Dating myself, but I remember the first time I heard about mp3s. In a school trip, another kid told me that you could download songs in files that were only a megabyte a minute. I was incredulous. Up until then songs were wav files and video was in massive QuickTime files that took decaminutes to download for tiny snippets. Turns out he was right though :)
> "There are almost certainly multiple vulnerabilities at play here, since long gone are the days where a single vuln gave arbitrary code execution"
Could you go into this in a little more detail?
I'm inferring that chains of vulnerabilities are needed to go from some starting point to arbitrary code execution. Is that correct?
Have efforts to secure computer systems over the past ~2 decades succeeded, at least in that much more effort needs to be invested in order to get to the point of arbitrary code execution?
For the most part, yes, it's much harder to get ACE today than it was 20 years ago, and even then ACE doesn't actually grant you any fancy capabilities on a modern phone.
To get ACE, you will generally need a couple of primitives, such as an ArbR/ArbW coupled with an infoleak to get ROP. This will allow you to execute arbitrary code, but you're still stuck within the confines of the current process' privileges. Phone apps are generally heavily sandboxed, and the web browsers tend to be sandboxed even harder. Having ACE in some arbitrary process won't give you the ability to do anything: filesystem will still be out of reach, most of the time you won't even be able to see other processes or even make network requests. So you'll need to break the sandbox.
Breaking the sandbox tend to involve looking for an RCE in a process outside the sandbox that you can communicating with over an IPC channel. And you'll likely need to do this twice: once to break free of the browser sandbox, and once to break the "App" sandbox. If we take a look at chrome for instance (which is very well documented[0][1]), they have sandboxing mechanisms built-in to disallow access to most resources (like the filesystem) to most of its processes, and to prevent access to most of the kernel API surface. And then Android further sandboxes all apps to disallow them from accessing each-other's data. So again you'd have to find another bug somewhere to bypass this.
There are tons of mitigations techniques being developed to make bugs harder to exploit, from Pointer Authentication (making it much harder to exploit ArbR/ArbW bugs) to Control Flow Integrity (making it much harder to create a ROP chain). Of course, not all apps actually have those mitigations in place, but the web browsers tend to enable most, for instance chrome has CFI enabled[2].
Would you mind expanding the acronyms? This is super interesting, but hard to follow (and also somewhat hard to google, apparently Arbr is a bike brand)
RCE: Remote Code Execution. It's fairly straightforward, but basically any vulnerability that allows you to run (native) code without physical access to the phone (e.g. when a user visits a website).
ACE: Arbitrary Code Execution. Basically any technique that allows taking control of the execution to execute your own arbitrary code.
ArbR/ArbW/ArbCall: Arbitrary Read, Arbitrary Write, Arbitrary Call primitives. They tend to be the "basic unit" which you can weave together to further poke at things once you've gained ROP.
ROP: Return Oriented Programming, a technique used to take control of execution when you have the ability to overwrite the Return Pointer of the current stack frame (for instance, from a stack buffer overflow). ROP is used because nowadays, most processes adhere to W^X (Write Xor Execute, basically a memory page is never both writable and executable at the same time), meaning we can't just inject shellcode and jump to it anymore. You can find a small tutorial on ROP at [1].
ROP This can then be used to generate various primitives (ArbW can be achieved by weaving together a "ROP Chain" that calls memcpy with the right registers, for instance).
IPC: Inter-Process Communication. Imagine a Unix Pipe, where two processes communicate with each-other over stdin/stdout. This is an example of an IPC. There are other IPC mechanisms (D-Bus, Unix Sockets, localhost...). When a process is sandboxed, it will sometimes need access to things beyond its sandbox (like accessing the filesystem to access a cached image or something). To do so, it will talk to another process over an IPC mechanism, with a well-defined protocol.
ROP return-oriented programming, which I understand to be using code already on the target and manipulating code flow in order to piece together the boots of programme to execute a routine of the attackers choosing (like cutting letters out of a newspaper to make a ransom note!), https://en.m.wikipedia.org/wiki/Return-oriented_programming
Yes. For example, webpages viewed in Safari are sandboxed. You can't run arbitrary code to affect parts other webpages. So they had to break out of that.
All apps, including Safari, are sandboxed. Apps can't run arbitrary code to affect other apps. So they had to break out of that.
The system itself is sandboxed. Restarting the phone resets it, in many ways, to a "known" state. So they had to install something that would persist across rebooting the phone.
"We were surprised a little bit at how smooth things were off the pad. The space shuttle is a pretty rough ride heading into orbit with the SRBs, and our expectation was as we continued with the flight into second stage that things would basically get a lot smoother than the space shuttle did, but Dragon was huffing and puffing all the way into orbit and we were definitely driving and riding a dragon all the way up, and so it was not quite the same ride, the smooth ride, as the space shuttle was, up to MECO. A little bit less Gs, but a little bit more alive is probably the best way I would describe it."
Edit: Just noticed that that description is in the original article, too, fwiw
> but Dragon was huffing and puffing all the way into orbit and we were definitely driving and riding a dragon all the way up...
How can this be interpreted as a negative thing, if anything if I were a school boy watching that it that would make me want to get involved and want to experience it myself! An astronaut talking about taking a Capsule (dragon) all the way to Space, and describing it that way... what could be cooler than that?
Also worth noting that no one in involved in Space is expected to do a comfy job, much less being an Astronaut as it requires decades of rigorous physical and mental conditioning, training and exercise and psychological evaluation to just be a candidate in order to prepare you to live in an environment where even going to the bathroom, sneezing, or coughing could all kill you and potentially everyone in your crew in Space.
Yi So-yeon did an interview at MIT earlier this year with Mar's Society [1] describing this exact situation, and even when having almost died upon re-entry due to a faulty heat-shield malfunction that messed up the trajectory of the landing that almost killer her and her whole crew she was the first to sign up for another mission!
That's what an Astronaut is, they're cut from the same clothe as protype Fighter Jet pilots, where death was the most likely outcome; they're not 'normal' People and this doesn't phase them when confronted to do it again for a bigger purpose. Its why they're such exceptional Human beings and why they should be treated as such.
SpaceX is all about getting the cost down. You are going to make a lot more travel and payloads viable by focusing on dropping the price to orbit by 10x or 100x or 1000x (about $20/kg is the goal for the in development superheavy rocket) than on optimizing for smoothness. For now it is smooth enough.
> because as a parent poster says - a rougher vibration profile rules out certain payloads.
I guess that is true, Yi made the same argument about sending construction based equipment and the dilemma of having to make it more robust than necessary tolerances and specs thus increasing the weight of the payloads.
But SpaceX hasn't had a satellite failure to date, with the exception of the secret spy satellite that was 'lost,' or the facebook one that exploded on the launchpad (THANKS, ELON!).
I wonder what payloads specifically that would include?
Thanks for finding the timestamp/quote! That is what I was talking about, I specifically remembered the "riding a dragon" part. I do see it included in the article now too.
It might be helpful to have the age of comments listed as part of their metadata, ie alongside the date the comment was posted. Some formatting could be added (eg red highlight for comments > x years).
I know this sort of feature is useful on newspaper websites - The Guardian will flag stories older than some limit as being potentially out-of-date.
> It might be helpful to have the age of comments listed
That's... currently the case?
> red highlight for comments > x years
I don't find age has a 1:1 correlation with it being outdated. If some advice doesn't make sense to me, I'd look at the dates of this and other answers, because most often there will be newer answers (lower voted because they haven't existed as long / aren't seen as much) and/or comments added to the answer indicating how to do it in python3 or whatever the new thing is.
Sometimes posts from 2009 help me, sometimes posts from 2018 are outdated. Maybe this could work if a time limit is configured per tag, but even then, I expect it wouldn't be very helpful.
>> It might be helpful to have the age of comments listed
> That's... currently the case
Is it currently the case? I'm not seeing it, though it I may be missing it.
I do see, at the bottom of comments, something like
:: edited Apr 23 '15 at 8:40 / answered Mar 11 '09 at 21:11
The date the question was /asked/ does have an age, though, which may be what you're referring to. For the problem at hand, it's the age of the answers that matters more than the age of the questions.
> I don't find age has a 1:1 correlation with it being outdated.
He says in the second article you link that he doesn’t think hotlinking is bad per se, especially when it’s done in support of knowledge and education.
I think the moral is rather that hotlinking is dangerous.
From time to time I've looked around for good charts of the night sky, suitable for printing and browsing. These are the best I've found so far; they might be helpful to users of this program as a guide for how to design charts:
