Exploits Emerge For Linux Privilege Escalation Flaw

angry tapir writes "Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system. The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the '/proc//mem' file."

Broken on Android too

[StayFrosty]

Awesome that this will lead to easier root access on Android devices.
On the flip side I'm sure Android vendors won't get around to patching this for a while and our devices will be vulnerable.

Now, off to patch my Linux boxen.

Re:Hrrm

[Mad Merlin]

Rule #1: There is no such thing as 100% secure. Even 100% bug-free cannot be considered 100% secure.

There's also no such thing as 100% bug-free.

Rule #3: All security is ultimately "security through obscurity."

While in the strictest sense, this may not be untrue, to phrase it that way is extremely dishonest. An encryption algorithm that relies on the secrecy of the algorithm is totally worthless (security by obscurity), whereas an encryption algorithm that relies on the secrecy of the keys used for encryption is quite useful (not security by obscurity in the normal sense).

In fact, if you want to be pedantic about it, the relevant definition for obscure is...

not readily understood or clearly expressed; also : mysterious [1]

Which is about understanding and not so much about knowledge. I may understand that I need a username and password to log into your system, just because I don't know what the username or password is doesn't make it security by obscurity. In fact, say I wanted to break into your house, I may have seen you use a physical key to open the front door and walk in and I may have even memorized the pattern of teeth on the key, but it does me no good if I don't have a key of my own to open the door with. There is certainly no obscurity in that security.

If you're going to go ahead and say that all security is "security through obscurity", then you may as well make the next logical step of not implementing any of it.

[1] http://www.merriam-webster.com/dictionary/obscure [merriam-webster.com]

Re:Hrrm

[anonymov]

"The fact is private encryption keys only work when P and Q are not known. You can also decrypt the cyphertext without the key - just search for $5 wrench"

You're mistaking "secret", which is necessary part of every encryption scheme, with "obscurity", which is useful only in very specific circumstances.

Following your analogy, security by obscurity is making key duplication method secret and hiding the lock's inner working. Good security, on the other hand, is when you can't duplicate the key unless you snatch it from the owner and can't pick the lock even if you know how it's built.

Security by obscurity is useful only as preliminary defense line to stall an attacker until he gathers enough information about your systems to begin targeted attack.