Announcement

Collapse
No announcement yet.

New Linux Kernel Vulnerability Exploited

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Originally posted by Sergio View Post
    Sure, kraftman.
    Who the hell is kraftman?

    Anyway, to backup my point, there's already a rootkit written for NetBSD that anyone can use:

    http://aboutthebsds.wordpress.com/20...re-and-flawed/

    Nothing like this happens in Linux.

    Comment


    • #32
      Originally posted by Ericg View Post
      This bug was IN for 2years, found, and then patched in like a day.
      But according to the consensus option here: All security holes are found because the code is open-source and peer reviewed. So if a major security bug existed in the Kernel for two years, then I would argue that consensus opinion can not be correct.

      Comment


      • #33
        Originally posted by Ericg View Post
        2years, January of 2011 to April of 2013. Also you can't write it off as "oracle does it faster" because Oracle will KNOW about a hole for 2yrs, then patch it. This bug was IN for 2years, found, and then patched in like a day.
        Thank you. My point exactly. Better said than I.

        Comment


        • #34
          Originally posted by gamerk2 View Post
          But according to the consensus option here: All security holes are found because the code is open-source and peer reviewed. So if a major security bug existed in the Kernel for two years, then I would argue that consensus opinion can not be correct.
          An unknown flaw is an unexploited flaw. Therefore the only important factor is time of discovery to time of fix.

          Comment


          • #35
            Originally posted by gamerk2 View Post
            But according to the consensus option here: All security holes are found because the code is open-source and peer reviewed. So if a major security bug existed in the Kernel for two years, then I would argue that consensus opinion can not be correct.
            They are found. Open source doesn't guarantee that the bugs will be found immediately-- just that they will be found. If this was closed source the bug may have never been fixed and could've silently plugged away exploits. Or maybe it would have never been found at all and no one would have ever known. Either way, the code is open source, a bug was found, and a bug was fixed. Its one less bug in the kernel that can later bite us in the ass.
            All opinions are my own not those of my employer if you know who they are.

            Comment


            • #36
              Originally posted by i386reaper View Post
              there for billions of people are checking the code and fixing bugs of any type so quickly that a new virus would is unable to cause wide spread infection before the security hole is closed.
              Not even close to billions of people. More like a few hundred at most. There is a difference between reality and what could happen if all the moons and planets are lined up in theory.

              Comment


              • #37
                Originally posted by i386reaper View Post
                Who the hell is kraftman?

                Anyway, to backup my point, there's already a rootkit written for NetBSD that anyone can use:

                http://aboutthebsds.wordpress.com/20...re-and-flawed/

                Nothing like this happens in Linux.
                There are rootkits written for Linux too.

                Originally posted by http://grsecurity.net/lsm.php
                Because LSM is compiled and enabled in the kernel, its symbols are exported. Thus, every rootkit and backdoor writer will have every hook he ever wanted in the kernel. This will allow for a new generation of sophisticated backdoors and rootkits that will be nearly impossible to detect.

                Comment


                • #38
                  Originally posted by duby229 View Post
                  An unknown flaw is an unexploited flaw. Therefore the only important factor is time of discovery to time of fix.
                  Except, if you really want to exploit flaws, you will not tell the world about the ones you find. The same way this was found two years after it was introduced, an exploit that is around for two years can be found by someone willing to exploit it, and that someone WILL take advantage of devs ignoring this hole. That's the whole idea behind zero day attacks, knowing about it before the people who develop it.

                  A known flaw is a fixable flaw. An unknown flaw, is unknown for general public, not always for hackers, and thus, not always unexploited.

                  Comment


                  • #39
                    Originally posted by mrugiero View Post
                    Except, if you really want to exploit flaws, you will not tell the world about the ones you find. The same way this was found two years after it was introduced, an exploit that is around for two years can be found by someone willing to exploit it, and that someone WILL take advantage of devs ignoring this hole. That's the whole idea behind zero day attacks, knowing about it before the people who develop it.

                    A known flaw is a fixable flaw. An unknown flaw, is unknown for general public, not always for hackers, and thus, not always unexploited.
                    Sure I can see the logic in your reasoning, however we live in a modern age of perpetual internet access where hackers cooperate in teams and communities. The vast majority of exploits are developed in public. More often than not the code is distributed for bragging rights and that is how the exploit is found in the first place. This represents the majority of cases and is the reason why turn around time is so important.
                    Last edited by duby229; 16 May 2013, 01:27 PM.

                    Comment


                    • #40
                      Originally posted by duby229 View Post
                      Sure I can see the logic in your reasoning, however we live in a modern age of perpetual internet access where hackers cooperate in teams and communities. The vast majority of exploits are developed in public. More often than not the code is distributed for bragging rights and that is how the exploit is found in the first place. This represents the majority of cases and is the reason why turn around time is so important.
                      (Just a random thought) What if someone (a group of people) is/are being payed by somebody (government?) to find vulnerabilities? I mean, you are right that cooperation between 'good' people is the 'common' case (is it really?), but anyway...

                      Comment

                      Working...
                      X