Linux Weekly News discusses 2003 Linux kernel attempted hack

Here’s a technical explanation from a Linux Weekly News contributor on the 2003 Linux Kernel hack.

An attempt to backdoor the kernel
[Posted November 6, 2003 by corbet]

The mainline 2.4 and 2.6.0-test kernels are both currently maintained in BitKeeper repositories. As a service for those who, for whatever reason, are unable or unwilling to use BitKeeper, however, the folks at BitMover have set up a separate CVS repository. That repository contains the current code and the full revision history. It is not, however, the place where new changes are committed. So, when somebody managed to push some changes directly into CVS, Larry McVoy noticed quickly.

Over the years, people have had numerous things to say about BitKeeper and the people behind it. Nobody, however, has accused them of being insufficiently careful. Every change in the CVS repository includes backlink information tying it to the equivalent BitKeeper changesets. The changes in question lacked that information, and thus stood out immediately.
Continue reading →

Revisiting a 2003 attack on the Linux kernel

Back in 2003, someone tried and failed to plant a security exploit into the Linux kernel code in a sophisticated and well-though-out operation. In light of yesterday’s revelations of NSA teams actively working to weaken software security, this incident from a decade ago raises some questions.

It also highlights why having the source code to your software is the only way to be sure it’s secure.

An unknown intruder attempted to insert a Trojan horse program into the code of the next version of the Linux kernel, stored at a publicly accessible database.

Security features of the source-code repository, known as BitKeeper, detected the illicit change within 24 hours, and the public database was shut down, a key developer said Thursday.

An intruder apparently compromised one server earlier, and the attacker used his access to make a small change to one of the source code files, McVoy said. The change created a flaw that could have elevated a person’s privileges on any Linux machine that runs a kernel compiled with the modified source code. However, only developers who used that database were affected–and only during a 24-hour period, he added.

via Attempted attack on Linux kernel foiled – CNET News.

Car thieves rob vehicles using ‘mystery’ wireless devices

Update 11 Aug 2015: Mystery solved?

Thieves are using a mystery device to break into cars and the cops are stumped. I came across this story back in June but never posted it here:

Cops across the country are investigating a new wave of car thefts that appear to be happening with nothing more than a click of a button, the “Today” show reports.

From California to Chicago, car thieves have been caught on camera breaking into parked cars using small electronic devices that could be “cloned” car remotes.

The thieves then raid the vehicles for valuables before skulking away.

Long Beach, Calif., Deputy Police Chief David Hendricks told “Today” he’s “stumped: by the robberies.

“We are stumped and we don’t know what this technology is,” he said.

via Car thieves rob vehicles using ‘mystery’ wireless devices: report – NY Daily News.

Continue reading →

S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30