All posts by Davi Ottenheimer

Intelligence as it relates to safety…and political philosophy

The Guardian tosses a beautifully written review at the Daily Mail over a story called “Rightwingers are less intelligent than left wingers, says study”.

The Mail’s report went on to detail the results of a study carried out by a group of Canadian academics, which appears to show some correlation between low childhood intelligence and rightwing politics. It also claimed that stupid people hold rightwing views in order to feel “safe”. Other items they hold in order to feel safe include clubs, rocks and dustbin lids. But those are easy to let go of. Political beliefs get stuck to your hands. And the only way to remove them is to hold your brain under the hot tap and scrub vigorously for several decades.

As you might expect, many Mail Online readers didn’t take kindly to a report that strived to paint them as simplistic, terrified dimwits. Many leapt from the tyres they were swinging in to furrow their brows and howl in anger. Others, tragically, began tapping rudimentary responses into the comments box. Which is where the tragi-fun really began.

Charlie Brooker, the author, is a comedian fast becoming part of my required Monday reading. He runs a weekly slice of The Guardian. Here’s a recent piece he wrote on privacy and the risk of social networks

When Sony launched the Walkman back in the late 70s, its main appeal was that for the first time in history you could stroll down the high street listening to Neil Diamond belting out Sweet Caroline and no one could judge you for it. It made you the master of a private world of music. If the Walkman had, by default, silently contacted your friends and told them what you were listening to, not only would no one have bought a Walkman in the first place, its designers would have been viewed with the utmost suspicion.

iPhone usbmuxd buffer overflow

In June of 2010 I wrote about upgrading the iPhone on Linux. I just noticed a report (CVE-2012-0065) that there is no boundary specified in the “SerialNumber” field of usbmuxd (USB multiplexor daemon for iPhone) in the “receive_packet()” function (libusbmuxd/libusbmuxd.c), as shown in a recent update and diff on git.marcansoft.com

diff --git a/libusbmuxd/libusbmuxd.c b/libusbmuxd/libusbmuxd.c

index e06ee61..98e92df 100644 (file)

--- a/libusbmuxd/libusbmuxd.c
+++ b/libusbmuxd/libusbmuxd.c
@@ -189,7 +189,7 @@ static int receive_packet(int sfd, struct usbmuxd_header *header, void **payload
                                char *strval = NULL;
                                plist_get_string_val(n, &strval);
                                if (strval) {
-                                       strcpy(dev->serial_number, strval);
+                                       strncpy(dev->serial_number, strval, 255);
                                        free(strval);
                                }
                                n = plist_dict_get_item(props, "LocationID");

It could lead to a heap-based buffer overflow. Not all versions are affected. RedHat indicates the flaw was introduced after 1.0.5 last July along with plist-based support. That’s why Canonical shows Ubuntu 10 as not-affected but 11 needs a patch.

Gates’ Pledge to Fight Virus

Here’s some hopeful news from Bill Gates. Viral illness is in decline thanks to his focused attention and heaps of money spent on the reduction of suffering.

…the Microsoft founder has become the people’s plutocrat. Although some diseases, such as malaria, remain rife, his charitable foundation and his lobbying have borne results. In the past year, not a single citizen in India contracted polio.

“People think aid is abstract and thousands of miles away. I go there and see it. I’m intent on making sure that my money gets to people who need it, and I come back and say it’s working.”

Hey Bill, what about all those people using your operating system that need your help to reduce their viruses?

Unlike polio, it looks like users in India seem to have a problem with Microsoft Windows infections, according to the Microsoft Worldwide Threat Assessment.

MSFT Threat

What would he do if malware infections of Windows systems raised the cost of the distribution or management of anti-virus aid? Ironic, no?

Note the infection rate explosion in France, Russia and Italy over the first half of 2011.

MSFT Malware Rates

Forensics with VMware VDDK

The Crucial Security Forensics Blog lists reasons why the VMware Virtual Disk Development Kit (VDDK) might be useful for a forensics investigation that needs to mount and manipulate VMDK files.

Some scenarios might include master boot record infection such as the Stoned bootkit. The Stoned bootkit is a Windows bootkit, which attacks all Windows versions from 2000 up to 7. It is loaded before Windows starts and is memory resident.

Another scenario involves the malware inserting itself into all VMDK files on the system.

Thirdly, having offline access to the VMDK would be essential if the malware was able to steal essential files such as the system and software hives, SAM and/or private keys.

Fourth, if the virtualized disk were using full disk encryption, the analyst would be able to access the files via the VDDK API without decryption taking place.

Lastly, if the machine had other controls in place such as AV or host-based firewall protection on certain files, an analyst would have access to them and not require booting up the virtual disk.