Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Internet Explorer Vulnerabilities Increase 100%

benjymouse Microsoft is now counting Flash vulns as IE vulns (108 comments)

Microsoft patches to IE include patches to vulns in Flash - which is embedded in IE. The increase in vulnerabilities is the result of the horrible Flash code.

about an hour ago

Exploiting Wildcards On Linux/Unix

benjymouse Re:in root? Am I missing something? (215 comments)

Er.. most of the exploits are only possible if one is root and/or the directory is writable for some other user (e.g. leon in this case).

Since one is root, one can do anything anyway so why bother with all this misdirection? If someone leaves world writable directories lying around (especially without the sticky bit set), then they deserve everything they get. Or is this some kind of "trap the (completely) unwary sysadmin" wake up call? If I see some strange named file (especially if I know I didn't put it there) I would investigate very, very carefully what is going on. I can't be alone in this - surely?

The point is that this can be used to trick a root user into issuing what he believes is a safe command. The combination of the text-reinterpreting shell and specially crafted file names combines into a seemingly innocent command ending up allowing the attacker (the creator of the specially crafted file) root access on the system.

It doesn't help that some (on the surface) idempotent commands like find packs a number of dangerous options that can be used to execute shell scripts, commands or remove files.

about a month ago

Exploiting Wildcards On Linux/Unix

benjymouse Re:PowerShell (215 comments)

Is the wildcard expanded by the shell in PowerShell?

No. This class of attacks will not work against PowerShell (nor for plain old DOS for that matter). The problem is the combination of text-centric shell scripting and shell expanded wildcards.

about a month ago

Microsoft's Cloud Storage Service OneDrive Now Offers 15GB For Free

benjymouse Re:Even more work for spies! (99 comments)

And to think that just the other day Microsoft were complaining that the NSA fallout was getting worse. Are they hoping to swamp them with simply too much data on Microsoft's servers?

So, would you expect Microsoft to hold it's breath while the lawmakers pull their collective behinds together to reign in the runamok NSA? Should they stop doing business while they wait for the political system?

about a month ago

Windows 8.1 Finally Passes Windows 8 In Market Share

benjymouse Re:Under the hood (187 comments)

There's heaps of us who like Windows 8.x/2012, but Slashdot has its mind made up and every time there's a Windows 8 submission these idiots bring out their pitchforks while people like us just ignore it. So no, you're not the only one.

At this stage it looks like Microsoft could patch in a new Start Menu, throw in the option to use oh I don't know, KDE's menu or whatever your DE of choice is these days, put in a tool that converts fucking lead to gold, and donate 50% of their net profit to NASA, and people here would still hate it.


about 2 months ago

Windows 8.1 Finally Passes Windows 8 In Market Share

benjymouse Re:12.64 percent in only 17 months (187 comments)

I seem to recall reading somewhere that the Windows kernel, UI, and default browser all share essential low-level processes, and therefore could never ever possibly be decoupled.

However, that is wrong.

Windows kernel is an incredibly modular piece of work, much more so that Unix/Linux. In fact, the "Win32 subsystem" is just *one* possible subsystem mapped onto a very generic kernel. From the start, the core was designed with WIn32 subsystem as just one of a number of subsystems and originally also included a POSIX subsystem and an OS/2 subsystem. Note, that these were NOT emulation layers, but full blown "peers" of the Win32 subsystem, That design is still very much alive within the kernel.

The confusion with respect to the "browser in the kernel" is at least partly Microsoft's own fault. During the browser anti-trust trials they claimed that Internet Explorer could not be unbundled from the core. Until someone actually did and demonstrated it during the trials.

Like virtually all OSes today, some of the core GUI administration components use HTML as rendering mechanism for at least parts of the user interface. Hence a html renderer is part of the core OS (unless a GUI less server SKU is used). However, a HTML renderer being distributed as part of the *core* OS does NOT mean that it will execute in kernel space. This is such a mindbogglingly stupid assertion that whenever someone brings up that claim I get suspicious that they actually know better, but finds pleasure in throwing it out there and watch the immediate condemnation and ridicule.

The HTML renderer is of course the same one as used in Internet Explorer (Trident, IIRC). That *still* does not mean that Internet Explorer is "part of the OS" - it merely means that Internet Explorer (the browser) uses the same rendering library as the core components in the same way that an XML parser can be used buy the browser as well as the core OS without it running in kernel space.

about 2 months ago

Court: Oracle Entitled To Copyright Protection Over Some Parts of Java

benjymouse Re:Bye-Bye Java (303 comments)

Name a platform that is end-to-end not proprietary in any way shape or form?

Even if such a platform exists, how does that preclude Microsoft from suing? Remember that the thesis here is that Microsoft would disregard the licenses already granted for C#, .NET Framework, compilers etc and just sue to exhaust your funds. Why couldn't they claim that you infringed an algorithm (or whatever) even if you were using Java or Python? After all, they have no legal standing but are considered *so* malicious that they will sue even when they have no legal standing.

The whole "Microsoft will sue!" is nothing but FUD.

In reality - because of the promissory estoppel of the community promise - users of .NET and any other technology under the community promise is much better protected than when using alternatives. This is because the promissory estoppel can be used to dismiss a lawsuit outright.

about 2 months ago

Court: Oracle Entitled To Copyright Protection Over Some Parts of Java

benjymouse Re: Bye-Bye Java (303 comments)

Perhaps the issue is how much power Microsoft will have to shut down Mono.

None. Zero. Zilch.

about 2 months ago

The New 'One Microsoft' Is Finally Poised For the Future

benjymouse Re:Trolling? (270 comments)

Microsoft SHOULD have taken MVC design to its next logical level, and built upon .net instead of throwing it all away in the blighted name of Metro... common model and controller code across all Windows platforms, with different views for desktop, tablet, and maybe mobile devices whose displays are too small to treat like a tablet. They could have compiled the code to CLR, then had the installer itself compile it to native code optimized for the local platform. But no... they just *had* to ruin a good thing, and try to ram touch down everybody's throats.

This does not make sense to me at all. While I agree that's the way they should have taken (IMHO using MVVM instead of MVC), it is almost exactly the way they took. They didn't have all the ducks in row at the first iteration, but it was the plan all the way. They said so at the time.

You did not belive the FUD about Microsoft abandoning .NET did you? .NET is very, very much in the game. At /Build// Microsoft just announced Universal Apps.

MSDN has documentation

With universal apps you build one app for phone, tablets and laptops/desktops. The same app can share views and viewmodels (MVVM) across the form factors, or they can have completely different view/viewmodels. A view/viewmodel can also "adapt" to the formfactor - showing only primary and essential information on phones, more on tablets and include secondary/tertiary information on desktops.

When deployed, the universal apps are deployed as IL/CLR code. When a device installs an app, the cloud service will perform the compilation and serve a native app to the device, compiled for the architecture, memory requirements and core count. The delivery system will only serve resources used by the specific device, i.e. even if the universal app is distributed with extensive resources for desktop users, the package that is downloaded to a phone will strip those resources.

Metro was never mutually exclusive with .NET. Microsoft made plenty of blunders both with their messaging on Metro as well as the initial Dr. Jekyll-and-Hyde two-personality Windows 8. But they have been consistent on their messaging on .NET and apps.

about 3 months ago

The New 'One Microsoft' Is Finally Poised For the Future

benjymouse I call BS (270 comments)

The links have long disappeared due to DCMA takedowns.....

No they haven't. You just do not want slashdot readers to read them, because they do not say what you claim.

Quote from that article:

One technology enthusiast at Web site kuro5shin noted many of the hacks (additions) to the code base included some colorful comments and creative use of adjectives in noting programming changes.

In this case, the reviewer concluded the code was generally "excellent." But he also noted the many additions to the Windows code to be almost universally compatible with previous Windows versions. And third-party software has "clearly come at a cost, both in developer-sweat and the elegance (and hence stability and maintainability) of the code."

GP is correct, those who took a look at it indeed came away with the impression that it was quite pristine.

You, OTOH, are just lying.

about 3 months ago

OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

benjymouse Re:ASLR anyone? hype? (303 comments)

I've actually wondered about this too. Read overruns will crash a program just as badly as write overruns; Read AV in Windows [NT], Segmentation Fault in *nix (General Protection Fault in legacy Windows), etc. reading memory will tell you enough about the layout of memory to cherry-pick addresses pretty well, and probably to determine the ASLR mask, but you're still going to have the issue of what, within the heap, is allocated. You could probably do OK by starting from the stack (which is in a predictable enough location) and working from there, I guess?

ASLR was invented as a mitigation of "return oriented programming" which was itself a way to get around DEP/NX. As such, ASLR targets executable memory, making the memory addresses of candidate executable code fragments hard to guess. ASLR does not randomize data segments - there's no need since the original intent was to make executable locations hard to guess. Non-executable locations was not the problem ASLR tried to solve.

And in the case it would not matter at all if the location was randomized, since this bug is an unbounded offset to a memory location. The attacker does not need to know the actual memory location, he just needs to specify a too large or too small offset to read adjacent memory. Yes, going too far could trigger a segfault, but the attacker will have dumped all memory until then. So what? The attacker can just continue the attack once the service restarts.

The point is: The attacker does not need to know anything about the memory layout. The server already allows him to offset from a pointer to a known valid location.

about 4 months ago

Apple: Dumb As a Patent Trolling Fox On iPhone Prior Art?

benjymouse Re:The Slide-to-Unlock Claim, for reference (408 comments)

As mentioned in a different reply, I see non-continuous movement: slider at the left side; slider in the middle; slider at the right side. Three images, replaced in succession, as I said.

clearly demonstrates the intent to create an appearance of an animated continuous movement. The technology at the time did not allow for the same smoothness as today. But even today you can argue that the movement is *still* not continuous - it is just that Apple has "invented" smaller and more steps.

Let it go: The video is clearly prior art for state change. It is presented as a general way to change state on an electronic device with a touchscreen.

What Apple has is
      1) Apple "re-invented" the state change for an handheld device
      2) The Apple state change is "unlock" - a specific example of a state change

For 1: it is trivial to demonstrate that such a state change on a handheld device would derive automatically from the technological advances that shrink devices to the point where the touch screen can be handheld.

For 2: It is interesting if the *specific* (unlock) state change is not covered by the broader state change mechanism demonstrated in the video.

about 4 months ago

Apple: Dumb As a Patent Trolling Fox On iPhone Prior Art?

benjymouse Re:The Slide-to-Unlock Claim, for reference (408 comments)

Compare (original)

A method of unlocking a hand-held electronic device, the device including a touch-sensitive display, the method comprising:
detecting a contact with the touch-sensitive display at a first predefined location corresponding to an unlock image;
continuously moving the unlock image on the touch-sensitive display in accordance with movement of the contact while continuous contact with the touch screen is maintained, wherein the unlock image is a graphical, interactive user-interface object with which a user interacts in order to unlock the device; and
unlocking the hand-held electronic device if the moving the unlock image on the touch-sensitive display results in movement of the unlock image from the first predefined location to a predefined unlock region on the touch-sensitive display.


A method of (changing state of) an () electronic device, the device including a touch-sensitive display, the method comprising:
detecting a contact with the touch-sensitive display at a first predefined location corresponding to a (state) image;
continuously moving the (state) image on the touch-sensitive display in accordance with movement of the contact while continuous contact with the touch screen is maintained, wherein the (state) image is a graphical, interactive user-interface object with which a user interacts in order to (change state of) the device; and
(changing the state of) the () electronic device if the moving the (state) image on the touch-sensitive display results in movement of the (state) image from the first predefined location to a predefined unlock region on the touch-sensitive display.

The latter accurately describes what happens in the Microsoft video demonstration. All I did was to substitute (state) for "unlock", (change state of) for "unlocking". I also removed "handheld".

So what we have is that Apple is using the general application of switches with graphical representation to perform a specific function (unlock) rather than the general (changing state) and Apple applying it to handheld devices.

Everyone can recognize unlocking as a specific example of a state change. Your "invention" does not become more original because you narrow the scope to which it is applied.

Same goes for handheld. It was done on a electronic device with a touch screen. When the technology advances and allows the electronic device to be carried around it does not make the same idea new again.

about 4 months ago

.NET Native Compilation Preview Released

benjymouse Re:What about number-crunching performance? (217 comments)

I skimmed over the links, but I probably just missed it. So apps take 60% less time to start, and they use 15% less memory. What about run-time performance? How much faster are they when executing?

During runtime, a.NET already runs compiled. This saves on the JIT compiler.

However, they also announced (later session at /Build//) that the new compilers (including the JITs) will take advantage of SIMD. For some application types this can allegedly lead to serious (like in 60%) performance gains. Games were mentioned.

about 4 months ago

.NET Native Compilation Preview Released

benjymouse Re:Only benefits smaller devices (217 comments)

The raw speed of the code might actually diminish since the .net runtime could have optimized it better for the specific environment (CPU model, available RAM, phase of the moon, etc).

MS announced that developers still need to pass hints to the compiler on what architecture, CPU core count, available memory etch, to compile for. You can (cross) compile to multiple architectures.

This technology is already at work when deploying apps for Windows Phone 8: Developers pass IL code to the store, native compilation is performed per device type in the cloud (CPU architecture, OS version, memory, ...) and the binary is passed to the device.

about 4 months ago

.NET Native Compilation Preview Released

benjymouse Re:Translator? (217 comments)

Correct me if I am mistaken, but I'm pretty sure that if they are using the backend they are skipping the lexing and parsing steps and going straight to the generation of the intermediate representation. That would mean that there is no generated C++ code to see.

That is precisely what they announced. No correction needed. They use that C++ backend to emit code for specific processor architectures (and core counts) and do global optimizations.

about 4 months ago

Microsoft: Start Menu Returns, Windows Free For Small Device OEMs, Cortana Beta

benjymouse Re:What about 2012R2??? (387 comments)

Martian feel threatened by PowerShell. So he is spreading CUD.

PowerShell is an amazing shell. As a shell, its core is even simpler and more consistent than any of the *sh shells. Yet, it is based object models and is designed to be hosted by applications, not just a command line. The commands (cmdlets) are self-discoverable through metadata, meaning that parameter help etch can all be generated from the actual command itself rather than rely on authored text.

about 4 months ago

Ask Slashdot: Preparing For Windows XP EOL?

benjymouse Re:Windows SteadyState (423 comments)

From Steve Gibson and Leo Laporte:

Now, it's not quite as onerous in my experience as Jim's letter indicates because it does not
make an entire copy of your system partition and/or drive. Instead you set aside a block of
hard drive space. And using a feature, basically it's file system filtering, this is able to capture
any changes which are made to the system drive. And essentially it caches the changes. So, for
example, when any application, installer, literally anything you do, I mean, this thing is global.
You cannot turn it off without restarting Windows. So it's not something that just sort of easily
comes and goes. I mean, this is meant to be bulletproof.
And I discovered the hard way that it even protects the partition table, and that first track of
the drive which we were talking about recently could be prone to preboot kernel rootkits. I was
using something else that did deliberately change that first track, very much in a kernel rootkit
fashion. And that'll be the subject of an upcoming podcast because it involves performing whole
drive encryption. And it turns out that SteadyState uninstalled this thing, even though I had
SteadyState sort of in a mode where it was supposed to allow changes to be saved. So, I

about 4 months ago

Ask Slashdot: Preparing For Windows XP EOL?

benjymouse Windows SteadyState (423 comments)

Windows SteadyState from Microsoft is available for Windows XP.

SteadyState virtualizes the OS directories transparently on the disk. File writes/updates are directed to a secluded area. You can set it to simply delete those journaled updates upon restart/signoff. Any malware will be effectively gone. Windows Update would still be possible when signing in as the SteadyState administrator (creating an updated image), but that's kind of moot at this point.

about 4 months ago

Malware Attack Infected 25,000 Linux/UNIX Servers

benjymouse Re:The big problem with Linux security. (220 comments)

Is that why Windows and IIS got hacked all the time while Linux and Apache/PHP very rarely ?

Citation needed.

Because it had better security ?

Yes, Windows servers are compromised less because it is far easier to set those up securely. Especially IIS+ASP.NET is way more secure than Apache+PHP in almost any way; not least the programming model where PHP almost encourages SQL injections and XSS where with .NET/MVC it is hard to create SQL injections and XSS vulnerabilities.

There was a project for Linux kernel that gives advanced ACL capabilities to Linux systems. I forgot the name of it now, but basically.. whatever was possible to do, you could do it.

ACLs are available with most distros nowadays. However, the point is they are bolted on. They represent a MAC model which competes with simplistic linux file system permissions. You do not switch to ACLs, you turn them on and have to manage them in parallel with regular file system permissions. Thus they complicate the security model rather than refine it (and they still support inheritance pretty poorly). Now throw in SELinux, SUID root utilities and *nobody* stand any realistic chance of performing a reliable security assesment of a Linux system.

There are hundreds of projects that you can add and use.. (stable, tested projects).

The problem with security is an admin that thinks blocking port 22 is gonna keep him safe... if he uses Linux, and the other problem with security in general... is using Windows.
The other problem with security is management hiring idiots (above mentioned jolly bunch, block port 22 and all ok) and/or outsourcing administration to cheap indian companies that work for peanuts.

Coming from someone who cannot remember the "project" with (and obviously does not use) ACLs. Nice.

about 4 months ago



VLC threatens Secunia with legal action in row over vulnerability report

benjymouse benjymouse writes  |  1 year,14 days

benjymouse (756774) writes "Following a blog post by security company Secunia, VideoLAN (vendor of popular VLC media player) president Jean-Baptiste Kempf accuses Secunia of lying in a blob post titled More lies from Secunia. It seems that Secunia and Jean-Baptiste Kempf have different views on whether a serious vulnerability has been patched. At one point VLC threatened legal action unless Secunia updated their SA51464 security advisory to show the issue as patched. While Secunia changed the status pending their own investigation, they later reverted to "unpatched". Secunia claimed that they had PoC illustrating that the root issue still existed and 3rd party confirmation (an independent security researcher found the same issue and reported it to Secunia)."

Pwn2Own 2009: Safari, IE8 and Firefox all pwned!

benjymouse benjymouse writes  |  more than 5 years ago

benjymouse (756774) writes "In a matter of seconds, Charlie Miller, last years winner of the PWN2OWN contest did it again at CanSecWest and successfully exploited a fully patched Safari running on a Mac. He came prepared, directed the operator of the browser to browse to a rigged website and it was all over.

He took the $10.000 first prize and the macbook home with him.

Last year he was quoted as saying "Every time I look for [a flaw in Leopard] I find one. I can't say the same for Linux or Windows. I found the iPhone bug a year ago and that was a Safari bug as well. I've also found other bugs in QuickTime.".

As I wrote this submission news came in that all of IE8, Safari (again) and Firefox was pwned by a researcher going by the name "Nils". So far only Chrome remains standing.

These were all drive-by exploits against fully patched browsers, not 3rd party plugins. Be careful out there."

Vista Capable lawsuit loses class action status

benjymouse benjymouse writes  |  more than 5 years ago

benjymouse (756774) writes "In a big setback for plaintiffs, a federal judge has stripped the class-action status from the Vista Capable suit against Microsoft.

Computerworld writes

The consumers who brought the original lawsuit, and those who followed as members of the class action, will be free to continue their cases, but they will have to do it individually, not as a group, Pechman said. "Approximately one year ago, this Court certified a class in this matter and allowed Plaintiffs 'to further develop their price inflation theory'," Pechman said. "It is now apparent that class treatment is no longer appropriate."

"Dr. Leffler did not attempt any regression analysis, much less an econometric analysis of the impact of 'Vista Capable' on demand," Pechman said. "It is ... critical to Plaintiffs' theory of proof to isolate Microsoft's purportedly deceptive efforts to increase demand from promotions OEMs had in the run up to the holiday season."

Presumably the lawyers for plaintiffs were expecting a good chunk of the potential damages. This will make it much more costly and risky to retrieve such damages. Will this effectively spell the end of the suits, or will the lawyers press on? IANAL so I wouldn't know whether they can appeal this ruling or not."


Microsoft urges Windows users to shun Safari

benjymouse benjymouse writes  |  more than 6 years ago

benjymouse (756774) writes "The Register has picked up on a recent Microsoft security bulletin which urges Windows users to "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple". This controversy comes after Apple has officially refused to promise to do anything about the carpet bombing vulnerability in the Safari browser. Basically, Apple does not see unsolicited downloads of hundreds or even thousands of executable files to users' desktops as being a security problem.

The MS bulletin speaks of a possible "blended" attack. This is obviously recognizing that having the desktop carpet bombed with executable files does not imply that they can be executed. However, once the files are on the desktop all an attacker needs to do is to find some social engineering attack vector or a way to launch one or more of the files through some other vulnerability. At the very least it does not take much imagination to come up with scenarios where this vulnerability can be used by spammers or skiddies out to annoy users.

It is unprecendented for Microsoft to recommend Windows users to abstain from using a mainstream software product, especially a competing product. Could it be that Microsofts security response team have grown sensitive over Apple TV ads ridiculing Windows users over security while at the same time Apple software products, especially Quicktime, and now Safari threatening the security of those very same users? Surely the "Apple software updater" push of Safari haven't exactly earned them points in Redmond. Surely MSRT realizes that this may be controversial. Is this a "stab" back at Apple and/or a way to shine light on Apples own security problems?"

Netcraft: Microsoft IIS may soon overtake Apache

benjymouse benjymouse writes  |  more than 6 years ago

benjymouse (756774) writes "From the latest Netcraft web server survey:
In the August 2007 survey we received responses from 127,961,479 sites, an increase of 2.3 million sites from last month. Microsoft continues to increase its web server market share, adding 2.6 million sites this month as Apache loses 991K hostnames. As a result, Windows improves its market share by 1.4% to 34.2%, while Apache slips by 1.7% to 48.4%. Microsoft's recent gains raise the prospect that Windows may soon challenge Apache's leadership position."


benjymouse has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account