Viewing posts tagged linux

Why Linux security has failed (for the past 10 years)

Posted by: Subreption LLC in Linux 2 years, 6 months ago Apparently there's been an increased interest on bringing Linux kernel security issues to attention, for the past few months. It is a natural reaction to a policy which has been long time tacitly agreed upon by mostly all people involved in Linux kernel development (and more so, those with security-relevant roles, particularly a specific vendor). That is, a policy of silence. It is no surprise that Linux security currently looks much better on paper and marketing propaganda than it does in reality.It takes decent amounts of will and dedication to summarize, categorize and review every potential security vulnerability for such a huge project, requiring collaboration between different vendors, who might or might not have agendas of their own, conflicting the interests of the users, or the rest of vendors themselves. It takes approximately ten minutes for an average computer user to write a summary of why SELinux can help your organization cut down security risks.What you don't now is that you will have to go through the learning curve of writing policies, reviewing all software being used (including commercial applications which might not conflict with any 'learning' mode at kernel level, but consistently prevent targeted reverse engineering or make it even more tiresome), testing the setup and adapting its architecture to the real needs of your organization. MLS is rarely used out of certain circles. Tags: linux mls selinux grsecurity
read more / Comments

KERNHEAP for the Linux kernel 2.6 released

Posted by: Subreption LLC in Linux Security Research & Development 2 years, 6 months ago Few months after the publication of the original "Linux Kernel Heap Tampering Detection" paper in  Phrack Magazine 66, we are proud to announce the availability of KERNHEAP. The implementation has built on several of the ideas described in detail in the paper. There are several improvements and changes not covered by the article, which are significant enough to be explained in a more or less detailed manner in this announcement.Without further ado, KERNHEAP is available at http://www.subreption.com/kernheap as patches applicable to the latest stable 2.6 Linux kernel revision. Tags: kernheap linux mitigations
read more / Comments

Linux Kernel Silent Patching: VMI write_ldt_entry() privilege escalation

Posted by: Subreption LLC in Linux Security Critiques 3 years, 6 months ago Once again, the Linux kernel developers delight us with their always discreet (read: silent, no-advisory, no-warning policy) and wonderful patching practices. Sometime between 2.6.24 and 2.6.25 a patch from a Red Hat developer was committed into the Linux kernel git tree, implementing changes to the VMI interfaces hooking some functions dealing with the GDT and LDT. Tags: linux
read more / Comments

08.06.2011

The Blue Hat Prize: A late April Fools joke

07.16.2011

Privacy violations in Blind-Carbon-Copy mail

07.05.2011

Mac OS X Lion: Did security mitigations manage to squeeze in?

03.13.2011

Virtual machine series: Lightweight embeddable languages

10.24.2009

Why Linux security has failed (for the past 10 years)

• bluehat (1)
• microsoft (1)
• stunts (1)
• mitigations (3)
• macosx (1)
• pax (1)
• nx (1)
• gpg (1)
• pgp (1)
• vm (1)
• embedded (1)
• linux (3)
• mls (1)
• selinux (1)
• grsecurity (1)
• kernheap (1)