Wed Dec 11 21:07:13 2024
EVENTS
 FREE
SOFTWARE
INSTITUTE

POLITICS
JOBS
MEMBERS'
CORNER

MAILING
LIST

NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2017-02-01

LEARN

2024-12-11 | 2024-11-11 | 2024-10-11 | 2024-09-11 | 2024-08-11 | 2024-07-11 | 2024-06-11 | 2024-05-11 | 2024-04-11 | 2024-03-11 | 2024-02-11 | 2024-01-11 | 2023-12-11 | 2023-11-11 | 2023-10-11 | 2023-09-11 | 2023-08-11 | 2023-07-11 | 2023-06-11 | 2023-05-11 | 2023-04-11 | 2023-03-11 | 2023-02-11 | 2023-01-11 | 2022-12-11 | 2022-11-11 | 2022-10-11 | 2022-09-11 | 2022-08-11 | 2022-07-11 | 2022-06-11 | 2022-05-11 | 2022-04-11 | 2022-03-11 | 2022-02-11 | 2022-01-11 | 2021-12-11 | 2021-11-11 | 2021-10-11 | 2021-09-11 | 2021-08-11 | 2021-07-11 | 2021-06-11 | 2021-05-11 | 2021-04-11 | 2021-03-11 | 2021-02-11 | 2021-01-11 | 2020-12-11 | 2020-11-11 | 2020-10-11 | 2020-09-11 | 2020-08-11 | 2020-07-11 | 2020-06-11 | 2020-05-11 | 2020-04-11 | 2020-03-11 | 2020-02-11 | 2020-01-11 | 2019-12-11 | 2019-11-11 | 2019-10-11 | 2019-09-11 | 2019-08-11 | 2019-07-11 | 2019-06-11 | 2019-05-11 | 2019-04-11 | 2019-03-11 | 2019-02-11 | 2019-01-11 | 2018-12-11 | 2018-11-11 | 2018-10-11 | 2018-09-11 | 2018-08-11 | 2018-07-11 | 2018-06-11 | 2018-05-11 | 2018-04-11 | 2018-03-11 | 2018-02-11 | 2018-01-11 | 2017-12-11 | 2017-11-11 | 2017-10-11 | 2017-09-11 | 2017-08-11 | 2017-07-11 | 2017-06-11 | 2017-05-11 | 2017-04-11 | 2017-03-11 | 2017-02-11 | 2017-01-11 | 2016-12-11 | 2016-11-11 | 2016-10-11 | 2016-09-11 | 2016-08-11 | 2016-07-11 | 2016-06-11 | 2016-05-11 | 2016-04-11 | 2016-03-11 | 2016-02-11 | 2016-01-11 | 2015-12-11 | 2015-11-11 | 2015-10-11 | 2015-09-11 | 2015-08-11 | 2015-07-11 | 2015-06-11 | 2015-05-11 | 2015-04-11 | 2015-03-11 | 2015-02-11 | 2015-01-11 | 2014-12-11 | 2014-11-11 | 2014-10-11

Key: Value:

Key: Value:

MESSAGE
DATE 2017-02-15
FROM Rick Moen
SUBJECT Subject: [Learn] [conspire] [svlug] AnC side-channel attack: In which ASLR
From learn-bounces-at-nylxs.com Wed Feb 15 18:10:17 2017
Return-Path:
X-Original-To: archive-at-mrbrklyn.com
Delivered-To: archive-at-mrbrklyn.com
Received: from www.mrbrklyn.com (www.mrbrklyn.com [96.57.23.82])
by mrbrklyn.com (Postfix) with ESMTP id 33B6B161337;
Wed, 15 Feb 2017 18:10:17 -0500 (EST)
X-Original-To: learn-at-www.mrbrklyn.com
Delivered-To: learn-at-www.mrbrklyn.com
Received: by mrbrklyn.com (Postfix, from userid 1000)
id F01AE161336; Wed, 15 Feb 2017 18:10:14 -0500 (EST)
Resent-From: Ruben Safir
Resent-Date: Wed, 15 Feb 2017 18:10:14 -0500
Resent-Message-ID: <20170215231014.GA26192-at-www.mrbrklyn.com>
Resent-To: learn-at-mrbrklyn.com
X-Original-To: ruben-at-mrbrklyn.com
Delivered-To: ruben-at-mrbrklyn.com
Received: from linuxmafia.com (linuxmafia.COM [198.144.195.186])
by mrbrklyn.com (Postfix) with ESMTP id 47B76161336
for ; Wed, 15 Feb 2017 17:18:55 -0500 (EST)
Received: from localhost ([127.0.0.1] helo=linuxmafia.com)
by linuxmafia.com with esmtp (Exim 4.72)
(envelope-from )
id 1ce7ta-0006eT-O4; Wed, 15 Feb 2017 14:17:54 -0800
Received: from rick by linuxmafia.com with local (Exim 4.72)
(envelope-from ) id 1ce7tZ-0006eO-9t
for conspire-at-linuxmafia.com; Wed, 15 Feb 2017 14:17:53 -0800
Date: Wed, 15 Feb 2017 14:17:53 -0800
From: Rick Moen
To: conspire-at-linuxmafia.com
Message-ID: <20170215221753.GK6937-at-linuxmafia.com>
MIME-Version: 1.0
Content-Disposition: inline
Organization: If you lived here, you'd be $HOME already.
User-Agent: Mutt/1.5.20 (2009-06-14)
X-BeenThere: conspire-at-linuxmafia.com
X-Mailman-Version: 2.1.13
Precedence: list
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: conspire-bounces-at-linuxmafia.com
X-SA-Exim-Scanned: No (on linuxmafia.com); SAEximRunCond expanded to false
X-UID: 35053
Subject: [Learn] [conspire] [svlug] AnC side-channel attack: In which ASLR
doesn't protect you from dumbness
X-BeenThere: learn-at-nylxs.com
List-Id:
List-Unsubscribe: ,

List-Archive:
List-Post:
List-Help:
List-Subscribe: ,

Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: learn-bounces-at-nylxs.com
Sender: "Learn"

Further worthwhile links:
https://www.vusec.net/projects/anc/
https://news.ycombinator.com/item?id=13650611

----- Forwarded message from Rick Moen -----

Date: Wed, 15 Feb 2017 13:33:45 -0800
From: Rick Moen
To: skeptic-at-linuxmafia.com
Subject: Re: [skeptic] It isn't Windows vs Apple anymore - all modern CPUs
can be compromised
Organization: If you lived here, you'd be $HOME already.

Quoting Beth W (badastrum-at-gmail.com):

> New ASLR-busting JavaScript is about to make drive-by exploits much nastier
> A property found in virtually all modern CPUs neuters decade-old
> security protection.
[...]
> Full article at
> https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-about-to-make-drive-by-exploits-much-nastier/

I also recommend the actual research article discussed,
http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf

I'm not the least bit surprised, because Javascript has always been a
disaster (but also see below; it's not _really_ Javascript but rather
what it's called upon to do). It's always been absurdly overfeatured,
and so everyone with elementary common sense has been severely
curtailing what it's permitted to do, either using a _well-tuned_
NoScript (i.e., not just load the extension and drool) or its latter-day
competitor uBlock Origin or uMatrix (same qualification).

Users almost never are willing to do that, because users overwhelmingly
behave like morons, never even looking to tweak the defaults of their
software let alone questioning the necessity and wisdom of excessive
functionality, and correcting that. At the end of my lecture 'The Wild,
Wild Web: Web Browser Security, Performance, and Privacy' in Feb. 2011,
I asked for an honest show of hands about how many in the audience were
seriously considering following my recommendations, I think there were
three hands. I thanked everyone for their honesty. And that was a
_technical_ audience, but they were nonetheless lazy and borderline
inert. This is the reality.

I'll mention in passing that Javascript is overfeatured but that that
any other language pressed into its role would pose the same problem,
and that is that a remote Web server asks your browser 'Will you be
willing to run unknown program code I'm about to hand you that will run
in a full-blown Turing-complete environment and do basically damned near
anything it wants, with your user to be told the results later?', and
your browser says 'Sure, I'll start that for you.'

And why is this the case? Why does even Firefox ship without the means
to curtail and control this stuff, with that task being consigned to
extensions and aftermarket configuration? Because advertising, and
because user-tracking[1]. Because Sutton's Law.

As one of the reader comments on ArsTechnica says, ASLR is and always
was security through obscurity. The real problem is accustoming users
to blandly running complex, unknown, third-party code that they have
absolutely no reason to trust and want to run -- just because someone
makes a buck from that. If your security depended on ASLR, you already
lost.

To translate to man-in-the-street, ASLR is this: 'Problem: People run
exploit code. That code, once running, finds running code and its data
structures in the user's computer memory and messes with it, in order to
do harm. Solution: Let's shuffle-around the vitual memory addresses of
running code and its data structures to make them unpredictably
located.' The research paper documents a pretty easy side-channel
method for exploit code to _find_ that running code and data structures.

Darn, what a pity users keep running highly untrustworthy, complex,
unknown code from nobody-in-particular! If only they had... what's that
phrase?... a sense of self-preservation.

But of course computer users have none. It's been shown repeatedly that
most will give away their corporate-network passwords for candy, for example.


You want a comprehensive layered response that still keeps Javascript in
the picture, look no farther than Qubes OS, which sandboxes everything
in individual hypervisor VMs. Me, I'll continue to just corral and
whittle down Javascript through other means. As I said during my
lecture, Javascript is really the keystone security problem.

And if Javascript hadn't been the advertising/tracking-driven keystone
security problem, something equally ugly would have taken its rotten
niche.


[1] This industry goes under a wealth of euphemisms, including metrics,
'Web bugs', behavioural marketing, a lot more.



_______________________________________________
skeptic mailing list
skeptic-at-linuxmafia.com
http://linuxmafia.com/mailman/listinfo/skeptic
To reach the listadmin, mail rick-at-linuxmafia.com

----- End forwarded message -----


_______________________________________________
conspire mailing list
conspire-at-linuxmafia.com
http://linuxmafia.com/mailman/listinfo/conspire
_______________________________________________
Learn mailing list
Learn-at-nylxs.com
http://lists.mrbrklyn.com/mailman/listinfo/learn

  1. 2017-02-02 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] NP Complete
  2. 2017-02-06 Wayne Callahan <callahans2-at-msn.com> Subject: [Learn] [dinosaur] ISPH 2017
  3. 2017-02-07 James E Keenan <jkeen-at-verizon.net> Subject: [Learn] ny.pm tech meeting next Monday; TPC call for presentations
  4. 2017-02-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [Learn] Immigration Executive Order Update
  5. 2017-02-08 Ruben Safir <ruben.safir-at-my.liu.edu> Re: [Learn] Immigration Executive Order Update
  6. 2017-02-08 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Justine Bateman
  7. 2017-02-09 Ruben Safir <ruben-at-mrbrklyn.com> Re: [Learn] Does this look like a Euler Path to you?
  8. 2017-02-09 Christopher League <league-at-contrapunctus.net> Re: [Learn] Does this look like a Euler Path to you?
  9. 2017-02-09 Ruben Safir <mrbrklyn-at-panix.com> Re: [Learn] Does this look like a Euler Path to you?
  10. 2017-02-09 Christopher League <league-at-contrapunctus.net> Re: [Learn] Does this look like a Euler Path to you?
  11. 2017-02-09 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] =?utf-8?q?Fwd=3A_An_Evening_for_Educators_with_Dr=2E_B?=
  12. 2017-02-09 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Does this look like a Euler Path to you?
  13. 2017-02-10 Ruben Safir <ruben.safir-at-my.liu.edu> Re: [Learn] Choosing a programming language
  14. 2017-02-10 Christopher League <league-at-contrapunctus.net> Subject: [Learn] Choosing a programming language
  15. 2017-02-10 ruben safir <ruben-at-mrbrklyn.com> Subject: [Learn] Fwd: Alternatives to Syntax Trees
  16. 2017-02-10 ruben safir <ruben-at-mrbrklyn.com> Subject: [Learn] Fwd: Compiler positions available for week ending January 29
  17. 2017-02-10 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Fwd: [Accu-contacts] Software engineer position
  18. 2017-02-10 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Fwd: [dinosaur] Euchambersia (Therapsida) envenoming
  19. 2017-02-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] lions and tigers and snow leopards
  20. 2017-02-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] New Neuronet theory
  21. 2017-02-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Researchers use artificial neural network to simulate a
  22. 2017-02-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Robotics
  23. 2017-02-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] WebRTC coding in html5
  24. 2017-02-12 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] fellowship positition
  25. 2017-02-15 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Starting with R
  26. 2017-02-15 Rick Moen <rick-at-linuxmafia.com> Subject: [Learn] [conspire] [svlug] AnC side-channel attack: In which ASLR
  27. 2017-02-16 Ruben Safir <mrbrklyn-at-panix.com> Subject: [Learn] are you here
  28. 2017-02-16 ruben <ruben-at-mrbrklyn.com> Subject: [Learn] chew on this
  29. 2017-02-16 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] ct scan
  30. 2017-02-16 Christopher League <league-at-contrapunctus.net> Subject: [Learn] Should I name "makefile" or "Makefile"?
  31. 2017-02-20 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] overloading operator== and casting
  32. 2017-02-20 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Vector Documentation
  33. 2017-02-22 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Network Patterns
  34. 2017-02-24 Ruben Safir <ruben-at-mrbrklyn.com> Re: [Learn] decision making tree for a euler walk
  35. 2017-02-24 Christopher League <league-at-contrapunctus.net> Re: [Learn] decision making tree for a euler walk
  36. 2017-02-24 Christopher League <league-at-contrapunctus.net> Re: [Learn] decision making tree for a euler walk
  37. 2017-02-24 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] decision making tree for a euler walk
  38. 2017-02-27 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Learn] Computational Phylogenies and fossil scanning
  39. 2017-02-28 Christopher League <league-at-contrapunctus.net> Re: [Learn] decision making tree for a euler walk
  40. 2017-02-28 Ruben Safir <ruben-at-mrbrklyn.com> Re: [Learn] decision making tree for a euler walk
  41. 2017-02-28 Nicholas Rodin <nikbbwil-at-icloud.com> Re: [Learn] thesis update
  42. 2017-02-28 Ruben Safir <mrbrklyn-at-panix.com> Re: [Learn] thesis update
  43. 2017-02-28 Don Brinkman <Don.Brinkman-at-gov.ab.ca> Re: [Learn] visit
  44. 2017-02-28 Ruben Safir <ruben-at-mrbrklyn.com> Re: [Learn] [Hangout-NYLXS] Peer Review

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!