Language Selection

English French German Italian Portuguese Spanish

Security

Down the rabbit hole, part 3: Linux and Tor are key to ensuring privacy, security

Filed under
Linux
Security

So, I’ve decided I need to improve the privacy and security of my life (especially as it relates to computing). And I’ve come to the conclusion that in order to effectively do this, I need to focus on utilizing open source software as much as possible.

What next?

Let’s start at a very simple, basic level: the operating system of my laptop computers (I don’t actually have a desktop currently, but the same ideas will apply) and how they connect to the internet.

Read more

Security News

Filed under
Security
  • security things in Linux v4.7
  • Microsoft warns Windows security fix may break network shares

    The latest of these, Preview Build 14936 – for testers on what Microsoft refers to as the Fast Ring – comes with the usual set of updates, new features, and fixes for things that the previous release managed to break.

    However, what caught our eye was a warning that after updating, users may find that shared devices such as NAS boxes have mysteriously disappeared from the home network folder, and that any previously mapped network drives are unavailable.

    Microsoft offers a fix for this; if you change your network to “private” or “enterprise”, it should start working again.

    It seems that the cause of this hiccup is a fix that Microsoft made earlier in September to address a security hole severe enough that it might allow remote code execution with elevated permissions on an affected system, although this would require an attacker to create a specially crafted request.

    The fix addresses this by, among other things, “correcting how Windows enforces permissions”.

    Windows Insiders are typically no newbies and used to preview builds breaking stuff, but it is likely that this change will find its way into the Windows 10 code everybody else is running sooner or later.

  • Android Devices Are Targeted By New Lockscreen Ransomware

Security Leftovers

Filed under
Security
  • Bug Bounty Hunters Can Earn $1.5 Million For A Successful Jailbreak Of iOS 10
  • How To Ensure Trustworthy, Open Source Elections [Ed: This reminds us Microsoft must be kicked out of election process [1, 2]

    A strong democracy hinges not only on the right to vote but also on trustworthy elections and voting systems. Reports that Russia or others may seek to impact the upcoming U.S. presidential election—most recently, FBI evidence that foreign hackers targeted voter databases in Arizona and Illinois—has brought simmering concerns over the legitimacy of election results to a boil.

  • Source Code for IoT Botnet ‘Mirai’ Released

    The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.

    The leak of the source code was announced Friday on the English-language hacking community Hackforums. The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords.

Security News

Filed under
Security
  • Your next DDoS attack, brought to you courtesy of the IoT

    The internet is reeling under the onslaught of unprecedented denial-of-service attacks, the sort we normally associate with powerful adversaries like international criminal syndicates and major governments, but these attacks are commanded by penny-ante crooks who are able to harness millions of low-powered, insecure Internet of Things devices like smart lightbulbs to do their bidding.

    Symantec reports on the rising trend in IoT malware, which attack systems that "may not include any advanced security features" and are "designed to be plugged in and forgotten" without "any firmware updates" so that "infection of such devices may go unnoticed by the owner."

    The USA and China are the two countries where people own most of these things, so they're also where most of the malicious traffic originates. Symantec ran a honeypot that recorded attempts to login and compromise a system that presented as a vulnerable IoT device, and found that the most common login attempts used the default passwords of "root" and "admin," suggesting that malware authors have discovered that IoT owners rarely change these defaults. Other common logins include "123456," "test" and "oracle."

  • Meet Linux.Mirai Trojan, a DDoS nightmare
  • Linux.Mirai Trojan Carries Out DDoS Attacks
  • Fears of a hacked election may keep 1 out of every 5 voters home, says report

    Recent hacks of the Democratic National Committee, the Democratic Congressional Campaign Committee and election databases have increased fears that cybercriminals will try to interfere with the upcoming U.S. presidential election.

    Concerns leading up to election day on November 8 could have a real impact on voter turnout, according to a study from cybersecurity firm Carbon Black. More than one in five registered U.S. voters may stay home on election day because of fears about cybersecurity and vote tampering, the study — an online survey of 700 registered voters aged 18-54 — found.

  • Hostile Web Sites

    I was asked whether it would be safe to open a link in a spam message with wget. So here are some thoughts about wget security and web browser security in general.

  • You can crash Linux Systemd with a single Tweet

    System administrator Andrew Ayer has discovered a potentially critical bug in systemd which can bring a vulnerable Linux server to its knees with a single command line.”After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons.

  • How to reignite a flamewar in one tweet (and I still don’t get it)
  • Multiple Linux Distributions Affected By Crippling Bug In Systemd

    System administrator Andrew Ayer has discovered a potentially critical bug in systemd which can bring a vulnerable Linux server to its knees with one command. "After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons. inetd-style services no longer accept connections. You cannot cleanly reboot the system." According to the bug report, Debian, Ubuntu, and CentOS are among the distros susceptible to various levels of resource exhaustion. The bug, which has existed for more than two years, does not require root access to exploit.

Security Leftovers

Filed under
Security
  • Let's Encrypt Wants to Help Improve the CA Model

    Let's Encrypt, a non-profit effort that brings free SSL/TLS certificates to the web, was first announced in November 2014 and became a Linux Foundation Collaborative Project in April 2015. To date, it has provided more than 5 million free certificates.

    While having an SSL/TLS certificate to encrypt traffic is an important element of web security, it's not the only one, said Josh Aas, executive director of the Internet Security Research Group and leader of Let's Encrypt.

    "There is a lot in the total picture of what makes a website secure, and we can do a lot to help a certain part of it," he said in a video interview.

  • How to Throw a Tantrum in One Blog Post

    The systemd team has recently patched a local denial of service vulnerability affecting the notification socket, which is designed to be used for daemons to report their lifecycle and health information. Some people have used this as an opportunity to throw a fresh tantrum about systemd.

Security News

Filed under
Security
  • Report: Linux security must be upgraded to protect future tech

    The summit was used to expose a number of flaws in Linux's design that make it increasingly unsuitable to power modern devices. Linux is the operating system that runs most of the modern world. It is behind everything from web servers and supercomputers to mobile phones. Increasingly, it's also being used to run connected Internet of Things (IoT) devices, including products like cars and intelligent robots.

  • security things in Linux v4.6

    Hector Marco-Gisbert removed a long-standing limitation to mmap ASLR on 32-bit x86, where setting an unlimited stack (e.g. “ulimit -s unlimited“) would turn off mmap ASLR (which provided a way to bypass ASLR when executing setuid processes). Given that ASLR entropy can now be controlled directly (see the v4.5 post), and that the cases where this created an actual problem are very rare, means that if a system sees collisions between unlimited stack and mmap ASLR, they can just adjust the 32-bit ASLR entropy instead.

Security Leftovers

Filed under
Security
  • Friday's security advisories
  • ICANN grinds forward on crucial DNS root zone signing key update

    The Internet Corporation for Assigned Names and Numbers is moving -- carefully -- to upgrade the DNS root zone key by which all domains can be authenticated under the DNS Security Extensions protocol.

    ICANN is the organization responsible for managing the Domain Name System, and DNS Security Extensions (DNSSEC) authenticates DNS responses, preventing man-in-the-middle attacks in which the attacker hijacks legitimate domain resolution requests and replaces them with fraudulent domain addresses.

    DNSSEC still relies on the original DNS root zone key generated in 2010. That 1024-bit RSA key is scheduled to be replaced with a 2048-bit RSA key next October. Although experts are split over the effectiveness of DNSSEC, the update of the current root zone key signing key (KSK) is long overdue.

  • Cybersecurity isn't an IT problem, it's a business problem

    The emergence of the CISO is a relatively recent phenomenon at many companies. Their success often relies upon educating the business from the ground up. In the process, companies become a lot better about how to handle security and certainly learn how not to handle it.

    As a CIO, knowing the pulse of security is critical. I oversee a monthly technology steering committee that all the executives attend. The CISO reports during this meeting on the state of the security program. He also does an excellent job of putting risk metrics out there, color coded by red, yellow, and green. This kind of color grading allows us to focus attention on where we are and what we’re doing about it.

Security News

Filed under
Security
  • Don't Trust Consumer Routers

    Another example of why you shouldn’t trust consumer routers. d-link

    It isn’t just this specific d-link router. We’ve seen the same issues over and over and over with pretty much every non-enterprise vendor.

    Plus we don’t want our devices used by crackers to DDoS Brian Krebs anymore, right?

    We are Linux people. We CAN do this ourselves.

  • D-Link DWR-932 router is chock-full of security holes

    Security researcher Pierre Kim has unearthed a bucketload of vulnerabilities affecting the LTE router/portable wireless hotspot D-Link DWR-932. Among these are backdoor accounts, weak default PINs, and hardcoded passwords.

  • The Cost of Cyberattacks Is Less than You Might Think

    What's being left out of these costs are the externalities. Yes, the costs to a company of a cyberattack are low to them, but there are often substantial additional costs borne by other people. The way to look at this is not to conclude that cybersecurity isn't really a problem, but instead that there is a significant market failure that governments need to address.

  • NHS trusts are still using unsupported Windows XP PCs

    AT LEAST 42 National Health Service (NHS) trusts in the UK still run Microsoft's now-defunct Windows XP operating system.

    Motherboard filed Freedom of Information requests with more than 70 NHS hospital trusts asking how many Windows XP machines they use. 48 replied within the allotted time, and a whopping 42 of them admitted that they still use the operating system that reached end-of-life status in April 2014.

    Some of the culprits include East Sussex Healthcare, which has 413 Windows XP machines, Sheffield's Children's hospital with 1,290, and Guy's and St Thomas' NHS Trust in London with an insane 10,800 Windows XP-powered PCs.

    23 replied to Motherboard's quizzing about whether they have an extended support agreement in place and, unsurprisingly, the majority said that they do not.

Security Leftovers

Filed under
Security
  • Linux.Mirai Trojan causing mayhem with DDoS attacks

    A Trojan named Linux.Mirai has been found to be carrying out DDoS attacks.

    The malicious program first appeared in May 2016, detected by Doctor Web after being added to its virus database under the name Linux.DDoS.87. The Trojan can work with with the SPARC, ARM, MIPS, SH-4, M68K architectures and Intel x86 computers.

  • Don't Hide DRM in a Security Update

    Over 10,000 of you have joined EFF in calling on HP to make amends for its self-destructing printers in the past few days. Looks like we got the company’s attention: today, HP posted a response on its blog. Apparently recognizing that its customers are more likely to see an update that limits interoperability as a bug than as a feature, HP says that it will issue an optional firmware update rolling back the changes that it had made. We’re very glad to see HP making this step.

    But a number of questions remain.

    First, we’d like to know what HP’s plans are for informing users about the optional firmware update. Right now, the vast majority of people who use the affected printers likely do not know why their printers lost functionality, nor do they know that it’s possible to restore it. All of those customers should be able to use their printers free of artificial restrictions, not just the relatively few who have been closely following this story.

  • 6 Ways Driverless Cars Are Going To Kill Lots Of People

    You've probably read a few articles about driverless cars over the past couple of years. The technology is coming along quickly, with fleets of test cars already on the roads in some states. It seems like soon we'll achieve the American dream of stuffing our faces and texting all we want while still managing to avoid public transportation.

    But the reality is quite different. We're diving into this technology a little too quickly and ignoring all the warning signs about how we are going to screw up on the way to Driverless Car Utopia.

Security: Nmap 7.30 is Out

Filed under
OSS
Security
  • Nmap 7.30

    Integrated all 12 of your IPv6 OS fingerprint submissions from June to September. No new groups, but several classifications were strengthened, especially Windows localhost and OS X.

  • Nmap 7.30 Released As Stable With Many Additions
  • Nmap 7.30 Security Scanner Adds 12 New IPv6 OS Fingerprints, 7 NSE Scripts

    Today, September 29, 2016, the Nmap developers proudly announced the release of Nmap 7.30, the latest stable version of the free, open source and cross-platform security scanner and network mapper software.

    As expected, Nmap 7.30 is a major release that adds numerous new features and improvements, among which we can mention twelve new IPv6 OS fingerprints and seven NSE (Nmap Scripting Engine) scripts that have been submitted by various developers. There are now a total of 541 NSE scripts included in Nmap.

Syndicate content

More in Tux Machines

3 little things in Linux 4.10 that will make a big difference

Linux never sleeps. Linus Torvalds is already hard at work pulling together changes for the next version of the kernel (4.11). But with Linux 4.10 now out, three groups of changes are worth paying close attention to because they improve performance and enable feature sets that weren’t possible before on Linux. Here’s a rundown of those changes to 4.10 and what they likely will mean for you, your cloud providers, and your Linux applications. Read more

SODIMM-style module runs Linux on VIA’s 1GHz Cortex-A9 SoC

VIA unveiled an SODIMM-style COM based on its Cortex-A9 WM8850 SoC, with 512MB RAM and 8GB eMMC, plus Ethernet, CSI, graphics, USB, and serial ports. The 68.6 x 43mm “SOM-6X50” computer-on-module appears to be VIA’s second-ever ARM COM. Back in Sept. 2015, the company released a 70 x 70mm Qseven form factor QSM-8Q60 COM, based on a 1GHz NXP DualLite SoC. Read more

Today in Techrights

today's leftovers

  • LinuXatUSIL – Previas 2 for #LinuxPlaya
    Damian from GNOME Argentina explained us some code based on this tutorial and the widgets in Glade were presented.
  • RancherOS v0.8.0 released! [Ed: and a bugfix release, 0.8.1, out today]
    RancherOS v0.8.0 is now available! This release has taken a bit more time than prior versions, as we’ve been laying more groundwork to allow us to do much faster updates, and to release more often.
  • The Technicals For Red Hat, Inc. (RHT) Tell An Interesting Tale
  • Ubuntu 17.04 Beta 1 Released | New Features And Download
    Ubuntu 17.04 Zesty Zapus Beta 1 release is finally here. If you’re interested, you can go ahead and download the ISO images of the participating flavors, which are, Lubuntu, Kubuntu, Xubuntu, Ubuntu Budgie, Ubuntu GNOME, Ubuntu Kylin, and Ubuntu Studio. Powered by Linux kernel 4.10, these releases feature the latest stable versions of their respective desktop environments. This release will be followed by the Final Beta release on March 23 and final release on April 13.
  • Ubuntu 17.04 Beta 1 Now Available to Download
    The first beta releases in the Ubuntu 17.04 development cycle are ready for testing, with Xubuntu, Ubuntu GNOME and Ubuntu Budgie among the flavors taking part.