31 July 2015, 12:22 | #101 |
Banned
Join Date: Nov 2007
Location: Trondheim, Norway
Posts: 1,893
|
When I hacked remote Amigas (it happened), it was client software I exploited (AmIRC for example, all those scripts people use without thinking of the consequences). If an Amiga had TCP: mounted, executing remote scripts was a breeze. One funny game was to have remote amiga export ram: with netfs, so I could mount it from my amiga, assign my env: to remote env: and play around with system prefs and see confused owners rambling on IRC as their pallette changed or whatever. Back in the days people didn't have NAT to hide behind, today it requires a wee bit more effort. Astonishingly many use default admin passwords on their routers, or the same password for admin user as for their wifi.
Bottom line is, if you let anything from remote source run on your Amiga, your entire system may be owned within seconds. Maynaf, memory protection helps a lot in terms of limiting what an exploiter can perform on a system, if you think otherwise, then please explain. Last edited by TCD; 31 July 2015 at 15:25. Reason: Back-to-back posts merged. |
31 July 2015, 12:46 | #102 |
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
@kolla: THANK YOU
also do you know what is the "finger exploit" mentioned here? http://eab.abime.net/showthread.php?t=18952 @meynaf: yes i do know how much code you can fit in 20kb, i have written Amiga code you know. I have also written C++ code for commercial projects and as much as i'm astonished at how big the executables come out from GCC, but that's got no bearing on the complexity from a programming point of view. But no matter how good a compiler you had, or if you were writing it all in ASM, you wouldn't fit Photoshop in 20kb, even Deluxe Paint doesn't fit in 20kb. Someone from ZX81 community probably calls that bloatware, too! |
31 July 2015, 12:48 | #103 | |||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
And should you pass nevertheless, you'd be ejected (by me) as quickly as you entered ! If you can enter - which i seriously doubt - you can not do anything unnoticed. Quote:
But, boy, if you let anything from a remote source run, your entire system may be owned within seconds... regardless of the machine you use. ... and for me it can also be un-owned within seconds. I disconnect, or even perform ctrl-A-A. Then you lose all control. Quote:
Remember that all the zombie peecees sending spam all have memory protection. A good firewall does a lot more than memory protection ever did. Anyway as I said earlier, it's pointless to have "security" when you have no risk of being attacked ! We're in a market niche, remember. My point of view on memory protection is that it should be an OPTION. What's wrong in that ??? |
|||
31 July 2015, 12:56 | #104 | |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Were you in difficulty so that you needed some help ?
Quote:
The compiler is responsible only of a small part in fact ; it turns 20kb programs into 80kb programs maybe, but it won't turn 20kb into several Mb. Bloatwares are so by bad programming design, it's not the fault of the compiler. Look at the sources that can be found online. Often i can rewrite them in asm with a lot less lines ! How many lines is it to show a PNG for example ? |
|
31 July 2015, 13:00 | #105 | ||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Talk of memory protection is irrelevant to my example about the Mr Beanbag website being hacked. That was hacked because we left the visitor comments section wide open because we didn't think anyone would have any motivation to hack it, so we didn't bother doing it "properly". We were wrong. Exactly HOW they did it is really not important. You asked WHY someone would hack such-and-such. We're in a market niche, right. The whole point of this thread is about why we can't have an "amiga-like" system anymore, and the answer is that, insofar as you define "amiga-like" as having no security model whatsoever, no-one in their right mind would produce a new system like that. Quote:
I have written programs in C++ that do barely anything and the executable comes out in the 100s of kb. And let's look at the way Windows programs come bundled... the usual way is you bundle install all the DLLs the program needs along with the program, because the alternative is "DLL Hell". I know, it completely negates the entire point of a shared library, but nevertheless it is the norm on Windows, because it has no way to manage dependencies. Linux is better on this front. And i have worked on commercial projects in C++ (do i have to keep repeating myself?) that are full of the sort of bugs that could compromise an unprotected system (segmentation faults to you and me), granted i do generally remove more code than i add but the number of lines of code is really not the problem, it is the interdependency between the various parts, and especially because we just don't know exactly what the user will do until we actually give it to them to use. Some of the bug reports that come back are incredible, "i did X and it crashed," and i'm sitting there with my head in my hands going "why... why did you do that?" Of course it still shouldn't crash in any case, but we can only test cases that we can anticipate. Last edited by Mrs Beanbag; 31 July 2015 at 13:09. |
||
31 July 2015, 13:04 | #106 | |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
To the risk of repeating myself, closing unneeded tcp ports does a lot more for security than memory protection. |
|
31 July 2015, 13:20 | #107 | |||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
You answer how, then i ask why. That's not necessarily an objection to the "how". And vice versa. Do you have a concrete example where i miss or evade the point ? Please be SPECIFIC. Quote:
This only proves that the security of your site must be assured by you, not by your operating system. Quote:
I'm not saying we should have no security at all. I'm saying that memory protection should be an OPTION we can switch on and off. |
|||
31 July 2015, 13:30 | #108 | |
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Yes I know my site should be assured by me! That is BESIDE THE POINT! YOU asked THIS: What it proves, is that you should never assume that just because you can't see the point in hacking something, doesn't mean it won't happen. That is the point, that is relevant to what you said. All the stuff about the server having memory protection is completely irrelevant, as is any talk about whose responsibility the security is. |
|
31 July 2015, 13:32 | #109 | ||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
Perhaps you shouldn't include heaps of .lib in your project. Quote:
If you do new, then init, then function 1, then function 2, then function 3, then delete, instead of doing the whole job with a single call, you get larger code that's all. I have disassembled megabytes of code, read megabytes of C/C++ sources as well, and very often i am stumped how things can be made complicated for stuff i'd have done with just a few lines... |
||
31 July 2015, 13:36 | #110 | |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
It said a lot more than just the point you wanted to make. |
|
31 July 2015, 13:43 | #111 | |||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Quote:
This kind of bad code isn't what gets you bad pointers. It is usually silly mistakes that get you bad pointers. Oh i have seen unit tests fail on Windows but not Linux (or was it the other way around?) because of a line like the following: Code:
char* myString = 0 It seems like spotting this sort of thing is a rare talent, somehow. This particular case only happened in the unit test and the program itself seemed fine, so this went unfixed for months until someone gave it me to look at. Quote:
It is a very simple website. Its simplicity did not protect it. Yeah that example can be made to prove all sorts of things that are beside the point. |
|||
31 July 2015, 14:26 | #112 | |||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
Quote:
No, why ? Quote:
And mine is that memory protection is optional. |
|||
31 July 2015, 14:43 | #113 | ||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Also, the more developers you have. Quote:
Maybe there is a case for games to be able to gain complete control over the screen and the audio hardware. But we could discuss that. I see no reason to go over the operating system's head to do file operations or reserve memory. Let's imagine a scenario. Supposing someone were to download a popular multi-player game. They want to play the game because it is a really good game, and all their friends are playing it online. Of course, it has network access. But it turns out the game has a bug which is exploitable in some way that nobody imagined at the time of writing, but it allows someone to hack their own copy of the game in order to send malicious code to other players. You did not write this game, in asm or otherwise. There is no memory protection. What can this malicious code do, and what can't it do, and why? |
||
31 July 2015, 15:15 | #114 | |||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
Quote:
In addition, the fact AmigaOS is so open for hacking, is one big reason why it has survived for so long. For any other system, when support is over, then you're dead. Quote:
|
|||
31 July 2015, 15:37 | #115 | |
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
If there is memory protection, malicious code cannot do anything. That is the point of memory protection. You can't just read, write or execute anywhere. You can't directly access hardware resources. There might, in principle, be other holes in the OS security model that let things through... but ideally there would not be, which is what we would strive towards. Otherwise, if malicious code can do anything, then so can your own code, in which case what are you complaining about? |
|
31 July 2015, 16:25 | #116 | |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
You seem to want an "ideal" system in which there are no security holes. In that case, indeed it would be worth the trouble. But i'm afraid that this simply can't exist. Anyway, what do you have against a system where memory protection is an option ? Why the heck can't we be true supervisors of our own machines ? |
|
31 July 2015, 17:56 | #117 | |||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
You put a lot of emphasis on spam-factories though, this is not the only reason to hack someone's machine. Quote:
Quote:
You could, perhaps, implement a model like the XBox 360 uses, where only signed code can use kernel space, and where the user can sign their own code (but don't keep the private key on the same machine!) A possible alternative to hardware memory protection is something like the Java model, run everything in a sort of virtual machine. I'm personally sceptical of claims that Java can outperform C code but that is what some people say. Apparently there are Java exploits too, though. Ultimately, if you are writing a general purpose OS i think the best you can do is try to stay as far ahead of the hackers as you can. |
|||
31 July 2015, 18:48 | #118 |
Registered User
Join Date: Apr 2011
Location: Luxembourg
Posts: 87
|
|
31 July 2015, 19:10 | #119 | |||||||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
Quote:
Quote:
Quote:
Quote:
If not, why turning memory protection off would be allowed for malicious code for the sole reason the user is allowed to do so ? Quote:
Quote:
Quote:
I'm a lot more concerned about the hardware. Having a system that can work without memory protection means that it can work without an MMU, which, you have to admit, is : 1. Absolutely mandatory for memory protection, 2. Quite costly to implement in a soft core, which seems the only option we have now. Killing that ability for "security" doesn't sound clever to me. |
|||||||
31 July 2015, 19:16 | #120 |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,355
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Amiga 1200 computer | sidrulez! | MarketPlace | 4 | 01 January 2015 23:36 |
looking for my amiga 3000 computer | amicrawler | MarketPlace | 4 | 19 September 2009 21:50 |
Amiga inc reveal new entry Amiga computer - $489usd | Mikey_C | News | 132 | 01 October 2007 13:10 |
The DADDY Amiga computer is? | Bloodwych | Retrogaming General Discussion | 27 | 05 August 2002 18:14 |
|
|