Language Selection

English French German Italian Portuguese Spanish

Security

Intel Back Doors

Filed under
Hardware
Security
  • Intel Confirms Vulnerability In Intel AMT/ME

    Many of you already have expressed your displeasure over Intel's Active Management Technology (AMT) and Management Engine (ME) for various reasons in the past and now it's been disclosed that for years there has been a vulnerability in this business-oriented feature that could open your Intel systems up to attackers.

    Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability are subject to a hole allowing an unprivileged attacker to gain control of the management features for these products. The issue was made public today via INTEL-SA-00075.

  • Secure Boot booted from Debian 9 'Stretch'

    Debian's release team has decided to postpone its implementation of Secure Boot.

    In a release update from last week, release team member Jonathan Wiltshire wrote that “At a recent team meeting, we decided that support for Secure Boot in the forthcoming Debian 9 'stretch" would no longer be a blocker to release. The likely, although not certain outcome is that stretch will not have Secure Boot support.'

Security Leftovers

Filed under
Security

Ubuntu 12.04 and SSHv1 Support Phased Out

Filed under
Security
  • Ubuntu 12.04 (Precise Pangolin) End of Life reached on April 28, 2017

    This is a follow-up to the End of Life warning sent last month to confirm that as of today (April 28, 2017), Ubuntu 12.04 is no longer generally supported. No more package updates will be accepted to the 12.04 primary archive, and it will be copied for archival to old-releases.ubuntu.com in the coming weeks.

  • OpenSSH Removes SSHv1 Support

    Dropping support for SSHv1 and associated ciphers that were either suspected to or known to be broken has been planned for several releases, and has been eagerly anticipated by many in the OpenBSD camp.

Security Leftovers

Filed under
Security
  • Security fail is people

    The other day I ran across someone trying to keep their locker secured by using a combination lock. As you can see in the picture, the lock is on the handle of the locker, not on the loop that actually locks the door. When I saw this I had a good chuckle, took a picture, and put out a snarky tweet. I then started to think about this quite a bit. Is this the user's fault or is this bad design? I'm going to blame bad design on this one. It's easy to blame users, we do it often, but I think in most instances, the problem is the design, not the user. If nothing is ever our fault, we will never improve anything. I suspect this is part of the problem we see across the cybersecurity universe.

  • Free software activities in April 2017

    Whilst anyone can inspect the source code of free software for malicious flaws, most software is distributed pre-compiled to end users.

    The motivation behind the Reproducible Builds effort is to permit verification that no flaws have been introduced — either maliciously or accidentally — during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

Security Leftovers

Filed under
Security
  • Is there any way to truly secure Docker container contents?

    All this adds up to a lot of work, which is not taken care of for you by default in Docker. It is no surprise that many Docker images are insecure, given this picture. The unfortunate reality is that many Docker containers are running with known vulnerabilities that have known fixes, but just aren’t, and that’s sad.

  • Compromise recovery on Qubes OS

    Occasionally fuckups happen, even with Qubes (although not as often as some think).

    What should we – users or admins – do in such a situation? Patch, obviously. But is that really enough? What good is patching your system if it might have already been compromised a week earlier, before the patch was released, when an adversary may have learned of the bug and exploited it?

    That’s an inconvenient question for many of us – computer security professionals – to answer. Usually we would mutter something about Raising the Bar(TM), the high costs of targeted attacks, attackers not wanting to burn 0-days, or only nation state actors being able to afford such attacks, and that in case one is on their list of targets, the game is over anyway and no point in fighting. Plus some classic cartoon.

    While the above line of defense might work (temporarily), it really doesn’t provide for much comfort, long term, I think. We need better answers and better solutions. This post, together with a recently introduced feature in Qubes OS 3.2 and (upcoming) 4.0, is an attempt to offer such a solution.

  • Top 5 Kali Linux Pentest tools for WiFi/network and exploits
  • Linux/Shishiga Malware Brute-Forces SSH Credentials

    A new strain of Linux malware has been detected. Dubbed Linux/Shishiga, the malware could transform into a dangerous piece of malware. Linux/Shishiga was officially discovered and examined by researchers at Eset.

  • Cybercriminals have taken notice of leaked government spying techniques
  • Microsoft Closes Word/Wordpad Hole—6 Months after Report
  • [Older] The Pentagon’s Bug Bounty Program Should Be Expanded to Bases, DOD Official Says [iophk: "any version of Windows at all is inappropriate"]

    “About 75 percent of the devices that are control systems are on Windows XP or other nonsupported operating systems,” said Daryl Haegley, program manager for the Office of the Assistant Secretary of Defense for Energy, Installations and Environment.

    [...]

    “A lot of these systems are still Windows 95 or 98, and that’s OK—if they’re not connected to the internet,” Haegley added.

  • Don’t Info Op Until You See The Whites of Their Eyes
  • CFP P70

    This is the official CFP for P70.

  • VM escape - QEMU Case Study

    In this paper, we provide a in-depth analysis of CVE-2015-5165 (a memory-leak vulnerability) and CVE-2015-7504 (a heap-based overflow vulnerability), along with working exploits. The combination of these two exploits allows to break out from a VM and execute code on the target host. We discuss the technical details to exploit the vulnerabilities on QEMU's network card device emulation, and provide generic techniques that could be re-used to exploit future bugs in QEMU.

  • CIA’s anti-leaking tool leaked as ‘whistleblowers watch the watchers’

    Former MI5 intelligence officer Annie Machon and retired US Army Colonel Ann Wright, who is also a retired US State Department official, shared their views on these and other questions with RT.

    On Friday, WikiLeaks released a series of documentations on a US Central Intelligence Agency (CIA) project known as ‘Scribbles,’ which was allegedly created to allow ‘web beacon’ tags to be embedded “into documents that are likely to be copied.”

    WikiLeaks began publishing a huge cache of secret documents on the CIA named ‘Vault 7’ in March.

  • Vault 7: CIA tool to track people through Word docs released

    The documentation says: "Scribbles (SCRIB) is a document watermarking tool that can be used to batch process a number of documents in a pre-seeded input directory. It generates a random watermark for each document, inserts that watermark into the document, saves all such processed documents in an output directory, and creates a log file which identifies the watermarks inserted into each document."

    It says the tool was successfully tested on Office 2013 (on Windows 8.1 x64), documents from Office versions 97-2016 (Office 95 documents will not work!) and documents that are not locked forms, encrypted, or password-protected.

    There is a limitation to the Scribbles system: if a document that has the watermarks in it and is opened in OpenOffice, LibreOffice the watermark images and URLs may become visible.

  • The US Takes On the World in NATO’s Cyber War Games

    Last year, Capt. Sean Ruddy and his team of operator-soldiers from the US Cyber Brigade entered a Locked Shields, a NATO-organized cyber-defense war game that pits teams from dozens of countries against “live-fire” attacks. It was their first time. And of the 19 countries represented, the US finished dead last. This week, they got their shot at redemption.

More Security Leftovers

Filed under
Security
  • HardenedLinux: The way to the Ark

    We’ve been sharing some of our works on security practices ( STIG-4-Debian, Debian GNU/Linux profiles, etc) for servers running in data center. PaX/Grsecurity is the corner stone to most of our solutions. Evidences have revealed that PaX/Grsecurity can defeat multiple public exploits w/o any patch fixes in critical scenarios for a long run. With PaX/Grsecurity, for the 1st time we believe that we can build the defense based on free/libre & open source software/firmware solution to prevent many threats from Ring 3/0/-1/-2/-3. HardenedLinux is going to continue develop solutions of defense based on PaX/Grsecurity. From our point of view, we see no other option. Please remember this date: Apr 26 2017. This is the day we lost our Ark.

  • It's Official: Ubuntu 12.04 LTS (Precise Pangolin) Linux OS Reached End of Life

    Canonical, through Adam Conrad, informed us today that the Ubuntu 12.04 LTS (Precise Pangolin) operating system is now officially dead, reaching end of life on April 28, 2017.

    If you're still using Ubuntu 12.04 LTS on your desktop or server systems, it's time to upgrade to a newer, supported release. You can choose to upgrade to either Ubuntu 14.04 LTS (Trusty Tahr), which will be supported for two more years, until April 2019, or Ubuntu 16.04 LTS (Xenial Xerus), supported until April 2021.

Security Leftovers

Filed under
Security

IPFire 2.19 Now Supports On-Demand IPsec VPNs, Core Update 110 Is Now Available

Filed under
GNU
Linux
Security

IPFire's Michael Tremer announced today, April 28, 2017, the release of IPFire 2.19 Core Update 110, a new stable maintenance version of the open-source, Linux-based firewall operating system.

Coming two and a half months after the previous point release, IPFire 2.19 Core Update 110 is here to implement support for on-demand IPsec (Internet Protocol Security) VPNs (Virtual Private Networks), which might just come in handy to those who deal with a huge amount of IPsec net-to-net connections on their infrastructures.

Read more

Linux Mint-using terror nerd awaits sentence for training Islamic State

Filed under
Linux
Security

A paranoid Welsh Muslim who wore gloves while typing on his laptop, admitted being part of Islamic State, and, gasp, harbored a copy of Linux Mint, has been described as a “new and dangerous breed of terrorist.”

Samata Ullah, 34, who also used voice modulation software to disguise his thick Welsh accent while making instructional videos about encryption, pleaded guilty to five terrorism charges at Cardiff Crown Court. He was due to be sentenced Friday afternoon.

Read more

Security Leftovers

Filed under
Security
Syndicate content

More in Tux Machines

Debian Leftovers: Installer, CI, Stretch, and Devuan Jessie

Fedora Leftovers: Memorial Weekend ISO, LGBTQA Awareness Day and More

Linux 4.12 RC3, Linux Foundation Project Updates

  • Linux 4.12-rc3
    Hey, things continue to look good, and rc3 isn't even very big. I'm hoping there's not another shoe about to drop, but so far this really feels like a nice calm release cycle, despite the size of the merge window. Knock wood. Anyway, rc3 has a little bit of everything. The biggest single change is actually just a documentation update (the intel pstate docs were converted to rst format), so the diffstat actually looks a bit odd with a wuarter just being documentation. There's also some tooling updates (perf and some bpf selftest). But if you ignore those two pieces, it looks pretty normal: two thirds of it being drivers (gpu, nvme, scsi, tty, block), with the remainder being about half networking and haf "misc" (core kernel, header files, XFS, arch updates). Go forth and test, Linus
  • Linux 4.12-rc3 Kernel Released
    Linus Torvalds has announced the third weekly test candidate for the upcoming Linux 4.12 kernel debut. Linus commented of Linux 4.12-rc3 that it isn't a very big release over the prior RCs and so far it's a "nice calm release cycle." The biggest change this past week was actually documentation updates.
  • Linus Torvalds Announced the Third Release Candidate of the Linux 4.12 Kernel
    Even if it's Memorial weekend, Linus Torvalds is on the job announcing the release and immediate availability of the third RC (Release Candidate) milestone of the upcoming Linux 4.12 kernel series.
  • Hyperledger Sawtooth Graduates to Active Status
    We’re happy to share that Hyperledger’s Technical Steering Committee (TSC) has granted the Hyperledger Sawtooth maintainer’s request to advance the project’s status from Incubation to Active. Hyperledger Iroha also graduated today.
  • Stronger Together: How Cloud Foundry Supports Other Communities
    The open source Cloud Foundry application development platform was publicly announced over six years ago, and along the way, we have connected with other projects, adopting technologies from other open source communities as they matured. For example, before Docker was a company or even a project, the Cloud Foundry platform was using Linux containers to isolate deployed applications from one another. Our container implementation wasn’t built in a general purpose way like Docker’s; it wasn’t designed to solve all of the potential use cases for a container runtime. It was designed specifically to support the stateless web applications that Cloud Foundry was initially intended to support, and to do that in a secure, multitenant fashion.

Reasons to use the GNOME 3 desktop environment, cool KDE tweaks, and GNOME integration for Qt based application

  • 11 reasons to use the GNOME 3 desktop environment for Linux
    Late last year, an upgrade to Fedora 25 caused issues with the new version of KDE Plasma that made it difficult for me to get any work done. So I decided to try other Linux desktop environments for two reasons. First, I needed to get my work done. Second, having been using KDE exclusively for many years, I thought it might be time to try some different desktops.
  • Which Linux desktop environment do you prefer?
  • 7 cool KDE tweaks that will change your life
  • Gnome integration for Qt based applications in Flatpak
    Following blog post from Patrick Griffis about new themes support in Flatpak, we started working on supporting this new feature too. Currently wherever you start a Qt application, it would always look like a KDE application or something would be missing, like icons so you would end up with bad experience and mixed feelings. This is going to change now as we now support Gnome in form of icons, widget style and Qt platform theme and with this, when you run a Qt application in Gnome, it will look definitely better and more natively than before. We packaged regular adwaita icons which are used by default in Gnome as extension of freedesktop runtime. For widget style we use adwaita-qt style, which is a Qt style attempting to look like Gtk’s adwaita and the most important part putting this all together is QGnomePlatform, a Qt platform theme which reads your Gnome configuration and applies it to running Qt applications. QGnomePlatform also enforces Qt apps to use adwaita icons and adwaita-qt style by default so that’s another reason why it is important. Both adwaita-qt and QGnomePlatform projects are by the way authored by Martin Bříza, a collegue of mine from Red Hat so if you meet him in person somewhere buy him a beer for that he cares about Qt integration in Gnome :). Now coming to a question how to install this and make it work. Basically all you need to do is install following extensions and you shold be done: