Language Selection

English French German Italian Portuguese Spanish

Security

Security: Certificates, Spectre, Switzerland and Dark Overlord

Filed under
Security
  • Cyber-Mercenary Groups Shouldn't be Trusted in Your Browser or Anywhere Else

    Browsers rely on this list of authorities, which are trusted to verify and issue the certificates that allow for secure browsing, using technologies like TLS and HTTPS. Certificate Authorities are the basis of HTTPS, but they are also its greatest weakness. Any of the dozens of certificate authorities trusted by your browser could secretly issue a fraudulent certificate for any website (such as google.com or eff.org.) A certificate authority (or other organization, such as a government spy agency,) could then use the fraudulent certificate to spy on your communications with that site, even if it is encrypted with HTTPS. Certificate Transparency can mitigate some of the risk by requiring public logging of all issued certificates, but is not a panacea.

  • This is bad: the UAE's favorite sleazeball cybermercenaries have applied for permission to break Mozilla's web encryption

    Now Darkmatter has applied to Mozilla to become a "Certificate Authority," which means they'd get the ability to produce cryptographically signed certificates that were trusted by default by Firefox and its derivatives, giving them the power to produce cyberweapons that could break virtually any encrypted web session (though Certificate Transparency might expose them if they're careless about it).

    And since Moz's root of trust is used to secure Linux updates, this could affect literally billions of operating systems.

  • Spectre is here to stay: An analysis of side-channels and speculative execution

    As a result of our work, we now believe that speculative vulnerabilities on today's hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations, as we have discovered that untrusted code can construct a universal read gadget to read all memory in the same address space through side-channels.

  • Experts Find Serious Problems With Switzerland's Online Voting System Before Public Penetration Test Even Begins

    The public penetration test doesn’t begin until next week, but experts who examined leaked code for the Swiss internet voting system say it’s poorly designed and makes it difficult to audit the code for security and configure it to operate securely.

  • A Decryption Key for Law Firm Emails in Hacked 9/11 Files Has Been Released

    The release of the files was part of an extortion scheme against The Dark Overlord’s hacking victims, and followed the group’s established technique of stealing information and then approaching media outlets with the files in an attempt to exert further pressure on the group’s targets. The Dark Overlord also distributed a set of encrypted folders, ready to be unlocked at a later date, and which they claimed contained more 9/11-linked material.

    Now, around two months after the first data dump, someone has released another encryption key for the third layer of stolen material, which appears to contain thousands of emails, at least some of which are between different law firms.

Security Leftovers

Filed under
Security

GNU/Linux Security Leftovers

Filed under
Security
  • Major 9.8 vulnerability affects multiple Linux kernels— CVE-2019-8912 (af_alg_release())

    Our assessment is that the cause is this commit, the introduction of a "sockfs_setattr()" function. This function neglects to null-out values in a structure, making their values usable after exiting from the function (a so-called ‘use-after-free’ error).

  • Linux use-after-free vulnerability found in Linux 2.6 through 4.20.11

    Last week, a Huawei engineer reported a vulnerability present in the early Linux 2.6 kernels through version 4.20.11. The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code was used to uncover the use-after-free vulnerability which was present since early Linux versions.

    The use-after-free issue was found in the networking subsystem’s sockfs code and could lead to arbitrary code execution as a result.

  • Taking Care of Your Personal Online Security (For Paranoids)

    So, use Linux, and preferably coreboot or Libreboot (open source BIOS). You can buy hardware based on the recommendations of well-known and respected (still a bit paranoid) cypherpunk Richard Stallman.

  • Why do PAM projects fail? Tales from the trenches

    Privileged accounts hold the keys to highly sensitive company information and once these credentials are targeted, they can easily lead to a breach of a company’s most valuable assets; from databases to social media and unstructured data. Most enterprises have implemented some form of Privileged Access Management (PAM), but many find these initiatives fail to live up to expectations. Below are some common reasons why a PAM project might fail to meet the initial expectations; coupled with practical insights on how to prevent it from becoming a dud.

  • Sailfish OS: Security and Data Privacy

    Mobile World Congress is back again! Like every single year during the Jolla journey, we are excited to take part in this event. We have had great experiences in the past MWC’s, our main drivers for attending are the current and relevant topics discussed during the congress. One of this year’s core themes is Digital Trust; “Digital trust analyses the growing responsibilities required to create the right balance with consumers, governments and regulators.” It makes us happy that these topics are being discussed, especially since several scandals have recently affected trust in digital solutions.
    At Jolla we work constantly towards providing a secure and transparent solution. Our value towards our customer’s privacy is reflected in our values and actions. Back in May of 2018 our CEO Sami Pienimäki wrote a blog post on the GDPR laws passed within the European Union and stated the cornerstones on how Jolla views data privacy. This stand on privacy is not rocket science – the core idea is to respect our customers’ privacy and allow them to be in control of their data.

  • Security updates for Friday
  • Which is More Secure: Windows, Linux, or macOS? [Ed: security is not an OS feature but a separate product, insists company that sells "security" as a proprietar ysoftware product]

Security: Windows 'Fun' at Melbourne and Alleged Phishing by Venezuela’s Government

Filed under
Security

Security: Indian Railways and WinRAR

Filed under
Security
  • How I could have hacked lakhs of IRCTC accounts and get access to all your private info including easily cancelling booked tickets
  • Major Flaw Allows Attackers To Cancel Tickets On IRCTC Website

    The website of the Indian Railways has been a subject of ridicule owing to the various security flaws that have been discovered in its website over the years. When it comes to protecting user data, the website has been lacking in many ways.

    The website was previously hacked in 2016 when the details of over 1 crore users were leaked. Last year, Kanishk Sanjani, an ethical hacker had ordered food from the IRCTC website for Rs 7. This vulnerability remained unpatched for well over 7 months even after informing concerned authorities.

  • Web Application Security [Ed: a bit spammy]

    Common targets for web application attacks are content management systems (e.g., WordPress), database administration tools (e.g., phpMyAdmin) and SaaS applications.

  • This 19-Year-Old WinRAR Flaw Lets Hackers Load Malware To PCs

    he popular windows file archival tool WinRAR has been in use for over two decades now. The software is used to view, create, pack and unpack archives in both ZIP and RAR formats. A recent report by The Register has revealed that the tool has a bug that has remained undetected since 2005.

  • WinRAR Has Serious Flaw That Can Load Malware to PCs

    The popular file archiving tool WinRAR has had a bug for at least 14 years that can be exploited to take over your PC.

    The bug can pave the way for archive files that can trigger WinRAR to actually install whatever malware is secretly inside, according to the security firm Check Point, which discovered the software flaw.

    "The exploit works by just extracting an archive, and puts over 500 million users at risk," the company said in a detailed report published on Wednesday.

Security Password Managers, Updates, Intel/Linux, 5 Antivirus for Android Devices and Cisco

Filed under
Security
  • Your Password Manager Has A Severe Flaw — But You Should Still Use One [Ed: Yet worse: 1) people putting password managers on platforms with back doors from Apple and Microsoft. 2) people putting all their password "in the cloud".]

    If you are an avid user of password managers, you might just be in for a surprise. A recent study by researchers at the Independent Security Evaluators found that a number of popular password managers were storing master passwords as plain text within the main memory of devices.

    To an expert hacker, this vulnerability is equivalent to getting the keys to multiple accounts as a text document on your computer. The master key of any password manager can be used to gain access to all usernames and passwords being managed by it.

  • Security updates for Thursday
  • Fun Little Tidbits in a Howling Storm (Re: Intel Security Holes)

    Some kernel developers recently have been trying to work around the massive, horrifying, long-term security holes that have recently been discovered in Intel hardware. In the course of doing so, there were some interesting comments about coding practices.

    Christoph Hellwig and Jesper Dangaard Brouer were working on mitigating some of the giant speed sacrifices needed to avoid Intel's gaping security holes. And, Christoph said that one such patch would increase the networking throughput from 7.5 million packets per second to 9.5 million—a 25% speedup.

    To do this, the patch would check the kernel's "fast path" for any instances of dma_direct_ops and replace them with a simple direct call.

    Linus Torvalds liked the code, but he noticed that Jesper and Christoph's code sometimes would perform certain tests before testing the fast path. But if the kernel actually were taking the fast path, those tests would not be needed. Linus said, "you made the fast case unnecessarily slow."

  • 5 Antivirus for Android Devices That You Should Have in 2019
  • Duo Security Digs Into Chrome Extension Security With CRXcavator

Purism's Privacy and Security-Focused Librem 5 Linux Phone to Arrive in Q3 2019

Filed under
Linux
Security

Initially planned to ship in early 2019, the revolutionary Librem 5 mobile phone was delayed for April 2019, but now it suffered just one more delay due to the CPU choices the development team had to make to deliver a stable and reliable device that won't heat up or discharge too quickly.

Purism had to choose between the i.MX8M Quad or the i.MX8M Mini processors for their Librem 5 Linux-powered smartphone, but after many trials and errors they decided to go with the i.MX8M Quad CPU as manufacturer NXP recently released a new software stack solving all previous power consumption and heating issues.

Read more

Kernel and Security: BPF, Mesa, Embedded World, Kernel Address Sanitizer and More

Filed under
Security
  • Concurrency management in BPF

    In the beginning, programs run on the in-kernel BPF virtual machine had no persistent internal state and no data that was shared with any other part of the system. The arrival of eBPF and, in particular, its maps functionality, has changed that situation, though, since a map can be shared between two or more BPF programs as well as with processes running in user space. That sharing naturally leads to concurrency problems, so the BPF developers have found themselves needing to add primitives to manage concurrency (the "exchange and add" or XADD instruction, for example). The next step is the addition of a spinlock mechanism to protect data structures, which has also led to some wider discussions on what the BPF memory model should look like.

    A BPF map can be thought of as a sort of array or hash-table data structure. The actual data stored in a map can be of an arbitrary type, including structures. If a complex structure is read from a map while it is being modified, the result may be internally inconsistent, with surprising (and probably unwelcome) results. In an attempt to prevent such problems, Alexei Starovoitov introduced BPF spinlocks in mid-January; after a number of quick review cycles, version 7 of the patch set was applied on February 1. If all goes well, this feature will be included in the 5.1 kernel.

  • Intel Ready To Add Their Experimental "Iris" Gallium3D Driver To Mesa

    For just over the past year Intel open-source driver developers have been developing a new Gallium3D-based OpenGL driver for Linux systems as the eventual replacement to their long-standing "i965 classic" Mesa driver. The Intel developers are now confident enough in the state of this new driver dubbed Iris that they are looking to merge the driver into mainline Mesa proper. 

    The Iris Gallium3D driver has now matured enough that Kenneth Graunke, the Intel OTC developer who originally started Iris in late 2017, is looking to merge the driver into the mainline code-base of Mesa. The driver isn't yet complete but it's already in good enough shape that he's looking for it to be merged albeit marked experimental.

  • Hallo Nürnberg!

    Collabora is headed to Nuremberg, Germany next week to take part in the 2019 edition of Embedded World, "the leading international fair for embedded systems". Following a successful first attendance in 2018, we are very much looking forward to our second visit! If you are planning on attending, please come say hello in Hall 4, booth 4-280!

    This year, we will be showcasing a state-of-the-art infrastructure for end-to-end, embedded software production. From the birth of a software platform, to reproducible continuous builds, to automated testing on hardware, get a firsthand look at our platform building expertise and see how we use continuous integration to increase productivity and quality control in embedded Linux.

  • KASAN Spots Another Kernel Vulnerability From Early Linux 2.6 Through 4.20

    The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code has just picked up another win with uncovering a use-after-free vulnerability that's been around since the early Linux 2.6 kernels.

    KASAN (along with the other sanitizers) have already proven quite valuable in spotting various coding mistakes hopefully before they are exploited in the real-world. The Kernel Address Sanitizer picked up another feather in its hat with being responsible for the CVE-2019-8912 discovery.

  • io_uring, SCM_RIGHTS, and reference-count cycles

    The io_uring mechanism that was described here in January has been through a number of revisions since then; those changes have generally been fixing implementation issues rather than changing the user-space API. In particular, this patch set seems to have received more than the usual amount of security-related review, which can only be a good thing. Security concerns became a bit of an obstacle for io_uring, though, when virtual filesystem (VFS) maintainer Al Viro threatened to veto the merging of the whole thing. It turns out that there were some reference-counting issues that required his unique experience to straighten out.
    The VFS layer is a complicated beast; it must manage the complexities of the filesystem namespace in a way that provides the highest possible performance while maintaining security and correctness. Achieving that requires making use of almost all of the locking and concurrency-management mechanisms that the kernel offers, plus a couple more implemented internally. It is fair to say that the number of kernel developers who thoroughly understand how it works is extremely small; indeed, sometimes it seems like Viro is the only one with the full picture.

    In keeping with time-honored kernel tradition, little of this complexity is documented, so when Viro gets a moment to write down how some of it works, it's worth paying attention. In a long "brain dump", Viro described how file reference counts are managed, how reference-count cycles can come about, and what the kernel does to break them. For those with the time to beat their brains against it for a while, Viro's explanation (along with a few corrections) is well worth reading. For the rest of us, a lighter version follows.

Security Leftovers

Filed under
Security
  • Wi-Fi ‘Hiding’ Inside USB Cable: A New Security Threat On The Rise?

    Today, the world has become heavily reliant on computers owing to the various advantages they offer. It has thus become imperative that we, as users, remain updated about the various threats that can compromise the security of our data and privacy.

    A recent report published by Hackaday details a new threat that might just compromise the integrity of devices. At first glance, the O.MG cable (Offensive MG Kit) looks like any other USB cable available in the market. It is what lurks within that is a cause for concern.

  • WiFi Hides Inside a USB Cable [Ed: There are far worse things, like USB devices that send a high-voltage payload to burn your whole motherboard. Do not use/insert untrusted devices from dodgy people.]
  • The Insights into Linux Security You May Be Surprised About

    Linux has a strong reputation for being the most secure operating system on the market. It’s been like that for many years, and it doesn’t seem like Windows or macOS are going to overtake it anytime soon. And while the operating system’s reputation is well-deserved, it can also be harmless experienced users.

    The problem is that some seem to put too much trust in the capabilities of Linux by default. As a result, they often don’t pay enough attention to the manual aspect of their security. Linux can help you automate your workflow to a large extent, but it still requires a manual touch to keep things going well. This is even truer when it comes to security.

  • One Identity Bolsters Unix Security with New Release of Authentication Services

    Unix systems (including Linux and Mac OS), by their very nature, have distinct challenges when it comes to security and administration. Because native Unix-based systems are not linked to one another, each server or OS instance requires its own source of authentication and authorization.

  • Book Review – Linux Basics for Hackers

    With countless job openings and growth with no end in sight, InfoSec is the place to be. Many pose the question, “Where do I start?” Over his years of training hackers and eventual security experts across a wide array of industries and occupations, the author ascertains that one of the biggest hurdles that many up-and-coming professional hackers face is the lack of a foundational knowledge or experience with Linux. In an effort to help new practitioners grow, he made the decision to pen a basic ‘How To’ manual, of sorts, to introduce foundational concepts, commands and tricks in order to provide instruction to ease their transition into the world of Linux. Out of this effort, “Linux Basics for Hackers” was born.

  • Security updates for Wednesday

Plasma 5.15.1 arrives in Cosmic backports PPA

Filed under
KDE
Security

We are pleased to announce that the 1st bugfix release of Plasma 5.15, 5.15.1, is now available in our backports PPA for Cosmic 18.10.

The release announcement detailing the new features and improvements in Plasma 5.15 can be found here, while the full 5.15.1 bugfix changelog can be found here.

Released along with this new version of Plasma is an update to KDE Frameworks 5.54. (5.55 is currently in testing in Disco 19.04 and may follow in the next few weeks.)

Read more

Syndicate content

More in Tux Machines

Security Leftovers

NetBSD Virtual Machine Monitor

  • NetBSD Virtual Machine Monitor
    NVMM provides hardware-accelerated virtualization support for NetBSD. It is made of an ~MI frontend, to which MD backends can be plugged. A virtualization API is shipped via libnvmm, that allows to easily create and manage virtual machines via NVMM. Two additional components are shipped as demonstrators, toyvirt and smallkern: the former is a toy virtualizer, that executes in a VM the 64bit ELF binary given as argument, the latter is an example of such binary.
  • NetBSD Gains Hardware Accelerated Virtualization
    NetBSD, the highly portable Unix-like Open Source operating system known for its platform diversity, has gained hardware-accelerated virtualization support via an improved NetBSD Virtual Machine Monitor (NVMM).

GNU Releases: mailutils, cflow, tar and parallel

Devices: AArch64, Siemens/Mentor Embedded Linux (MEL), Raspberry Pi and Xiaomi

  • We need Arm64 systems for developers. Again.
    Getting AArch64 hardware for developers is important. When it happen? One day. Maybe even before people forget that such architecture existed. We talk about it during each Linaro Connect. So far nothing serious came from it. We had some failed attempts like Cello or Husky. There is Synquacer with own set of issues. Some people use MACCHIATObin. Some still use Applied Micro Mustangs which should get a place in computer museums. It is chicken and egg issue. No one makes affordable AArch64 systems because no one buys them. Because no one makes them. Hardware vendors concentrate on server market — no chips to choose for developer systems.
  • Siemens PLM Software announces enterprise Mentor Embedded Linux (MEL) solution
    Siemens PLM Software announced an enterprise Mentor Embedded Linux (MEL) solution that provides electronics manufacturers secure, scalable and configurable distributions for industrial, medical, aerospace and defense applications. This MEL technology is a configurable distribution that provides an operating system platform for embedded systems development and is a result of the continued integration of the recently acquired embedded systems design capabilities from Mentor Graphics. The solution is based on Debian, an enterprise class, open source Linux operating system.
  • Siemens launches new enterprise class embedded Linux solution for embedded systems development
    With the growth of internet of things (IoT) and other smart devices, it is becoming increasingly complex and expensive for manufacturers to develop embedded distributions and applications for these devices based on the Linux® operating system. Siemens PLM Software today announced a new enterprise Mentor® Embedded Linux® (MEL) solution that provides electronics manufacturers secure, scalable and configurable distributions for industrial, medical, aerospace and defense applications. This new MEL technology is a configurable distribution that provides a robust operating system platform for embedded systems development and is a result of the continued integration of the recently acquired embedded systems design capabilities from Mentor Graphics. The solution is based on Debian, a broadly utilized, enterprise class, open source Linux operating system.
  • Raspberry Pi Begins Rolling Out The Linux 4.19 Kernel
    The Raspberry Pi folks have been working the past few months on upgrading their kernel in moving from Linux 4.14 to 4.19. That roll-out has now begun. Linux 4.19 has been the target of the Raspberry Pi Foundation due to this newer kernel being a Long-Term Support (LTS) release and thus will be maintained for the long-term. That large jump in the standard kernel version for Raspberry Pi ultimately means less work too for the developers involved: between 4.14 and 4,19, a lot of Raspberry Pi patches and other Broadcom improvements were upstreamed.
  • Raspberry Pi Updates Devices to Linux 4.19
  • Xiaomi’s 2019 goal is to release kernel source code more quickly for all its devices
    Just before MWC 2019, Xiaomi took to the stage at an event in China to launch the new Xiaomi Mi 9 and Mi 9 SE. Both the devices represent the best of what OEM has to offer, bringing in a high value device at a fraction of the cost of a premium flagship. While this approach lets them appeal to the average consumer, Xiaomi has also been quite developer-friendly, which makes them a good purchase even for those who are looking for a device with a very good third party development community. Xiaomi does not void the warranty of devices (in India at least) if you unlock the bootloader, and they have worked on significantly bringing down the waiting times for bootloader unlock requests too.