The clang thread sanitizer

Finding threading bugs is hard. Clang thread sanitizer makes it easier. The thread sanitizer instruments the to-be-tested code and emits useful information about actions that look suspicious (most importantly data races). This is a great aid in development and for QA. Thread sanitizer is faster than valgrind's helgind, which makes it applicable to more use cases. Note however that helgrind and thread sanitizer sometimes each detect issues that the other one does not.This is how thread sanitizer can be activated:install clang package (the OS package is usually good enough, but if you want to use clang 5.0, you can obtain packages from http://apt.llvm.org/)export CC=clang // or CC=clang-5.0 for the LLVM packagesexport CFLAGS="-g -fsanitize=thread -fno-omit-frame-pointer"re-run configure (very important, else CFLAGS is not picked up!)make clean (important, else make does not detect that it needs to build some files due to change of CFLAGS)makeinstall as usualIf you came to this page trying to debug a rsyslog problem, we strongly suggest to run your instrumented version interactively. To do so:stop the rsyslog system servicesudo -i (you usually need root privileges for a typical rsyslogd configuration)execute /path/to/rsyslogd -n ...other options...here "/path/to" may not be required and often is just "/sbin"...
Read more

One in 25 Searchable ‘Black Friday’ Apps Blacklisted as Malicious, Finds Report

Black Friday is a big day for shoppers. In 2016, 154 million consumers shopped over Thanksgiving weekend and spent $9.36 billion, constituting a year-over-year increase of 16.4 percent. More than half of that money spent ($5.27 billion) occurred online. Building on those figures, Black Friday 2017 looks like it will be even bigger than in … Read More The post One in 25 Searchable ‘Black Friday’ Apps Blacklisted as Malicious, Finds Report appeared first on The State of Security.
Read more

SSD Advisory – Linux Kernel XFRM Privilege Escalation

Vulnerability Summary The following advisory describes a Use-after-free vulnerability found in Linux kernel that can lead to privilege escalation. The vulnerability found in Netlink socket subsystem – XFRM. Netlink is used to transfer information between the kernel and user-space processes. It consists of a standard sockets-based interface for user space processes and an internal kernel … Continue reading SSD Advisory – Linux Kernel XFRM Privilege Escalation
Read more

Don Jr.: I’ll bite

So Don Jr. tweets the following, which is an excellent troll. So I thought I'd bite. The reason is I just got through debunk Democrat claims about NetNeutrality, so it seems like a good time to balance things out and debunk Trump nonsense.The issue here is not which side is right. The issue here is whether you stand for truth, or whether you'll seize any factoid that appears to support your side, regardless of the truthfulness of it. The ACLU obviously chose falsehoods, as I documented. In the following tweet, Don Jr. does the same.It's a preview of the hyperpartisan debates are you are likely to have across the dinner table tomorrow, which each side trying to outdo the other in the false-hoods they'll claim.Need something to discuss over #Thanksgiving dinner? Try thisStock markets at all time highsLowest jobless claims since 736 TRILLION added to economy since Election1.5M fewer people on food stampsConsumer confidence through roof Lowest Unemployment rate in 17 years #maga— Donald Trump Jr. (@DonaldJTrumpJr) November 23, 2017What we see in this number is a steady trend of these statistics since the Great Recession, with no evidence in the graphs showing...
Read more

Cybercrime Laws: What Internet Fraud Victims Need to Know

As the Internet continues to be an important part of our lives, it also becomes a more dangerous avenue for cybercrime. The risk increases as the massive online community’s use of the Internet becomes more rampant. And despite the public being aware of cybersecurity issues, anonymous online criminals are able find more victims and creative … Read More The post Cybercrime Laws: What Internet Fraud Victims Need to Know appeared first on The State of Security.
Read more

NetNeutrality vs. limiting FaceTime

In response to my tweets/blogs against NetNeutrality, people have asked: what about these items? In this post, I debunk the fourth item.The FCC plans to completely repeal #NetNeutrality this week. Here's the censorship of speech that actually happened without Net Neutrality rules:#SaveNetNeutrality pic.twitter.com/6R29dajt44— Christian J. (@dtxErgaOmnes) November 22, 2017The issue the fourth item addresses is how AT&T restrict the use of Apple's FaceTime on its network back in 2012. This seems a clear NetNeutrality issue.But here's the thing: the FCC allowed these restrictions, despite the FCC's "Open Internet" order forbidding such things. In other words, despite the graphic's claims it "happened without net neutrality rules", the opposite is true, it happened with net neutrality rules.The FCC explains why they allowed it in their own case study on the matter. The short version is this: AT&T's network couldn't handle the traffic, so it was appropriate to restrict it until some time in the future (the LTE rollout) until it could. The issue wasn't that AT&T was restricting FaceTime in favor of its own video-calling service (it didn't have one), but it was instead an issue of "bandwidth management".When Apple released FaceTime, they themselves...
Read more

Streamlining a Tech Support Scam

Microsoft’s Windows Security Blog on Technet: New tech support scam launches communication or phone call app “A new tech support scam technique streamlines the entire scam experience, leaving potential victims only one click or tap away from speaking with a scammer. We recently found a new tech support scam website that opens your default communication or
Read more
Page 1 of 43412345...102030...Last »