Evan Martin (evan) wrote in evan_tech,
Evan Martin

security continues to be hard

I hang out with a guy who knows tons about security and he occasionally forwards me interesting stuff:

1) Apparently the Windows .ani bugs weren't completely fixed, and even manages to evade all the protections built into Vista. I feel sorta bad for whoever screwed this up because I'm sure they're getting plenty of criticism already, but it's pretty surprising to me that the entire module wasn't reviewed when the last exploit came out. Maybe it's naive of me (maybe there's a lot of code to review?) but you'd think you could at least check all values that come in from an external file to be sure they're the size you expect.
(The Metasploit blog goes into detail on this can exploit Vista.)

2) Heap Feng Shui in JavaScript. I haven't read it all yet but it's pretty incredible to see the range of knowledge used here: from Javascript to IE garbage collection to OLE memory management all the way down to the C++/assembly-fu I previously thought were the entire domain of security. Just thinking about this tiny snippet gives me the heebie-jeebies in its level-crossing: var nop = unescape("%u9090%u9090");

Every time I ask security people about the state of the world, they tell me it's getting worse and that the only answer is to not use a computer. :(

  • münchen

    On that note: I'm living in Munich for the next week plus a few days. Do I know anyone around here? (PS: The LJ → PubSubHubbub → Reader…

  • deb/rpm diffing tools

    Dear Linux hackers, Chrome tends to push minor updates (often security) pretty frequently. We'd like to operate as a good member of the Linux…

  • emacs

    I've been using vim for a very long time -- over ten years -- but over those years I've envied more and more the way emacs integrates other software.…

  • Post a new comment


    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.