[lug] Steganography (was: newbie question - rc.sysinit)
Chris Riddoch
chris at oskitchen.com
Sat Jul 14 12:50:12 MDT 2001
rm at mamma.varadinet.de writes:
>
> That reminds me of a crack of some commercial cryptography program:
> They had a very clever cryptographic function that would return 0 on
> success and -1 on failure. To crack the program just meant that one
> would need to change the one (!) assembler instruction after the call
> to the key checking function (jump on zero -> jump on non-zero). If
> you have access to the kernels address space you only need top patch
> the functions that _call_ the signature checking functions.
Heh. Or the hundreds of cracks on the copy protection of games in the
last 20 years. All it really takes is a lot of patience, a decent
debugger, and some knowledge of assembly.
> > > Interesting to me is that there has been recent kernel devel list
> > > talk about what would be required to install new kernels without
> > > rebooting...nobody really wants to go through the pain of making
> > > that possible, so I doubt it would ever happen, but it would make
> > > for interesting security problems.
>
> There actually are good reasons for having this feature (at least for
> high availability servers).
I suppose there could be, now that you mention high availability. I
hadn't thought of that. I don't know which architecture it is that
lets you do it, but something lets you hot-swap CPUs and run different
OSes on different kernels - something of IBMs, I think. I suppose, on
those archiectures, that you'd want to be able to load a kernel onto
that CPU without rebooting the whole system.
> Yup. A really nasty cracker could actually replace the bios ith Linux!
> (given that the hardware is supported by the Linux Bios Project ;-)
Oooo! I've never seen this project before! That looks really cool!
I'm tempted to try it out, but the idea of hosing my BIOS from a bug
or corrupted install isn't very appealing.
> > And here's my proposal: have a look at the "capabilities" attribute in
> > the kernel. It's rather Un-Unix-like,
>
> really? I thought BSD supports capabilities since quite a while (same
> with AIX if memory serves me right).
So it does. I didn't realize this was as common as I just discovered...
--
Chris Riddoch | epistemological
socket at peakpeak.com | humility
More information about the LUG
mailing list