Gee isn't it funny
|
| Author | Content |
|---|---|
| herzeleid Apr 23, 2009 6:00 PM EDT |
A microsoft sponsored site hypes the danger to linux, citing the ease with which the superuser can write to memory.. They finally allow, in closing, that such an attack "might be possible" on windoze as well, but they claim that for some unspecified reason, it's much harder to write to a specific memory address on windoze. Sorry, I call BS on that. Bottom line: The so-called linux root exploit requires root access to begin with. Chicken and egg problem? Yeah, it's like that - but microsoft doesn't let that inconvenient little fact stop them from spouting the party line. |
| Sander_Marechal Apr 23, 2009 6:27 PM EDT |
It's not a root exploit herzeleid. It's a rootkit hiding mechanism. After a crackers gains root privilegdes he has to install a rootkit and hide it so he isn't discovered. The CPU cache exploit does the latter (hiding), not the former (gaining root). It's a valid concert. Is it hyped? Probably. I don't care. If Microsoft's paid shills want to spend time finding and reporting bugs in Linux then by all means, let them go ahead! I bet in a few days or even hours there will be a patch out and Linux will have improved as a whole while Windows sits still :-) |
| herzeleid Apr 23, 2009 7:41 PM EDT |
@sander - #1 regardless of what you call it, it requires root access to make it happen. If someone's already got root on your box it's game over anyway. #2 from what I read it's not a bug in linux nor can it be fixed in linux, but the intel motherboard/bios, which has been fixed in later models. |
| tracyanne Apr 23, 2009 7:50 PM EDT |
It's pathetic really, Microsoft needed this so badly, to draw attention from the fact that Windows is trivially exploited. |
| tuxchick Apr 23, 2009 9:33 PM EDT |
Right, TA. Without having physical access or source code. |
| gus3 Apr 23, 2009 9:44 PM EDT |
tc, you just set off a spark (Sparc?) in my logic circuits. Consider: Windows rootkit writers may already have the source code. How did they get it? By exploiting vulnerabilities in the previous version of Windows. How did they write rootkits for the previous versions of Windows? By getting the source code for the previous versions of Windows. ...several seconds later... Holy cow, Microsoft is more doomed than I thought. |
| ColonelPanik Apr 23, 2009 9:53 PM EDT |
Lets see how secure Winders is: http://lxer.com/module/forums/t/28902/ |
| phsolide Apr 24, 2009 12:53 PM EDT |
Here's a good rant about why DOS, Mac (pre-OSX) and Windows have viruses and other systems don't: http://lists.virus.org/securecoding-0402/msg00013.html That's Crispin Cowan, who had a company that marketed "Immunix", a security distro of Linux: http://en.wikipedia.org/wiki/Immunix Cowan has since gone to work for Mcrosoft: http://blogs.msdn.com/michael_howard/archive/2008/01/17/cris... I think I would add to Cowan's rant. Windows is so large and so baroque that it can't be secured. Only Microsoft could afford to implement "SDLC" and still actually turn out a semi-usable product. Nobody else can afford to do that. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!