Featured Research

from universities, journals, and other organizations

Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack

April 25, 2000
Bell Labs - Lucent Technologies
Lucent Technologies' Bell Labs is releasing free Linux software that foils the most common form of computer security attack: buffer overflow.

MURRAY HILL, N.J. (April 20, 2000) -- Lucent Technologies' (NYSE: LU) Bell Labs announced today that it is releasing free Linux software that foils the most common form of computer security attack. Lucent's Libsafe software prevents electronic intruders from overflowing an application program's buffer memory to gain unauthorized access to a computer.

Related Articles

Buffer overflows have been the most common form of computer security vulnerability exploited by intruders for the past 10 years, according to a recent report published by the Oregon Graduate Institute of Science & Technology (OGI) and funded in part by the Defense Advanced Research Projects Agency (DARPA).

Linux distributors Red Hat, Inc., Linux-Mandrake, Turobolinux and Debian GNU/Linux are working with Bell Labs to incorporate Lucent Libsafe into their software releases. The Linux computer operating system contains an "open" source code that anyone is free to modify. Modeled on Bell Labs' Unix software, Linux has been gaining popularity for server and desktop computers over the last few years.

A buffer is a region of computer memory that application programs use to temporarily store information. Programs that write information to buffers without properly checking the size of the buffers are potentially vulnerable to security attacks. Such attacks cause an inordinately large amount of data to be written, overwriting the memory immediately following the buffer region. The overflow injects additional code into an application program and then hijacks control of that program to execute the injected code. Lucent's Libsafe software intercepts and monitors the use of vulnerable standard functions and prevents buffer overflow hijackings.

"Red Hat is pleased that Bell Labs is participating in the on-going development of the Linux platform," said Paul McNamara, VP of Business Development, Red Hat. "Innovations like Libsafe will continue to expand Linux' leading position as the preferred platform for internet infrastructure."

"In the current context where security has become a major concern, this innovation further improves the security of the Linux-Mandrake system and meets the expectations of today's users," said Jacques Le Marois, president of MandrakeSoft.

"TurboLinux is focused on delivering secure, Linux solutions to our customers in the enterprise," said Steve Quan, senior director of product marketing, TurboLinux. "Lucent Libsafe is an important step forward in securing Linux for the enterprise."

"Debian treats system security very seriously, and works hard to discover and eliminate security exposures in the free and open-source software we distribute; the Libsafe package adds additional protection against undiscovered exploits in poorly-designed programs, and is therefore beneficial to Debian GNU/Linux users," said David Coe, one of the developers of Debian Linux.

Libsafe does not require access to the source code of the application programs and protects all application programs running on a system. Bell Labs' tests indicate that Libsafe's effect on a computer's performance is negligible.

It is generally accepted that the best solution to buffer overflow attacks is to fix the original defects in programs. However, this requires knowing that a particular program is defective. Libsafe helps protect programs that are not yet known to be vulnerable.

Bell Labs is making Libsafe freely available under the GNU Library General Public License. Users and developers who would like further information and the Libsafe source code can visit http://www.bell-labs.com/org/11356/libsafe.html.

About Bell Labs

Bell Labs is celebrating its 75th anniversary this year. One of the most innovative R&D entities in the world, Bell labs has generated more than 40,000 inventions since 1925. It has played a pivotal role in inventing and perfecting key communications technologies for most of the 20th century, including transistors, digital networking and signal processing, lasers and fiber-optic communications systems, communications satellites, cellular telephony, electronic switching of calls, touch-tone dialing, and modems. Today, Bell Labs continues to be a haven for some of the best scientific minds. With more than 30,000 employees located in 25 countries, it is the largest R&D organization in the world dedicated to communications and the world's leading source of new communications technologies. For more information on Bell Labs, visit http://www.bell-labs.com.

About Lucent Technologies

Lucent Technologies, headquartered in Murray Hill, N.J., USA, designs and delivers the systems, software, silicon and services for next-generation communications networks for service providers and enterprises. Backed by the research and development of Bell Labs, Lucent focuses on high-growth areas such as optical and wireless networks; Internet infrastructure; communications software; communications semiconductors and optoelectronics; Web-based enterprise solutions that link private and public networks; and professional network design and consulting services. For more information on Lucent Technologies, visit its Web site at http://www.lucent.com.

Story Source:

The above story is based on materials provided by Bell Labs - Lucent Technologies. Note: Materials may be edited for content and length.

Cite This Page:

Bell Labs - Lucent Technologies. "Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack." ScienceDaily. ScienceDaily, 25 April 2000. <www.sciencedaily.com/releases/2000/04/000420121849.htm>.
Bell Labs - Lucent Technologies. (2000, April 25). Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack. ScienceDaily. Retrieved December 21, 2014 from www.sciencedaily.com/releases/2000/04/000420121849.htm
Bell Labs - Lucent Technologies. "Lucent's Bell Labs Releases Free Linux Software That Foils The Most Common Computer Security Attack." ScienceDaily. www.sciencedaily.com/releases/2000/04/000420121849.htm (accessed December 21, 2014).

Share This

More From ScienceDaily

More Computers & Math News

Sunday, December 21, 2014

Featured Research

from universities, journals, and other organizations

Featured Videos

from AP, Reuters, AFP, and other news services

Touch-Free Smart Phone Empowers Mobility-Impaired

Touch-Free Smart Phone Empowers Mobility-Impaired

Reuters - Innovations Video Online (Dec. 21, 2014) A touch-free phone developed in Israel enables the mobility-impaired to operate smart phones with just a movement of the head. Suzannah Butcher reports. Video provided by Reuters
Powered by NewsLook.com
Building Google Into Cars

Building Google Into Cars

Reuters - Business Video Online (Dec. 19, 2014) Google's next Android version could become the standard that'll power your vehicle's entertainment and navigation features, Reuters has learned. Fred Katayama reports. Video provided by Reuters
Powered by NewsLook.com
After Sony Hack, What's Next?

After Sony Hack, What's Next?

Reuters - US Online Video (Dec. 19, 2014) The hacking attack on Sony Pictures has U.S. government officials weighing their response to the cyber-attack. Linda So reports. Video provided by Reuters
Powered by NewsLook.com
Navy Unveils Robot Fish

Navy Unveils Robot Fish

Reuters - Light News Video Online (Dec. 18, 2014) The U.S. Navy unveils an underwater device that mimics the movement of a fish. Tara Cleary reports. Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.


Breaking News:

Strange & Offbeat Stories

Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News


Free Subscriptions

Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile

Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?

Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins