Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Intel's zero-day problem
  • Reverse-engineering the Intel Management Engine’s ROMP module

    Last month, while I was waiting for hardware to arrive and undergo troubleshooting, I had some spare time to begin some Intel ME reverse engineering work.

    First, I need to give some shout out to Igor Skochinsky, a Hex-Rays developer, who had been working on reverse engineering the Intel ME for a while, and who has been very generous in sharing his notes and research on the ME with us, which is going to be a huge help and cut down months of reverse engineering and guesswork. Igor was very helpful in getting me to understand the bits that didn’t make sense to me.

  • Intel AMT on wireless networks

    More details about Intel's AMT vulnerablity have been released - it's about the worst case scenario, in that it's a total authentication bypass that appears to exist independent of whether the AMT is being used in Small Business or Enterprise modes (more background in my previous post here). One thing I claimed was that even though this was pretty bad it probably wasn't super bad, since Shodan indicated that there were only a small number of thousand machines on the public internet and accessible via AMT. Most deployments were probably behind corporate firewalls, which meant that it was plausibly a vector for spreading within a company but probably wasn't a likely initial vector.

    [...]

    Case 2 is the scary one. If you have a laptop that supports AMT, and if AMT has been provisioned, and if AMT has had wireless support turned on, and if you're running Windows, then connecting your laptop to a public wireless network means that AMT is accessible to anyone else on that network[1]. If it hasn't received a firmware update, they'll be able to do so without needing any valid credentials.

  • Intel declared war on general purpose computing and lost, so now all our computers are broken

    It's been a year since we warned that Intel's Management Engine -- a separate computer within your own computer, intended to verify and supervise the main system -- presented a terrifying, unauditable security risk that could lead to devastating, unstoppable attacks. Guess what happened next?

    For the past week, the IT press has been full of news about the AMT module in the Management Engine making millions of systems vulnerable to local and remote attacks, with a firmware update to disable the module as the only really comprehensive solution. But AMT is only one of the many components of ME, and every one of them could have a vulnerability as grave as this one -- and Intel is not offering any way to turn off ME altogether, meaning that there's a lot of this in our future.

    ME is a brilliant example of why declaring war on general-purpose computing is a terrible idea. There are lots of reasons to want a computer that can only run some programs (instead of every program): preventing poisoned operating systems and other malware, preventing game cheating, enforcing copyright restrictions (DRM), etc... Every one of them is presented as a use-case for ME.

  • OSS-Fuzz: Five months later, and rewarding projects
  • USN-3285-1: LightDM vulnerability
  • generic kde LPE
  • QSB #30: Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214)
  • Europe is living under Microsoft’s digital killswitch

    All across Europe, from Finland to Portugal, Ireland to Greece, governments rely on Microsoft software. As their digital systems grow in size and importance, countries are becoming increasingly dependent on this single American corporation. But what consequences does this “lock-in” have? What risks does it pose for the security of European data? And what can governments do to counter it?

    It’s estimated that Microsoft makes around two billion euros in Europe every year, just from its business with the public sector. In 2012 the European Commission released a report that stated that 1.1 billion euros were unnecessarily lost by the European public sector due to being locked-in in business with IT system providers.

More in Tux Machines

today's leftovers

  • Why Linus is right (as usual)
    Last year, some security “hardening” code was added to the kernel to prevent a class of buffer-overflow/out-of-bounds issues. This code didn’t address any particular 0day vulnerability, but was designed to prevent a class of future potential exploits from being exploited. This is reasonable. This code had bugs, but that’s no sin. All code has bugs. The sin, from Linus’s point of view, is that when an overflow/out-of-bounds access was detected, the code would kill the user-mode process or kernel. Linus thinks it should have only generated warnings, and let the offending code continue to run.
  • Kube-Node: Let Your Kubernetes Cluster Auto-Manage Its Nodes
    As Michelle Noorali put it in her keynote address at KubeCon Europe in March of this year: the Kubernetes open source container orchestration engine is still hard for developers. In theory, developers are crazy about Kubernetes and container technologies, because they let them write their application once and then run it anywhere without having to worry about the underlying infrastructure. In reality, however, they still rely on operations in many aspects, which (understandably) dampens their enthusiasm about the disruptive potential of these technologies. One major downside for developers is that Kubernetes is not able to auto-manage and auto-scale its own machines. As a consequence, operations must get involved every time a worker node is deployed or deleted. Obviously, there are many node deployment solutions, including Terraform, Chef or Puppet, that make ops live much easier. However, all of them require domain-specific knowledge; a generic approach across various platforms that would not require ops intervention does not exist.
  • Red Hat, Inc. (RHT) Shares Bought by Aperio Group LLC
  • Cloudera, Inc. (CLDR) vs. Red Hat, Inc. (RHT): Breaking Down the Data

Software: VidCutter, Super Productivity, MKVToolNix

  • VidCutter 5.0 Released With Improved UI, Frame Accurate Cutting
    A new version of VidCutter, a free video trimmer app, is available for download. VidCutter 5.0 makes it easier to cut videos to specific frames, improves the export of video clips with audio and subtitle tracks, and refreshes the default application icon. Why Vidcutter? If you want split video, trim video, or join video clips into a single montage then Vidcutter is ideal. The app lets you perform these tasks, as well as many more, quickly and easily. VidCutter is a Qt5 application that uses the open-source FFMpeg media engine.
  • Linux Release Roundup: Fedora 27, Shotwell, Corebird + More
    It’s been another busy week in the world of Linux, but we’re here to bring you up to speed with a round-up of the most notable new releases. The past 7 days have given us a new version of free software’s most popular photo management app, a new release of a leading Linux distribution, and updated one of my favourite app finds of the year.
  • Super Productivity is a Super Useful To-Do App for Linux, Mac & Windows
    Super Productivity is an open-source to-do list and time tracking app for Windows, macOS and Linux. It’s built using Electron but doesn’t require an internet connection (which is pretty neat). And it has (optional) integration with Atlassian’s Jira software.
  • MKVToolNix 18.0.0 Open-Source MKV Manipulation App Adds Performance Improvements
    A new stable release of the MKVToolNix open-source and cross-platform MKV (Matroska) manipulation software arrived this past weekend with various performance improvements and bug fixes. MKVToolNix 18.0.0 continues the monthly series of stability and reliability updates by adding performance improvements to both the AVC and HEVC ES parsers thanks to the implementation of support for copying much less memory, and enabling stack protection when building the program with Clang 3.5.0 or a new version.

OSS Leftovers

  • Reveal.js presentation hacks
    Ryan Jarvinen, a Red Hat open source advocate focusing on improving developer experience in the container community, has been using the Reveal.js presentation framework for more than five years. In his Lightning Talk at All Things Open 2017, he shares what he's learned about Reveal.js and some ways to make better use of it. Reveal.js is an open source framework for creating presentations in HTML based on HTML5 and CSS. Ryan describes Gist-reveal.it, his project that makes it easier for users to create, fork, present, and share Reveal.js slides by using GitHub's Gist service as a datastore.
  • Font licensing and use: What you need to know
    Most of us have dozens of fonts installed on our computers, and countless others are available for download, but I suspect that most people, like me, use fonts unconsciously. I just open up LibreOffice or Scribus and use the defaults. Sometimes, however, we need a font for a specific purpose, and we need to decide which one is right for our project. Graphic designers are experts in choosing fonts, but in this article I'll explore typefaces for everyone who isn't a professional designer.
  • Broader role essential for OpenStack Foundation, says Mirantis’ Renski
  • URSA Announces Name Change to Open Source Integrators to Reflect Their Full Spectrum of Open ERP Expertise
  • 2018 is Year for Open Source Software for Pentagon
    The US Pentagon is set to make a major investment in open source software, if section 886 of the National Defense Authorization Act for Fiscal Year 2018 is passed. The section acknowledges the use of open source software, the release of source code into public repositories, and a competition to inspire work with open source that supports the mission of the Department of Defense.
  • How startups save buckets of money on early software development
     

    Moving along, we have to segue with a short modularity lesson. More specifically, how modularity applies to software.

    Essentially, all products and services become cheaper and more plentiful when all the processes involved in production become modularised.

today's howtos