Security
Brief items
Xbox key defended by more than just length
[This article was contributed by LWN reader Tom Owen]
Someone thought this was urgent enough to work all evening.On Monday, this story was up on ZDNet with a dateline of 3PM Pacific. The Neo Project, an open source distributed computing effort, had started work to factorize the Microsoft Xbox public key. Just a few hours later, a little before midnight in Ontario, administrator Mike Curry posted this message on the Neo discussion board:
The Neo Project had spent six months grinding away on the RSA 576-bit factoring challenge while waiting for something worthier to come up. "Something worthier" turned out to be the Xbox Challenge, once Michael Robertson (Lindows and mp3.com) extended his offer of $100,000 for a procedure to boot 386 Linux on a Microsoft Xbox games console.
The games console business model was invented by King Camp Gillette as "razors and blades," but a better analogy for technical folks might be "printers and cartridges." The initial unit — razor, printer or console — is priced attractively regardless of the actual cost, and the profits are made on surprisingly expensive consumables. It takes technical subtlety and legal protection — to stop free-riding competitors. In the case of the Xbox, Microsoft charges a fat fee — many dollars per copy — to sign a game with the private xbox key; the console knows the public key and won't boot games signed by anyone else. Owners can fit so-called mod chips to bypass the check, but MS knows that most people won't poke around in the hardware. The Neo Project set out to crack the Xbox key to allow Linux to boot on an unmodified Xbox.
If the key only allowed booting Linux on the Xbox, Microsoft would probably not be too concerned. But that key would also allow anybody to sign any game, and thus bypass Microsoft altogether. And that, of course, is a direct threat to Microsoft's Xbox business plan.
The Xbox hacker site has an "unofficial quote" from a Neo Project source
So is Microsoft releasing its vicious assault lawyers in a desperate attempt to preserve the endangered xbox business model? Well, probably not. There was never any practical danger. One of the largest keys ever factored in public was the RSA 512 bit challenge, it took a few months work on a few hundred sub-500MHz class machines and nine days on a Cray. The 2048 bit Xbox public key is obviously more difficult, but it's truly astonishing just how much more difficult. RSA doesn't publish an estimate beyond 1620 bits, which they list as requiring a year with over 1000 trillion (1,000,000,000,000,000) 500MHz Pentiums, each with 120TB memory. Even the dotcom bust has not freed up that sort of hardware, so they expect this sort of key to stand for decades.
Instead, the Neo Project was hoping to get lucky; they were trying random keys in the hope that they might happen to hit the right one. In the day they were running, a few thousand machines tested almost a billion potential keys. Which is good progress, except that the number of potential keys is counted in a number with hundreds of digits. Odds like that make winning the lottery twice, or death in a meteorite strike into everyday occurrences. If they were really looking for a result "today, tomorrow or never," the smart money would be on never.
Microsoft -- assuming it was Microsoft -- bets with the smart money, but they shut down the Neo Project's Xbox effort anyway. It must take a firm nerve to keep faith in RSA and statistics when you learn that thousands of machines are working away on a lock that defends a future billion-dollar revenue stream. Compared with a risk like that, lawyers are cheap, even when they have to work nights.
New vulnerabilities
geneweb - information exposure
| Package(s): | geneweb | CVE #(s): | CAN-2002-1390 | ||||
| Created: | January 7, 2003 | Updated: | January 8, 2003 | ||||
| Description: | A security issue has been discovered by Daniel de Rauglaudre, upstream author of geneweb, a genealogical software with web interface. It runs as a daemon on port 2317 by default. Paths are not properly sanitized, so a carefully crafted URL leads geneweb to read and display arbitrary files of the system it runs on. | ||||||
| Alerts: |
| ||||||
http-fetcher - buffer overflow
| Package(s): | http-fetcher | CVE #(s): | |||||
| Created: | January 7, 2003 | Updated: | January 8, 2003 | ||||
| Description: | HTTP Fetcher is a small library that downloads files via HTTP. The HTTP
Fetcher library is exposed to very fatal buffer overflow which may
influence several other programs.
For more information see http://marc.theaimsgroup.com/?l=bugtraq&m=104187658217144&w=2 | ||||||
| Alerts: |
| ||||||
lcdproc - buffer overflows
| Package(s): | lcdproc | CVE #(s): | |||||
| Created: | January 8, 2003 | Updated: | January 8, 2003 | ||||
| Description: | lcdproc 0.4 contains several buffer overflow vulnerabilities which may be remotely exploitable; see this announcement for details. | ||||||
| Alerts: |
| ||||||
leafnode: denial of service
| Package(s): | leafnode | CVE #(s): | |||||||||
| Created: | January 2, 2003 | Updated: | January 15, 2003 | ||||||||
| Description: | - From leafnode advisory:
"This vulnerability can make leafnode's nntpd server, named leafnode, go into an unterminated loop when a particular article is requested. The connection becomes irresponsive, and the server hogs the CPU. The client will have to terminate the connection and connect again, and may fall prey to the same problem; ultimately, there may be so many leafnode processes hogging the CPU that no serious work is possible any more and the super user has to kill all running leafnode processes." Read the full advisory at http://marc.theaimsgroup.com/?l=bugtraq&m=104127108823436&w=2 | ||||||||||
| Alerts: |
| ||||||||||
libmcrypt: buffer overflows and memory exhaustion
| Package(s): | libmcrypt | CVE #(s): | CAN-2003-0031 CAN-2003-0032 | ||||||||||||||||
| Created: | January 6, 2003 | Updated: | February 27, 2003 | ||||||||||||||||
| Description: | libmcrypt versions prior to 2.5.5 contain a number of buffer overflow
vulnerabilities that stem from improper or lacking input validation. By
passing a longer than expected input to a number of functions (multiple
functions are affected) the user can successful make libmcrypt crash.
Another vulnerability is due to the way libmcrypt loads algorithms via libtool. When the algorithms are loaded dynamically the each time the algorithm is loaded a small (few kilobytes) of memory are leaked. In a persistant enviroment (web server) this could lead to a memory exhaustion attack that will exhaust all avaliable memory by launching repeated requests at an application utilizing the mcrypt library. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
monopd - buffer overflow
| Package(s): | monopd | CVE #(s): | |||||
| Created: | January 7, 2003 | Updated: | January 8, 2003 | ||||
| Description: | A buffer overflow was reported in the Monopd game server. A remote user can
execute arbitrary code on the system.
The vendor reported that a buffer overflow exists in the messaging framework and can be triggered by a remote user to execute arbitrary code with the privileges of the game server. See http://www.securitytracker.com/alerts/2002/Dec/1005856.html for more information. | ||||||
| Alerts: |
| ||||||
xpdf: integer overflow
| Package(s): | xpdf | CVE #(s): | CAN-2002-1384 | ||||||||||||||||||||
| Created: | January 2, 2003 | Updated: | February 6, 2003 | ||||||||||||||||||||
| Description: | - From iDEFENSE advisory:
The pdftops filter in the Xpdf and CUPS packages contains an integer overflow that can be exploited to gain the privileges of the target user or in some cases the increased privileges of the 'lp' user if installed setuid. There are multiple ways of exploiting this vulnerability. Read the full advisory at http://www.idefense.com/advisory/12.23.02.txt | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
Resources
[ISN] Linux Advisory Watch - January 3rd 2003
The January 3 Linux Advisory Watch newsletter from LinuxSecurity.com is available.
Page editor: Jonathan Corbet
Next page:
Kernel development>>