On Mon, Apr 20, 2009 at 8:56 PM, Theo de Raadt <dera...@cvs.openbsd.org> wrote: >> This morning I had an email arrive at "Tue, 21 Apr 2009 06:58:36 +1000 >> (EST)" from computershop.ca announcing that my order had been mailed. >> >> At 09:05 I went to check my PO box for the morning mail and found my 2 >> sets of 4.5 CDs >> >> How did Austin and the gang know that my package had made it out of >> customs in time to arrive in this morning's mail and to send the email >> at just the right time? > > We are working on changes to do this trick in a variety of our deamons > and in our kernel; precognition means that we can identify an upcoming > period when such packets will come in -- packets which would > defragment and subsequently arrange themselves into an attack above > the socket layer. since we can precognitively pre-identify the risk, > we can drop them right on the ethernet card and avoid even having them > dma into memory! > > Well, we have only parts of this working in the tree. A few pieces > are still missing, but Austin is trying a prototype of the algoritms > and heuristics in his shipping operation.
So you actually have a working prototype to detect the EVIL bit and drop it on the card itself? Cool! Again, OpenBSD drives security forward and other OSes are left to follow. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related
