Featured Research

from universities, journals, and other organizations

Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack

Date:
April 25, 2000
Source:
Bell Labs - Lucent Technologies
Summary:
Lucent Technologies' Bell Labs is releasing free Linux software that foils the most common form of computer security attack: buffer overflow.

MURRAY HILL, N.J. (April 20, 2000) -- Lucent Technologies' (NYSE: LU) Bell Labs announced today that it is releasing free Linux software that foils the most common form of computer security attack. Lucent's Libsafe software prevents electronic intruders from overflowing an application program's buffer memory to gain unauthorized access to a computer.

Buffer overflows have been the most common form of computer security vulnerability exploited by intruders for the past 10 years, according to a recent report published by the Oregon Graduate Institute of Science & Technology (OGI) and funded in part by the Defense Advanced Research Projects Agency (DARPA).

Linux distributors Red Hat, Inc., Linux-Mandrake, Turobolinux and Debian GNU/Linux are working with Bell Labs to incorporate Lucent Libsafe into their software releases. The Linux computer operating system contains an "open" source code that anyone is free to modify. Modeled on Bell Labs' Unix software, Linux has been gaining popularity for server and desktop computers over the last few years.

A buffer is a region of computer memory that application programs use to temporarily store information. Programs that write information to buffers without properly checking the size of the buffers are potentially vulnerable to security attacks. Such attacks cause an inordinately large amount of data to be written, overwriting the memory immediately following the buffer region. The overflow injects additional code into an application program and then hijacks control of that program to execute the injected code. Lucent's Libsafe software intercepts and monitors the use of vulnerable standard functions and prevents buffer overflow hijackings.

"Red Hat is pleased that Bell Labs is participating in the on-going development of the Linux platform," said Paul McNamara, VP of Business Development, Red Hat. "Innovations like Libsafe will continue to expand Linux' leading position as the preferred platform for internet infrastructure."

"In the current context where security has become a major concern, this innovation further improves the security of the Linux-Mandrake system and meets the expectations of today's users," said Jacques Le Marois, president of MandrakeSoft.

"TurboLinux is focused on delivering secure, Linux solutions to our customers in the enterprise," said Steve Quan, senior director of product marketing, TurboLinux. "Lucent Libsafe is an important step forward in securing Linux for the enterprise."

"Debian treats system security very seriously, and works hard to discover and eliminate security exposures in the free and open-source software we distribute; the Libsafe package adds additional protection against undiscovered exploits in poorly-designed programs, and is therefore beneficial to Debian GNU/Linux users," said David Coe, one of the developers of Debian Linux.

Libsafe does not require access to the source code of the application programs and protects all application programs running on a system. Bell Labs' tests indicate that Libsafe's effect on a computer's performance is negligible.

It is generally accepted that the best solution to buffer overflow attacks is to fix the original defects in programs. However, this requires knowing that a particular program is defective. Libsafe helps protect programs that are not yet known to be vulnerable.

Bell Labs is making Libsafe freely available under the GNU Library General Public License. Users and developers who would like further information and the Libsafe source code can visit http://www.bell-labs.com/org/11356/libsafe.html.

About Bell Labs

Bell Labs is celebrating its 75th anniversary this year. One of the most innovative R&D entities in the world, Bell labs has generated more than 40,000 inventions since 1925. It has played a pivotal role in inventing and perfecting key communications technologies for most of the 20th century, including transistors, digital networking and signal processing, lasers and fiber-optic communications systems, communications satellites, cellular telephony, electronic switching of calls, touch-tone dialing, and modems. Today, Bell Labs continues to be a haven for some of the best scientific minds. With more than 30,000 employees located in 25 countries, it is the largest R&D organization in the world dedicated to communications and the world's leading source of new communications technologies. For more information on Bell Labs, visit http://www.bell-labs.com.

About Lucent Technologies

Lucent Technologies, headquartered in Murray Hill, N.J., USA, designs and delivers the systems, software, silicon and services for next-generation communications networks for service providers and enterprises. Backed by the research and development of Bell Labs, Lucent focuses on high-growth areas such as optical and wireless networks; Internet infrastructure; communications software; communications semiconductors and optoelectronics; Web-based enterprise solutions that link private and public networks; and professional network design and consulting services. For more information on Lucent Technologies, visit its Web site at http://www.lucent.com.


Story Source:

The above story is based on materials provided by Bell Labs - Lucent Technologies. Note: Materials may be edited for content and length.


Cite This Page:

Bell Labs - Lucent Technologies. "Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack." ScienceDaily. ScienceDaily, 25 April 2000. <www.sciencedaily.com/releases/2000/04/000420121849.htm>.
Bell Labs - Lucent Technologies. (2000, April 25). Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack. ScienceDaily. Retrieved September 30, 2014 from www.sciencedaily.com/releases/2000/04/000420121849.htm
Bell Labs - Lucent Technologies. "Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack." ScienceDaily. www.sciencedaily.com/releases/2000/04/000420121849.htm (accessed September 30, 2014).

Share This



More Computers & Math News

Tuesday, September 30, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Apple Releases 'Shellshock' Fix Despite Few Affected Users

Apple Releases 'Shellshock' Fix Despite Few Affected Users

Newsy (Sep. 29, 2014) Apple released a security fix for the "Shellshock" vulnerability Monday, though it says only "advanced UNIX users" of OS X need it. Video provided by Newsy
Powered by NewsLook.com
Do Video Games Trump Brain Training For Cognitive Boosts?

Do Video Games Trump Brain Training For Cognitive Boosts?

Newsy (Sep. 29, 2014) More and more studies are showing positive benefits to playing video games, but the jury is still out on brain training programs. Video provided by Newsy
Powered by NewsLook.com
New Facebook Ad Platform Goes Where You Go On The Web

New Facebook Ad Platform Goes Where You Go On The Web

Newsy (Sep. 29, 2014) Called Atlas, the platform allows advertisers to place ads based on Facebook info on sites outside of Facebook. Video provided by Newsy
Powered by NewsLook.com
Google Tightens Requirements For Android Manufacturers

Google Tightens Requirements For Android Manufacturers

Newsy (Sep. 27, 2014) Phonemakers who want to use Google’s software in their devices will have to stick to more stringent requirements. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins