Language Selection

English French German Italian Portuguese Spanish

Security

Best Linux security tools

Filed under
Linux
Security

Linux has become a popular open source alternative to the popular Windows and iOS operating systems, and a key factor behind its rise is security.

The operating system is much less likely to be a target of malware than its better-known competitors as it has far fewer users, more knowledgeable server administrators and a comprehensive permissions system that enhances its defences.

That doesn't, however, make Linux invulnerable. Here are some Linux security tools to add an extra layer of protection to the operating system.

Read more

Security: Pastejacking, Hotmail in 2018, New Incidents, Lebal Targets Microsoft Windows, and Microsoft Declines to 7% on the Web (a Lot of Unpatched Windows)

Filed under
Security
  • Pastejacking

    This demo uses JavaScript to hook into the copy event, which will fire via ctrl+c or right-click copy. Right now this demo does works in Chrome, Firefox, and Safari but not with Internet Explorer, however there is a demo below which is IE compatible.

  • ‘A sign that you’re not keeping up’ – the trouble with Hotmail in 2018

    With the passage of time and the absence of a brand overhaul, the word “hotmail” near your name started to be quite ageing; like “ntlworld” or “blueyonder”, it was a sign that you weren’t keeping up. It was a deduction that wouldn’t stand up in a court of law, but online it is inference, not certainty, that drags you down. When you could have an ageless Yahoo address, there is just no call to leave this kind of footprint, unless “incredibly old” is your calling card.

  • Shocking data breach exposes more than 220,000 organ donor records

    Lowyat.net, which previously exposed a leak of 46m citizen records belonging to Malaysian communications firms – reported Tuesday (23 January) that the details appeared to be from a central database linked to state hospitals and national transplant resource centres.

    Complete entries of personal information included ID numbers, names, email addresses, home addresses and phone numbers of 220,000 citizens recorded between January 2009 and August 2016.

  • Researchers warn new Lebal malware is seeking high-profile targets

    The vector for the attacks, which are described as being specifically targeted versus random attempts, was not through usual email attacks but camouflaged through several layers. The first attempt involves a phishing email disguised as a message from Federal Express, while the second attempt involves a malicious link pretending to be a link to Google Drive.

  • What is Lebal? New sophisticated malware found targeting several universities, government agencies

    It requests users to click on a link to download and print out an "attached label" that needs to be submitted in order to receive the parcel. The malicious link itself is disguised as a Google Drive link. Once a user clicks on it, the hackers' website pops up with the malicious "Lebal copy.exe" file ready to download.

  • Cyber crime hit 978m in 2017, caused US$172b loss

    It said that as as a result, victims globally lost US$172 billion – an average of US$142 per victim. The figure for Australia was US$1.9 billion in total. Each of these people also spent about 24 hours — or almost three full workdays — dealing with the aftermath.

  • January 2018 Web Server Survey

    While 1.5 million web-facing computers currently run Microsoft web server software, a slightly larger number – 1.8 million – run Windows operating systems. The bulk of the difference is made up of Windows computers that either run Apache or reverse-proxy traffic from backend Apache servers. The most commonly used Windows version is Windows Server 2008, followed by 2012 and then the aging, unsupported Windows Server 2003. Windows Server 2016 accounts for only 3.7% of all Windows web-facing computers at the moment, but it is steadily growing – this month, the number of Windows Server 2016 computers grew by 14% to 66,800.

Security: Updates, CPU Defects, Patches, Entropy and More

Filed under
Security
  • Security updates for Wednesday
  • ​Linux and Intel slowly hack their way to a Spectre patch

    Spectre and Meltdown are major design flaws in modern CPUs. While they're present in almost all recent processors, because Intel chips are so widely used, Intel is taking most of the heat for these bugs. Nowhere has the criticism been hotter than on the Linux Kernel Mailing List (LKML). That's because unlike Apple and Microsoft operating system developers and OEMS like Dell and HP, Linux programmers do their work in the open. But, when Linux and Intel developers aren't arguing, they are making progress.

  • Meltdown and Spectre - Performance and stability

    There's no perceivable slowness of any kind. So that further helps our experiment, as we have a completely different set of operating systems and kernels to confirm the Windows findings.

  • Randomness in virtual machines

    I always felt that entropy available to the operating system must be affected by running said operating system in a virtual environment – after all, unpredictable phenomena used to feed the entropy pool are commonly based on hardware and in a VM most hardware either is simulated or has the hypervisor mediate access to it. While looking for something tangentially related to the subject, I have recently stumbled upon a paper commissioned by the German Federal Office for Information Security which covers this subject, with particular emphasis on entropy sources used by the standard Linux random-number generator (i.e. what feeds /dev/random and /dev/urandom), in extreme detail:

  • Linus Rants, Cryptojacking Protection, openSUSE and Games

    Linus Torvalds slams Intel's Spectre and Meltdown patches, calling them "COMPLETE and UTTER GARBAGE". See LKML for more.

Why is cryptocurrency open source? This paper from 1999 explains

Filed under
OSS
Security
Sci/Tech

Cryptocurrency's roots go back further than bitcoin. In fact, bitcoin was just the first cryptocurrency to use the blockchain rather than the first cryptocurrency ever.

Other early cryptocurrencies include now venerable names like World of Warcraft (WoW) gold, a digital currency designed for use as a store of value and a transfer medium in the gaming universe of World of Warcraft. It used a proof-of-work mining algorithm in which users would engage with the WoW ecosystem via their computer's graphical interface and complete various digital tasks to be rewarded with gold.

As the fiat currency value of WoW gold increased, it attracted more miners without any corresponding difficulty adjustment, eventually leading to substantial inflation and a collapsing economy.

Today's cryptocurrencies seem to have learned from the problems of the past. For example, bitcoin and many others will adjust mining difficulty to prevent massive inflation when mining power increases.

It's no surprise that almost everything cryptocurrency, from the coins to the exchanges to the wallets, are built on open-source software. This paper from 1999 might be more relevant than ever, especially with a few wallets and coins still being partly or entirely closed source.

Read more

Security: GCab, Open Source Security Podcast, DDoS, Microsoft Hotmail, Tinder's

Filed under
Security
  • GCab and CVE-2018-5345

    Just before Christmas I found a likely exploitable bug in the libgcab library. Various security teams have been busy with slightly more important issues, and so it’s taken a lot longer than usual to be verified and assigned a CVE. The issue I found was that libgcab attempted to read a large chunk into a small buffer, overwriting lots of interesting things past the end of the buffer. ALSR and SELinux saves us in nearly all cases, so it’s not the end of the world. Almost a textbook C buffer overflow (rust, yada, whatever) so it was easy to fix.

  • Open Source Security Podcast: Episode 79 - Skyfall: please don't yell 'fire'
  • Frequency, complexity of DDoS attacks rising: report

    The exploitation of IoT devices and innovation from DDoS attack services are leading to more frequent and complex attacks, according to a newly published infrastructure security report from application and network performance management company Netscout.

  • Hotmail user? You're an insurance risk, says Admiral

    "We found that on comparison website GoCompare, Admiral charged a Hotmail driver £467.04 and a Gmail one £435.68 — £31.36 less," the reporters said.

    Admiral admitted that it does use email domains as one variable in its risk estimation algorithm saying: "Certain domain names are associated with more accidents than others."

  • These Tinder security flaws could let malicious hackers spy on your swipes, photos and matches

    Researchers at Tel Aviv-based security firm Checkmarx found that Tinder's iOS and Android mobile apps still lack the standard HTTPS encryption.

Security Leftovers

Filed under
Security
  • Security updates for Tuesday
  • Initial Retpoline Support Added To LLVM For Spectre v2 Mitigation

    The LLVM code has been merged to mainline for the Retpoline x86 mitigation technique for Spectre Variant 2. This will be back-ported to LLVM 6.0 and also LLVM 5.0 with an immediate point release expected to get this patched compiler out in the wild.

    The compiler-side work -- similar to GCC's Retpoline code -- is to avoid generating code where an indirect branch could have its prediction poisoned by a rogue actor. The Retpoline support uses indirect calls in a non-speculatable way.

  • Teen Hacker Who Social Engineered His Way Into Top-Level US Government Officials' Accounts Pleads Guilty To Ten Charges

    The teenage hacker who tore CIA director John Brennan a new AOL-hole is awaiting sentencing in the UK. Kane Gamble, the apparent founder of hacker collective Crackas With Attitude, was able to access classified documents Brennan has forwarded to his personal email account by posing as a Verizon tech. Social engineering is still the best hacking tool. It's something anyone anywhere can do. If you do it well, a whole host of supposedly-secured information can be had, thanks to multiple entities relying on the same personal identifiers to "verify" the social engineer they're talking to is the person who owns accounts they're granting access to.

    Despite claiming he was motivated by American injustices perpetrated around the world (Palestine is namechecked in the teen's multiple mini-manifestos), a lot of what Gamble participated in was plain, old fashioned harassment.

  • The Guardian view on cyberwar: an urgent problem [Ed: Lists several attacks by Microsoft Windows (but names neither)]

    The first known, and perhaps the most successful of these, was the joint US/Israeli Stuxnet attack on the Iranian nuclear programme in 2009. Since then there has been increasing evidence of attacks of this sort by Russia – against Estonia in 2009, and then against Ukraine, where tens of thousands of attacks on everything from power supplies to voting machines have opened an under-reported front in an under-reported war. Across the Baltic, the Swedish government has just announced a beefed-up programme of civil defence, of which the most substantial part will be an attempt to protect its software and networks from attacks. Meanwhile, North Korean state hackers are blamed by western intelligence services for the WannaCry ransomware attacks which last year shut down several NHS hospitals in the UK. Persistent reports suggest the US has interfered in this way with North Korea’s nuclear missile programme.

  • Reproducible Builds: Weekly report #143
  • Don’t Install Meltdown And Spectre Patches, Intel Warns It Would Increase System Reebots
  • On that Spectre mitigations discussion

    By now, almost everybody has probably seen the press coverage of Linus Torvalds's remarks about one of the patches addressing Spectre variant 2. Less noted, but much more informative, is David Woodhouse's response on why those patches are the way they are.

Tails 3.5 Anonymous OS Released to Mitigate Spectre Vulnerability for AMD CPUs

Filed under
Security
Debian

Tails, the open-source Linux-based operating system designed to protect user's privacy while surfing the Internet, also known as Anonymous OS, was updated today to version 3.5.

Coming only two weeks after the Tails 3.4 release, which included patches for the Meltdown and Spectre security vulnerabilities publicly disclosed earlier this month, today's Tails 3.5 update is here to bump the Linux kernel to version 4.14.13 and include the microcode firmware for AMD CPUs to mitigate the Spectre flaw.

Read more

Security: Intel, Norton, Bug Bounty, Defacements, OnePlus, ICO

Filed under
Security

More on 'Complete and Utter Garbage' From Intel

Filed under
Linux
Security
  • Linux Creator Calls Intel Meltdown, Spectre Patches 'Complete and Utter Garbage'
  • Linux creator slams Intel for crappy Meltdown/Spectre patches

    Intel’s had a (mostly) crappy start to the year, thanks to the revelation of Meltdown and Spectre, two major security flaws affecting a wide range of its processors that are present in hundreds of thousands of devices around the world. It’s working to release fixes for them, but Linux creator Linus Torvalds is not impressed by the company’s efforts.

  • ‘WTF is going on?!’ Linux creator attacks Intel as it retracts ‘garbage’ fix for critical bug

    Patches released by Intel Corp. to fix highly malicious Spectre and Meltdown vulnerabilities affecting its CPUs turned out to be faulty, the company admitted, urging customers to stop installing them until further notice.

    Earlier this month, security researchers at Google Project Zero disclosed that data processed by the majority of modern CPUs, be they desktop computers or smartphones, could be vulnerable to critical exploits they called ‘Spectre’ and ‘Meltdown.’ Tech companies reportedly had months to prepare, and since the public announcement of the vulnerabilities, Intel released at least three patches – before discovering that their fix led some PCs to reboot unexpectedly.

  • Spectre Patches, Snap, Happy Birthday LWN and More

    Are you using protection? Longtime kernel developer, Greg Kroah-Hartman, just posted a simple recipe for users to verify whether they are running a Spectre/Meltdown patched version of the Linux kernel.

  • Intel’s Spectre fixes are ‘complete and utter garbage,’ says Linux inventor

    Linux inventor Linus Torvalds has never been one for diplomacy. He previously said “fuck you” to Nvidia for not supporting Linux, and now Intel has angered him enough to generate some more expletives. In a message to the Linux kernel mailing list on the weekend, Torvalds has expressed his dismay at Intel’s security updates to protect against the major Spectre variant 2 CPU vulnerability. The industry has been scrambling to fix the Meltdown and Spectre vulnerabilities, and the variant 2 of Spectre has been particularly challenging.

Canonical Releases Spectre Patches for Ubuntu Linux, Meltdown Fix for PowerPC

Filed under
Security
Ubuntu

Canonical published today a new set of kernel updates for all of its supported Ubuntu Linux releases that include patches for the Spectre and Meltdown security vulnerabilities.

After pulling Intel's microcode firmware update from the software repositories of Ubuntu 17.10, 16.04 LTS, and 14.04 LTS, Canonical now released the Spectre patches for all supported Ubuntu Linux releases, including all official flavors and those using HWE (Hardware Enablement) kernels, and Meltdown kernel patches for PowerPC (PPC64el) architectures.

Read more

Also: Canonical announces Ubuntu product month for February

Syndicate content

More in Tux Machines

Why open source could be IBM's key to future success in the cloud

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud. That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud. Read more

Top 8 Debian-Based Distros

Most people tend to forget that despite Ubuntu's success over the years, it's still just a distro based on another distro - Debian. Debian on its own, however, isn't really well suited for newer users...hence the explosion of distros based on Debian over the recent years. There are lot of great choices for Linux users. Which one is best for you? Read more

Compact, rugged IoT gateway offers dual GbE with PoE

Inforce has launched a $250 “Inforce 6320” IoT gateway that runs Linux on a quad -A53 Snapdragon 410, and offers WiFi, BT, GPS, HDMI, USB, -30 to 85°C support, and dual GbE ports with PoE. Inforce Computing’s $250 Inforce 6320 is a compact (170 x 95 x 42mm) IoT gateway that runs Ubuntu Core (Snappy) and Debian on Qualcomm’s Snapdragon 410E. Inforce promises “periodic upstream kernel based BSP releases [that] include in-depth documentation along with a host of royalty-free software.” The Debian BSP includes LXDE, drivers for all available interfaces, as and access to the Inforce TechWeb tech support services. Read more

Today in Techrights