Bitbashing (Posts about security)

Insurance, Evaluation, Risks

Jack Lloyd — Mon, 16 Jun 2008 04:00:00 GMT

The bond insurers MBIA and Ambac are going bankrupt because they wrote insurance for mortgage backed securities which are now failing at rates far higher than they had estimated. This is a pretty common problem with insurance; humans tend to be really bad at estimating or pricing risk.

Racing in Java

Jack Lloyd — Wed, 14 May 2008 04:00:00 GMT

Reading the documentation for Java's File object, I was astounded to find that the Java designers managed to replicate one of the best known file system race conditions for no good reason: the functions canRead and canWrite are essentially the Java equivalents of the access function, which is so well known to be a security hole that the Linux man page actually warns that:

Using access() to check if a user is authorized to e.g. open a file before actually doing so using open(2) creates a security hole, because the user might exploit the short time interval between checking and opening the file to manipulate it.

While OpenBSD provides the less ambiguous caveat that:

access() is a potential security hole and should never be used.

Adventures in Signal Handling

Jack Lloyd — Sun, 02 Mar 2008 05:00:00 GMT

I was reading the man page for Linux fcntl(2), because I've never used it and was curious what exactly it could do. For a couple of hours this afternoon, I thought I had perhaps found a security vulnerability in the design, this post is to trace my logic and describe what I learned.

Algorithmic Complexity Attacks on Allocators

Jack Lloyd — Wed, 01 Nov 2006 05:00:00 GMT

A few years back some researchers presented the concept of performing denial of service through algorithmic complexity attacks, which essentially cause pathological behavior in data structures like hash tables through carefully chosen inputs.