Security geek developing WinXP raw socket exploit

Has Steve Gibson finally lost his mind?


Repent, for the Kingdom of Heaven is at hand!
   -- Matthew 3:2

Security specialist Steve Gibson has created quite a fracas with his increasingly vocal opposition to the raw-socket connectivity planned for Windows-XP, and upon which he bases predictions of impending chaos for the entire Internet, so he's decided to exploit the very threat he claims will make the Internet permanently unstable.

The raw sockets which have Gibson so steamed enable a machine to send or capture data independent of the operating system -- quite handy if you're a software developer or an advanced hobbyist. And while it's true that this also enhances the packet-flooding capabilities of a Windows machine by making it easy to spoof packets, it's also true that this function is already included in most other operating systems, and can be added to an existing Win-9x, 'ME, or '2K machine quite easily with a library called WinPcap.

All right, we'll allow that there'll be a few s'kiddies who might prefer to use their Win-XP boxes for such purposes. But they can already do so simply by installing Linux and doing a bit of reading.

There will also be more Windows clients available for malicious misuse as 'XP grows in popularity; but one can already do heaps of packeting from Windows machines with SubSeven, and even launch the attack in bulk from IRC.

True, the boxes will eventually be found because their IPs are traceable, and admins will contact the owners and let them know they're infected -- but only long after the damage is done. Raw sockets in 'XP only marginally improve the situation for a malicious party. We really don't see an immense growth in packeting on the horizon.

Gibson, on the other hand, tells it like a loner in the desert, living, we would imagine, on locusts and wild honey for a bit too long a time.

After being packeted into submission last month by a thirteen-year-old computer enthusiast called "Wicked", he's become obsessed with the mission of dissuading Microsoft from outfitting 'XP with the same capabilities as most of its competitors.

He's written thousands of words on his Web site, denouncing Microsoft for putting something like real power into a consumer operating system. He's written memos to the company; he's warned all his site's visitors; but he's still not satisfied. The "XP Christmas of Death" is coming, he warns, immediately after which all the little s'kiddies will gleefully baptize us with fire.

According to Gibson's paranoid delusions, everyone with a computer is a potential criminal, and the only reason the entire Net population hasn't yet exploded in some mass orgy of evil is because Microsoft has thus far refrained from unleashing the uncontrollable power of the raw socket.

He'll show the bastards

Unfortunately, not enough of the right people are listening to him with the proper degree of attentiveness. So he's decided to show the bastards: Gibson is developing a free tool which he calls 'Spoofarino'.

"We need a tool to hold ISPs accountable and publicly demonstrate individual ISP irresponsibility," Gibson says.

"Given the universal reluctance they have demonstrated so far, I believe that only active public scrutiny will bring about the changes required to insure [sic] a reliable and secure future for the Internet."

From that we infer that Spoofarino will enable Netizens to test whether or not their ISP allows them to send spoofed packets to Gibson's site. We imagine that any ISP which fails to filter outbound spoofed packets will be identified for a solid public shaming.

It sounds like a tool with which one could generate raw packets, though probably in a controlled manner. But if that's the case, it would lay much of the ground work for an EZ malicious version leveraging the very threat Gibson is decrying.

"The threat represented by Microsoft's forthcoming Windows-XP operating system, with its confirmed ability to easily generate malicious Internet traffic -- for NO good reason -- can not be overstated," he warns.

"The proper executives within Microsoft MUST be reached with this message so that those plans can be reviewed in light of the potential for their system's massive abuse of the inherently trusting Internet."

And so Steve Gibson is going to show us all. ®

Related Stories

Windows XP will make Internet unstable - top security expert
Microsoft rebuts XP Net instability claims


Other stories you might like

  • VMware claims ‘bare-metal’ performance from virtualized Nvidia GPUs
    Is... is that why Broadcom wants to buy it?

    The future of high-performance computing will be virtualized, VMware's Uday Kurkure has told The Register.

    Kurkure, the lead engineer for VMware's performance engineering team, has spent the past five years working on ways to virtualize machine-learning workloads running on accelerators. Earlier this month his team reported "near or better than bare-metal performance" for Bidirectional Encoder Representations from Transformers (BERT) and Mask R-CNN — two popular machine-learning workloads — running on virtualized GPUs (vGPU) connected using Nvidia's NVLink interconnect.

    NVLink enables compute and memory resources to be shared across up to four GPUs over a high-bandwidth mesh fabric operating at 6.25GB/s per lane compared to PCIe 4.0's 2.5GB/s. The interconnect enabled Kurkure's team to pool 160GB of GPU memory from the Dell PowerEdge system's four 40GB Nvidia A100 SXM GPUs.

    Continue reading
  • Nvidia promises annual datacenter product updates across CPU, GPU, and DPU
    Arm one year, x86 the next, and always faster than a certain chip shop that still can't ship even one standalone GPU

    Computex Nvidia's push deeper into enterprise computing will see its practice of introducing a new GPU architecture every two years brought to its CPUs and data processing units (DPUs, aka SmartNICs).

    Speaking on the company's pre-recorded keynote released to coincide with the Computex exhibition in Taiwan this week, senior vice president for hardware engineering Brian Kelleher spoke of the company's "reputation for unmatched execution on silicon." That's language that needs to be considered in the context of Intel, an Nvidia rival, again delaying a planned entry to the discrete GPU market.

    "We will extend our execution excellence and give each of our chip architectures a two-year rhythm," Kelleher added.

    Continue reading
  • Now Amazon puts 'creepy' AI cameras in UK delivery vans
    Big Bezos is watching you

    Amazon is reportedly installing AI-powered cameras in delivery vans to keep tabs on its drivers in the UK.

    The technology was first deployed, with numerous errors that reportedly denied drivers' bonuses after malfunctions, in the US. Last year, the internet giant produced a corporate video detailing how the cameras monitor drivers' driving behavior for safety reasons. The same system is now apparently being rolled out to vehicles in the UK. 

    Multiple camera lenses are placed under the front mirror. One is directed at the person behind the wheel, one is facing the road, and two are located on either side to provide a wider view. The cameras are monitored by software built by Netradyne, a computer-vision startup focused on driver safety. This code uses machine-learning algorithms to figure out what's going on in and around the vehicle.

    Continue reading

Biting the hand that feeds IT © 1998–2022