Florida is a great place to live, especially around January when it’s sunny and 24 degrees outside (76F) while all of your friends from back home are dealing with scraping ice off of their windshields every morning. In the late summer, though, this pleasant tropical paradise can sometimes take a turn for the worse, because Florida is one of the handful of places that frequently see some of the worst storms on the planet: hurricanes. As a Floridian myself, perhaps I can shed some light on some of the ways that the various local governments and their residents have taken to mitigate the destruction that usually accompanies these intense tropical storms when it seems that, to outsiders, it might be considered unwise to live in such a place.
Whenever there’s a new Windows virus out there wreaking global havoc, the Linux types get smug. “That’ll never happen in our open operating system,” they say. “There are many eyes looking over the source code.” But then there’s a Heartbleed vulnerability that keeps them humble for a little while. Anyway, at least patches are propagated faster in the Linux world, right?
While the Linuxers are holier-than-thou, the Windows folks get defensive. They say that the problem isn’t with Windows, it’s just that it’s the number one target because it’s the most popular OS. Wrong, that’d be Android for the last few years, or Linux since forever in the server space. Then they say it’s a failure to apply patches and upgrade their systems, because their users are just less savvy, but that some new update system will solve the problem.
There’s some truth to the viruses and the patching, but when WannaCry is taking over hospitals’ IT systems or the radiation monitoring network at Chernobyl, it’s not likely to be the fault of the stereotypical naive users, and any automatic patch system is only likely to help around the margins.
So why is WannaCry, and variants, hitting unpatched XP machines, managed by professionals, all over the world? Why are there still XP machines in professional environments anyway? And what does any of this have to do with free software? The answer to all of these questions can be found in the ancient root of all evil, the want of money. Linux is more secure, ironically, at least partly because it’s free as in beer, and upgrading to a newer version is simply cheaper.
If you are a Linux user that has to use Windows — or even a Windows user that needs some Linux support — Cygwin has long been a great tool for getting things done. It provides a nearly complete Linux toolset. It also provides almost the entire Linux API, so that anything it doesn’t supply can probably be built from source. You can even write code on Windows, compile and test it and (usually) port it over to Linux painlessly.
However, Cygwin’s package management is a little clunky and setting up the GUI environment has always been tricky, especially for new users. A project called Swan aims to make a full-featured X11 Linux environment easy to install on Windows.
The project uses Cygwin along with Xfce for its desktop. Cygwin provides pretty good Windows integration, but Swan also includes extra features. For example, you can make your default browser the Windows browser with a single click. It also includes spm — a package manager for Cygwin that is somewhat easier to use, although it still launches the default package manager to do the work (this isn’t a new idea, by the way).
The Cybellum team published a new 0-day technique for injecting code and maintaining persistency on a target computer, baptized DoubleAgent. This technique uses a feature that all Windows versions since XP provide, that allows for an Application Verifier Provider DLL to be installed for any executable. The verifier-provider DLL is just a DLL that is loaded into the process and is supposedly responsible for performing run-time verifications for the application. However, its internal behaviour can be whatever an attacker wants, since he can provide the DLL himself.
Microsoft describes it as:
Application Verifier is a runtime verification tool for unmanaged code. Application Verifier assists developers in quickly finding subtle programming errors that can be extremely difficult to identify with normal application testing. Using Application Verifier in Visual Studio makes it easier to create reliable applications by identifying errors caused by heap corruption, incorrect handle and critical section usage. (…)
The code injection occurs extremely early during the victim’s process initialization, giving the attacker full control over the process and no way for the process to actually detect what’s going on. Once a DLL has been registered as a verifier provider DLL for a process, it would permanently be injected by the Windows Loader into the process every time the process starts, even after reboots, updates, reinstalls, or patches.
So it’s all over for Windows right? Well… no. The thing is, to register this DLL, the registered process has to have administrator rights so it can write the proper key to the Windows Registry. Without these permissions, there is no way for this attack to work. You know, the kind of permissions that allow you to install software for all users or format your own hard-drive. So, although this technique has its merit and can present challenges to processes that absolutely must maintain their integrity (such as the Cybellum team points out in the Anti-Virus software case), some other security flaw had to occur first so you can register this sort of ‘debugging DLL’.
If you already have administrator permissions you can do pretty much what you want, including DLL injection to fool anti-virus software. (Though it might be easy just to disable or remove it.) This new tool has the advantage of being stealthy, but is a 0-day that requires root a 0-day?
[via The Hacker News]
[Victor Frost] has a deep voice and a fancy top of the line camera. While one would assume this to be a more than generous situation for life to put a person in; it’s got its own set of problems. Mainly that his fantastic fancy camera uses the most modern version of the popular h.264 encoding scheme, h.265. Gasp!
While that too seems like a pro, unfortunately h.265 doesn’t play as nice with his editing software. The solution seems easy, just transcode it and get on your way. However, when you start talking about transcoding 4K video from a top-of-the line source and retaining the quality. Well… It can bring a processor to its knees. Since he’d rather be playing overwatch than transcoding video on his main computer, he decided to offload and automate the drudgery to his spare.
That’s how the Ingest-a-Tron 9000 came into play. It uses a lot of open source software and, yes, windows batch files to take the files off his camera, process it on one computer, and dump it to another. Now he can game (or edit) while he waits. For those of us who are estranged from Linux thanks to our favorite software, it’s good to know that there are still ways to automate away the pain. Video after the break.
The best gaming platform is a cloud server with a $4,000 dollar graphics card you can rent when you need it.
[Larry] has done this sort of thing before with Amazon’s EC2, but recently Microsoft has been offering a beta access to some of NVIDIA’s Tesla M60 graphics cards. As long as you have a fairly beefy connection that can support 30 Mbps of streaming data, you can play just about any imaginable game at 60fps on the ultimate settings.
It takes a bit of configuration magic and quite a few different utilities to get it all going, but in the end [Larry] is able to play Overwatch on max settings at a nice 60fps for $1.56 an hour. Considering that just buying the graphics card alone will set you back 2500 hours of play time, for the casual gamer, this is a great deal.
It’s interesting to see computers start to become a rentable resource. People have been attempting streaming computers for a while now, but this one is seriously impressive. With such a powerful graphics card you could use this for anything intensive, need a super high-powered video editing station for a day or two? A CAD station to make anyone jealous? Just pay a few dollars of cloud time and get to it!
[mfaust] wakes up in the morning like a regular person, goes to work like a regular person, types in tedious commands for his software versioning utilities like a regular person, and then, as a reward, gets his coffee, just like rest of us. However, what if there was a way to shorten the steps, bringing us all closer to the wonderful coffee step, without all those inconvenient delays? Well, global industry is trying its best to blot out the sun, so mornings are covered there. [Elon Musk’s] thinktank proposed the hyperloop, which should help with the second step. [mfaust] built a control station for his versioning software. Raise your cup of joe high for this man’s innovative spirit.
He first laid out all the buttons, LED lights, and knobs he’d like on a panel to automate away his daily tasks. Using photoshop he ended up with a nice template. He laminated it to the top of a regular project box and did his best to drill holes in the right places without a workshop at his command. It’s pretty good looking!
Since this is the sort of thing an Arduino is best at he, in a mere two tries, wired everything up in such a way that it would all cram into the box. With everything blinking satisfactorily and all the buttons showing up on the serial out, he was ready for the final step.
Being a proficient and prolific enough developer to need a control panel in the first place, like a sort of software DJ, he wrote a nice interface for it all. The Arduino sits and waits for serial input while occasionally spitting out a packet of data describing its switch status. A Java daemon runs in the background of his computer. When the right bits are witnessed, a very nicely executed on screen display reports on the progress of his various scripts.
Now he can arrive at the hyperloop terminal during the appropriate work time slot in Earth’s perpetual night. After which he simply walks up to his computer, flips a few switches, glances quickly at the display for verification, and goes to drink some nice, hydroponically grown, coffee. Just like the rest of us.