Security: Windows Problems, FOSS Updates, UEFI Lockdown, Snapchat Source Code Leak
-
Ring 0 Army Knife (r0ak) Read, Write, and Debugging Execution Tool Released ahead of Black Hat USA 2018
-
iPhone Chip Manufacturing Halts as TSMC’s Network is Hit by WannaCry Variant Virus
TSMC was forced to shutdown its operations as many of its computer systems and manufacturing machines were caught in the grasp of a WannaCry variant ransomware according to a statement release. The company claims that its systems were not attacked remotely or locally, but the virus took its origin from when a supplier installed faulty software onto the company’s network without running a virus scan. The virus spread rapidly to over 10,000 of the company’s machines across its factories, impacting the plants that cater to Apple’s chip production heavily.
-
Security updates for Wednesday
-
US-CERT Warns of New Linux Kernel Vulnerability
Denial-of-service attacks aren't just about external floods: A new US-CERT vulnerability note is a reminder that operating system kernel services can be used to effectively launch a DoS campaign against a system.
-
Good Lockdown vs. Bad
The patch gave birth to an odd debate, but a familiar one by now. Matthew Garrett, ultimately the main proponent of the patch, kept defending it on technical grounds that Linus Torvalds felt were meaningless and dishonest, hiding a secret agenda that included helping companies like Microsoft lock users out of making changes to their own systems.
Andy Lutomirski was another critic of Matthew's defense of the patch. The debate circled around and around, with Linus and Andy trying to get Matthew to admit the true motivation they believed he had and Matthew attempting to give solid reasons why the patch should go into the kernel. Things got ugly.
James Morris initially accepted the patch, planning to send it up to Linus for inclusion, and Andy reviewed the code. Among his comments, Andy said the goal of the patch was not clearly stated. He said for the purpose of his code review he would assume the goal was to prevent the root user from either reading kernel memory or intentionally corrupting the kernel.
But, he didn't think those were proper goals for a kernel, even a UEFI Secure Boot kernel. He said, "the kernel should try to get away from the idea that UEFI Secure Boot should imply annoying restrictions. It's really annoying and it's never been clear to me that it has a benefit." He singled out the idea of preventing the root user from accessing kernel memory as one of these annoying restrictions.
-
Snapchat Source Code Leaked and Posted to GitHub
GitHub is often the go-to place for hackers or researchers to archive interesting code or data dumps. But sometimes affected companies do their best to remove exposed data from the code repository site.
Earlier this year, Snap—the company behind social media network Snapchat—exposed some of the source code of the network’s iOS app, Snap confirmed to Motherboard on Tuesday. After someone archived that exposed code on GitHub, Snap told GitHub to remove the data with a copyright act request, Snap told Motherboard.
-
Snapchat’s Source Code Leaked Online, Archived on Github
Hackers leave no chance of obtaining the source codes of popular apps as they aren’t public. However, in a recent incident, someone has archived Snapchat’s source code and posted it on Github.
The incident was confirmed by the social networking app to Motherboard on Tuesday. The hackers got hold of the code after the app and exposed a portion of the source code of the network’s iOS app.
- Login or register to post comments
- Printer-friendly version
- 2272 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago