RTSP
Latest
Google AirShow streams Google I/O live from several RC blimps (hands-on video)
Yes, there's a fleet of camera-equipped, remote-controlled blimps live-streaming a bird's-eye view of Google I/O on YouTube, right now. It's called Google AirShow and it's taken over the airspace within Moscone Center. We briefly chatted with Chris Miller, a software engineer with AKQA (the company that put the dirigibles together for Google), about the technology used in each aircraft. It all begins with an off-the-shelf model airship that's flown manually via standard a 2.4GHz radio. Each blimp is outfitted with a servo-controlled USB camera and 5GHz USB WiFi dongle which are both connected to a Raspberry Pi board running Debian, VLC and Python. A custom-designed Li-polymer battery system powers the on-board electronics. The webcam encodes video as motion-JPEG (720p, 30fps) and VLC generates a YouTube-compatible RTSP stream that's broadcast over WiFi. Python's used to pan the servo-controlled camera via the Raspberry Pi's PWM output. The result is pretty awesome. But don't just take our word for it -- check out the gallery and source link below, then watch our hands-on video after the break. %Gallery-188534%
Another zero-day exploit for QuickTime
US-CERT and Information Week are reporting a new vulnerability in QuickTime's handling of RTSP streams, which has been demonstrated to crash QuickTime Player on Windows and may also affect the Mac version. See the writeup by researcher Luigi Auriemma, who first announced the flaw.Unlike the RTSP bug patched in QuickTime 7.3.1 last month, this vector works by overflowing an HTTP error buffer sent when the RTSP port 554 is closed on the malicious server, and the QuickTime client tries to switch to port 80. Sneaky.Since we're almost certain to see iTunes 7.6 and possibly QuickTime 7.3.2 at Macworld anyway, expect another rev of QuickTime to close this hole after those versions ship -- since Apple wasn't notified in advance of this hole, it's unlikely to be caught in the pending updates, as commenter Nicholas points out (unless Apple found the vector independently).
QuickTime exploit in the wild, demoed on Second Life
As reported, the RTSP vulnerability in QuickTime was accompanied by working exploit code, accelerating the process of malefactors and miscreants turning it into actual malicious payloads. Symantec & other outlets have since reported that the QuickTime exploit has been seen in the wild; the exploit causes Windows clients to download a secondary malware package.Meanwhile, security researchers Charlie Miller and Dino Dai Zovi (he of the CanSecWest hacking prize) leveraged the QuickTime vulnerability to demonstrate an attack within the Second Life virtual environment. Since SL uses QuickTime to play video in-game, any player wandering within activation distance of the 'evil movie' can be pwned. Miller and Dai Zovi's demo causes the victim to gesticulate, shout "I've been hacked!" and -- most disturbingly -- send 12 Linden dollars to the attackers' SL account.The Second Life exploit starts to veer disturbingly towards Snow Crash territory. I don't want to spoil Neal Stephenson's brilliant breakthrough novel for those who haven't read it, so go read it. For the rest of us, doesn't the idea of a 'virus video' that attacks anyone who watches it seem awfully familiar?[via Mac OS Ken]
Zero-day exploit in QuickTime could hit Win iTunes users
Over the weekend, security researchers announced a vulnerability in QuickTime's handling of the RTSP streaming protocol, and Windows-only exploit code is already circulating. The flaw allows attackers to craft specially formatted RTSP responses that cause a buffer overflow, and as a result they can execute arbitrary code in the context of the logged-in user. Unfortunately, there are plenty of ways to get someone to click a malicious RTSP link, including sending it in email or including it on a website. While Symantec notes that IE and Safari for Windows appear to be resistant to the exploit code, opening a malicious RTSP link in current versions of Firefox or in QuickTime Player would allow the exploit to run.For now, there is no Mac version of the exploit (cold comfort to the millions of iTunes for Windows users); hopefully there will be a QuickTime security patch on both platforms before any additional exposure occurs. Rich Mogull at TidBITS has some helpful tips for securing your network, including blocking the RTSP protocol both at the firewall and for outbound connections via Little Snitch.Update 10:30 am Thursday: Commenter Moulles points out that a cross-platform exploit for the RTSP flaw, which could target either PCs or Macs, has now been published.[via TidBITS]
