Language Selection

English French German Italian Portuguese Spanish

Security: Intel, Cisco, Apple, FBI

Filed under
Security
  • How Much Slower Will My PC Become After Meltdown And Spectre Patches?
  • Intel's Microcode Update for Spectre Exploit Is Now Available in Ubuntu's Repos

    Canonical announced a few moments ago that Intel's latest microcode update for the Spectre security vulnerability is now available from the software repositories of all supported Ubuntu Linux releases.

    After releasing earlier this week new kernel updates to mitigate the Meltdown and Spectre security exploits that put billions of devices at risk of attacks by allowing a local, unprivileged attacker to obtain sensitive information from kernel memory, Canonical now released the updated microcode from Intel for supported Intel CPUs.

  • Cisco can now sniff out malware inside encrypted traffic

    Cisco has switched on latent features in its recent routers and switches, plus a cloud service, that together make it possible to detect the fingerprints of malware in encrypted traffic.

    Switchzilla has not made a dent in transport layer security (TLS) to make this possible. Instead, as we reported in July 2016, Cisco researchers found that malware leaves recognisable traces even in encrypted traffic. The company announced its intention to productise that research last year and this week exited trials to make the service – now known as Encrypted Traffic Analytics (ETA) - available to purchasers of its 4000 Series Integrated Service Routers, the 1000-series Aggregation Services Router and the model 1000V Cloud Services Router 1000V.

    Those devices can’t do the job alone: users need to sign up for Cisco’s StealthWatch service and let traffic from their kit flow to a cloud-based analytics service that inspects traffic and uses self-improving machine learning algorithms to spot dodgy traffic.

  • MacOS High Sierra security bug lets you unlock App Store System Preferences with any random password

    According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon. If it is unlocked, lock it and then try unlocking it using your username and any password.

  • Intel tells select customers not to use its bug fixes

    Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

  • Canonical reissues Meltdown and Spectre patches for Ubuntu after borkage
  • A Step in the Right Direction: House Passes the Cyber Vulnerability Disclosure Reporting Act

    The House of Representatives passed the “Cyber Vulnerability Disclosure Reporting Act” this week. While the bill is quite limited in scope, EFF applauds its goals and supports its passage in the Senate.

    H.R. 3202 is a short and simple bill, sponsored by Rep. Sheila Jackson Lee (D-TX), that would require the Department of Homeland Security to submit a report to Congress outlining how the government deals with disclosing vulnerabilities. Specifically, the mandated report would comprise two parts. First, a “description of the policies and procedures developed [by DHS] for coordinating cyber vulnerability disclosures,” or in other words, how the government reports flaws in computer hardware and software to the developers. And second, a possibly classified “annex” containing descriptions of specific instances where these policies were used to disclose vulnerabilities in the previous year, leading to mitigation of the vulnerabilities by private actors.

    Perhaps the best thing about this short bill is that it is intended to provide some evidence for the government’s long-standing claims that it discloses a large number of vulnerabilities. To date, such evidence has been exceedingly sparse; for instance, Apple received its first ever vulnerability report from the U.S. government in 2016. Assuming the report and annex work as intended, the public’s confidence in the government’s ability to “play defense” may actually increase.

  • FBI Says Device Encryption Is 'Evil' And A Threat To Public Safety

    The FBI continues its anti-encryption push. It's now expanded past Director Christopher Wray to include statements by other FBI personnel. Not that Chris Wray isn't taking every opportunity he can to portray personal security as a threat to the security of the American public. He still is. But he's no longer the only FBI employee willing to speak up on the issue.

    Wray expanded his anti-encryption rhetoric last week at a cybersecurity conference in New York. In short, encryption is inherently dangerous. And the FBI boss will apparently continue to complain about encryption without offering any solutions.

  • Canonical Says It'll Release New Ubuntu Kernels to Further Mitigate Spectre Bugs

    Canonical's Dean Henrichsmeyer published today an update on the Ubuntu patches for the Meltdown and Spectre security vulnerabilities and what they plan on doing next to mitigate these critical bugs.

    By now, most of you have probably updated your Ubuntu Linux computers to the new kernel versions Canonical released earlier this week, as well as the new Nvidia proprietary graphics driver and Firefox web browser, both including patches to mitigate the Meltdown and Spectre exploits affecting billions of devices powered by modern processors from Intel, AMD, and ARM.

More in Tux Machines

Security: Updates, GrayKey, Google and Cilium

  • Security updates for Wednesday
  • Hackers Leaked The Code Of iPhone Cracking Device “GrayKey”, Attempted Extortion
    The mysterious piece of hardware GrayKey might give a sense of happiness to cops because they can get inside most of the iPhone models currently active, including the iPhone X. The $30,000 device is known to crack a 4-digit iPhone passcode in a matter of a few hours, and a six-digit passcode in 3 days, or possibly 11 hours in ideal scenarios. That’s why security experts suggest that iOS users should keep an alphanumeric passcode instead of an all-number passcode.
  • Someone Is Trying to Extort iPhone Crackers GrayShift With Leaked Code
    Law enforcement agencies across the country are buying or have expressed interest in buying GrayKey, a device that can unlock up-to-date iPhones. But Grayshift, the company that makes the device, has attracted some other attention as well. Last week, an unknown party quietly leaked portions of GrayKey code onto the internet, and demanded over $15,000 from Grayshift—ironically, the price of an entry-level GrayKey—in order to stop publishing the material. The code itself does not appear to be particularly sensitive, but Grayshift confirmed to Motherboard the brief data leak that led to the extortion attempt.
  • It's not you, it's Big G: Sneaky spammers slip strangers spoofed spam, swamp Gmail sent files
    Google has confirmed spammers can not only send out spoofed emails that appear to have been sent by Gmail users, but said messages also appear in those users' sent mail folders. The Chocolate Factory on Monday told The Register that someone has indeed created and sent spam with forged email headers. These not only override the send address, so that it appears a legit Gmail user sent the message, but it also mysteriously shows up in that person's sent box as if they had typed it and emitted themselves. In turn, the messages would also appear in their inboxes as sent mail.
  • Cilium 1.0 Advances Container Networking With Improved Security
    For last two decades, the IPtables technology has been the cornerstone of Linux networking implementations, including new container models. On April 24, the open-source Cilium 1.0 release was launched, providing a new alternative to IPtables by using BPF (Berkeley Packet Filter), which improves both networking and security. The Cilium project's GitHub code repository defines the effort as Linux Native, HTTP Aware Network Security for Containers. Cilium development has been driven to date by stealth startup Covalent, which is led by CEO Dan Wendlandt, who well-known in the networking community for his work at VMware on software-defined networking, and CTO Thomas Graf, who is a core Linux kernel networking developer.

Applications: KStars, Kurly, Pamac, QEMU

  • KStars 2.9.5 is out!
    Autofocus module users would be happy to learn that the HFR value is now responsive to changing seeing conditions. Previously, the first successful autofocus operation would set the HFR Threshold value of which subsequent measurements are compared against during the in-sequence-focusing step.
  • Kurly – An Alternative to Most Widely Used Curl Program
    Kurly is a free open source, simple but effective, cross-platform alternative to the popular curl command-line tool. It is written in Go programming language and works in the same way as curl but only aims to offer common usage options and procedures, with emphasis on the HTTP(S) operations. In this tutorial we will learn how to install and use kurly program – an alternative to most widely used curl command in Linux.
  • Pamac – Easily Install and Manage Software on Arch Linux
    Arch Linux is one of the most popular Linux distribution available despite its apparent technicality. Its default package manager pacman is powerful but as time always tells, it is a lot easier to get certain things done using a mouse because GUI apps barely require any typing nor do they require you to remember any commands; and this is where Pamac comes in. Pamac is a Gtk3 frontend for libalpm and it is the GUI tool that Arch Linux users turn to the most when they aren’t in the mood to manage their software packages via the terminal; and who can blame them? It was specifically created to be used with Pacman.
  • QEMU 2.12 Released With RISC-V, Spectre/Meltdown & Intel vGPU Action
    QEMU 2.12 is now officially available as the latest stable feature update to this important component to the open-source Linux virtualization stack.

Ubuntu Leftovers

today's howtos