Secure attention Key: Login and GkSudo

Bear Giles bgiles at coyotesong.com
Sun Oct 30 21:10:32 UTC 2011


Actually SSL/SSH is a good example of how easy it is to screw up things.
It's hard to believe that people have deployed systems and left the NULL
cipher as an acceptable cipher but it's been done. Ditto weak random number
generators that left you with AES encryption but only a relative handful of
possible session keys. (This is what bit Debian a while back.) I seem to
recall reading about another attack in just the last few weeks.

BTW you can eavesdrop on a connection if you have one of the keys used in
the DH negotiations and the parties aren't using Perfect Forward Secrecy.
It's scary because it doesn't have to be realtime - it can be someone
sniffing your network today and replaying the tapes when they get a copy of
your key a few weeks later. I suspect few people using the various ssl
libraries even know about this.

On Sun, Oct 30, 2011 at 12:37 PM, Reinhard Tartler <siretart at ubuntu.com>wrote:

> On So, Okt 30, 2011 at 15:11:04 (CET), staticd wrote:
>
> >> Windows NT is designed so that, unless system security is already
> >> compromised in some other way, only the Winlogon process, a trusted
> >> system process, can receive notification of this keystroke
> >> combination. This is because the kernel remembers the process ID of
> >> the Winlogon process, and allows only that process to receive the
> >> notification.
> >>
> >> So says Wikipedia.
> >>
> >> Interestingly, VMWare catches the sequence as well.
> >>
> >>
> > I was thinking of a Alt+Sysrq combination capturable only by the kernel.
> > (Ctrl+Alt+Sysrq ?)
>
> The SAK for Linux systems is Alt+Sysrq+k
>
> While this SAK can be disabled, Ubuntu ships with this functionality
> enabled. It safely and uncatchably terminates your running X11 session,
> returning back to your login manager.
>
> Cheers,
> Reinhard.
>
> --
> Gruesse/greetings,
> Reinhard Tartler, KeyID 945348A4
>
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20111030/4900125e/attachment.html>


More information about the Ubuntu-devel-discuss mailing list