PWN to OWN Contest at CanSecWest 2008

The PWN to OWN Contest is a hacking contest at the CanSecWest security conference that pits a standard install of Linux, Windows, and MacOS X against all comers. Each laptop has a default installation on it, and has not been hardened at all. The successful hacker will not only win a cash prize, but the system in question as well.

The MacBook Pro was the first to fall, and the laptop running Microsoft Vista Ultimate second. However, there will be those that misinterpret the results by not realizing how the contest was conducted.

Each contestant gets 30 minutes to attempt to crack the machine, and can choose which machine to attack. The attacks are limited by the rules, and each day that went by the rules allowed a wider range of attack vectors. It was a third party application (Adobe Flash) that permitted the compromise of the Microsoft Vista machine.

No part of the contest can be considered a scientific study into which system is more secure than the other: contestants attacked a single machine of choice, and contestants were allowed their attempts one at a time – and the operating system was not hardened.

This is entirely different than, for example, the Capture the Flag contest at DEFCON. That contest consists of setting up a server and trying to capture the other teams “flag” through compromising the server in some way. In that contest, any and all comers are permitted to enter and to attack at will during the contest with whatever vulnerabilities and methods they have available.

Speaking of DEFCON, DEFCON 9 saw the entrance of an Alpha-based VMS machine – installed with the standard setup – which remained unscathed throughout the contest, though try they did. The VMS Team (the Green Team) had a writeup and also wrote a white paper afterwards.

If you are interested in DEFCON, DEFCON 16 will be August 8-10 in Las Vegas, Nevada.

Also, speaking of DEFCON – let’s not forget the similarly named but totally unrelated InterSystems DEVCON2008, which is just wrapping up. DEVCON, among other things, covers Caché development and related. It is interesting to note that InterSystems DEVCON began 15 years ago, whereas DEFCON began 16 years ago. I wonder how much Caché security is covered at DEVCON2008.

Implementing Security (and the NSA)

The NSA is, of course, the United States National Security Agency. It’s their job to a) keep the nations computers secure; b) find out how to break everyone else’s (ah, the dichotomy of national intelligence!). Thus, some of the best computer security minds are at the NSA – it was the NSA that brought us SELinux (and still does!).

They also have a vast array of security guides available for download. These include guides on securing Solaris 8 and 9, MacOS X 10.3 and 10.4, Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and more.

Use a security guide next time you secure a box – and not necessarily just one. Do some research. Implement all of the security you can on all of your boxes – even if it is not on the Internet. One day, someone might just crack through – then all of your internal systems will be at risk. Each system should be able to withstand an assault without falling.

OpenSolaris on a MacBook

OpenSolaris is very interesting, and since the introduction of dtrace and ZFS has enthralled many. I tried to install it onto my HP Compaq E300 laptop (which it was unsuitable for), and tried to install it onto an HP Compaq 6910p laptop. In this case, the networking was unsupported: both the ethernet and the wireless drivers were not included with OpenSolaris Express (Developer Edition).

In any case, I expect I might just be shopping for a laptop in the next year – and it’s nice to see that OpenSolaris does run on the Apple MacBook.  This article goes into detail about how the writer got it to work, and each of the steps that were taken to make it happen.  Paul Mitchell from Sun discusses dual-partitioning a MacBook in this context as well.  Alan Perry (also from Sun) had done the same thing with a Mac Mini, and Paul extended it to the MacBook.  Both entries are detailed and have to do with MacOS X and Solaris dual-booting.

An a different note, check out the graph of library calls from dtrace in this article.  From what I’ve heard of dtrace, it’s the ultimate when it comes to debugging…

New operating system releases!

This is just amazing: did everybody coordinate this? Within the last three weeks or so, we’ve seen these releases come out:

Several of these were released on the same day, November 1.

What next? Am I really supposed to choose just one? Sigh. And I just installed OpenBSD 4.1 and Fedora 7, too – not to mention installing FreeBSD 6.2 not too long ago.

From all the talk, I’ll have to try Kubuntu again. So many systems, so little time.

I have been using OpenSUSE 10.3 (with KDE). I just love it – and I love the new menu format, too.

Update: Sigh. I should have known. Microsoft Windows Vista celebrated its 1st Anniversary on Nov. 8.

The root account (and toor)

Traditionally, the root account (account 0) is not used for daily tasks.  This is widely known; however, this is the reason that root’s home directory was usually / (the root directory) as there was no need for .profile, .login, .Mail, and so forth.  The root account is even created under MacOS X with a locked-down password (that is, there is no valid password for root, making it impossible to log in as root).

However, this is most certainly not the case today – and more and more administrators use the root account for many tasks. One common problem is the problem of someone wanting to change the root shell – and then breaking the startup process since some scripts would assume that the shell is the Bourne shell.  This was more of a problem under BSD since the standard BSD shell was the C shell, and the startup scripts usually assumed the Bourne shell (which is completely incompatible with the C shell).  The toor account (that is, root spelled backwards) was created for this purpose: a person can log in as toor and have the C shell (csh), but not affect the standard startup process.  A toor user would still have the userid zero (0) but would for all intents and purposes be the root user.

This would also lead to the possible creation of a specific home directory for the toor user.

In MacOS X, the root user is locked down and no login is possible as root.  To access root, the sudo utility must be used as the admin user (which should be the user that installed MacOS X).

The wheel group is also part of this process; using the wheel group can expand the capabilities of some users in order to further reduce the need to actually use the root account as a shell account.

Thus, you can see that there is really no reason to use the root account.  But is that going to stop us? Perhaps it should…

Connecting to the Internet with Bluetooth: After One Month Plus

Having used my Bluetooth-enabled phone (now the Nokia 6165i) to connect to the Internet using my Mac Mini and MacOS X 10.4, I want to relate my experiences.

As a dialup user, I found the cell-phone connection to be pleasantly faster, but not overly faster. Having been used to dialup speeds (and expecting nothing outstanding) I was pleased with the speed of the connection. Someone used to broadband speeds would be dramatically disappointed, but the ability to use cell-phone-based Internet connectivity anywhere can be a real asset.

I also found that the “modem” inside the mobile phone would react in strange ways at times, sometimes not responding at all, other times responding but refusing to make any connections, other times accepting input but not responding to input. Part of this may be due to bugs in the modem software – after all, the modem is not nearly as heavily used by the users as the mobile phone portion of the software. Part of this may also be due to lack of a strong data signal.

This brings me to what may be the worst drawback – the data signal is quite separate from the cell signal – so there is no indication of how strong it is or even if it exists in the current location. Thus it may be that when the data signal is weak, the modem will refuse to dial (the equivalent of not receiving a dialtone).

Much of this is hypothesis on my part about how the modem works – but I’ve found that MacOS X seems to be largely sound in its handling of the connection.

I’ve also seen the system go through a sequence (on the menu bar, starting in a connected state): “Disconnecting…” followed by “Authenticating…” followed by a continuation of the time spent online. I’ve attributed this to a possible loss of signal or a weak signal. It remains, however, rather disconcerting – but nothing bad comes of it.

The other bluetooth-based connections I use – one from the phone itself, and one from a Nokia 770 Internet tablet – are nowhere near this informative, so can’t say much about those, except the speed is the same (at least, it should be, eh?).

Also, my experiences with spontaneous loss of connection – for instance, when the phone goes dead! – have not been pleasant. Complete loss of bluetooth signal seems to be well-handled, but when the phone dies, there may be something else going on. Thankfully, this has not happened to me for some time, but I recommend not trying it :-)

The Wheel Group and MacOS X

The setup used here was MacOS X 10.4 (not MacOS X Server) on a PowerPC MacMini.

The wheel group is already set up, but is not called wheel. The group wheel does exist, but the group admin is used by su as the wheel group. The user root belongs to both the wheel group and the admin group.

Another point to remember is that the system uses the NetInfo database, not /etc/group. When NetInfo Manager starts, it presents a list of items (like a list of folders). Select group, then in the next pane, select admin. In the window pane below, look at the property labeled “users” and see that your user id is there as well as root.

If you want to add another user to the “wheel” group (in actuality, the admin group here), add a new value to the users property. First, click the lock at the bottom right and enter your password so you can make changes. Select the users property. Next, in the menu bar, select Directory, and under that, select Insert Value. Put the selected user in the entry box that shows up and press Enter when done.

Don’t forget to save this or no changes will take place. This can be done with the usual Command-S or under the menu Domain, select Save Changes.

A Quickie: A PDF of all Macintosh OS X Key Shortcuts!

There is a list of all available Macintosh OS X key shortcuts in a PDF (or three). This includes foreign characters, mathematical symbols, and more. So if you want to write en français, you can – or enjoy writing about a delicious éclair – or about that new hôtel de Paris – you can. You can écrit des articles en français et discut les ordinateurs toute les jours!

(Okay, so I speak – or try to speak – French. I believe that I already wrote about using foreign languages….)

What’s Your Favorite Operating System?

I was asked this question recently. Everyone likely has an answer: Red Hat Linux, Debian GNU/Linux, Solaris… My answer surprised the questioner: UNIX and UNIX-workalikes. This includes FreeBSD… and Red Hat… and Solaris… and HP-UX… and AIX… and so forth. When I first became interested in UNIX, not one of the aforementioned products existed. First UNIX system I got my hands on briefly was Eunice (look it up :-) and the next (a few years later) was Microport System V (for the IBM AT).

Perhaps you might think Solaris is better than Linux – or NetBSD is better than OpenBSD. I suggest it doesn’t matter. Each UNIX (or UNIX-like) environment has its pluses and minuses. Individual choices are personal and enterprise choices are practical – in either case, which is truly better doesn’t matter.

If your enterprise is using Oracle, for example, the choice of which UNIX system you use is dramatically reduced: which system will Oracle support? You won’t be using Oracle on FreeBSD unless you forgo the Oracle maintenance contract. Choices like this continually appear in the enterprise. Perhaps the new version of Red Hat Enterprise Linux has everything you want – but Oracle doesn’t yet support that version.

Alternately, which system you use for your own desktop is a personal choice. Which one is “better” is which one feels better to you. UNIX is, at its heart, unified – that is, it is a single environment – but it provides a wide choice of user interfaces, user programs, and even technical items such as filesystems and virtual memory management schemes. Use whichever one seems better.

What do I use on my personal desktop? Mac OS X. However, in line with the ideas posited above, I’ve just expanded my “desktop” with Synergy, linking my “other” desktop (first Fedora Core 5, now BeleniX with OpenSolaris core) to my Mac OS X desktop. More about Synergy later.

So next time someone tells you what their favorite operating environment is – why not find out what it is they’re so excited about? You might find something exciting yourself.


Get every new post delivered to your Inbox.

Join 43 other followers