Yourbrowsermatters.org
-
@DaveK said:
If they can persuade the same user to restart their crashed browser and go back to the same malware-delivery website 255 times in a row, well perhaps.....
So... spicy photos of the Olsen twins?
-
@serguey123 said:
255 times after the first time it fails? Anyone that dumb can be hacked without needing any kind of browser exploit at all, just put up a web form asking them for their email address and password and they'll fill it right out...@DaveK said:
If they can persuade the same user to restart their crashed browser and go back to the same malware-delivery website 255 times in a row, well perhaps.....
So... spicy photos of the Olsen twins?
-
A banner iframe on a porn site, mayhaps.
-
@DaveK said:
255 times after the first time it fails?
Yes, you could sweeten the deal somehow by either mail delivery (one photo for each crash) or a challenge (the end result is that you can make people do stupid things)
@DaveK said:
Anyone that dumb can be hacked without needing any kind of browser exploit at all
Agreed, social engineering is usually enough
@DaveK said:
just put up a web form asking them for their email address and password and they'll fill it right out...
That is 90% of the internet users right there
-
@DaveK said:
@topspin said:
No, the malware author does not know where the jump table is, because it is part of the executable (contained within the .idata section) and hence loaded by ASLR at an unpredictable address.@DaveK said:
There doesn't need to be a lookup table because your program doesn't need to know where the function entry points are. The OS loader directly fixes up all the import references in your program at the time it loads your program and supporting DLLs. (Once a windows EXE is up and running, you can safely erase all the in-memory import and export tables, they are no longer needed.) Only the OS loader ever needs to know what is put where, and only before the program starts executing.
I'm still not clear on this. What I see my VC doing is this: Function calls to external references are actually CALL instructions to a jump table, so the loader has to only fix one JMP instruction for each referenced function and not each call of that function.
What does ASLR buy you here? The malware author may not know where the imports will end up, but he does know where the jump table is.
You're just moving the target again. Anything that's placed at an unpredictable address has to have a pointer to it at a predictable address so that the code can find it.
-
@Mason Wheeler said:
You're just moving the target again. Anything that's placed at an unpredictable address has to have a pointer to it at a predictable address so that the code can find it.
What if it's just-in-time linked? Then only the linker would have the lookup table, and it would only use it for a few milliseconds, then toss it in a bin. The program itself would never have a copy of it.
(I have no idea how ASLR is actually implemented, I'm just using my imagination here...)
-
@Mason Wheeler said:
You're just moving the target again. Anything that's placed at an unpredictable address has to have a pointer to it at a predictable address so that the code can find it.
My impression is that the most important things ASLR relocates are the heap and the stack and that using it in conjunction with DEP mitigates things like return to libc attacks. It's been a while since I researched it, though.
-
@blakeyrat said:
@Mason Wheeler said:
Thank you Blakey. (Pedantic dickweedery: What you refer to as "just-in-time linking" is in fact just the standard dynamic linking process that both Windows and Linux go through when loading a program image into memory.)You're just moving the target again. Anything that's placed at an unpredictable address has to have a pointer to it at a predictable address so that the code can find it.
What if it's just-in-time linked? Then only the linker would have the lookup table, and it would only use it for a few milliseconds, then toss it in a bin. The program itself would never have a copy of it.
(I have no idea how ASLR is actually implemented, I'm just using my imagination here...)
I am only slightly boggled at the number of people who, while knowing that they do not know about how linkers and loaders work, nonetheless (based on their random guesswork and incorrect inferences about how these things 'ought to' work) think that they have spotted some blazingly obvious flaw that all the people who work in the field have somehow managed to overlook. This is a typical bit of fallacious internet logic: "If I don't understand how something works, it must not work". As opposed to "If I don't understand how something works, I have no information on which to base a judgment".
The reason that no pointer is needed at any predictable address is because: the program is loaded at an unpredictable address. Within the .text section you have jumps through the indirect imported addresses in the .idata section. The jumps are filled in by the dynamic loader at load-time to point to the correct address in the .idata section, and the address in the .idata section is filled in at load-time to point to the unpredictable address of the function imported from a library. The code does not need a "pointer to it at a predictable address" because the dynamic loader actually modifies the code directly to point to the unpredictable address.
Anyone who wants to fail to understand further should stop failing to understand in my general direction, and go fail to understand at some references; here's a couple of good ones to get started with:
"Microsoft PE and COFF specification", http://msdn.microsoft.com/en-us/windows/hardware/gg463119
"An In-Depth Look into the Win32 Portable Executable File Format", http://msdn.microsoft.com/en-us/magazine/cc301805.aspx
Ditto, part two, http://msdn.microsoft.com/en-us/magazine/cc301808.aspx"Dynamic Linking in Linux and Windows, part two", http://www.symantec.com/connect/articles/dynamic-linking-linux-and-windows-part-two
(Part one, at http://www.symantec.com/connect/articles/dynamic-linking-linux-and-windows-part-one, focuses on Linux but is still informative.)"Windows 2000 loader: What Goes On Inside Windows 2000: Solving the Mysteries of the Loader", http://msdn.microsoft.com/en-us/magazine/cc301727.aspx
-
-
@DaveK said:
This is a typical bit of fallacious internet logic: "If I don't understand how something works, it must not work". As opposed to "If I don't understand how something works, I have no information on which to base a judgment".
If only it was limited to the internet!
This particular fallacy is known as the Argument from Ignorance, and it's one of the most frequently occurring ones.
Programmers assume that, because they can program, they have a good grasp of logic. I don't think I am exaggerating much to say that 99% of them are dead wrong, and the rest are mostly wrong. I suspect the [url=http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect]Dunning-Kruger effect[/url] is partly to blame.
I thought I was pretty good at logic myself, before I took a class in it. Taking a class in it *really* opened my eyes, and I'll squeeze in some more classes in related topics when they fit my schedule. A class in logic is a must for anyone who values critical thinking, as any programmer should!
-
-
@r250r said:
I thought I was pretty good at logic myself, before I took a class in it. Taking a class in it *really* opened my eyes, and I'll squeeze in some more classes in related topics when they fit my schedule. A class in logic is a must for anyone who values critical thinking, as any programmer should!
Don't they teach that at school? Isn't logic part of any good programming collegue degree or something like that? Hmmm, at least here any of the IT career that might require you to program require you to also take Logic
-
@serguey123 said:
@r250r said:
I thought I was pretty good at logic myself, before I took a class in it. Taking a class in it really opened my eyes, and I'll squeeze in some more classes in related topics when they fit my schedule. A class in logic is a must for anyone who values critical thinking, as any programmer should!
Don't they teach that at school? Isn't logic part of any good programming collegue degree or something like that? Hmmm, at least here any of the IT career that might require you to program require you to also take Logic
My school offered it, but it was a choice between that or Calculus. I chose Calculus because I also wanted to take Discrete Math. Though, I probably will at the very least look for some books on the subject; does anybody here have any decent suggestions that i can look into?
-
@dohpaz42 said:
My school offered it, but it was a choice between that or Calculus. I chose Calculus because I also wanted to take Discrete Math.
Was calculus a prerequisite of discrete math? That seems...illogical.
-
@boomzilla said:
@dohpaz42 said:
My school offered it, but it was a choice between that or Calculus. I chose Calculus because I also wanted to take Discrete Math.
Was calculus a prerequisite of discrete math? That seems...illogical.
Yes, it was a prerequisite. It's okay though, because if I didn't take Calculus, I never would have taken Pre-Calculus, and I learned a lot in that class - I never took the opportunity to get beyond Algebra I in high school*, so I missed out on a lot of good math.
* I was very dis-interested in learning in high school, which I regret now later in liff.
-
@dohpaz42 said:
My school offered it, but it was a choice between that or Calculus.
What? Calculus was not required? hmmm, well in my case I had Analysis...
@dohpaz42 said:
I chose Calculus because I also wanted to take Discrete Math.
Hmm, I agree with boomzilla, to take discrete math you should need both.
Next you are going to tell me Numerical, Concrete, Statistic and probabilities and Differential equations among others were not required? Well at least you had Calculus righ? All five of them?
-
@serguey123 said:
@dohpaz42 said:
I chose Calculus because I also wanted to take Discrete Math.
Hmm, I agree with boomzilla, to take discrete math you should need both.I don't think you do (or maybe you were not serious, but I did check for tags). I've always seen discrete math as a lower level course than calculus. Usually, it was informally referred to as Math for Poets, or something similar. Basically, it was the course people took to satisfy their math requirement in college when they weren't required to take calculus. So you learned about infinite series and stuff instead of limits, which AFAIK was the whole rationale behind the name of the course.
@serguey123 said:
Well at least you had Calculus righ? All five of them?
OK, what were the 5 calculus courses? I've usually seen it broken into 3 courses:
- Derivatives, some integrals, single variable
- More integrals, etc, single variable
- Multi-variate
-
@boomzilla said:
I don't think you do (or maybe you were not serious, but I did check for tags). I've always seen discrete math as a lower level course than calculus. Usually, it was informally referred to as Math for Poets, or something similar. Basically, it was the course people took to satisfy their math requirement in college when they weren't required to take calculus. So you learned about infinite series and stuff instead of limits, which AFAIK was the whole rationale behind the name of the course.
I suppose it varies depending on the type of collegue degree you have, in my case it was one of the hardest math we took, divided in two semesters. and 70% of what we did was math so the bar was really high
@boomzilla said:
OK, what were the 5 calculus courses? I've usually seen it broken into 3 courses:
- Derivatives, some integrals, single variable
- More integrals, etc, single variable
- Multi-variate
There is often something called "Advanced Calculus" or Calculus 4, but I think that's really a misnomer. It's really more of an Intro to Real Analysis, and usually the first course that focuses on abstract math (i.e., proofs instead of calculations).
My program and yours differ a bit, for example proof were common since day one, of course I did not take Calculus but Mathematical Analysis so I'm not sure how Calculus was divided. I should have mentioned that my degree had a lot of math so of course I was joking a bit as I don't expect other people to actually have that much math in their curriculum
-
@serguey123 said:
Next you are going to tell me Numerical, Concrete, Statistic and probabilities and Differential equations among others were not required? Well at least you had Calculus righ? All five of them?
Unfortunately my school was not that high-level to offer that many math classes; I wish it were, as I probably would have taken more of them. But, I did take accounting, college math (basically it was Alegebra II), pre-cal, cal, discrete math, and statistics (in that order). I really enjoyed all of those math classes (even accounting). I do plan on doing more independent study of other maths and advanced classes (e.g., algorithms, etc). I've kept all of my math books so that I can go back and re-read them on my own. Discrete math was a difficult, and fun, class for me. As I said before, in high school (that was 15 years ago) I never made it past Algebra I. That did leave me at a huge disadvantage with respect to trig and geometery stuff. But yeah, I digress, I will learn more on my own (fwiw, the Khan Academy has been super awesome with their video tutorials).
-
@serguey123 said:
@boomzilla said:
I don't think you do (or maybe you were not serious, but I did check for tags). I've always seen discrete math as a lower level course than calculus. Usually, it was informally referred to as Math for Poets, or something similar. Basically, it was the course people took to satisfy their math requirement in college when they weren't required to take calculus. So you learned about infinite series and stuff instead of limits, which AFAIK was the whole rationale behind the name of the course.
I suppose it varies depending on the type of collegue degree you have, in my case it was one of the hardest math we took, divided in two semesters. and 70% of what we did was math so the bar was really high
OK, probably a terminology difference, then.
@serguey123 said:
My program and yours differ a bit, for example proof were common since day one, of course I did not take Calculus but Mathematical Analysis so I'm not sure how Calculus was divided. I should have mentioned that my degree had a lot of math so of course I was joking a bit as I don't expect other people to actually have that much math in their curriculum
Typically, just people like math majors (which I was) would take enough math to know. At my school, the first two years were typically spent mainly on general education stuff, regardless of major, and the last two spent almost exclusively on courses inside your major. Math majors usually finished Calculus I - Advanced by the end of second year.
-
@boomzilla said:
OK, probably a terminology difference, then.
or a difference in curriculum, people take this in-depth and call it easy? http://en.wikipedia.org/wiki/Discrete_mathematics
@boomzilla said:
Typically, just people like math majors (which I was) would take enough math to know. At my school, the first two years were typically spent mainly on general education stuff, regardless of major, and the last two spent almost exclusively on courses inside your major. Math majors usually finished Calculus I - Advanced by the end of second year.
Kind of the same here, but my career was like math applied to computers so a lot of math was involved, mostly theoretical, so instead of calculus it was Mathematical Analysis and lot of other types of math so although we were supposed to be taugh the same our classes were very different as there was no time to cover the basic, (for example Pre Calculus was never an option). We were told on day one: we assume you know everything we don't teach you here so if you don't go study, anyhow we expect to say goodbye to half of you on our first year. (only one out of ten actually graduates)
-
@serguey123 said:
or a difference in curriculum, people take this in-depth and call it easy? http://en.wikipedia.org/wiki/Discrete_mathematics
My curriculum was easy compared to the Wiki article. We covered all of the basics and did a lot of intro-level stuff like set theory, vinn diagrams, n[PC]r-related stuff, pigeon-hole theory, some basic level graph stuff, trees/sorting, and basic proof writing.
-
@serguey123 said:
@boomzilla said:
OK, probably a terminology difference, then.
or a difference in curriculum, people take this in-depth and call it easy? http://en.wikipedia.org/wiki/Discrete_mathematics
Whoa whoa whoa! I never said anything about "in depth." I implied the opposite, I thought. Yes, there's a lot of stuff that's discrete. Skimming that, I think that they actually called the class I was thinking of "Finite Math." Those more in depth topics were typically their own classes, and not even all in the same departments (e.g., math, computer science, business).
@boomzilla said:
Kind of the same here, but my career was like math applied to computers so a lot of math was involved, mostly theoretical, so instead of calculus it was Mathematical Analysis and lot of other types of math so although we were supposed to be taugh the same our classes were very different as there was no time to cover the basic, (for example Pre Calculus was never an option).
So, a computer science program that actually taught computer science, as opposed to programming.
-
I played Rocky's Boots on my Commodore 64.
-
@boomzilla said:
So, a computer science program that actually taught computer science, as opposed to programming.
There are two other college degrees here that try to focus more on wordly issues, one is an engineering degree and the other is very focused on producing software, (you start working on real projects since your second year).
My degree is geared toward research and stuff.
@dohpaz42 said:
My curriculum was easy compared to the Wiki article. We covered all of the basics and did a lot of intro-level stuff like set theory, vinn diagrams, n[PC]r-related stuff, pigeon-hole theory, some basic level graph stuff, trees/sorting, and basic proof writing.
Great!
I linked to the wiki article not because it reflect on my actual curriculum but because average human that read that page won't think" hey, discrete math is a breeze" because it is not, the course that was taught at a given school might be easy or not but the subject in general is not easy. and that was my whole point
-
@r250r said:
I thought I was pretty good at logic myself, before I took a class in it. Taking a class in it *really* opened my eyes, and I'll squeeze in some more classes in related topics when they fit my schedule. A class in logic is a must for anyone who values critical thinking, as any programmer should!
Taking logic did nothing for me. It all seemed pretty obvious and, well logical.@others said:
discrete math
I didn't take discrete math, but it looks like I could benefit from it. Do you any of you have any suggestions? (as in, IYO what should I pay more attention to, do you know any great resources for self-learning, etc.)
-
-
@blakeyrat said:
I played Rocky's Boots on my Commodore 64.
[quote user="http://en.wikipedia.org/wiki/Rocky%27s_Boots"]Rocky's Boots is an educational logic puzzle game
[/quote]So... how old were you at the time?
@Gameplay rules said:
the player must connect a series of logic gates
Old enough to be one hell of a geek already then?
-
@DaveK said:
So... how old were you at the time?
I dunno, a little kid.
@DaveK said:
@Gameplay rules said:
the player must connect a series of logic gates
Old enough to be one hell of a geek already then?The Wikipedia entry was written by Wiki-nerds. The game itself is very accessible to kids.
Paradroid: I have never been more confused by gameplay footage in my life.
-
@Zecc said:
I didn't take discrete math, but it looks like I could benefit from it. Do you any of you have any suggestions? (as in, IYO what should I pay more attention to, do you know any great resources for self-learning, etc.)
Interestingly, when I took it (only a few years ago), my professor decided not to list a required textbook as there was plenty of good material on the Internet and he liked the thought of saving $11,000 all told for his students. I recall using Wikibooks as a resource (commence the flaming) along with another resource I can't remember; of course, I also bought the textbook used because a.) I found a really good deal, b.) I'm anal-retentive, and c.) I did not find discrete mathematics at all easy.
-
@heterodox said:
I recall using Wikibooks
Excellent. That is getting bookmarked right now.
@heterodox said:
of course, I also bought the textbook
Which edition do you have? And is it any good?
I got the Discrete Mathematical Structures (6th Ed.), and I found the authors to be extremely dry, which made the book that much more difficult to follow. So I would not recommend it to anybody.
-
Most of the book we used were made by the people that taught the course
-
@serguey123 said:
Most of the book we used were made by the people that taught the course. Juche!
FTFY
-
@DaveK said:
I've seen quite a few reports of malware in the past couple of years that say something along the lines of "circumvents ASLR", which would seem to indicate that ASLR isn't as random as it should be.@joe.edwards said:
If they can persuade the same user to restart their crashed browser and go back to the same malware-delivery website 255 times in a row, well perhaps.....If I recall correctly (and I might not), ASLR randomizes to 1 of 256 possible orders. Couldn't they enumerate all 256 possible address layouts and maybe test to see what is where?
Generally however you're only going to get one chance at it.
Also, I think the weakness you're describing only applies to 32-bit Vista; ASLR is meant to be much improved in Win7, and on 64-bit systems you have a far huger address space to randomise things within.
-
@El_Heffe said:
I've seen quite a few reports of malware in the past couple of years that say something along the lines of "circumvents ASLR", which would seem to indicate that ASLR isn't as random as it should be.
I don't know if it's a matter of "as random as it should be" versus "as random as it can be". Things like NOP slides and heap spraying can make it so even if you can't aim perfectly now, you can still hit the target if you try a few times. Of course, the real preventative measure is writing secure code in the first place.
-
@boomzilla said:
@serguey123 said:
Most of the book we used were made by the people that taught the course. Juche!
FTFYI don't get this one, care to explain?
Researcher don't write books where you live? Students don't read said books? Said researcher don't give lectures? I know this is done in some other countries as some of the lecturer were Nobel prize winners and such (sadly we don't have one of those) that came for a short while?
