Disqus - Latest Comments for Dracolith

Re: Incident report on memory leak caused by Cloudflare parser bug

Dracolith — Sat, 25 Feb 2017 14:35:06 -0000

The rule is violated if your pointer goes past the end of the array allocated; Datatype alone is not sufficient to make it OK.

For example After these 3 statements:
char *b = malloc(10), a = b + 10;
a ++;
a ++;

if ( a >= b )
The result undefined.
And the expression could return False, especially after compiler optimizations.

Re: Incident report on memory leak caused by Cloudflare parser bug

Dracolith — Fri, 24 Feb 2017 10:33:53 -0000

> This is known as a buffer overrun. Had the check been done using >= instead of == jumping

I haven't seen the exact code reference, But they might have a reason where >= will not work after an unexpected jump..... relational comparison operators such as >=, or > between two pointers are only assured to work if both pointers are in the same array, or 1 Unit past the end of the array, otherwise it's undefined in C, and could be one compiler update away from breaking.

Re: B2, or not B2, that is the question

Dracolith — Wed, 10 Feb 2016 17:53:28 -0000

My question would be.... is B2 itself backed up? I assume that during the Beta all the data could in theory be lost at any time. But after the beta is over... suppose I use B2 as the backend for an application which archives things..... when B2 goes 'live', will there be backups of my data stored on B2 and assurances made that data on B2 is protected against both disasters or catastrophic events and 'minor incidents' affecting Backblaze?? Also, will there be SLAs to show a performance and availability promise for the services, suitable for building commercial applications on top of?

Re: The Discovery of Apache ZooKeeper’s Poison Packet

Dracolith — Mon, 25 May 2015 14:30:51 -0000

You've identified a bunch of bugs to be solved in different components. I would suggest patching the Linux kernel to turn TCP Checksum Validation on. Next patch ZooKeeper to check the scheme_len variable. Next patch Zookeeper to healthcheck important processes and kill the heartbeat if a health problem is found. As for the Kernel bug it's a tough call..... I don't suggest running linux under HVM, since paravirtualized should clearly be faster/more scalable. I would say keep digging on the AES NI, But it is beginning to sound like a CPU bug.

Re: Hacking Starbucks for unlimited coffee

Dracolith — Fri, 22 May 2015 00:28:12 -0000

Rate limiters themselves can help but also can become a subject of race conditions, but more to the point..... using a spray of a large number of requests is an attack technique needed for the best chance of success, but they need not necessarily come from the same IP or account in sufficient number to trigger rate limiters.

So why not do both? Fix the actual race conditions appropriately using the proper locks AND add rate limiters to help make exploit much harder if there are other similar bugs that have not been discovered yet. Also, when recording balance transfers between cards, use a transaction logging system instead of just calculating new balances, so recent transactions involving an account can actually be verified.... Instead of having a 'balance' column in an accounts table, have a stored procedure for Account_Balance that takes a SUM of credit operations + inbound transfers Minus usage operations Minus outbound transfers. Consider SQL data integrity check constraint to prevent a Create_Transfer stored procedure from rendering a balance negative.

Re: It Looks Like Someone’s Solargraphy Camera Just Got Blown Up by an Atlanta Bomb Squad

Dracolith — Tue, 03 Feb 2015 23:25:12 -0000

All they would need to do to see that it was no explosive would be to notice the pinhole and take a measure the weight of the can.

Since there could not be a clean pinhole if the thing were packed with explosive powders, liquids, or other chemicals.

Re: It Looks Like Someone’s Solargraphy Camera Just Got Blown Up by an Atlanta Bomb Squad

Dracolith — Tue, 03 Feb 2015 23:11:31 -0000

It's not rational. Unless the caller had information indicating what it was, there was no good reason to obliterate it, instead of investigating and disassembling it.

There are techniques to determine if a device is potentially an explosive that do not require blowing it up. Personally, I think they were just having fun. If the device is not dangerous, they really have no right to destroy it or ruin the student's legitimate art project.

Re: It Looks Like Someone’s Solargraphy Camera Just Got Blown Up by an Atlanta Bomb Squad

Dracolith — Tue, 03 Feb 2015 23:05:18 -0000

I would be upset, because it's my mailbox, and nobody has a right to attach random things to it without my permission. So, yes it would be suspicious, since it's been placed on private property without the owner being informed or giving consent.

Re: I was just asked to crack a program in a job interview !

Dracolith — Sat, 20 Sep 2014 23:23:14 -0000

Just a wild guess.... perhaps the binary was not stripped of symbols, and he was able to use nm to find an entrypoint or exported function by that name. I dunno.... if the binary was meant to resist analysis, it seems like it would be completely stripped.

Re: I was just asked to crack a program in a job interview !

Dracolith — Sat, 20 Sep 2014 23:18:14 -0000

Wow.... I knew GDB could disassemble things, and you could change variables within a running program, provided there was a symbol table.

I hadn't realized set ($eax) = 0

was possible....

Re: NSF rotator loses job after her role as 1980s activist is questioned

Dracolith — Thu, 11 Sep 2014 10:29:11 -0000

The question she answered NO to was not a question about association with private individuals. She could likely not be reasonably expected to know about the nature of distinct organizations that she was not a member of but which might in some way be linked to an organization she was a member of.

""Barr answered “no” when asked if she had ever been a member of an organization “dedicated to the use of violence” to overthrow the U.S. government or to prevent others from exercising their constitutional rights.""

Re: 3-D Printed “Bump” Keys Can Open Almost Any Lock

Dracolith — Fri, 29 Aug 2014 16:59:15 -0000

My dog refuses to eat any kind of meat. I don't think the burger will help you get past him.

Re: Microsoft Researchers Identify The Password’s Twilight Zone

Dracolith — Tue, 12 Aug 2014 15:16:47 -0000

"If sysadmins had been taking care of business before the Russian hack—locking down their websites and protecting their users passwords ..." --- Not Sysadmins. Web Developers. Sysadmins often don't get much input into these decisions about how the application is designed --- developers should be using Bcrypt and PBKDF12 hashes to store passwords and segmenting the database with the authentication data from the application data, so a compromise of the app does not provide access to the hashes.

Re: Interflow is about sharing data about cybercrime, but on Microsoft's terms

Dracolith — Thu, 26 Jun 2014 14:31:05 -0000

Not really... based on their website; only organizations with dedicated response teams need apply, and it sounds as if Interflow is a service there is going to be a charge for after Beta, in addition to Azure costs. So this is clearly a service for large corporations only. As an IT security administrator; it's not going to help me share incident data, my results from analyzing and reverse-engineering malware, or learn about incidents from others either. So it seems much like MAPP in general: a program that will have apparently relatively limited value that allows MS to make it look like they're doing something about the security-impacting defects in their software, that also gives MS another revenue stream and more control over partners.

Re: Is Pavlovian Password Management The Answer?

Dracolith — Wed, 07 May 2014 11:37:44 -0000

Careful with making it a game "strongest password of the month" is just inviting attackers, as this incentivizes them with potential bragging rights --- if they compromise "the most 'secure' user". Only do that if you've taken steps to ensure that login usernames and user e-mail addresses are not learnable, for sure.

Re: The Two-Bit Idiot — Concession

Dracolith — Mon, 10 Mar 2014 05:07:40 -0000

So the foundation execs called the bluff? Resigning now in apparent response would be tantamount to pleading guilty! If there is proof of malfeasance, getting it out there to the authorities, members of the foundation, and the community asap, is the only responsible way to proceed. Threats, ultimatums, and dramatic posts were a bad idea in the first place --- if you really have the documentation to warrant an accusation, it should stand on its own merits. No past contribution to the community's growth makes anyone deserve secrecy of their involvement in corruption or theft.

Re: cloudcomputing.info | Windows Azure is now validated for PCI DDS Compliance

Dracolith — Mon, 20 Jan 2014 10:28:25 -0000

It's PCI DSS, not PCI DDS. It looks like the attestation is that they have been validated under version 2; not the new version 3, that was effective at the beginning of January 2014 and adds some important additional requirements for service providers.

Re: Microsoft App Store Approach for Windows 8 Metro Apps

Dracolith — Mon, 19 Sep 2011 21:24:34 -0000

Wait... they're going to bundle their own application store with the OS? How is this not an anti-competitive act against everyone selling applications independently?

Seems like an, err, anti-trust violation: building a SPECIFIC market place into your general purpose operating system (one that you skim off $$$ for every sale); therefore making it hard or impossible to compete against your own apps in the marketplace.

Re: VCP5 Practice Exam Questions – Part 1 (Beta)

Dracolith — Sun, 18 Sep 2011 04:22:24 -0000

Also there is a question that states "Your colleague has accidentally allocated more vRAM than your company are licensed for. What will happen to your virtual machines?"

None of the answers are correct "All VM's will be Powered Off; New VM's can not be Powered On; VMware will be notified; Nothing will happen"

Per the pricing and packaging whitepaper; there is no technical enforcement of vRAM limits (except for free, Essentials, Essentials+ editions)

What will happen is vCenter generates an alert if you are out of vRAM licensing compliance.
The vRAM licensing is based on 12 month average usage.

So allocating more vRAM than your company has entitlement for does not bring you out of compliance until the 12 month average exceeds your licensed vRAM.

The most correct answer is "Nothing will happen", but it's not listed as such

Re: A Virtual Tipping Point

Dracolith — Sat, 27 Aug 2011 01:22:56 -0000

I think VMware have managed to adjust the vRAM entitlements for Enterprise perpetual licenses slightly, but sufficiently enough to eliminate a lot of the immediate objections from existing VMware licensees.

There are likely to still be some casualties -- but I think the tipping point has been postponed
a little bit by VMware's vRAM revision.

Now the tipping point will be controlled by the capabilities of the competition, especially if VMware adjusts/revises vRAM upwards later as customer requirements change to accomadate new RAM-hungry OSes.

The problem will come when existing VMware customers need to upgrade their RAM, as new guest OSes require more memory. So people nervous about the future and not confident about VMware's future licensing direction are STILL likely to be looking at other hypervisors, if they don't immediately eliminate it due to missing key features that are still sometimes more valuable than the price changes.

I'm saying this as someone who was a XenServer admin before a VMware admin.
XenServer is (unfortunately) not nearly, I will say, 'refined' as VMware. It's true it's not as featured as well.

If your business benefits from using the VMware features other hypervisors don't have,
your organization needs to either learn to live without them, or find another product.

If you need something like storage vMotion type capability... you may actually find that VMware's option is cheaper than the third-party addon.

Good luck with non-Windows/non-Linux support (eg Solaris, FreeBSD);
yes there is HVM, no... HVM performance is not up to par at all without paravirt drivers,
not nearly what it is in VMware, in my experience.

Re: Things That Make You Go Hmmmm – Disgruntled vSphere Admin Remotely Deletes 88 VMs

Dracolith — Sat, 27 Aug 2011 00:35:26 -0000

I agree.. Veeam Backup is certainly the best VMware backup product from a technical standpoint IMO. SAN replication to a backup storage unit is cheap and will also do it,
but unless VMs are on NFS, I dislike the fact there's no way to tell a
SAN "hey, look inside this 1TB VMFS volume/extent, and give me a copy
of this one blahblah-flat.vmdk from last week's snapshot, and clone it to a new directory on the current active VMFS datastore".

If you've got an average ~8:1 consolidation ratio or better I would say Veeam is absolutely perfect and undefeated.
Unfortunately... from a cost standpoint, at the $2000 or so per CPU,
last I heard; pricing means it would be impossible to get management on
board in at least my planned proof of concept due to low VM-density, in order to host
customer VMs.. VMware offers per-VM monthly rental under VSPP; which is ideal.. Perhaps when the market for VM backup products is more mature, a similar option will be available by backup vendors.

Consolidation = risk. The company would also be in a bad situation
if a disgruntled storage admin had logged into the SAN from McDonalds
and removed all the volumes, then wiped out RAID groups, flashed the SAN's head nodes with an invalid / "hardware bricking"
firmware, and issued a reboot. That said... this is just a virtual equivalent of a disgruntled employee setting fire to the server room, or ramming a truck through the building.

That is... the ultimate consolidation is, your entire datacenter is usually consolidated within 1 building, hence being called a datacenter rather than a 'data neighborhood'. :)

Risk should be managed. Crime cannot be prevented if the would-be perpetrator is sufficiently determined. Security measures implemented should first _make sure_ that any perpetrator _HAS_ to be an insider, _and_ an insider will be identified, _and_ insiders know they will be identified (deterrent). Audit records should be stored at X separate care, so that they cannot be destroyed by the perpetrator with access to Y.

Then after isolation and auditing is established, worry about integrity.

""I also wondered “What if the attack was less obvious?” What if
only slight configuration changes were made to the virtual machines
instead of obvious deletions?""

I wonder how many recommendations from VMware's Security hardening guide, the company victimized ignored, or failed to implement?

Security is tough. First of all... for the problem of attacking VMs; the profile of potential types of attacks are numerous. Most serious attacks come from a rogue individual (whether they be an admin, disgruntled
non-admin employee, or outsider with accidental or intentional
assistance from an insider); but system failures, and admin errors are also possible (sometimes admins won't even admit they made a mistake, and you need audit logs to bust them).

Another type of attacker is a piece of malware. Usually these are less destructive. But there exists the possibility of a malicious DoS.

VMware environments can be attacked at several layers
o The storage itself.... whether shared or DAS, is a potential target.
Physical layer attacks:
- Someone intentionally (or accidentally) physically damages disks, such as by taking one out and dropping it, either in a manner that causes immediate failure or one that will cause failure in the future, such as shouting at the disks, or removing/disabling some fans in the chassis.
If someone physically causes an entire RAID array to be lost (e.g. by physically walking up to a SAN and pulling the ejector on each drive), then all services stored on it may experience extended outage.

Methods of mitigation: Physical security. Video cameras. Camera footage should be stored immediately on servers in an area separated from the one monitored.
Unfortunately, this isn't preventative -- but enables you to discover when a policy is violated.

It won't detect if someone takes a cold spare HDD elsewhere on premises outside the camera's viewing area, inflicts minor damage on the drive, and then returns it.

Logical layer attacks, examples:
- Someone attaches a rogue server to the SAN, which might or might not be an ESXi server, or co-opts an existing server (for example, a VCB proxy server),
   and intentionally corrupts data on a VMFS volume or writes random bytes to some
   place on the VMFS device itself.
    eg    dd if=/dev/random of=someimportantfile.vmdk bs=1024 count=100 skip=(somerandomoffset)Of course 'someone SSHs into an ESXI server' and mucks around with .vmx configurations are also possibilitiesSo you can group these...     (a)   Logical attacks directly at the storage      (b)   Logical attacks that involve accessing ESXi hosts and tampering with things but not using the official interfaces      (c)   Logical attacks that involve using the proper APIs/interfaces to change things via central managementTo mitigate (a) you need tight SAN/storage security, isolated storage networks, measures such as LUN masking to ensure only authorized servers have access, measures to ensure VCB/backup proxy servers are not available outside storage network; security of SAN management interfaces.To mitigate (b) you need (a) mitigated AND tight ESX/ESXi host security, isolation of ESXi hosts from direct access from off-net, SSH locked down, possibly vCenter lockdown mode enabled.To mitigate (c) you need back channels (a) and (b) already mitigated, and measures taken to secure, isolate, and audit vCenter itself.Noting that if (a) is not secured,    (b) and (c) security alone are incomplete.

Re: A Virtual Tipping Point

Dracolith — Thu, 28 Jul 2011 03:01:19 -0000

Yes... I think it has been reached, and many organizations will be looking at Citrix or Microsoft solutions a lot harder for future deployments. As for VS5 being about cloud... frankly... the only "Cloud" of significance I see in VS5 for the Enterprise, is VMware having their head in the clouds. :)

If VS5 has been delayed to 2012, that's news to me. According to the announcement, VS5 release is expected August 2011. One of the mistakes VMware has made, I think, is they haven't really emphasized any major improvements in VS5 that all organizations will get, unless your organization has Enterprise+ licenses, there does not seem to be much in the way for us mere mortals to get excited about.

Their "Cloud" label is just hype, until there is specific documentation about what this feature point is exactly, and how it benefits the vSphere customers. "Cloud" has become such an abused buzzword that means so many different things, that it is actually a meaningless label.

VMware's customers are left bored... talking about things like licensing, which seems to be the largest "greatest" change in VS5. The VS5 vRAM restriction is
essentially a major price increase for customers that utilize large
amounts of RAM, or that choose to oversubscribe RAM, for one reason or another,
whatever that might be.

Personally I preferred the 256GB physical limit as the way to limit RAM. If I had to buy an extra CPU license to utilize 512GB, in the same way you needed extra CPU licenses if you had a CPU with more than 6 cores, I would be happy with that.

But the ramifications of vS5 VRAM are complicated, possibly differ for every environment, and do require math to analyze current and expected effects for each enterprise. The complexity/reduction of flexibility, increased risk, and high cost of expansion, alone raise concerns all of their own.

I can understand any customers being infuriated if they just bought 3 year SnS for investment protection to get included upgrades, only to find the "free upgrade" won't be "free" at all. And frankly, VMware's response as indicated on community forums/elsewhere, with suggestions like "Right-size your VM memory", is patronizing at best, and insulting at worst.

There is a moral/ethical question here also... then.. was VMware honest when they sold those SnS agreements in that case? I would rate VMware poorly on that subject, if they do not do something to make it right for those customers; if you sign and pay for a maintenance contract, it is not seemly for the contractor to invent new types of charges or new measures of utilization not mentioned previously.

VS5 has some ramifications for anyone using ESXi free standalone with its new 8GB RAM limit, or Essentials, with its fixed RAM limit per kit that cannot be expanded, without a $12k spend for Standard Acceleration Kit; even if there is not an immediate cost, the limit is going to eventually be reached.

The economics of the situation would seem to indicate.... competitive players; Citrix, Microsoft are coming to market with robust hypervisors, so there is an increase in capacity for production of hypervisor software in this market. Prices should go down within a few years, when organizations' switching new business to competitors, cause VMware to observe abysmal sales at current prices, unless VMware's goal here is to be a niche player rather than a market leader, they will have to actually compete, and only charge more
for the pieces of their solution where they can actually deliver value (within their customers' budget).

There is plenty of glossyware from VMware's marketing department, but little meat for VS5. As an Engineer, I would appreciate some better explanation from VMware of why VS5 will be better at release for all customers, and why the improvement will be worth the price increase and increase in licensing complexity (and therefore increase in assessment/compliance costs).

For many customers new features such as "Storage DRS" are not something we are going to be rushing to deploy; the technology needs to be proven first, and giving it such a high price doesn't encourage broad deployment.

So competing hypervisors' lack of "Storage DRS" is probably not much a competitive disadvantage for them.

Re: The Theoretical and Real Performance of RAID 10

Dracolith — Sun, 29 Aug 2010 06:09:51 -0000

Your 64k stripe size is a bit small. Such small stripe sizes are usually used in RAID5 configurations, to mitigate the small write penalty of RAID5, at the expense of sequential read and write performance. For RAID10, large chunks are preferable.

Also, er: "So I am lucky enough that Tom’s Hardware decided to go ahead and take care of the individual disk performance benchmarking as I already mentioned. "

There is another possible conclusion. The performance of individual drives on your specific device might not be the same.
As you mentioned the possibility "Something is wrong with the configuration."

With Western Digital Drives, check that you have the TLER feature available on your disk drives.

Unless you specifically test the individual drives you were working with in non-RAID configuration, you don't really know what performance they are giving you.

RAID configurations are sensitive to the performance of the individual drives; if the striped set on one side of the mirror isn't performing at full speed, the entire array's performance may suffer.

Sometimes one poor-performing hard disk drive can spoil performance of the overall array.

Re: virtualization.info | Citrix predicts Hyper-V will lead over Xen?

Dracolith — Wed, 18 Aug 2010 11:17:57 -0000

I suppose my point is just that they have a little more than two choices. Amazon is not in that bad a position... they could in theory adopt Eucalyptus and Libvirt, which supports both Xen, KVM, and VMware as choices of Hypervisor. Some hypervisors might be preferred over others for some users... for example: KVM for Linux workloads, VMware for Windows workloads, Xen for BSD/Solaris workloads...

They could charge more for an instance hour on a VMware VM with VI client access; if performance is better for the OS chosen, users who need it will pay.

Seeing as Eucalyptus already implements an API compatible with EC2 and S3, anyways.
Amazon might not need to change their management/orchestration tools much to do so.

And if vCloud, Azure, or one of their competitors ever got any credibility, they could take advantage of Eucalyptus' modularity to include simultaneous support for multiple APIs, (for example), possibly their competitors' cloud APIs, making Amazon the Go-To cloud provider no matter which management toolset the end user wanted.

Re: virtualization.info | Citrix predicts Hyper-V will lead over Xen?

Dracolith — Tue, 17 Aug 2010 06:55:48 -0000

"So Amazon has two choices for EC2: it either develops its own Xen distribution, or it embraces the one of another vendor."

Or Amazon builds a new interoperable EC2 platform based on RH6 and KVM, VMware, or Hyper-V, and either migrates to it, or provides the new system side by side as an additional option "EC2 2.0".

Or Amazon sticks with Redhat 5.x for a long time: it's not as if Redhat 5.5 is about to be EOL, it will be supported a long time with bugfixes and other updates.

Sometimes the hosting business is not always about using the latest software; sometimes what's older, robust, and proven stable, are better choices than the bleeding edge.