Tags:
Posted by: peter

I just love the following quote from the New Yorker:

In Afghanistan, the American Special Forces have had to rediscover how to use them. “Horses are actually an ideal way to get around there,” one correspondent embedded with the Green Berets has said. “No manual has ever been written on how to coordinate horse attacks with B-52s, so the Green Berets had to do OJT”—on-the-job training. “Early on, there was a cavalry charge with about three hundred horses where they had cut it so fine that as soon as the bombs hit the ridge the horses were riding through the gray smoke; it was quite an impressive sight.”
Tags:
Posted by: peter

Jonathan Schwartz from Sun has some free advice for Microsoft in his blog:

Years back, Sun was under pressure in the market. Although many users loved our core Solaris operating system, others thought it was built for high end computers, not grid systems. Our computer business had failed to keep pace with the rest of the industry — which meant our volume systems looked expensive. In combination, and with a poor track record of supporting Solaris off of Sun hardware, we gave customers one choice — leave Sun. Many did. Those were the dark days.
Tags:
Posted by: peter

Here is an interesting post to Dailydave by Brad Spengler from grsecurity.net which I will duplicate in part here: Few of you may have seen my comments on the following article in RedHat magazine: What’s new in SELinux for Red Hat Enterprise Linux 5?

I think the issue deserves more widespread attention among the security community, however, since RedHat seems to be involved in a concerted effort of disinformation for both SELinux and ExecShield. Take note of their misleading (another word for completely inaccurate) diagrams, inability to understand what exactly the new additions to SELinux have to do with “buffer overflows,” and then note my several comments below, where I also comment upon some ExecShield behavior under a non-NX system. I present you with links to several previous articles on RedHat security and the official ExecShield paper, all written by developers at RedHat, who make several inaccurate/misleading statements regarding the effectiveness under ExecShield in a non-NX environment (which RedHat would have you believe does not exist anymore).

I encourage you to read all the comments, however the basic idea is that ExecShield has had problems ever since it was introduced into Fedora and then into RHEL (sometimes due to improper marking with the flawed PT_GNU_STACK which under ExecShield with no NX makes the entire address space executable, other times with bugs in the ExecShield implementation that ended up leaving over half of the services on a Fedore Core 3 system being protected improperly).

Then there’s the design issue RedHat doesn’t want you to know about:
under ExecShield with no NX, every writable mapping lower than the highest executable mapping in the address space is executable.

For PIE binaries, due to their weaker form of PaX’s ASLR, this becomes even more interesting since it produces what I call “nondeterministic security.” Since PIE binaries are treated just like libraries, they may or may not be loaded as the highest-mapped library in the system. Since there is only one PIE binary loaded and many more libraries being loaded, this means that there’s a large chance that the bss/data on the main executable will be unprotected — writable and executable.

Ingo knows about this (I mailed him privately about the problems I saw with Fedora Core 3, which resulted in an updated kernel — though I don’t believe users were really notified of the fact they were being fooled into thinking certain protection was being applied to their binaries that in fact was not), but it seems he’s not talking to anyone else at RedHat if you look at the articles that keep coming out about their “security enhancements.” In my last comment I list articles I found about ExecShield with the inaccurate statements (I couldn’t find any with an accurate discussion of them). Among them: http://www.noncombatant.org/trove/drepper-redhat-security-enhancements.pdf http://www.redhat.com/magazine/009jul05/features/execshield/ http://www.redhat.com/f/pdf/rhel/WHP0006US_Execshield.pdf

I really hope I don’t see another article from RedHat about SELinux containing diagrams like: RedHat and SELinux

or an article about ExecShield saying that its protection on a processor without NX is comparable to one with NX.

Tags:
Posted by: peter

Well, it looks like the good folk at the Beeb have finally reached the office, had a chat with their Turkish translation team and gotten to work. Here is the swag (currently top 4 stories on BBC website):

Update: Here is some additional local coverage (in English):

Tags:
Posted by: peter

At 23:20 tonight (Friday night), the Turkish Military made a very strongly worded statement against the current government. This was surprising both for its extreme wording and the time (almost midnight) at which it was made. We are not expecting tanks on the streets just yet however, as if that happens it will probably not be until after the challenge of the presendential vote in the constitutional court is finished (mid week). As I can’t yet find an English translation of the military’s statement on the net (The foreign news channels have not yet picked it up) and its rather long, you will all have to wait for me to update this post as its a bit too long for me to translate myself. People who are not familiar with the “interesting” Turkish political system should note, that the Turkish Military are actually required by the constitution to “step in” whenever standard forms of government “break down”…

Update: The Beeb seems to have been the first foreign news site to pick up the story. Choice quotes from the Military include: “It should not be forgotten that the Turkish armed forces are a side in this debate and are a staunch defender of secularism” “…and will display their position and attitudes when it becomes necessary. No one should doubt that.”