GNS3 Weekly Development Report: May 11th
Two week ago we launched our first weekly development report in an effort to provide the community with increased transparency on what theCisco CEO John Chambers Gets Cocky on His Final Earnings Call
IoT greatness and the 'wrong' predictions about SDN are on John Chambers' mind in his last earnings call.
CloudFlare Supports the Passage of the USA Freedom Act
Earlier today, the lower house in the U.S. Congress (the House of Representatives) passed the USA FREEDOM Act. The Act, if passed by the Senate and signed by the President, would seek to sunset the National Security Agency’s bulk collection and mass surveillance programs, which may or may not be authorized by Section 215 of the PATRIOT Act. Under this authority the U.S. government has established its broad surveillance programs to indiscriminately collect information. Other governments have followed this lead to create additional surveillance capabilities—most recently, the French Parliament has moved a bill that would allow broad surveillance powers with little judicial oversight.
Restricting routine bulk collection is important: it’s not the government’s job to collect everything that passes over the Internet. The new version of the USA FREEDOM Act keeps useful authorities but ends bulk collection of private data under the PATRIOT Act. It also increases the transparency of the secret FISA court, which reviews surveillance programs—a key start to understanding and fixing broken policies around surveillance. The Act would also allow companies to be more transparent in their reporting related to FISA orders.
To be clear, we continue to be supportive of law enforcement and work Continue reading
With VSAP, Nuage Can Read Any SDN Underlay
A network visibility tool lets Nuage users peer into any underlay network.
NSA: ad hominem is stil a fallacy
An ad hominem attack is where, instead of refuting a person's arguments, you attack their character. It's a fallacy that enlightened people avoid. I point this out because of a The Intercept piece about how some of NSA's defenders have financial ties to the NSA. This is a fallacy.The first rule of NSA club is don't talk about NSA club. The intelligence community frequently publishes rules to this effect to all their employees, contractors, and anybody else under their thumb. They don't want their people talking about the NSA, even in defense. Their preferred defense is lobbying politicians privately in back rooms. They hate having things out in the public. Or, when they do want something public, they want to control the messaging (they are control freaks). They don't want their supporters muddying the waters with conflicting messaging, even if it is all positive. What they fear most is bad supporters, the type that does more harm than good. Inevitably, some defender of the NSA is going to say "ragheads must die", and that'll be the one thing attackers will cherry pick to smear the NSA's reputation.
Thus, you can tell how close somebody is to the NSA by Continue reading
Cisco Still Loves ASICs, as EZchip Discovers the Hard Way
A chipmaker's stock plunges as Cisco returns to ASICs on a key platform.
Some brief technical notes on Venom
Like you, I was displeased by the lack of details on the "Venom" vulnerability, so I thought I'd write up what little I found.The patch to the source code is here. Since the note references CVE-2015-3456, we know it's venom:
http://git.qemu.org/?p=qemu.git;a=commit;h=e907746266721f305d67bc0718795fedee2e824c
Looking up those terms, I find writeups, such as this one from RedHat:
https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/
It comes down to a typical heap/stack buffer overflow (depending), where the attacker can write large amounts of data past the end of a buffer. Since this is the kernel, there are no protections like NX or ASLR. To exploit this, you'd likely need some knowledge of the host operating system.
The details look straightforward, which means a PoC should arrive by tomorrow.
This is a hypervisor privilege escalation bug. To exploit this, you'd sign up with one of the zillions of VPS providers and get a Linux instance. You'd then, likely, replace the floppy driver in the Linux kernel with a custom driver that exploits this bug. You have root access to your own kernel, of course, which you are going to escalate to root access of the hypervisor.
People suggest adding an exploit to toolkits like Continue reading
5 Reasons Why You Should Attend DockerCon 2015
We have way more (and we’re sure you do too!), but here are our top five reasons to attend DockerCon 2015. 1. All-Star Lineup of Presenters We secured an all-star lineup featuring: Solomon Hykes, Founder and CTO of Docker Matthew Leventi, System Engineer … ContinuedVMware Says Customers Are Betting Big on NSX
A new twist on counting SDN customers: Who's really committed?