* Posts by Frumious Bandersnatch

1467 posts • joined 8 Nov 2007

Get root on an OS X 10.10 Mac: The exploit is so trivial it fits in a tweet

Frumious Bandersnatch
Silver badge

Re: A simple temporary fix or am I missing something here?

But is a simple remediation just setting the /etc/sudoers file to be immutable?

Possibly, but since the bug allows you to append to any file, you'd be just whacking moles, figuratively speaking.

With the ability to append to any file, I could just write a new entry in the password file:

getroot::0:0:root:/root:/bin/bash

Then I could log in as user 'getroot' with no password, which should be effectively a synonym for the real root user.

Temporary fixes like this aren't really going to get you very far. Even if you lock down the most sensitive files, you just have to find a shell script that root will run at some point and that doesn't have an exit or exec command at the end of it. A quick check on my Debian system shows that /etc/cron.daily/0anacron fits the bill nicely. I could append something like:

EVIL=/home/frumious/.secret/shell

cp /bin/bash $EVIL

chown root $EVIL

chmod +s $EVIL

Then I'd come back the following day and run my new setuid shell ...

bootnote: fucking stupid cloudflare filters kept telling me that I'd been blocked when I was trying to write the above. All because I mentioned "slash etc slash passwd", I think. You guys need to turn off that shit. How are we supposed to discuss articles if we can't even talk about a key *nix file?

3
0
Frumious Bandersnatch
Silver badge

Re: *nix

i (sic) really hate that "*nix" nonsense. If you mean Unix then say Unix.

There was a time when there were lots of Unix-like systems, but none could be called Unix because it was trademarked and would have resulted in a lawsuit. The whole SCO thing was just the last in a long line of such lawsuits. If you know *nix, you'll know that * is the "Kleene operator", or glob symbol as it's more often known, so it matches most of the alternative names or distros. Xenix comes to mind, but you might consider Posix too. Since it's humans doing the pattern matching rather than machines, stuff like HP-UX and Linux match too.

Anyway, *nix is a much preferable shorthand than "Unix(tm)-like systems".

10
0
Frumious Bandersnatch
Silver badge

Re: The real culprit

Is the deliberately holed *nix security model

With respect, I understand your viewpoint but I don't think that the setuid mechanism is fundamentally broken. I think that it's a really elegant solution for the problem of privilege escalation.

All OSes need to have the ability to run protected or kernel-level code and means of making them available via userland in some way or other. Unix-like systems (the hint is in the name) have a unified approach where root can do anything and for the most part, barring obvious programming errors, this works. Neither does the setuid model preclude you from adding extra "boundary checks", as you put it, if you want to (*). If you want more fine-grained control (was it VMS that had "capabilities", for example?) then that can be implemented within the setuid program (or use regular file permissions; though I guess you don't like the user/group idea either).

By design, the *nix model is that if you are root you bypass all security checks.

This is the main thing I disagree with. You are forgetting that root does not exist in isolation. Yes, root can run anything, but setuid programs (and user/group permissions, as above) are the gatekeepers. So in fact, even though you say there's no "security boundary", that's not true: you don't get unfettered access to root, but can only do what the permissions and setuid programs allow. As I said above, these interfaces can be used to express any sort of security model you want.

This bug was particularly stupid since the golden rule of writing setuid programs is (probably, if there were a "golden rule") not to trust any user data, environment variables included. Oh, and for Gods' sake, make sure they're statically linked so that they can't be tricked with an LD_LIBRARY_PATH. So I blame the designers, programmers and review team, not the design of Unix. No-one with an understanding (and it's not difficult to understand) of how the Unix security model works should be making these mistakes. Nor would they be making the complaints that you're making, I feel.

(*) I may follow up on this in another post.

10
1

OpenSSH server open to almost unlimited password-guessing bug

Frumious Bandersnatch
Silver badge

Re: pam,pam,pam,pam,pam,pam,pam,pam,...

Nice to see that some people can still read Perl code. I was going to make a similar post but you beat me to it. Have an upvote.

1
0

Even Microsoft thinks Outlook is bloated and slow

Frumious Bandersnatch
Silver badge

oo-er missus

No time for the old "in-out". I'm just here to read the meter.

1
0

The Register's resident space boffin: All you need to know about the Pluto mission

Frumious Bandersnatch
Silver badge

Re: 'Young ' surface

It's a shame New Horizons didn't carry a magnetometer

They should have sent McGyver instead. Need a magnetometer? There's got to be plenty of other bits and bobs aboard that he could use to whip up whatever instrument might be needed at any given time.

1
0

Happy NukeDay to you! 70 years in the shadow of the bomb post-Trinity

Frumious Bandersnatch
Silver badge

frotz!

Sharp words between the superpowers. Tanks in East Berlin. And now,

reports the BBC, rumors of a satellite blackout. It's enough to spoil

your continental breakfast.

But the world will have to wait. This is the last day of your $599

London Getaway Package, and you're determined to soak up as much

of that authentic English ambience as you can. So you've left the tour

bus behind, ditched the camera and escaped to Hyde Park for a

contemplative stroll through the Kensington Gardens.

Palace Gate

A tide of perambulators surges north along the crowded Broad Walk.

Shaded glades stretch away to the northeast, and a hint of color

marks the western edge of the Flower Walk.

9
5

Bitcoin fixes a Greek problem – but not the Greek debt problem

Frumious Bandersnatch
Silver badge

no control [...] over the amount of Bitcoin in circulation

Well, actually, there is a mechanism, albeit not one you can fiddle with quickly or in both directions. That mechanism is the difficulty level associated with "mining" a bitcoin. The system (IIRC) works to a schedule to make it gradually more difficult, but if there was some sort of central bank equivalent charged with manning the levers, there's no reason why it couldn't push out the schedule for increasing the difficulty. The net result would be equivalent to quantative easing, except that of course it would be be miners printing the "extra" money currency rather than a central bank.

I don't think that Bitcoin could work if the difficulty level was allowed to be reduced since that would be a fast track to devaluing it asymptotically to zero. Still, I wouldn't put it past the ability of some clever designers to come up with a new "alt" currency that does allow a kind of central bank role that could effectively control the rate at which new currency could be created---say by making it index-linked, perhaps?

1
0

Hands off, Apple! Irish dev studio sues over alleged iWatch infringement

Frumious Bandersnatch
Silver badge

Re: I love it when Apple...

but are Probendi actively using the trademark or are they just a patent troll?

You know that trademarks and patents are different things, right? IANAL, but I think that the laws around trademarks are such that if you don't actively defend them, you risk losing them. AFAIK there aren't any similar rules for patents so failing to sue for patent infringement (or sitting on it until it becomes more worthwhile to do so) doesn't invalidate your rights as a patent holder. If I'm right on these points then there shouldn't be any such thing as a "trademark troll".

Far from being a troll, I'm pretty sure that Probendi are pretty much forced to take action here.

7
0

Microsoft sprints to finish, emits possible Windows 10 RC build

Frumious Bandersnatch
Silver badge

" ... customers will start to receive on 7/29," Gabe Aul wrote

With Aul, there are more than 12 months in a year?

I don't know why this sort of thing ticks me off so much, but it does. Why can't international companies use unambiguous date formats in their announcements, web postings and such?

7
0

Nokia Networks is going to make zer Vaterland's trains run on time

Frumious Bandersnatch
Silver badge

Re: Make the trains run on time????

Misleading headlines seem to be getting to be par for the course here these days. There's no Mussolini angle mentioned in the article at all.

4
0

We tried using Windows 10 for real work and ... oh, the horror

Frumious Bandersnatch
Silver badge

Re: That desktop wallpaper looks...ominous

Very. My first thought was "Event Horizon".

3
0

Pwned Hacking Team tells cops, govts to shut down software

Frumious Bandersnatch
Silver badge

ta an piast tar éis casadh

Reminds me of this old phrase I remember from Irish... literally, "the worm has turned".

1
0

Cunning goldfish avoided predator in tank for seven years

Frumious Bandersnatch
Silver badge

Re: Sport fishing?

And a sushi knife.

I never heard of koi sushi so I thought maybe they don't taste good. Turns out that people don't eat any freshwater fish due to the risk of getting parasites. The Wikipedia page on raw fish dishes says:

Traditionally, fish that live all or part of their lives in fresh water were considered unsuitable [...] due to the possibility of parasites

I never knew this but now it makes sense to me that certain fish like mackerel (aji, saba), eel (unagi) and maybe others that are commonly seen on sushi are always cooked first...

1
0

Hi-res audio folk to introduce new rules and weed out impure noises

Frumious Bandersnatch
Silver badge

Re: Monty....

re: http://www.xiph.org/video/vid2.shtml

I didn't watch the video. I would have expected someone to give this link ("24/192 Music Downloads...and why they make no sense") instead ...

1
0

Apple pulls Civil War games in Confederate flag takedown

Frumious Bandersnatch
Silver badge

Re: Fast track to offense

Apart from historical reference this Confederate flag belongs with that swastika - in the trash.

What's wrong with the swastika? I personally like it. It's just a pity that some nutjobs decided to appropriate it for their own ends and that as a result we've been denied it ever since. Making it illegal is as senseless as making the symbol '福' illegal.

1
0

This whopping 16-bit computer processor is being built by hand, transistor by transistor

Frumious Bandersnatch
Silver badge

Re: If you really want to go off-piste ...

re: hydraulic computers, there was MONIAC but I'm not sure if it counts as hydraulic (involving water pressure in some useful way) or a computer in the usual sense.

What prompted me to reply, though, was that I just recently came across the idea of a hydraulic ram pump. Sounds like it would make an excellent component in this speculative machine.

Now you've got me thinking about powering stuff with water in Minecraft :(

1
0

Swordfish fatally stabs man after man stabs, fatally, swordfish

Frumious Bandersnatch
Silver badge

Re: GOOD

I wonder if J R Hartley used to receive abuse and death threats?

Probably not, but even if he did, it's kind of hard to kill a fictional character. I can't see them running follow-up ads like that.

1
0

Cheesy video shows ex-Gooners pronouncing 'Huawei'

Frumious Bandersnatch
Silver badge

wha[t] way do you really pronounce it?

(sorry, I don't click on video links... did I guess right?)

2
0

Heroic German rozzers rescue innocent lamb from sordid brothel

Frumious Bandersnatch
Silver badge

Is it OK to say

that that's one mighty cute lamb in the article?

4
0

100s of Virgin Media customers hit by handset repair glitch, telco admits

Frumious Bandersnatch
Silver badge

can I upvote the article?

It deserves it for the Dylan Moran/Black Books pic alone.

1
0

ATTACK of the DINKY DRONES! US military creates ROBOTIC CARRIER PIGEON

Frumious Bandersnatch
Silver badge

PASSENGER PIGEONS!?

Passenger pigeon's been extinct since 1914!

Oh, you said "carrier". As you were ...

1
0

You say you want a musical revolution. Actually, have three

Frumious Bandersnatch
Silver badge

suddenly it was possible [to have] a pop song without harmony

If that was in 1991, then I guess Napoleon XIV must have been some sort of visionary? That came out in 1966 and although the wiki link doesn't mention it, I recall reading that he was denied composition rights (iirc) because it didn't have any of the usual elements of a "song", most notably not having any "notes" (no pun intended, it's all just glissando with no fixed stops). I think that the link here might explain that in point 5... he lost certification from the American Society of Composers, Authors and Publishers.

Also, while I'm talking about pre-dating, how about Blondie (Rapture, 1980) and Gil Scott-Heron (TRWNBT, 1970) as rappers/proto-rappers? And obviously there were tons of electronic artists before the 1983 cutoff (like Bruce Haack, but many before him, too). Less eclectically, Telstar was a massive hit in 1962...

2
1

NSA spying is illegal? Then let's make it law, say Republicans

Frumious Bandersnatch
Silver badge

You also don't hear of too many Supermarkets "disappearing" their customers.

But they sometimes have Extraordinary Reductions!

3
0
Frumious Bandersnatch
Silver badge

Re: Mitch McConnell and Senator Burr are being a bit dense...

re: legislative vs constitutional change... if they gave the new law a snappy name, probably nobody would notice. In the spirit of PATRIOT, why not LOOPHOLE, "letting our own previous hacking operate legally evermore"?

2
0

High school students' record-setting pulsar STUMPS BOFFINS

Frumious Bandersnatch
Silver badge

a question about inertia...

Any astroboffins here? The article got me wondering what happens to the rotational energy of two bodies that get tidally locked. Will that get converted into faster mutual orbit and hence greater distance between the pair? If so, could initial high rotational speeds of the bodies account for the high separation now, or would the effect (if it even exists) be negligible?

0
0

Bonny Scottish post-pub nosh neckfiller: Rumbledethumps

Frumious Bandersnatch
Silver badge

Re: お好み焼き

ee, ore to ishou (kono pasokon ha nihongo no nyuuryoku dekinai kedo...)

1
0
Frumious Bandersnatch
Silver badge

best cabbage-based "neck filler"

has got to be "Okonomiyaki." I'd love to be able to make Hiroshima style, where the ingredients are layered (I don't have a hot plate), but Kansai style is an acceptable substitute and dead easy to whip up. The main ingredients are white cabbage, batter and usually cooked bacon. The Wikipedia link lists plenty of other stuff you can put in (literally, whatever takes your fancy). Just mix up some batter (flour, cold water or stock, egg, seasoning), slice the cabbage and other ingredients, mix, fry, add extras, flip, serve. You can buy special okonomiyaki sauce but I like tonkatsu sauce on it.

It's quick to prepare, but you can always prepare it pre-pub and keep it in the fridge ready to fry later. Definitely worth trying, even if you think you don't like cabbage. Try this and you may change your mind on that.

3
0

One bit to rule them all? Forget it – old storage types never die

Frumious Bandersnatch
Silver badge

OMG, you didn't just do that?

FOUR WOLVES!

2
0

Not pro-Bono: Russian MP wants Apple to face stiff action for cramming 'gay' U2 into iCrevices

Frumious Bandersnatch
Silver badge

"I [...] am the owner of an iPhone"

Well then, he should obviously realise what's going on in the pic. Daddy buys son an Apple Watch (TM'd up the wazoo). Son, being a bit unappreciative of the value of things (or the cost, at least), swallows said gizmo. The aftermath is photographed as dad tries to locate the device by listening for the ticks...

(upvotes for the best explanation of why they both need to be demi-nekkid)

1
0

Oxford chaps solve problem in 1982 Sinclair Spectrum manual

Frumious Bandersnatch
Silver badge
Boffin

I bet Rob Hubbard could have done this, no problem

He of the theme tunes of such games as International Karate, Thrust, Zoids, Commando and plenty more, for those who may not have heard of him (for shame!).

I remember reading an article where he talked about using a "Forth-like" notation to code the music and all the technical challenges involved in doing real-time music with just a scant few "time slices" (on a non-preemptive CPU, natch) to play with between all the other game code.

(the past is so bright) ... I gotta wear shades -->

1
0

Top Spanish minister shows citizens are thick as tortillas de ballenas

Frumious Bandersnatch
Silver badge

science, bitch

By Toutatis, If it stops the sky from falling on our heads, I'm all for it.

4
0

SUPERVOLCANIC MAGMA reservoir BUBBLING under Yellowstone Park

Frumious Bandersnatch
Silver badge

Re: Bah!

By which time there's no-one left to notice.

Stupid "scientists".

Yeah, let's go and burn down the observatory so this kind of thing never happens again.

4
0
Frumious Bandersnatch
Silver badge

Re: Time to develop a good exit strategy

Folks, we NEED to develop spaceflight and space habitats. Planets are just too dangerous to live on.

and

Or failing that, how about a bunch of virgins waiting for you.

Me, I'm leaning towards mine-shafts right now...

But ah with the proper breeding techniques and a ratio of say, ten females to each male, I would guess that they could then work their way back to the present gross national product within say, twenty years."

2
0
Frumious Bandersnatch
Silver badge

Re: Geothermal energy?

Unless I'm mistaken, there isn't much sewage available in the Yellowstone area

Have you forgotten how to finish the bears + woods = ? equation?

5
0

The huge flaw in Moore’s Law? It's NOT a law after all

Frumious Bandersnatch
Silver badge

Re: Spelling Police

re cat vs concat, I learned many years ago that the Unix 'cat' command was short for 'catenate' which is an obscure and/or archaic variant of 'concatenate'. Personally, I have no problem with 'catenate' as a synonym for 'concatenate' (and yes, either is probably what the OP meant instead of 'conflate').

/said in an isn't-it-interesting-that-the-thread-talks-about-both-catenation-and-proper-use-of-hyphens* kind of way

(*no doubt that's a proper word in German, but let's not get distracted)

1
0
Frumious Bandersnatch
Silver badge

Re: Spelling Police

I think it's a mistake rather than language drift. I could take a two-year sabbatical, and the hyphen is acceptable (and normal) usage there, but I'd be back to work two years later (no hyphen).

edit: I didn't see the later post by J.G.Harston that makes the same point, but uses grammar-type words.

1
0

Radio 4 and Dr K on programming languages: Full of Java Kool-Aid

Frumious Bandersnatch
Silver badge

I don't get these programmes any more

In my day they'd have a segment that you were supposed to record using your tape recorder. You could then (theoretically at least) put the tape in your computer's tape recorder and load the program. It might have even displayed pictures on the screen--video over radio, if you will.

2
0

Dev gives HBO free math tips to nail Game of Thrones pirate leakers

Frumious Bandersnatch
Silver badge

LaTeX

If you want to see the equations, try the online LaTeX previewer here. Much easier to read when it's rendered, though I tried and have no idea what he's trying to say.

1
0

Nuclear waste spill: How a pro-organic push sparked $240m blunder

Frumious Bandersnatch
Silver badge

Re: Fast Integral Reactor.

I'm quite suprised no-one has thought of storing nuclear waste on the moon.

That didn't work out so well in 'Space 1999'.

3
2

Atmel stoops to an 'all-time low' in Internet of Things battle

Frumious Bandersnatch
Silver badge

Re: Transducer supply

I was thinking something similar when someone above mentioned radiators. They may be the lowest-power chips yet, but I guess we're not going to see these powered by thermopiles especially if they're an active part of a thermostat system.

The other thought that struck me was the ROTM angle. It's a little bit frightening that they now have the capability of running in "sleeper cell" mode for decades, just biding their time waiting ... waiting ...

2
0

It's the FALKLANDS SYNDROME! Fukushima MELTDOWN to cause '10,000 Chernobyls' in South Atlantic

Frumious Bandersnatch
Silver badge

Playmobil reconstruction

Or it didn't happen.

2
0

Encryption is the REAL threat – Head Europlod

Frumious Bandersnatch
Silver badge

Re: de Boise principle

I don't know this de Boise of whom you speak, but it was Cardinal Richelieu who said

If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.

Could mass surveillance possibly have any unintended consequences? Nah, surely not...

10
0
Frumious Bandersnatch
Silver badge

Blame the tech companies?

What an utterly idiotic thing to say. We don't need tech companies at all to use encryption. Pretty much all the algorithms are publicly available and there are lots of free, open source implementations. Using encryption isn't hard for even beginner programmers thanks to these two points. For example, here's a really short Perl script (not mine; his) to do RSA:

#!/usr/bin/perl

# RSA Encryption example by Phil Massyn (www.massyn.net)

# July 10th 2013

use strict;

use bignum;

use Math::Prime::Util ':all';

# == key generation

my $p = random_strong_prime(256);

my $q = random_strong_prime(256);

my $n = $p * $q;

my $phi = ($p - 1) * ($q - 1);

my $e = 257; # need to figure out how to calculate it

my $x = $e ** 1;

my $d = $x->bmodinv($phi);

# == encryption

my $message = "hello world";

my $m = (join ( '', map (sprintf ("%03d",ord), split (//,$message)) )) + 1 - 1;

my $c = $m->bmodpow($e,$n);

# == decryption

my $M = $c->bmodpow($d,$n);

print join ('', map(sprintf("%s",chr), ($M =~ /\d{3}/g))) . "\n";

Complaining that the tech companies are the problem is just ass-backwards. The reason that they are implementing end-to-end encryption is that their customers (ie, us) are demanding it. One of the main reasons we are demanding it is as a direct result of the kinds of revelations (not just from Snowden) about mass surveillance. We demand the right to privacy, but if we're not being listened to, then it's our choice to use encryption and the tech companies are just responding to that.

What a tool...

(sorry about the way that < and > got messed up in the above; that's the fault of the comment entry system)

2
0

Microsoft update mayhem delays German basketball game, costs team dear

Frumious Bandersnatch
Silver badge

Re: Linux

Agree on the Linux comments, but you could still probably get stuck waiting for a disk check ("this disk has gone too long without being checked"...). Probably won't take 15 minutes, especially on a laptop, but it goes to show that Linux isn't totally immune from "randomly" locking you out of the machine for several minutes at boot time.

Kind of off-topic: kexec support in Linux kernel is cool, particularly on machines with very slow BIOS startup (eg, my old Dell PowerEdge)

3
0

Smart meters are a ‘costly mistake’ that'll add BILLIONS to bills

Frumious Bandersnatch
Silver badge

This could rapidly become "convert an edited photo of their current mechanical meter into a meaningless number" and "cost customers tens of pounds rather than hundreds".

When I read this part of the article I immediately thought of something like SecurID. Have the display present both the units-used counter and some cryptographically-generated hash or time signature (like a HMAC involving the current time, the value of the counter and the serial number of the meter). Of course, once the meter is in people's hands, you're bound to find someone who has the skill needed to hack the device (eg, to find the secret serial number) but the vast majority of people won't.

I agree with the people who suggested the smartphone app idea. Done right it would be vastly better (and more secure) than "smart" meters that need to be networked.

Without wanting to blow my own trumpet (too much), I'm sure I could knock up a proof of concept for this in an afternoon with a Raspberry Pi, a small screen and a mobile phone. Just use QR code libraries on the Pi and phone and you've got a fault-tolerant reader (QR includes error correction) that can automatically send an SMS reading to wherever. Of course, this is probably way too easy. I'd have to massively over-engineer it for the government to have any interest in it.

2
0

Belgium to the rescue as UK consumers freeze after BST blunder

Frumious Bandersnatch
Silver badge

Daylight Saving Time moaners

Consider yourself lucky you're not living in China, where they've got just one time zone despite the country spanning five (geographical) time zones.

2
0
Frumious Bandersnatch
Silver badge

Re: Timestamps

in the hour where the "clocks change" as you could get either 2 or 0[*] time-crossing occurrences depending on the direction of the change

Some systems can be configured to change the time gradually (eg, if the `date` program has a -a option on some *nix systems, or using the adjtime(3) system call), but changing the apparent rate at which time changes introduces different problems. On the whole, changing it gradually probably breaks fewer assumptions that people might make in their code but I would guess that this Nest problem would still manifest either way.

1
1

Forums