Alexander Riccio

Rush post: heartbleed-masstest

•April 10, 2014 • Leave a Comment

The Heartbleed Bug (CVE-2014-0160) is not just a run-of-the-mill bug, it’s a damn scary bug. Most “nasty” vulnerabilities are quite limited in scope – maybe an attacker has a tiny chance of exploiting the vulnerability to execute (a tiny segment of) code, or they corrupt the appearance of files (ahem, winRAR) so the user is tricked into executing malicious code. The heartbleed bug however, can be exploited without leaving any evidence of exploitation, and requires NO user interaction. The Heartbleed bug lets attackers read from arbitrary locations in the OpenSSL address space, including those used to store the PRIVATE keys.

As a result of this danger, Mustafa Al-Bassam created a tool to scan websites for this vulnerability. I forked it on GitHub, and quickly hacked it to scan in a multithreaded fashion, much faster than the original serial method.

It’s really ugly at the moment, but you can clone it here: https://github.com/ariccio/heartbleed-masstest/

Posted in Uncategorized

Malaysia Airlines Flight 370 …..and Paul Sajda?!?

•March 15, 2014 • Leave a Comment

In aid of the ongoing search for Malaysia Airlines Flight 370, millions of individuals are volunteering to screen satellite imagery for signs of the missing 777. Paul Sajda, whom I’ve written about before, has developed software that, with an EEG, allows an individual to screen hundreds of images per minute for “interesting” information. Maybe that software could be used to help search for Malaysia Airlines Flight 370?

That’s just an idea, some food for thought.

Posted in Featured Posts, Ideas, Neuroscience, Science/Innovation, Uncategorized
Tags: Malaysia Airlines, Malaysia Airlines Flight 370, Neuroscience, Paul Sajda, Satellite imagery, Volunteer search

iMPCs: Cell Reprogrammers Take Aim at Liver Disease

•March 6, 2014 • Leave a Comment

Posted in Uncategorized

“The parameter is incorrect”: an update

•March 2, 2014 • Leave a Comment

I believe I’m zeroing in on the cause of the bug.

A comment in a mirror of a 1997 Sysinternals post, “Inside Windows NT Disk Defragmenting” says this about FSCTL_GET_VOLUME_BITMAP:

Return

If there are errors related to the volume’s support for this FSCTL or FileHandle representing a valid volume handle, an appropriate native NT error code is returned (as defined in the NT DDK file NTSTATUS.H). If the cluster specified in InputBuffer is out of range for the volume, the call will return STATUS_INVALID_PARAMETER. If there are no errors and there are no clusters beyond the last one described in the Map array, the FSCTL returns STATUS_SUCCESS. Otherwise STATUS_BUFFER_OVERFLOW is returned to notify the caller that further calls should be made to retrieve subsequent mappings.

…which is far more enlightening for this matter than Microsoft’s current documentation for FSCTL_GET_VOLUME_BITMAP:

Remarks

The FSCTL_GET_VOLUME_BITMAP control code retrieves a data structure that describes the allocation state of each cluster in the file system from the requested starting LCN to the last cluster on the volume. The bitmap uses one bit to represent each cluster:

The value 1 indicates that the cluster is allocated (in use).

The value 0 indicates that the cluster is not allocated (free).

Note that the bitmap represents a point in time, and can be incorrect as soon as it has been read if the volume has write activity. Thus, it is possible to attempt to move a cluster onto an allocated cluster in spite of a recent bitmap indicating that the cluster is unallocated. Programs using the DeviceIoControl function with the FSCTL_MOVE_FILE control code must be prepared for this possibility.

The handle used here must be a Volume handle and have been opened with any access. Note that only Administrators can open Volume handles.

The starting LCN in the input buffer may be rounded down before the bitmap is calculated. The rounding limit is file system dependent.

What exactly does Microsoft mean by “[…]the input buffer may be rounded down before the bitmap is calculated”?!!? I believe that that, together with the Sysinternals post, points to a bug in FSCTL_GET_VOLUME_BITMAP’s return behavior, or in defragsvc’s usage thereof.

To aid in debugging, I’m uploading a zip file with:

A Process Monitor trace of a defrag run wherein defrag throws the ”The parameter is incorrect. (0×80070057)” error.
A dump of defrag.exe immediately after the error is thrown.
A dump of svchost.exe -defragsvc immediately after the error is thrown.
(hopefully informative set of) Screenshots of a WinDbg session immediately before, during, and after the error is thrown.
The symbols that I set breakpoints for in WinDbg.
Some remarks on FSCTL_GET_VOLUME_BITMAP collected from a few sources on the internet.
A few notes on the debugging process.

This slideshow requires JavaScript.

A note about the Process Monitor trace: I have removed a (very) few entries that contained personal information, entries that I’m quite certain have no relevance to the error.

Now it’s up to Microsoft to fix the issue.

DEFRAG_INVALID_PARAMETER_CENSORED

Posted in Computing, Documentation
Tags: Defrag, FSCTL, FSCTL_GET_VOLUME_BITMAP, Microsoft, Microsoft Windows, NTFS

“The parameter is incorrect. (0x80070057)” and other Windows Defrag issues.

•February 26, 2014 • Leave a Comment

I’ve tried to defrag a 2TB hard drive for a couple of days now.

When defragging with /A /H /U /V /O, defrag nears completion, but throws a “The parameter is incorrect. (0x80070057)” error instead. This also happens when using the GUI, but defrag silently logs an error to the Event Log.

This slideshow requires JavaScript.

Another serious issue is the speed of defragmentation. As of right now (while consolidating free space), the defrag service spends the majority of it’s time eating 100% of a single core, and very little time on actual I/O. A quick bit of investigatory ProcMon work suggests a cause:

Is somebody incorrectly calling FSCTL_GET_RETRIEVAL_POINTERS?

The only filter I’m using is:With that many BUFFER OVERFLOW events, there must be something wrong. Eventually, a Read Metadata DOES succeed, but that’s after several pages of BUFFER OVERFLOWs!

The Windows Dev Center gives us some insight:

Note that I’ve highlighted references to ‘buffer’.

If you really want to go deep, Mark Roddy has written a great article: Adventures in Luserland: Finding Disk Sectors Associated with File Records.

Mirrored here: Adventures in Luserland

I’ll conjecture that Microsoft needs to review any defrag code related to FSCTL_GET_RETRIEVAL_POINTERS – but for now, I’ll just have to wait. And wait. And wait.

Posted in Computing, Documentation
Tags: Buffer Overflow, Defrag, Disk Defragmentation, FSCTL_GET_RETRIEVAL_POINTERS, Procmon

An update on Circadian Rhythms, F.lux, and DDC/CI (i.e. part IV)

•February 20, 2014 • Leave a Comment

I’ve made a number of minor changes in the C# code from part three, fixing a few bugs and cleaned up the code. Scroll down for the binary + source code.

Continue reading ‘An update on Circadian Rhythms, F.lux, and DDC/CI (i.e. part IV)’

Posted in Computing, Electronics, Engineering, Featured Posts, Generally applicable to life, Ideas, Projects, Science/Innovation
Tags: Brightness, C#, Circadian Rhythms, DDC/CI, Display Data Channel, F.lux, Health, Innovation, Mental Health, Sleep disorder, Win32

Hype versus Miscommunication, or the Language of Importance

•February 19, 2014 • Leave a Comment

“You don’t fall in love because the target of your affections is the most perfect person in the universe, you fall in love because they’re someone who can constantly surprise you.”

4 gravitons

A fellow amplitudes-person was complaining to me recently about the hype surrounding the debate regarding whether black holes have “firewalls”. New York Times coverage seems somewhat excessive for what is, in the end, a fairly technical debate, and its enthusiasm was (rightly?) mocked in several places.

There’s an attitude I often run into among other physicists. The idea is that when hype like this happens, it’s because senior physicists are, at worst, cynically manipulating the press to further their positions or, at best, so naïve that they really see what they’re working on as so important that it deserves hype-y coverage. Occasionally, the blame will instead be put on the journalists, with largely the same ascribed motivations: cynical need for more page views, or naïve acceptance of whatever story they’re handed.

In my opinion, what’s going on there is a bit deeper, and not so easily traceable to any…

View original post 477 more words

Posted in Uncategorized

The Blue Brain project | Year 4

•February 18, 2014 • Leave a Comment

“When you see a visionary in front of you, and I never met many like this, that it’s clear this is a visionary – He could completely fail, it could be complete nonsense, it could be a megalomaniac without foundation, so this I could not judge at that point, I was surprised and I looked at it reluctantly; What is this courage to think so big before you start and you are so small??

It took me ten years to understand, but then I realized that there is a very good chance that with him, especially with him, the combination of a ground on earth and [a] mind in the sky to [make] the change.

And here we are.” -Idan Segev

An ambitious 14-year documentary, Bluebrain is.

The Blue Brain Project, is one of the most ambitious projects in human history; I’d say second only to the Apollo program. If (when) it succeeds, it will not only be the most complex thing ever built by humans, not only offer hereto impossible paths to treatment of mental illness, not only drive the design of evermore powerful computers, not only offer the architecture for new kinds of computers, not only give fundamental insights into the problem of consciousness, we will, in the words of Henry Markram, no longer be “Strangers to ourselves”. It will mark the beginning of a new era in human history.

Continue reading ‘The Blue Brain project | Year 4’

Posted in Computing, Featured Posts, High Performance Computing, Neuroscience, Science/Innovation, Uncategorized
Tags: Blue Brain, Blue Brain Project, Cognition, Henry Markram, Human Brain Project, Neuroscience

“Come fly with me”

•February 3, 2014 • Leave a Comment

A few weeks ago, nature published this beautiful video. Researchers at the UK’s Royal Veterinary College designed and built devices to collect flight data from birds, and then partnered with another incredible project – to reintroduce the Northern Bald Ibises into their natural habitat – and discovered a tremendous aerodynamic advantage in their (the Ibises) natural V formation.