So today I guess I'll rant a little about Internet Security since it is my line of work and all.
<RANT>
A couple days ago there was an announcement of a local exploit for
OpenBSD involving TCP options. I just noticed this today with
respect to a public access system I sometimes work with. So I
thought I better look into this as they had a kernel panic or two
recently. About 10 minutes of research and coding yielded a
working local exploit. No you can't have a copy. It was so easy. OpenBSD has already released a source patch.
You'll have to grab at least the kernel source and make sure the patch
is in place, and then rebuild your kernel and reboot. Any system
that has local users should handle this right away. Normally
OpenBSD has a great security record. This is also quite a narrow
exposure, but it does show that no matter what system you are using you
must remain vigilent and employ experts to keep you up to date.
Do you know your level of exposure? If you can look at the source
code of all your software, then you can at least in principle know your
exposure. I bet MS is vulnerable to this or a similar
attack. I can think of some fun little things to do in that
direction that would keep your average MS user locked out of their
system for good. I'm glad for your sake that my hat is
white. Have fun. Keep your system up to date. Ask
questions, even if they are hard to answer. Be good.
Get your A.C.M.E. Weapons
of Mass Destruction!
Why does the word Guantanamo remind me so much of the word
Gestapo? Oh, yeah! Because the place is run by Nazis. Just a thought that occured to me while watching Dr.
Noam
Chomsky lecture at MIT. College towns have neat local TV.
</RANT>