers etc.) need to have a physical switch to disable the WiFi or, at least, a BIOS option to turn it off.

WiFi is a bad joke. It is slow and insecure.

My home is now Gigabit ethernet (and, yup, the hard disk then tend to be the bottleneck) and 10 Ge is around the corner: faster than WiFi, safer than WiFi.

For me this article reads: "nothing to see here, move along". Good luck for all those who can't know for sure that they don't now have a LKM rootkit in their WiFi enabled laptops (I'd recommend scanning it with a Live CD or, better, check with the Tripwire results you took for sure when the laptop was in a known good state).

Oh, madwifi. Surprise! Closed source still sucks! (1, Insightful)

the COW OF DOOM (tm) (1531) | more than 7 years ago | (#18741865)

This bug is in the "madwifi" atheros driver, which is:

  1. dependent on a closed-source kernel module
  2. not in the upstream kernel
  3. not included by default in most distributions (e.g. Fedora/RHEL, SuSE, Debian).
It *is* in Ubuntu, but has been fixed in Edgy [ubuntu.com] since February 1.

So here's what the headline should have been:

Closed-Source Drivers Harder To Maintain, Less Secure

Re:Oh, madwifi. Surprise! Closed source still suck (4, Informative)

Anonymous Coward | more than 7 years ago | (#18741971)

The bug was in the open source portion of the driver, the closed-source HAL merely locks the range of radio frequencies and transmit powers allowed.

Mod this AC up please, and GP down (0)

Anonymous Coward | more than 7 years ago | (#18742221)

As parent states, the bug was in the open source part of the driver.

Re:Oh, madwifi. Surprise! Closed source still suck (0)

Anonymous Coward | more than 7 years ago | (#18742411)

Open-source advocates, however, are still as insecure as ever. Apparently.

Tickletaint [slashdot.org] (forced to post logged-out due to modbombing)

mod 3own (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#18741901)

w$indows, SUN or

Whew! (0, Offtopic)

cciRRus (889392) | more than 7 years ago | (#18741933)

Good thing I'm using Windows.

Oh wait... nevermind.

Surely SCO is behind this! (1, Offtopic)

hildi (868839) | more than 7 years ago | (#18741945)

I think we all know where this kind of FUD comes from. There is a vast closed-source conspiracy to denigrate and destroy the Linux movement. These kind of attacks are irresponsible at a time when our nation is in peril. Why don't you ever hear anything in the media about what linux does right? Only a few websites that 'get it' are brave enough to tell the truth ... like slashdot. We sit here, cowered, assailed on all sides by our enemies, but fortunately we are an oasis of sanity in this crazy, mixed up world.

All I can say is God bless us, the true chosen ones, who bravely devote ourselves to the protection of our one true operating system... and the fundamental freedoms it stands for and that we hold so dear.

Article Tagging: "haha"???? (3, Interesting)

Anonymous Coward | more than 7 years ago | (#18742059)

Why is a tagging keyword 'haha'?

I guess OpenBSD will have to change their slogan (0)

Anonymous Coward | more than 7 years ago | (#18742187)

to "Only three remote holes in the default install, in more than 10 years!" given that they're into swiping Linux wi-fi code.

Re:I guess OpenBSD will have to change their sloga (0)

Anonymous Coward | more than 7 years ago | (#18742431)

Why does the linux community always compare itself against windows, why are there not more discussions on how it compares against AIX, Solaris. etc? Is windows still that much of a threat? Windows is totally different from Linux, Unix, Mac. A comment is made about linux security and first post is comparing itself against window, what's up with that?

Anyway, all software is prone to issues, no matter what it is and to think otherwise is to completely ignore the fact that humans can and do make mistakes. Rather its how we deal with those mistakes, how fast is it corrected and how easy it is for people to update, use, maintain. People in general don't care if there's a problem with software X that deals with security problem X. All they care is that they can use it when they want to use it.

So to say there's a Critical issue with linux isn't suprising, its how they go about correcting the issue and getting it resolved, and how easy that process is etc. Now you're telling me I have to upgrade my OS to correct the issue with this? That's more of an issue here as how many people out there in the general user group are going to download the new beta program of the next version of Ubuntu and load it up just to fix an issue with this? If there's isn't a way to automatically download an apply the patch and make that issue seemless for the user, then as any other software out there it will go unnoticed, remain a security issue and make linux just as easy as a target for people to attack.

Not very helpful FA.... (2, Insightful)

Arkaic (784460) | more than 7 years ago | (#18742233)

Of course, it would have been too much trouble for PC World to mention exactly which version of the madwifi driver was susceptible to this particular flaw. So much better to let people dig through changelogs which might address any number of past vulnerabilities.

I patch and update regularly, so I just wasted some time double checking on a flaw that had been fixed on my system a long time ago.

Security hole (1)

azrider (918631) | more than 7 years ago | (#18742333)

Is this flaw in madwifi or madwifi-ng? If it is in madwifi-ng, which release(s) is/are vulnerable?

Here's an idea: (2, Interesting)

The Cisco Kid (31490) | more than 7 years ago | (#18742343)

Get rid of wifi cards (PCI as well as PCMCIA), and instead implement the wifi 'client' side with an ETHERNET jack to connect .. well, anything that has or can have an ethernet port. Have a 'router' build in that is accesible and configurable via HTTP and/or telnet. Include a 'bridge mode' where, once configured, the router steps out of the way for cases where you are on a known network where you trust its security, or for 'public' untrusted networks you leave the build-in router enabled, isolating you from unexpected inbound connections.

Then, you dont need specific 'drivers' for wifi hardware (you just need to support ethernet)

Re:Here's an idea: (1)

jimicus (737525) | more than 7 years ago | (#18742517)

Excellent idea, with only 3 minor problems:

1. Adds complication and hence cost. Bit of a problem in a cost-sensitive world.
2. Doesn't solve the problem - the security risk now moves to a box plugged into your ethernet card. With the added bonus that the only way you'll be able to fix it is via a firmware upgrade - so it's quite possible to brick the box when you upgrade. (Granted, this can be designed around - but I've yet to see a set of "rescue damaged firmware" instructions which were easy for my own mother to follow - and it's the likes of her who can benefit most from a more secure approach.
3. Far and away the biggest group of people who regularly use wireless do so on a laptop - and by definition, you want everything on a laptop to take up the least amount of extra space/weight possible.

Re:Here's an idea: (0)

Anonymous Coward | more than 7 years ago | (#18742541)

So your solution is to have a little dongly nubbin sticking out the side of my computer? I hope you're kidding.

Tickletaint [slashdot.org] (forced to post logged-out due to modbombing)

Re:Here's an idea: (1)

tokul (682258) | more than 7 years ago | (#18742599)

> Get rid of wifi cards (PCI as well as PCMCIA), and instead implement the wifi 'client' side with an ETHERNET jack to connect

Linksys WET54
SMC WEBT-G

Main issue - it is external device. It is less useful than wireless adapter inside laptop or handheld.

You reap what you sow. (-1, Troll)

pair-a-noyd (594371) | more than 7 years ago | (#18742553)

You yahoos have been so gung-ho to push M$ off the throne.
Running amok screaming LINUX! from the rooptops, singing the praises.
You've pushed HARD to make Linux compatible with M$, to be able to run M$ apps
on your Linux distro. You folks are wanking off over OO being able to run VBS crap.
And Novell/Suse/M$ gives us MONO so we can share the .NET misery.

Oh joy! Glorious day it is! My Linux machine is now more M$ compatible and the scumbag crackers have paid heed to your trumpting and will now service your requests for attention! Oh joyous day!

You stupid bastards. And it's only going to get worse now. You should have just staid STFU and enjoyed Linux as it was, very incompatible with M$ and off the crackers radar. But you had to run around waving bait under the noses of the ne'er-do-wellers and now that they are biting, you run around wringing your hands.

I abandoned M$ for Linux because I was sick and fucking tired of the M$ problems. ALL of them.
I converted to Linux because it was INCOMPATIBLE with M$ and didn't suffer the M$ problems.
Now, thanks to many loud mouths, I see an increasingly troubled future in the Linux world.
With M$ on the warpath to destroy Linux and crackers smacking their lips at the chance to crack a Linux box, plus having now about Linux malware being introduced from the inside, once again we'll be more like the very thing we strove to separate ourselves from. The security through obscurity plan has it's merits. It's not the answer but it worked very well for a long time, at least before everyone started blowing their Linux horns and awakened the demons.

Mod me down as a troll and or flamebait but you damn well know I'm 100% correct.

Re:You reap what you sow. (0)

Anonymous Coward | more than 7 years ago | (#18742679)

You moved to Linux because it wasn't Windows; not because it was Linux. Sounds like you're on the verge of realizing you had unreasonable expectations. Keep it up!

Ridiculous! (0, Redundant)

Yeechang Lee (3429) | more than 7 years ago | (#18742601)

This sounds like paranoia. Everyone knows Linux is U BEN PWN3D BY THE SUPR HAX0R BOW B4 MY L33T SKILZ the most secure OS around!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?