Evan Martin (evan) wrote in evan_tech,
Evan Martin

security continues to be hard

I hang out with a guy who knows tons about security and he occasionally forwards me interesting stuff:

1) Apparently the Windows .ani bugs weren't completely fixed, and even manages to evade all the protections built into Vista. I feel sorta bad for whoever screwed this up because I'm sure they're getting plenty of criticism already, but it's pretty surprising to me that the entire module wasn't reviewed when the last exploit came out. Maybe it's naive of me (maybe there's a lot of code to review?) but you'd think you could at least check all values that come in from an external file to be sure they're the size you expect.
(The Metasploit blog goes into detail on this can exploit Vista.)

2) Heap Feng Shui in JavaScript. I haven't read it all yet but it's pretty incredible to see the range of knowledge used here: from Javascript to IE garbage collection to OLE memory management all the way down to the C++/assembly-fu I previously thought were the entire domain of security. Just thinking about this tiny snippet gives me the heebie-jeebies in its level-crossing: var nop = unescape("%u9090%u9090");

Every time I ask security people about the state of the world, they tell me it's getting worse and that the only answer is to not use a computer. :(

  • blog moved

    As described elsewhere, I've quit LiveJournal. If you're interested in my continuing posts, you should look at one of these (each contains feed…

  • dremel

    They published a paper on Dremel, my favorite previously-unpublished tool from the Google toolchest. Greg Linden discusses it: "[...] it is capable…

  • treemaps

    I finally wrote up my recent adventures in treemapping, complete with nifty clickable visualizations.

  • Post a new comment


    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.