Tue, 29 Jul 2008

PatchDiff 2 by Tenable Security

Finally a free alternative to the insanely expensive BinDiff by Zynamics (also known as Sabre Security in the past). It's been developed by Tenable Security (the people behind Nessus nowadays), and requires IDA Pro 5.2 on Windows.

Get PatchDiff 2 and give it a try, it's looking good so far. That said, it's graphing capabilities aren't as nice as BinDiff's, and it may lack of some features, albeit possibly compensated by the 1330 USD of a license to 0 USD of Tenable Security's free alternative.

Published on: Tue, 29 Jul 2008. | Path: /security | Permalink

Sat, 19 Jul 2008

Linux kernel developers silently patching issues? No way!

Alright, this might be the first article on the "Silent Patches" series, starting today and possibly lasting... forever. So, let's get to the business. Brad "spender" Spengler is pissed, and that's already a bad thing for the many people that knowingly or not, take advantage of his work and that from the guy or guys behind PaX, to be referred as The PaX Team, or Those Smart Guys Teaching Security On LKML.

spender and the PaX Team have possibly contributed the most important advances in proactive defense technology for the past decade. ASLR was there before it became a marketing buzzword, NX and memory protections enforcement existed way before Red Hat pushed ExecShield to the Linux kernel and TCP & UDP source port randomization have been known for a while (even though now they seem to be the world's new internet superheroes with all this DNS the-end-is-nigh media frenzy).

If you have used grsecurity in the past few years, you've used what Microsoft, Apple and Red Hat pretended to market as brand new technology baked in their very own development cubicles.

The story now is how the Linux kernel developers managed to absolutely and irremediably piss off the very same people that fed them with security research and technology that really worked as expected. The very same people that have patched upstream vulnerabilities in their "third-party patches".

Back in 2005 (see [1]) this was already happening. The fact that now we have a handy git interface where we can retrieve commit logs without difficulty just helps to pinpoint the silently patched issues and identify potentially hot issues.

Our take on this fracas is that spender and the PaX Team are rock-solid consistent with their arguments, and that the Linux kernel development people should definitely change their alleged full-disclosure policy text with one more accurate according to their true practices.

  1. grsecurity 2.1.0 release / 5 Linux kernel advisories (LWN)
  2. What RedHat doesn't want you to know about ExecShield (without NX) (Dailydave, May 2007)
  3. Linux's unofficial security-through-coverup policy (Dailydave, July 2008)
  4. Linux's Security Through Obscurity (Slashdot, July 2008)
Published on: Sat, 19 Jul 2008. | Path: /security/kernel | Permalink

Navigation

Archives

Syndication

Subscribe to our feed

Links

Send a tip

Meta

Powered by Python
Powered by (modified) Pybloxsom 100% free of PHP
Valid CSS!
Valid XHTML 1.0 Strict

License

Creative Commons License
Subreption blog by Subreption LLC is Licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License.