Posts Tagged Hardware

SuzanneopenSUSE 11.3 milestone 2 released

Friday, February 19th, 2010

The openSUSE developers have released the second milestone of openSUSE 11.3. The update includes final versions of KDE 4.4, OpenOffice 3.2 and VirtualBox 3.1.4, but openSUSE 11.3 still has a number of bleeding edge releases including GNOME 2.30 beta 1 (2.29.90). The milestone is based on the 2.6.33 Linux kernel “with all its bug fixes and new hardware support”.

Other updated packages include DigiKam, evolution, Mono, GnuTLS and libgphoto2. Developers will also find Bootchart 2.0.0.9, a tool for analyzing slow system booting, included.

The previous milestone’s support for LXDE has now been incorporated into the installation process, allowing users to install openSUSE 11.3 with only the LXDE desktop.

The openSUSE developers plan to switch to GCC 4.5.0 in the next milestone to benefit from its better optimisation. According to a new timeline page, milestone 3 is due at the start of March, and a final release mid-July.

The openSUSE 11.3 milestone 2 is available to download now for testing purpose; known bugs are documented on the openSUSE wiki. The developers would like special attention paid to the GNOME accessibility stack as new features in it need extensive testing.

http://get-a-designer.com

http://www.all1sourcetech.com

Tags: , , , , ,
Posted in Opensource, Technical News | No Comments »

NaggieKaspersky Patents Hardware-Based Antivirus

Wednesday, February 17th, 2010

Kaspersky Lab has made an announcement that they have received a US patent for a hardware-based antivirus solution. The announcement emphasizes that the hardware operates below the level of rootkits and therefore can’t be bypassed by them.

The patent, #7,657,941, is entitled “Hardware-based anti-virus system,” is awarded to inventor Oleg V. Zaitsev (Technology Expert at Kaspersky Lab) and assigned to Kaspersky. The abstract reads:

An anti-virus (AV) system based on a hardware-implemented AV module for curing infected computer systems and a method for updating AV databases for effective curing of the computer system. The hardware-based AV system is located between a PC and a disk device. The hardware-based AV system can be implemented as a separate device or it can be integrated into a disk controller. An update method of the AV databases uses a two-phase approach. First, the updates are transferred to from a trusted utility to an update sector of the AV system. Then, the updates are verified within the AV system and the AV databases are updated. The AV system has its own CPU and memory and can be used in combination with AV application.

So it seems this device is an actual separate computer running an embedded AV application. While the press release and abstract emphasize that the AV functionality doesn’t strictly need a software counterpart running in the host system, it does need host software in order to update itself, because the AV hardware won’t have network access. This update application will need to be trusted and hardened against attack.

The difficulty of detecting rootkits once they have installed does call for unconventional measures. Whether a hardware approach is truly more effective remains to be seen. If the device is just an AV system running below the level of the rootkit then the improvement will be small, as it will still only operate as well as the signature process allows. If the fact that the device is running below rootkits allows it to run heuristic tests which are better capable of detecting rootkit behavior then the difference could be substantial.

There is another advantage to hardware-based AV: Because the device has its own CPU and memory and minimal software running on the host PC, the performance impact on the PC will be lessened. But in fact, this device can not be a complete security solution, since it can only monitor disk operations. Modern security suites also monitor network connections.

Tags: , , , , , , , ,
Posted in Expert's Opinions, Technical News | No Comments »

NaggieZero-day hack of Oracle 11g database revealed

Tuesday, February 9th, 2010

On Tuesday, a well-known security researcher showed how to subvert security in the Oracle 11g database by exploding zero-day vulnerabilities that would let a savvy user gain full and complete control.

David Litchfield, a researcher at NGS Consulting, demonstrated how a user can subvert security to elevate his privileges to take complete control over Oracle 11g. Altogether Litchfield announced this was his final day at NGS, saying he was considering changing his focus to computer forensics.

Researcher claims hack of processor used to secure Xbox 360, other products

Currently reported, Litchfield’s discovery shows that due to the way Java has been implemented in Oracle 11g Release 2, there’s an overly permissive default grant that makes it possible for a low privileged user to grant him arbitrary permissions. In a demo of Oracle 11g Enterprise Edition, he showed how to execute commands that led to the user granting himself system privileges to have “complete control over the database.” Litchfield also showed how it’s possible to bypass Oracle Label Security used for managing mandatory access to information at different security levels.

Until Oracle remedies the zero-day flaws he exposed, Litchfield advised Oracle 11g administrators to revoke public execute access to certain Java-based functions. He said he expects Oracle to soon release patches for the problems he identified and he intends to publish a white paper on the topic.

According to Litchfield, he thinks Oracle probably deserves a “B+” for security in the current version of its database, which he characterized as an improvement over the previous version, but criticized Oracle for not finding these problems in the requirements and design phases of the product. He added Oracle appears to be relying too much on security tools to catch problems after its product is shipped.

Tags: , , , , , , ,
Posted in New Product Release, Technical News | No Comments »