Attacking multi-core cpus

Discussion in 'NZ Computing' started by Rob S, Sep 15, 2007.

  1. Rob S

    Rob S Guest

    Rob S, Sep 15, 2007
    #1
    1. Advertising

  2. In message <46eb21a9$>, Rob S wrote:

    > http://www.theregister.co.uk/2007/09/14/system_call_sploits/


    Sounds like primarily a Dimdows thing. Linux developers have a bit more
    experience with multiprocessor situations, and how to efficiently handle
    reentrancy issues in that case <http://ds9a.nl/futex-manpages/futex4.html>.
     
    Lawrence D'Oliveiro, Sep 16, 2007
    #2
    1. Advertising

  3. Rob S

    ChrisOD Guest

    In article <fci4tk$feq$>, Lawrence D'Oliveiro wrote:
    > In message <46eb21a9$>, Rob S wrote:
    >
    >> http://www.theregister.co.uk/2007/09/14/system_call_sploits/

    >
    > Sounds like primarily a Dimdows thing. Linux developers have a bit more
    > experience with multiprocessor situations, and how to efficiently handle
    > reentrancy issues in that case <http://ds9a.nl/futex-manpages/futex4.html>.


    Sounds like bullshit!
    And I quote...
    "These attack techniques target an architectural vulnerability in the wrapper
    approach, and readily apply across operating systems and hardware platforms.
    I was able to use the same C language exploits across several operating
    systems, including Linux, FreeBSD, NetBSD, and OpenBSD. They should apply
    equally well on other operating systems."

    Yes futex is a good start but there is a long way to go and nix is by no means
    invulnerable.
     
    ChrisOD, Sep 16, 2007
    #3
  4. Rob S

    Squiggle Guest

    Lawrence D'Oliveiro wrote:
    > In message <46eb21a9$>, Rob S wrote:
    >
    >> http://www.theregister.co.uk/2007/09/14/system_call_sploits/

    >
    > Sounds like primarily a Dimdows thing. Linux developers have a bit more
    > experience with multiprocessor situations, and how to efficiently handle
    > reentrancy issues in that case <http://ds9a.nl/futex-manpages/futex4.html>.



    err, really?
    did you not read this part? Or just more FUD from you again?
    sounds like all OSes need to be assessed and secured.

    "And what about the OS?

    These attack techniques target an architectural vulnerability in the
    wrapper approach, and readily apply across operating systems and
    hardware platforms. I was able to use the same C language exploits
    across several operating systems, including Linux, FreeBSD, NetBSD, and
    OpenBSD. They should apply equally well on other operating systems."
     
    Squiggle, Sep 16, 2007
    #4
  5. Rob S

    Gordon Guest

    On 2007-09-16, ChrisOD <> wrote:
    > In article <fci4tk$feq$>, Lawrence D'Oliveiro wrote:
    >> In message <46eb21a9$>, Rob S wrote:
    >>
    >>> http://www.theregister.co.uk/2007/09/14/system_call_sploits/

    >>
    >> Sounds like primarily a Dimdows thing. Linux developers have a bit more
    >> experience with multiprocessor situations, and how to efficiently handle
    >> reentrancy issues in that case <http://ds9a.nl/futex-manpages/futex4.html>.

    >
    > Sounds like bullshit!
    > And I quote...
    > "These attack techniques target an architectural vulnerability in the wrapper
    > approach, and readily apply across operating systems and hardware platforms.
    > I was able to use the same C language exploits across several operating
    > systems, including Linux, FreeBSD, NetBSD, and OpenBSD. They should apply
    > equally well on other operating systems."
    >
    > Yes futex is a good start but there is a long way to go and nix is by no means
    > invulnerable.


    However, there is a heck of alot of people on guard. Ready to figure out
    what needs to be done in an attack. Profit? that is what corporations are
    focused on, as are the attackers.

    Ms Penguin says bring it on. Some days she catches no fish, others there is
    so many to catch
     
    Gordon, Sep 16, 2007
    #5
  6. In message <>, ChrisOD wrote:

    > In article <fci4tk$feq$>, Lawrence D'Oliveiro wrote:
    >
    >> In message <46eb21a9$>, Rob S wrote:
    >>
    >>> http://www.theregister.co.uk/2007/09/14/system_call_sploits/

    >>
    >> Sounds like primarily a Dimdows thing. Linux developers have a bit more
    >> experience with multiprocessor situations, and how to efficiently handle
    >> reentrancy issues in that case
    >> <http://ds9a.nl/futex-manpages/futex4.html>.

    >
    > Sounds like bullshit!
    > And I quote...
    > "These attack techniques target an architectural vulnerability in the
    > wrapper approach, and readily apply across operating systems and hardware
    > platforms. I was able to use the same C language exploits across several
    > operating systems, including Linux, FreeBSD, NetBSD, and OpenBSD. They
    > should apply equally well on other operating systems."


    Sounds like the writer deliberately wrote buggy code, and then showed that
    they were able to exploit this bug. Big deal.

    I'm not aware of any currently-shipping APIs on Linux which would be
    vulnerable to this sort of problem. Like I said, Linux developers tend to
    be more accustomed to operating in a multitasking, multiprocessor
    environment.

    The article also mentioned that this "wrapper approach" was commonly used by
    antivirus software. That would only be true on Dimdows.
     
    Lawrence D'Oliveiro, Sep 16, 2007
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. bigal
    Replies:
    0
    Views:
    1,161
    bigal
    Mar 22, 2006
  2. Randy

    Compared: dual-core x64 CPUs...

    Randy, Jun 25, 2005, in forum: Windows 64bit
    Replies:
    4
    Views:
    489
    SteveL
    Jun 25, 2005
  3. M. Murcek

    Mixing single and dual core CPUs...

    M. Murcek, Dec 5, 2005, in forum: Windows 64bit
    Replies:
    5
    Views:
    358
    Charlie Russel - MVP
    Dec 5, 2005
  4. Jimmy Dean
    Replies:
    4
    Views:
    916
    Neal Weissman
    Apr 21, 2007
  5. thingy

    AMD's new quad core CPUs....

    thingy, Nov 19, 2007, in forum: NZ Computing
    Replies:
    13
    Views:
    585
    impossible
    Nov 21, 2007
Loading...

Share This Page