Category: Uncategorized

Δύσκολοι καιροί για whitehats

Ο Νόμος 3917/2011 έχει πλέον δημοσιευτεί. Υπάρχει ήδη σχολιασμός για το τι σημαίνει για τον πολίτη. Ας δούμε όμως μια μικρή λεπτομέρεια

Άρθρο 11 (Ποινικές Κυρώσεις)

1. Όποιος, κατά παράβαση των διατάξεων του παρόντος κεφαλαίου, λαμβάνει γνώση των δεδομένων που διατηρούνται από τον πάροχο διαθέσιμων στο κοινό υπηρεσιών ηλεκτρονικών επικοινωνιών ή δημόσιου δικτύου επικοινωνιών, τα συλλέγει, αποθηκεύει, αντιγράφει, αφαιρεί, μεταφέρει, αλλοιώνει, βλάπτει, καταστρέφει, μεταδίδει, ανακοινώνει ή με άλλο τρόπο τα επεξεργάζεται, τα καθιστά προσιτά σε μη δικαιούμενα πρόσωπα ή επιτρέπει στα πρόσωπα αυτά να λάβουν γνώση των εν λόγω δεδομένων ή τα εκμεταλλεύεται με οποιονδήποτε τρόπο, τιμωρείται με κάθειρξη μέχρι δέκα ετών, αν η πράξη δεν τιμωρείται βαρύτερα από άλλες διατάξεις.

2. Αν ο δράστης των πράξεων της παραγράφου 1 είναι νόμιμος εκπρόσωπος ή μέλος της διοίκησης ή υπεύθυνος ασφάλειας δεδομένων ή εργαζόμενος ή συνεργάτης του παρόχου ή τελεί τις πράξεις αυτές κατ’ επάγγελμα ή κατά συνήθεια ή απέβλεπε σε οικονομικό ή άλλο αντάλλαγμα, τιμωρείται με κάθειρξη μέχρι δέκα ετών και χρηματική ποινή από 55.000 μέχρι 200.000 ευρώ.

3. Αν από τις πράξεις των παραγράφων 1 και 2 προκλήθηκε κίνδυνος για την ελεύθερη λειτουργία του δημοκρατικού πολιτεύματος ή την εθνική ασφάλεια, επιβάλλεται κάθειρξη και χρηματική ποινή από 55.000 μέχρι 300.000 ευρώ.

4. Αν οι πράξεις των παραγράφων 1 και 2 έχουν τελεστεί από αμέλεια, επιβάλλεται φυλάκιση τουλάχιστον δύο ετών.

Όχι άλλα αντικίνητρα. Υπάρχουν ήδη αρκετά όπως υπάρχουν και ανάγκες για κόσμο.

“All models are wrong, but some are useful”

And then there are models which are not useful at all (emphasis mine):

“consider an all-OSS world in which each company offers consumers exactly the same shared code as every other company. By definition no company can then compete by writing more OSS code than its rivals. This lack of competition suppresses code production for the same reason that cartels suppress output.”

Or to put it in other words, because companies compete within a common code base, they contribute less and less code into the project because they run the risk of losing a future contract to a competitor using code they have submitted.

The authors of this study are advised to read the history of the X Window System whose development closely follows their model. X is universal in the Unix world (commercial and open source systems who try to converge by being POSIX compilant (another hint here)), never faced lack of contributors and contributions or even stewardship and whenever stagnated new branches forked and pushed it forward. And while the authors seem to think that Open Source has been with us for the last 20 years, X was born in 1984. In fact we’ve had Open Source software since the very beginning of software.

* The quote used in the title of this post is attributed to statistician George Box.

Update: After this post and a discussion on twitter, Gregory Farmakis performed a mind experiment.

0wnage and the null hypothesis

H0: Our systems are not hacked.

That is what management wishes to hear all the time and expects to hear it with absolute certainty.

– But …

There are no buts in such matters for management, right? Oh but there are…

H0 True H0 False
Reject H0 Type I error Correct
Do not Reject H0 Correct Type II error

In reality there is no way to know whether the systems we maintain are hacked or not. We can only know with absolute certainty that they are owned and this only when the fact is detected. To help management understand this, use a “simpler” example:

H0: This message is not spam

Work with the not-spam example and the table above. It seems fairly straight forward that if your anti-spam measures are relaxed you receive a lot of undetected spam (Type II error) and if you tighten the controls you risk having legitimate messages characterized as spam (Type I error).

In a similar fashion you can detect that your systems are hacked and therefore you can reject H0. You can have your Intrusion detection systems, monitoring systems, processes or other controls “cry wolf” (a Type I error) or they may stay silent while in fact infiltration has happened (a Type II error). A Type II error means that an opportunity to detect a breach was lost.

So you see management, we cannot under absolute certainty assure you that we are and will remain unbreakable till the end of time. After all, if you really think about it hard, time is on the side of the blackhats. We can only provide you with data that we are doing our best with the tools you are providing.

Η επιστροφή του επιστήμονα οπαδού

“The stock was down 86 cents over the day. That means Bill lost $70 million today, whereas I only lost fuck all. But guess who’ll sleep better?”Microserfs

Ομοίως: Το βράδυ κοιμήθηκε καλύτερα ο Σισέ ή ο ανεγκέφαλος που έκανε “ντου” στον αγωνιστικό χώρο; Αν προτιμάτε άλλο παράδειγμα, ο Παπαλουκάς ή ο ανεγκέφαλος που του πέταξε τη φωτοβολίδα; Γύρνα τώρα στο μισθό σου (για όσο υπάρχει) και αυτός στα εκατομμύριά του. Ναι ξέρουμε ποιος κοιμάται καλύτερα. Και χτες και σήμερα και αύριο.

Προς τους διευθυντές marketing των ΠΑΕ και των ΚΑΕ: Να τα βράσω τα πτυχία σας και την προστασία του προϊόντος σας: Αλήθεια σε γήπεδο με εμπορική δραστηριότητα γύρω-γύρω (που όλοι τέτοια θέλετε να φτιάξετε) ποιος ακουμπάει πιο πολλά; Πατέρες με παιδιά ή μπάκουροι με την παρέα τους; Βάζετε τα δυνατά σας όχι μόνο για να μην υπάρχουν μελλοντικοί καταναλωτές του προϊόντος σας, αλλά για να φύγουν και αυτοί που τους δημιουργούν! Φυσικά όταν το καράβι θα βουλιάζει (που και εσείς θα έχετε βοηθήσει σε αυτό) εσείς θα είστε ήδη σε άλλη δουλειά και πάντα φταίει ο τελευταίος, έτσι;

Ολυμπιακάρα μου, λέω να πάψω να σ’ αγαπάω για μερικά χρόνια

The Stockdale Paradox

“You must never confuse faith that you will prevail in the end—which you can never afford to lose—with the discipline to confront the most brutal facts of your current reality, whatever they might be.” –Vice Admiral J. B. Stockdale

I think I first read about it back in 2001 when “Good to Great” came out.

But right now, this is how I’m feeling.

100.000 disclaimers δεν κάνουν μία γνώμη προσωπική

In dealing with customers and outsiders, remember that you represent the company, ostensibly with full responsibility and authority.

You may be only a few months out of college, but most outsiders will regard you as a legal, financial, and technical agent of your company in all transactions, so be careful of your commitments.”

[via “The Unwritten Laws of Engineering“, 1944]

TCPMUX – a mostly overlooked TCP service

TCPMUX is described in RFC-1078 (written some 20 years ago). A reference implementation by Network Wizards can be found at ftp://ftp.nw.com/nw/software/tcpmux.c . It is also implemented in DragonFlyBSD’s inetd, NetBSD’s inetd and FreeBSD’s inetd. OpenBSD does not support for it.

The Protocol

A TCP client connects to a foreign host on TCP port 1. It sends the service name followed by a carriage-return line-feed . The service name is never case sensitive. The server replies with a single character indicating positive (“+”) or negative (“-“) acknowledgment, immediately followed by an optional message of explanation, terminated with a . If the reply was positive, the selected protocol begins; otherwise the connection is closed.

The 15+ years I have been a sysadmin I have never seen anyone making a use of it, which is a pity: Most of the time I see fellow sysadmins who want to write a custom daemon, either write it as a standalone server (usually starting with passivesock.c or passiveTCP.c from Comer’s Internetworking with TCP/IP vol.3), or writing is as a simple stdin/stdout application that is started via inetd. The most trivial problem is sometimes more than trivial:

– What port will this application run on?

It seems that 65535 ports is a lot of freedom to choose from and most people want to use “interesting” port numbers (for any definition of interesting). Add firewall policies and router access lists in the picture, you can have a non-technical deadlock in no time!

TCPMUX might be a choice to help simplify / avoid such situations. Any service that supports TCPMUX listens on port 1/tcp and can be forked by inetd(8) (either internally or externally with the help of a tiny server). After all, it can be considered as an “inetd inside inetd” (the classic inetd responding to requests on a port, TCPMUX responding to requests based on the name of the service) and even if you do not want to use TCPMUX, a similar (homegrown) solution might be the answer to keeping your packet filters lean and less complex. It does not have to be less complex than it has to be though. The Wikipedia article on tcpmux clearly identifies risks that come with deploying it. Personally, I view tcpmux as an old and simple TCP RPC mechanism.

Appendix: tcpmux.c

Since the Network Wizards site seems to be down / taken over by some other entity, here is the original tcpmux daemon code (also at github https://github.com/a-yiorgos/tcpmux ):

Continue reading “TCPMUX – a mostly overlooked TCP service”

c-client callbacks

* This is mostly for personal copy-paste reasons

Those who take the time to develop applications using UW-IMAP (or Panda IMAP) know that there are a number of callbacks that need to be defined. What follows is the simplest (do nothing) version of them.

#include "c-client.h"

void
mm_flags(MAILSTREAM *stream,unsigned long number) {
}

void
mm_status(MAILSTREAM *stream,char *mailbox,MAILSTATUS *status) {
}

void
mm_searched(MAILSTREAM *stream,unsigned long number) {
}

void
mm_exists(MAILSTREAM *stream,unsigned long number) {
}

void
mm_expunged(MAILSTREAM *stream,unsigned long number) {
}

void
mm_list(MAILSTREAM *stream,int delimiter,char *name,long attributes) {
}

void
mm_lsub(MAILSTREAM *stream,int delimiter,char *name,long attributes) {
}

void
mm_notify(MAILSTREAM *stream,char *string,long errflg) {
}

void
mm_log(char *string,long errflg) {
}


void
mm_dlog(char *string) {
}

void
mm_login(NETMBX *mb,char *user,char *pwd,long trial) {
}

void
mm_critical(MAILSTREAM *stream) {
}

void
mm_nocritical(MAILSTREAM *stream) {
}

long
mm_diskerror(MAILSTREAM *stream,long errcode,long serious) {
}

void
mm_fatal(char *string) {
}