[171053] in North American Network Operators' Group
Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]
daemon@ATHENA.MIT.EDU (TGLASSEY)
Thu Apr 17 00:41:43 2014
Date: Wed, 16 Apr 2014 21:39:14 -0700
From: TGLASSEY <tglassey@earthlink.net>
To: nanog@nanog.org
In-Reply-To: <21327.16768.946701.2078@world.std.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
BAE did this cute poster on the attack model
https://image-store.slidesharecdn.com/6f0027d2-c58c-11e3-af1f-12313d0148e5-original.jpeg?goback=%2Egde_1271127_member_5862330295302262788
On 4/16/2014 7:50 PM, Barry Shein wrote:
> On April 17, 2014 at 10:03 gdt@gdt.id.au (Glen Turner) wrote:
> > Jason Iannone wrote:
> > > I can't cite chapter and verse but I seem to remember this zeroing
> > > problem was solved decades ago by just introducing a bit which said
> > > this chunk of memory or disk is new (to this process) and not zeroed
> > > but if there's any attempt to actually access it then read it back as
> > > if it were filled with zeros, or alternatively zero it.
>
> Actually those were my words trying to describe kernel management of
> disk blocks, sparse files, etc, not user space.
>
> -b
>
>
--
-------------
Personal Email - Disclaimers Apply
