April 08, 2017

Techno Bits vol. 99: The Only Way Out Is Through

Today is the first Merriweather show of the season – before you ask, it's techno act Deadmau5 – and I'm feeling pretty good about the network expansion we did this year. This is the first full season in the new stagehouse acting as a stagehouse instead of just a path to the stage. I'll take some photos today, so keep an eye on my Instagram if you want to see how beautiful the new backstage area is, because it's completely gorgeous.

We did the Wi-Fi survey on Thursday and Friday this week to make sure that the network we designed was providing coverage where we expected to be, and I'm proud to say we completely nailed the indoor spaces. Our exterior APs will go up next week, and I'm excited to retire the last of our original 7762s and bringing our controller up to date with the latest features. That should allow us to increase density, and perhaps consider a more open posture for the network.
 
 iOS 10.3 & 10.3.1

We spoke this week on the MacAdmins Podcast about all the updates to Apple's ecosystem, but chief among them was iOS 10.3 and the switch to APFS, and then the followup security update to iOS 10.3.1 to fix a major flaw in the Broadcom Wireless SOC that's in your iOS device (and your Android devices, and a bunch of other devices that use Broadcom Wireless SOC.

The report from Google's Project Zero on the bug that was being exploited is completely fascinating and also highly technical. What's it come down to? That's what you pay me for. The attackers figured out how to exploit a bug in the code that handles 802.11z device-to-device communication on networks that support 802.11r Fast Transfer. Fast Transfer is one of those fiddly features that a lot of high end corporate networks use in spaces where there's a lot of mobility of workers.

802.11z is a specification I hadn't read up on before now, and it's really interesting. The idea is: hey, wouldn't it be great if two devices attached to the same SSID could negotiate a direct connection that isn't through the main network to exchange a bunch of data? Yeah, that is a great idea, because it means that their AirTime demands to transfer a bunch of data won't affect other nearby devices.

But there's a problem. The Broadcom firmware doesn't verify that everything fits in the buffers, and so it can use that buffer overflow to dump executable code in to the Memory Processing Unit.

This is a really complex process to go through to get a remote code exploit in place, but that's what the bad guys are always working on.

iOS 10.3.1 patches your iOS device to block this kind of attack.

Logs & Sierra

Two friends have released helpful piece this week on the new Sierra logging system, which is at once more powerful and extensible than any previous version, and way way more confusing than any prior system.

Emily Kausalik has a great piece on determining shutdown causes through log searches, and I've got an example code window here:

(Now, I'm not sure why I'm getting -60 when my disk is fine, but....)

In addition, Charles Edge has some basics on writing logs and disinterring data from logs and I strongly encourage everyone to get read up on this, especially ahead of Joe Chilcote's upcoming PSUMA talk on the logging system as a whole.

One Last Note

Walt Mossberg announced this week that he is retiring this summer. If there's one tech journalist that has influenced who I am, and how I operate as an IT Consultant, it's Walt. I said this to him on Twitter this morning, and I 100% mean it:

@waltmossberg: Thanks so much for everything you’ve written. You made it cool to like tech stuff, and that mattered v. much to me. My Dad would pass me your WSJ columns (we got the paper) and made sure I saw them. My interest in Tech was fueled by your work, and your enthusiast perspective was deeply appreciated, and steered me immensely. Now I run an IT company where we’re trying to foster that kind of enthusiasm in our clients. I owe a lot to you, thank you.

Walt writes about technology from the perspective that it should be awesome, it should be intuitive, it should make our lives better, and it should be more engaging to us as people. Those are principles that I have embraced strongly from an IT perspective about how systems should operate for our coworkers and clients. 

Thanks, Walt.

Reading List: