Security is a joke. Networking is a joke. Experts are a joke.
I’m so tired of reading all the time about IT security issues. The tissue of our society, which is networked computing, is a Gruyère cheese; it’s Achilles’ heel. When it fails, we’re fucked. And it’s prone to fail.
I was already disgusted by the too many security issues I read in Risky Business’ cybersecurity newsletters, a mix of Risky Business News and Seriously Risky Business (I’m only subscribed to RBN).
I was bored to death by the various Microsoft bugs and other security issues in everyday software. Everything is so buggy, that’s inherently insecure. But we continue to increase the complexity of everything.
The same greed for speed made them design speculative out-of-order execution CPUs, starting with Pentium Pro and Pentium II. This is yet another way of looking for trouble, and trouble came. I’m not sure that all these vulnerabilities have been satisfactorily mitigated: Spectre, Spectre-NG, Meltdown, Foreshadow, ZombieLoad, RIDL, Fallout, BHI aka Spectre-BHB, Retbleed, SMoTherSpectre, ÆPIC Leak, SQUIP, Predictor, Zenbleed, and more. And now, a new AMD SinkClose flaw helps install nearly undetectable malware at Ring -2 (SMM) level. So the kernel (Ring 0) cannot access Ring -1 and Ring -2 to detect potential malware, but the malware can access those levels. I understand that today’s hardware and software are too complex for a single mind to understand how things work, but we have practically met the fate of the Flying Dutchman. There’s no safety, anywhere.
And now…
- Hackers Have Exploited An 18-Year-Old ‘0.0.0.0-Day’ Loophole In Safari, Chrome And Firefox – “Weaknesses in Chrome, Firefox and Safari gave hackers a route into internal networks, even those protected by firewalls, security researchers warn.”
- Bug 354493 (Opened 18 years ago) – Mitigate CSRF attacks against internal networks (block rfc 1918 local addresses from non-local addresses)
- 0.0.0.0 Day: Exploiting Localhost APIs From the Browser
Excerpt from the last one:
To find out, we ran a dummy HTTP server on localhost (127.0.0.1).
We then tried to access it through an external domain from Javascript, using 0.0.0.0.It … simply worked. The request reached the server.
What happened here?
- Under public domain (.com), the browser sent the request to 0.0.0.0.
- The dummy server is listening on 127.0.0.1 (only on the loopback interface, not on all network interfaces).
- The server on localhost receives the request, processes it, and sends the response.
- The browser blocks the response content from propagating to Javascript due to CORS.
This means public websites can access any open port on your host, without the ability to see the response.
WTF was in their minds? How come that 0.0.0.0 is routed to 127.0.0.1? Even if it means “all IP addresses on the local machine,” 0.0.0.0 is a non-routable meta-address! It should be interpreted as an invalid, unknown, or non-applicable target! Retards.
CORS (Cross-Origin Resource Sharing), PNA (Private Network Access), and shit are not the proper solutions. It’s too late for proper solutions.
We shouldn’t have let all the idiots design EVERYTHING this planet relies on. Stupid RFCs that nobody implemented correctly, über-buggy browsers, über-buggy and vulnerable software as a rule. Even the Internet is based on the retarded TCP/IP, which is vulnerable by design. Even though ARPANET was military, TCP was designed “for honest people only,” so it’s vulnerable to SYN flooding, hence DDoS. Other vulnerabilities by design include ARP spoofing, IP spoofing, MitM attacks, DNS poisoning, and many others. The addition of security protocols such as SSL/TLS, IPsec, DNS over TLS (DoT), DNS over HTTPS (DoH), and others, is only patching a poor design.
Other terribly poor designs can be found in Bluetooth (one of the most retarded communications protocols) and Wi-Fi. Let’s ignore the completely idiotic design of overlapping channels in Wi-Fi and only mention another fundamental flaw.
A bunch of mentally retarded monkeys came up with this design:
- Wi-Fi can be configured to automatically connect to one’s preferred networks, and most people use this convenience.
- How do you think this has been implemented? Even a half-brained dead rabbit would have designed it this way: the device would listen for something like 30 seconds, make a list of the available networks, and, if one of them is known, it would try to connect to it.
- Here’s how it’s implemented instead: in the Network Discovery phase, the device broadcasts something to the effect of “Is anyone of you MyHomeNetwork, or MyOfficeNetwork, or MyGirlfriendsNetwork?” Then, if a device responds affirmatively, it will try to connect to it.
- But any hacker can impersonate any such access point because you yourself are broadcasting such confidential information, i.e. the SSIDs you would automatically connect to! So if a hacker’s device says, “Yes, I’m MyHomeNetwork,” and then it accepts your credentials without caring about them, you will be connected to a fake network!
Sure thing, practically everything uses SSL or TLS these days, so your traffic won’t be understood. Should anything still be transferred as plain text, you can use a VPN. But how could anyone have designed such an abomination?
EDIT: Yes, of course I know why this has been designed this way. Because some nincompoop thought like this: “Hey, if an AP is hidden by not broadcasting its SSID, it’s more secure!” But to connect to a hidden AP, a device has to ask explicitly: “Are you there, MyHomeNetwork123?” So they made an AP “more secure” by making your computer or mobile device less secure! Brilliant.
When everything is designed by such imbeciles, why do I wonder if an external attempt at 0.0.0.0 reaches my internal 127.0.0.1 sever? Even if in a limited way, this is an attack vector.
I was really, really, infinitely happier in the times of MS-DOS and Windows 3.1. For all the wrong reasons (not counting that I was younger), but still. Back then, there was hope, and I thought we were progressing technologically.
Nope. We’re digging our graves. You don’t realize how fragile and vulnerable our civilization’s IT infrastructure is! Maybe this civilization should have ended in the year 2000. We’re now living in Idiocracy, anyway.
Probabil e imposibil sa schimbi intreaga infrastructura iar in timpul asta reteaua/soft-ul sa si functioneze. Pana nu apare ceva complet diferit peticim ce avem, cu riscurile aferente. Iar asta nu ne scuteste ca urmatorul “BIG THING” sa nu fie facut cu aceleasi probleme (sau altele la care nu ne gandim acum).
In plus, acum putem privi in urma (1995 de exemplu) si sa zicem “aia e facut prost”. In 1995 chestia aia era “uau”, stabila, compatibila cu ce exista atunci, livrata la timp!