## Security issues in QEMU

My intention is to add support in QEMU for a new machine/platform. I just started this project, so I can’t say more details about it because I don’t know them. My question is related about the possible security issues that could occur. What are the main security problems about what I should take care?

## Space-efficent storage of a trie as array of integers

I’m trying to efficiently store a list of strings in an array with the following constraints:

• All strings consist of 8-bit characters (0..255).
• The final trie is static, i.e. once it is built, no strings have to be inserted or removed.
• Looking up a string of length $$m$$ must be done in $$O(m)$$ with a constant factor as low as possible.
• The only available memory structure to store the data is an array of integers. In particular, there are no pointers or dynamic memory allocation.
• Once an array is allocated, it cannot be resized and its memory cannot be released anymore.
• Memory is rare, so the final data structure should be as compact as possible and no unnecessarily long arrays should be allocated.
• Computation time is not important for the building phase, but for memory usage the consraints above apply.

Preface

My current approach is a trie that is stored in the array with the following structure:

$$\fbox{ \vphantom{^M_M} \;i_0 \;\ldots\;i_{255}\; }\, \fbox{ \vphantom{^M_M} \;i^*_0 \;\ldots\;i^*_{255}\; }\, \fbox{ \vphantom{^M_M} \;w\; }\, \fbox{ \vphantom{^M_M} \;\mathit{last}\; }\, \fbox{ \vphantom{^M_M} \;B_0\; }\,\fbox{ \vphantom{^M_M} \;B_1\; }\,\ldots$$

where $$i_k$$ is a mapping from each unique input character $$k$$ to an integer $$1 \leq i_k(c) \leq w$$ with $$i^*$$ being the corresponding reverse mapping of $$i$$. Each node in the trie is stored as a block $$B$$ of size $$w+1$$. The mapping $$i$$ is used to reduce the size of each block, because not the whole character range has to be stored but only the number of characters actually used. This comes at the expense of having one more indirection when looking up words. (The field $$\mathit{last}$$ here is used as a pointer to the field after the last block in the array, used to find the next allocation point.)

Each block looks like this:

$$\fbox{ \vphantom{^M_M} \;b\; }\, \fbox{ \vphantom{^M_M} \;c_1 \;\ldots\;c_w\; }$$

$$b$$ is either 1 if the word represented by that block is in the trie, and 0 otherwise. $$c_i$$ represent all unique input characters (after the $$i$$ mapping). If the value of $$c_i$$ is equal to 0, there is no entry for this character. Otherwise $$c_i$$ is the index into the array at which the block to the following letter starts.

To build the trie, the first step is calculate the bijection $$i$$/$$i^*$$ and $$w$$. Then new blocks are added with each prefix that isn’t already present in the trie.

Problem

While this approach works so far, my main problem is memory usage. The current approach is extremly memory expensive when only few words share longer prefixes (which is usally the case). Some tests show that the typical number of non-empty fields is only about 2-3% of the whole array. Another problem is that the final number of needed array fields is only available after the trie has already been built, i.e. I have to be conservative when allocating the memory to not get out of memory while adding new blocks.

My idea now was to use a compressed trie/radix trie instead with two types of blocks: 1) the ones above that represent nodes with several children, and 2) compressed blocks (similar to C char arrays) that represent suffixes in the trie. For example, when the words apple juice and apple tree should be stored in the tree, there would be seven normal blocks for the common prefix apple  and a compressed block for each juice and tree. (Perhaps that would also allow to merge common suffixes for words with different prefixes.)

The problem with this is that is may lead to gaps in the array while building the trie. Consider the situation in the above example, in which only apply juice is stored as a compressed block in the trie. Now apple tree is inserted, which would lead to a removal of the apple juice block and addition of juice and tree blocks instead, which will not fit into the left hole in general.

Under the given constraints, can anyone see an algorithm to store strings most efficiently in the array while keeping the linear lookup time?

## Is this statement of P = NP in Agda correct?

Looking for a completely formal and self-contained statement of P = NP in type theory, I stumbled upon this short Agda formalization (a cleaned up version is reproduced below).

The statement here does seem to express the problem correctly but I’m not entirely sure as the code is not well-commented. So my question is: is this an accurate statement of P = NP and if not how would one fix it?

 open import Data.Nat                              using    (ℕ; suc; zero; _+_; _*_; _≤_; _^_) open import Data.Bool                             using    (Bool; true; false; if_then_else_; _∨_) open import Data.List                             using    (List; _∷_; []; length) open import Data.Vec                              using    (Vec; _∷_; []) open import Data.Product                          using    (Σ-syntax; _,_) open import Data.Sum                              using    (_⊎_; inj₁; inj₂) open import Data.Empty                            using    (⊥) open import Relation.Binary.PropositionalEquality using    (_≡_; refl)  iterate : {A : Set} → ℕ → A → (A → A) → A iterate zero    z s = z iterate (suc n) z s = s (iterate n z s)  is-poly : (ℕ → ℕ) → Set is-poly f = Σ[ m ∈ ℕ ] ((n : ℕ) → f n ≤ 2 ^ m)  is-inj₂ : {A B : Set} → A ⊎ B → Bool is-inj₂ (inj₁  _) = false is-inj₂ (inj₂ _) = true  data fn : ℕ → Set where     fz : {n : ℕ} → fn (suc n)     fs : {n : ℕ} → fn n → fn (suc n)  ref : {A : Set} {n : ℕ} → fn n → Vec A n → A ref fz (a ∷ _) = a ref (fs m) (_ ∷ rest) = ref m rest  subs : {A : Set} {n : ℕ} → fn n → A → Vec A n → Vec A n subs fz a (_ ∷ rest) = a ∷ rest subs (fs m) a (b ∷ rest) = b ∷ subs m a rest  replicate : {A : Set} → (n : ℕ) → A → Vec A n replicate zero a = [] replicate (suc n) a = a ∷ replicate n a  data command (stacks : ℕ) (states : ℕ) : Set where   push   : fn stacks → Bool → fn states → command stacks states   pop    : fn stacks → fn states → fn states → fn states          → command stacks states   return : Bool → command stacks states  record machine : Set where   field     stacks : ℕ     states : ℕ     commands : Vec (command stacks states) states     initial-command : fn states  command-mach : machine → Set command-mach m = command (machine.stacks m) (machine.states m)  record state (m : machine) : Set where   constructor mkState   field     stacks : Vec (List Bool) (machine.stacks m)     current : fn (machine.states m)  step : (m : machine) → state m → (state m) ⊎ Bool exec : {m : machine} → command-mach m → state m → (state m) ⊎ Bool  step m s = exec (ref (state.current s) (machine.commands m)) s exec (return b) _ = inj₂ b exec (push i b c) s =   let     prev-stack : List Bool     prev-stack = ref i (state.stacks s)   in     inj₁ (mkState (subs i (b ∷ prev-stack) (state.stacks s)) c)  exec (pop i ct cf ce) s with ref i (state.stacks s) ... | []           = inj₁ (mkState (state.stacks s) ce) ... | true  ∷ rest = inj₁ (mkState (subs i rest (state.stacks s)) ct) ... | false ∷ rest = inj₁ (mkState (subs i rest (state.stacks s)) cf)  step-or-halted : (m : machine) → (state m) ⊎ Bool → (state m) ⊎ Bool step-or-halted m (inj₂ b) = inj₂ b step-or-halted m (inj₁ s) = step m s  nsteps : {m : machine} → ℕ → state m → (state m) ⊎ Bool nsteps {m} n s = iterate n (inj₁ s) (step-or-halted m)  initial-state : (m : machine) → List Bool → state m initial-state m l =   mkState (replicate (machine.stacks m) l) (machine.initial-command m)  record poly-time-machine : Set where   inductive   field     m : machine     runtime : ℕ → ℕ     poly : is-poly runtime     is-runtime : (l : List Bool)                → (is-inj₂ (nsteps (runtime (length l)) (initial-state m l))) ≡ true  get-inj₂ : {A B : Set} → (e : A ⊎ B) → is-inj₂ e ≡ true → B get-inj₂ (inj₁ x) () get-inj₂ (inj₂ x) _ = x  run-poly-time-machine : poly-time-machine → List Bool → Bool run-poly-time-machine m inp = get-inj₂ _ (poly-time-machine.is-runtime m inp)  np-machine : Set np-machine = poly-time-machine  search : ℕ → poly-time-machine → List Bool → Bool search zero    m inp = run-poly-time-machine m inp search (suc n) m inp = search n m (false ∷ inp) ∨ search n m (true ∷ inp)  run-np-machine : np-machine → List Bool → Bool run-np-machine m inp = search (length inp) m inp  P=NP : Set P=NP =   (m-np : np-machine) →     Σ[ m-p ∈ poly-time-machine ]       (((inp : List Bool) → run-poly-time-machine m-p inp ≡ run-np-machine m-np inp)) $$$$ 

## “Practical coinduction” over $\mathbb N_\infty$?

I’ve just finished reading the paper Practical Coinduction by Kozen and Silva. What is the difference between induction over $$\mathbb N$$ and coinduction over $$\mathbb N_\infty$$?

From the paper, it seems that coinduction is almost the same as induction, but with more restrictions. In particular, it appears that most (or all) coinduction proofs over $$\mathbb N_\infty$$ are also valid induction proofs over $$\mathbb N$$.

The main restrictions the paper lists are opacity and guardedness. What examples are there of induction proofs over $$\mathbb N$$ that satisfy these properties (and are therefore valid coinduction proofs)? And what examples are there of induction proofs that don’t satisfy these properties (and are therefore not valid coinductions)?

## Small company network SSL -> xampp + SSL + subjectAltName [duplicate]

• A security warning when accessing a site through IP 4 answers

i have issue about SSL cerf. in small local network. One of the computers is server with apache (xampp), there is basic website called site.test

When i created certification, all works only when im located on LOCALHOST and address is marked site.test

If i wanna connect from another computer and ping via cmd SERVER PC address i got answer from server, so its connected between. But i cannot connect with address: site.test and when i type IP addr of pc (192.168.0.151 – because its local) my CHROME (78.0.3904.97) give me err:

NET::ERR_CERT_COMMON_NAME_INVALID (local) AND ERR_CERT_COMMON_NAME_INVALID(another PC in network)

I’m also configured http-vhosts.conf AND htt-ssl.conf + hosts file to define localhost is site.test

I think there is some problem with subjectAltName, but how to fix? because im my cert. log ive seen all DNS what im using in my local network.

Thanks. Have a nice day.

---------------------------------------[ hosts ]---------------------------------------  127.0.0.1       site.test   ---------------------------------------[ http-vhosts.conf ]---------------------------------------          <VirtualHost *:80>             ServerAdmin --hidden just here on forum--             DocumentRoot "C:/xampp/htdocs/"             ServerName site.test             ServerAlias *.site.test              ##ErrorLog "logs/dummy-host.example.com-error.log"             ##CustomLog "logs/dummy-host.example.com-access.log" common         </VirtualHost>          <VirtualHost site.test:443>             ServerAdmin --hidden just here on forum--             DocumentRoot "C:/xampp/htdocs/"             ServerName site.test       ServerAlias *.site.test         SSLEngine on         SSLCertificateFile "C:/xampp/apache/conf/ssl.crt/server.crt"         SSLCertificateKeyFile "C:/xampp/apache/conf/ssl.key/server.key"          ##ErrorLog "logs/dummy-host2.example.com-error.log"         ##CustomLog "logs/dummy-host2.example.com-access.log" common     </VirtualHost>      <VirtualHost 192.168.0.151:443>         ServerAdmin --hidden just here on forum--         DocumentRoot "C:/xampp/htdocs/"         ServerName site.test         ServerAlias *.site.test         SSLEngine on         SSLCertificateFile "C:/xampp/apache/conf/ssl.crt/server.crt"         SSLCertificateKeyFile "C:/xampp/apache/conf/ssl.key/server.key"          ##ErrorLog "logs/dummy-host2.example.com-error.log"         ##CustomLog "logs/dummy-host2.example.com-access.log" common     </VirtualHost>    ---------------------------------------[ CERT LOG ]---------------------------------------      Certificate:         Data:             Version: 3 (0x2)             Serial Number:                 64:c7:90:f4:85:83:99:6e:8f:f7:35:3d:4c:3d:0b:dc:16:ba:14:a4             Signature Algorithm: sha256WithRSAEncryption             Issuer: C = US, ST = NY, L = New York, O = "Example, LLC", CN = site.test, emailAddress = test@example.com             Validity                 Not Before: Nov 17 15:43:03 2019 GMT                 Not After : Nov 16 15:43:03 2020 GMT             Subject: C = US, ST = NY, L = New York, O = "Example, LLC", CN = site.test, emailAddress = test@example.com             Subject Public Key Info:                 Public Key Algorithm: rsaEncryption                     RSA Public-Key: (2048 bit)                     Modulus:                         00:e1:69:5a:97:07:37:0d:f4:4e:7c:3b:33:74:5d:                         47:8f:54:19:41:55:72:e6:6f:6e:81:03:b8:82:a2:                         20:c2:0c:9d:6d:de:61:98:cc:a6:ff:f0:40:8c:47:                         b4:de:bf:c1:16:3b:ec:51:e3:e6:82:7e:27:e3:45:                         98:2e:c3:9f:b2:25:51:8f:22:9d:f0:81:eb:aa:bb:                         60:c7:9a:50:92:af:bc:cb:be:3c:91:5b:11:f6:0e:                         b6:ec:1e:61:53:23:a8:b3:f0:fc:da:a9:9e:85:69:                         26:12:7c:fe:90:5c:f3:2f:ed:36:a0:f1:54:74:41:                         36:2d:6b:8e:b5:a2:87:44:3a:0c:94:86:d5:a5:68:                         71:fa:29:25:c1:fc:c2:62:f2:10:6f:01:df:60:16:                         8f:6b:9c:0e:61:55:39:29:04:8f:36:0b:92:4e:a3:                         e8:4c:0a:35:2e:5e:bb:58:bd:94:bd:bb:bc:5f:bb:                         59:83:69:e6:af:25:11:04:b8:7d:b6:77:a5:bb:30:                         87:d3:cf:f9:cc:6b:70:34:58:d5:6b:8d:21:9e:33:                         11:e5:54:57:e5:57:41:e9:b3:4a:de:15:f7:15:a9:                         76:8b:54:d3:aa:05:bd:17:13:47:77:67:ec:ba:36:                         44:bc:03:11:eb:c7:a1:e8:28:9d:7b:fe:24:8e:48:                         e5:35                     Exponent: 65537 (0x10001)             X509v3 extensions:                 X509v3 Subject Key Identifier:                     15:E5:68:E5:86:07:9D:EC:FD:92:2C:44:1C:1D:74:49:D9:12:25:5F                 X509v3 Authority Key Identifier:                     keyid:15:E5:68:E5:86:07:9D:EC:FD:92:2C:44:1C:1D:74:49:D9:12:25:5F                  X509v3 Basic Constraints:                     CA:FALSE                 X509v3 Key Usage:                     Digital Signature, Key Encipherment                 X509v3 Subject Alternative Name:                     DNS:site.test, DNS:192.168.0.151, DNS:192.168.0.151:443                 Netscape Comment:                     OpenSSL Generated Certificate         Signature Algorithm: sha256WithRSAEncryption              60:1a:3a:07:60:3c:66:f4:d7:ab:3e:49:3f:99:d6:f0:12:6d:              6f:da:49:aa:17:a5:8a:8c:02:2a:77:73:c1:47:47:c5:aa:1a:              ba:56:0f:dc:59:1d:0c:df:3b:33:20:c7:b5:c9:44:4e:51:d8:              b2:ad:e7:1f:34:2e:f3:9f:e3:e7:4c:20:84:19:92:d7:da:9f:              12:d9:0e:5c:41:6b:10:28:14:58:90:da:56:2c:18:a5:17:71:              f5:2f:88:0b:51:2f:48:2e:01:79:a3:2b:7d:8b:c5:2e:a9:75:              c1:cc:4b:9b:58:61:9d:16:06:b8:d5:0e:35:2f:11:dd:44:c1:              db:dd:f5:81:2d:f5:9e:bd:5c:78:21:28:3f:0c:18:24:77:a2:              15:c5:55:c2:0f:d4:cf:b1:13:26:32:a4:11:09:4f:50:6a:6d:              ef:6b:d5:ab:7c:4c:1c:98:52:e0:04:f7:8f:8d:59:81:21:69:              47:50:4b:4e:89:32:22:72:09:3e:b4:c0:a4:1d:30:c6:0a:9e:              17:b7:7d:0b:6a:ca:cc:ae:9d:53:4b:f3:61:d5:19:d8:80:e5:              22:c2:8e:5f:0e:b2:5e:9a:7e:bb:f7:7e:86:04:0b:2d:d6:ad:              89:78:64:81:76:15:94:16:17:3f:b2:b5:02:02:4f:9d:77:46:              31:56:bb:33 

Im trying to show you situation by pics.

HERE IS ACCESS FROM LOCALHOST PC TO SAME SERVER:

HERE IS ACCESS FROM LOCALHOST PC WITH PC ADDRESS TO SAME SERVER: + NET::ERR_CERT_COMMON_NAME_INVALID

EDIT:

extension=openssl in php.ini LoadModule ssl_module modules/mod_ssl.so in httpd All uncommented.

Either there is a security hole or I’m missing information about something.

While I was testing how Surfingkeys addon works I’ve noticed that it has command yf to copy form content on current web page. I though about testing it on “Sign In” and “Log In” forms on few websites to see if it would be able to retrieve typed passwords in plain text. It was successful if standardized <form> tags were used.

Then I’ve noticed that in most web applications password is kept in <input value=""> attribute in plain text which to me seems like by-standard security hole for whole W3 stack (HTML, CSS, JS, etc.). If this addon was able to get password from DOM then any addon can do that. The only piece missing is sending that data to server of a 3rd party who are owners of such malicious addon – such situation already had place with Stylish.

So attack scenario looks like this:

2. They add to addon generic <form> parser script which retrieves data from <input value="">.

3. For each known website they make their addon “decorate” submit buttons with script which on click 1st sends request with credentials to their server and then to host of that website. Or they just send requests each time parser script is able to get new data.

4. After some time they perform an attack using gathered credentials.

I find that scenario possible show me that it can’t happen. Also my question is: given that is Web security flawed by design?

The thing is that no one discourages from using <input value=""> as a password holder it seems that there is no other option by standard. Web developers can only come up with their own ideas to obfuscate where a password is stored before request is made.

## construct transition table from equivalence of dfa-minimization

I’m trying to minimize a DFA.

From the state transition diagram, I have formed the table:

And the 0-equivalence is : {q0,q1,q3,q4,q5,q6,q7},{q2}

And 2-equivalence is {q0,q4},{q6},{q1,q7},{q3,q5},{q2}, as well as 3-equivalence.

If I write q0q4 together, what would I write in as value in the table?

Now what is the minimized DFA,transition table?

## Does homomorphic encryption hide the algorithm itself?

The question is rather simple, but finding resources and answers quite tricky. Homomorphic encryption should enable us to compute over encrypted data. What if the algorithm for computing should be kept in secret as well? Given we have a functioning homomorphic encryption in place, is the algorithm which is applied to the input data also secure?

Is it possible for an intruder to understand how the data is computed and learn about the algorithm, given the intruder has access to the program which does the computation?

## Can the cost factor be changed of Windows’ credential cache?

I’m having a hard time finding relevant documentation from Microsoft (or any third party, for that matter) about any registry key that may change the cost factor of cached credentials.

One can control how many logons are stored through the registry key CachedLogonsCount`, but what I would like to change is the cost parameter of PBKDF2. The default is a cost of 10240, which is quite low (we managed to crack an 11 character password (of a domain admin) by using a large wordlist and hashcat on an ~\$ 8/hour VPS with a GPU for about one hour).

Of course, turning off the cache (and especially not logging in with a domain admin account on attacker-accessible workstations) is the proper solution for this kind of attack. However, our client does not want to turn off caching for availability reasons: if the network goes down, individual systems should still work. Since they refuse to turn it off altogether, and since rolling out disk encryption and physical access controls will take a while, it would be good to be able to recommend changing a simple setting in the meantime.