So today I guess I'll rant a little about Internet Security since it is my line of work and all.


A couple days ago there was an announcement of a local exploit for OpenBSD involving TCP options.  I just noticed this today with respect to a public access system I sometimes work with.  So I thought I better look into this as they had a kernel panic or two recently.  About 10 minutes of research and coding yielded a working local exploit.  No you can't have a copy.  It was so easy.  OpenBSD has already released a source patch.  You'll have to grab at least the kernel source and make sure the patch is in place, and then rebuild your kernel and reboot.  Any system that has local users should handle this right away.  Normally OpenBSD has a great security record.  This is also quite a narrow exposure, but it does show that no matter what system you are using you must remain vigilent and employ experts to keep you up to date.  Do you know your level of exposure?  If you can look at the source code of all your software, then you can at least in principle know your exposure.  I bet MS is vulnerable to this or a similar attack.  I can think of some fun little things to do in that direction that would keep your average MS user locked out of their system for good.  I'm glad for your sake that my hat is white.  Have fun.  Keep your system up to date.  Ask questions, even if they are hard to answer.  Be good.

Get your A.C.M.E. Weapons of Mass Destruction!

Why does the word Guantanamo remind me so much of the word Gestapo?  Oh, yeah!  Because the place is run by Nazis.  Just a thought that occured to me while watching Dr. Noam Chomsky lecture at MIT.  College towns have neat local TV.