Security Now 289

From The Official TWiT Wiki
Jump to: navigation, search
Security Now
Episode 289

Security Now 289: Proxied Surfing

News & Errata

5:35 - 9:42

  • Java was updated to J6 update 24
  • Fixes lots of security problems

9:43 - 21:20

  • New BIND vulnerability
  • Affects v9.7.1 - 9.7.2-p3
  • You have a queue of requests in a buffer
  • Serving that queue are worker threads
  • Multiple workers each come back to the queue to get the item to service
  • You can get a deadlock when there are resources in the server that only one thing at a time can access
  • If two workers try to access the resource at once they can modify the resource without the other knowing
  • So when it comes back to work with the resource its not the same value it left there
  • In a modern operating system you can prevent this by locking out a resource so only one thread can work with it until it unlocks it
  • A thread often needs to lock out multiple resources and if they are in use it will wait for them to become available
  • However this can create a problem if another thread is waiting for resources that this thread has locked out
  • You end up with both waiting forever for the other one to unlock its required resources
  • This is a "deadlock"
  • You can create a deadlock in the affected versions of bind if you send requests in a certain order
  • v9.7.3 is out and fixes this bug

21:21 - 30:39

  • The FBI spoke about their desire to have a backdoor in crypto
  • They mentioned a desire to be able to wiretap skype

30:40 - 40:44

  • COIA - Combating online infringement acts
  • Domain seizures could only be used when less restrictive methods have failed

40:45 - 43:26

  • The HR1 bill was passed
  • The FCC lost there ability to spend money implementing net neutrality rules

43:27 - 48:45

  • Steve won 50 bit coins

48:46 - 51:51

  • Google's one time password system does not support Verisigns OTP system due to cost

Spinrite Story

52:52 - 54:12 Philip (Indiana)

Spinrite fixed a PS3 hard drive

Proxied Surfing

57:26 - 01:41:26

  • Normally when you use a web browser you enter a URL into the address bar and the browser looks up the IP address and attempts to initiate a TCP connection to that IP on port 80 or 443
  • If its able to get a connection it exchanges its request with the remote server and gets the resources
  • ISP's often proxy connections, in this case the web browser thinks its connecting to a remote server but the proxy intercepts the request and see's if it has what the browser is requesting in its cache
  • If it does then it can serve the browser this page saving bandwith and reducing page load time
  • You may have a company which wants to control the external use of the internet so the firewall blocks outgoing connections on port 80 and 443 so that all the web services that exist outside are inaccessible
  • Schools and universities may block certain websites
  • Some countries like China censor the internet in this way


  • A proxy provides the means for providing a middle man in the connection between the users browser and a server
  • In the corporate case you may have to logon to the proxy server to gain access outwards
  • If the proxy is configured in your browser then no matter what address you put into the address bar, the browser connects somewhere else.
  • It doesn't look up the IP address of the domain you put in the address bar and attempt a connection.
  • Instead, those settings which are in its configuration dialogs, those take precedent.
  • So the browser always goes to a specific IP and port number.
  • If authentication is required, then what happens is it makes its query, just as it normally would, as if it had normally connected to the actual destination IP.
  • However, it's connected instead to this proxy server.


  • Another type of proxy is a local proxy
  • You run a server in your computer (like privoxy)
  • It sets up a server which provides local services
  • If you don't want your browser to send information like your user agent a local proxy can prevent this as all connections are routed through the proxy and it removes things like the user agent before forwarding the request
  • It can also strip things off incoming content


  • Websites can proxy on your behalf
  • This allows you to get around filtering at places like work and school
  • they encode the domain you want in the returning page, the browser url shows the domain doing the proxying followed by noise
  • All the pages assets are modified by the proxy so your browser requests them under an alias
  • Some of the better proxies also support SSL

Sponsors

  • astaro.com
  • 877-4-ASTARO
  • Ad Times: 0:48 - 01:07 and 54:26 - 57:22

Production Information

  • Edited by: Alex
  • Notes:
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.