Language Selection

English French German Italian Portuguese Spanish

Security

Security: Ubuntu Snap Store, More EFF Scaremongering

Filed under
Security

Security: EFAIL Hype, Kubernetes, 'Smart' Things and More

Filed under
Security
  • Serious vulnerabilities with OpenPGP and S/MIME

    The efail.de site describes a set of vulnerabilities in the implementation of PGP and MIME that can cause the disclosure of encrypted communications, including old messages. "In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs."

  • How the Kubernetes Security Response Team Works

    The open-source Kubernetes container orchestration is an increasingly deployed platform that is now supported across all three major public cloud providers (Google, AWS and Azure) as well as enterprise private clouds.

    Container security is a big issue these days, and keeping Kubernetes secure involves multiple aspects. One of those aspects is the security of the Kubernetes code itself, which has had its share of vulnerabilities that have been reported in the past year. Among those vulnerabilities is CVE-2017-1002101, which was patched in the Kubernetes 1.10 release that became generally available on March 26.

  • Ring doorbell flaw lets others watch after password changes (updated)

    The issue, as you might guess, is that the window exists in the first place. Someone with a still-valid login could not only spy on whatever's happening, but download videos. The same incident that prompted the change also included phantom rings in the middle of the night.

  • Security Innovation Supports Open Source Community with Free Security Tools to Identify and Mitigate Software Vulnerabilities

Critical PGP Security Issue

Filed under
Security
  • Attention PGP Users: New Vulnerabilities Require You To Take Action Now

    A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.

    The full details will be published in a paper on Tuesday at 07:00 AM UTC (3:00 AM Eastern, midnight Pacific). In order to reduce the short-term risk, we and the researchers have agreed to warn the wider PGP user community in advance of its full publication.

    Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email.

  • Disabling PGP in Thunderbird with Enigmail

Security: Malware Found In The Ubuntu Snap Store, Google/Android Patches, ATMs with Windows, Oracle WebLogic Holes, USBGuard, Valve

Filed under
Security

Security: Malicious JS, Microsoft/NSA Back Doors, and Malicious Software in Ubuntu Snap Store

Filed under
Security
  • Google YOLO [iophk: "javascript"]

    Actually don't even click anything. Malicious websites can simply track your cursor's position and change the invisible button/iframe's position accordingly. So even if you make a click by mistake you will be forced to click on something else.

  • One year on from the WannaCry attack, are we more vulnerable than ever? [Ed: The ToryGraph repeats Microsoft's lies about Windows XP; all versions of Windows have NSA back doors and XP was hardly the problem in this case. The problem is Microsoft collusion with NSA.]

    The hackers, reportedly from North Korea, didn’t intentionally target the UK’s health service: it was collateral damage. WannaCry entered computers through a glitch, discovered by the US National Security Agency, in early Windows operating systems. The 33 affected NHS practices were hit because they hadn’t updated their Windows XP software for many years.

    [...]

    One of the biggest problems facing the UK, as WannaCry showed, is a lack of technical proficiency. There just aren’t enough defenders in the face of highly trained foreign criminals and state-sponsored hackers, Hannigan explains.

    [...]

    The fight doesn’t end with education. Hannigan’s other suggestions have included the creation of an international cyber war treaty. In the meantime, he welcomes the news that all NHS computers will be upgraded to Windows 10 and that the Government will spend £150 million in the next three years to improve the service’s security.

  • Malicious Package Found on the Ubuntu Snap Store

    An attentive Ubuntu user has spotted today a cryptocurrency miner hidden in the source code of an Ubuntu snap package hosted on the official Ubuntu Snap Store.

    The app's name is 2048buntu, a clone of the popular 2024 game, packaged as an Ubuntu snap —a relatively new app format for Ubuntu OS.

    According to a GitHub user named Tarwirdur, the app contained a cryptocurrency mining application disguised as the "systemd" daemon, along with an init script that provided boot persistence.

Get Privacy Tools on Ubuntu 18.04

Filed under
GNU
Linux
Security

If you are already aware about 2013 global privacy case, I believe you care about your internet privacy by now. If you just switched to Ubuntu, here's a list of user-friendly programs (free software only) and search engine to protect your privacy. You will find my recommendation of a web search engine, a specific web browser, add-ons, email client enhancements, and password storage. This list accompanies the previous list of 20 useful programs for 18.04.

[...]

Free software is not gratis software but software that the user is free. Free software is about the user's right, either individually or collectively, to control over the software. If you run your activities with nonfree software (also called proprietary), you don't control the whole things software does within your computer, which only means there is somebody else controlling you and the computers. To protect your privacy, you should make sure you run only free software and relies only on privacy-respecting internet services.

Read more

Security: Google, Blockchains and More

Filed under
Security
  • Google will soon require OEMs to roll out ‘regular’ Android security patches
  • Google Updates Chrome for Desktop to Fix Privilege Escalation Bug in Extensions

    Google released on Thursday a new stable version of its Chrome 66 web browser, version 66.0.3359.170, which is currently rolling out to Linux, Mac, and Windows users, to fix a few important security issues.

  • Will Blockchains Include Insecurity by Design?

    Ask any journalist to pick an adjective to use in connection with standards development and the answer will invariably be "boring." But according to a recent New York Times article (yes, it also used that word - as well as "wonky"), the process of creating standards just became a whole lot more interesting - at least when it comes to the blockchain. The reason? A standards working group may have been infiltrated by state actors bent on embedding security flaws into the very standards being created for the purpose of preventing attacks.

    And why not? The power of a successful standard comes from the fact that vendors have to adopt it in order to sell a given product or service, such as a WiFi router or a USB device. Indeed, laptops and smart phones include hundreds of standards, each of which is essential to a given function or service. As I noted last week, the blockchain will need standards, too, in order for it to take hold in multiple areas. Some of those standards will be intended to make the blockchain more secure.

  • 6 Things You Should Do to Secure Your NAS
  • Packets over a LAN are all it takes to trigger serious Rowhammer bit flips

    For the first time, researchers have exploited the Rowhammer memory-chip weakness using nothing more than network packets sent over a local area network. The advance is likely to further lower the bar for triggering bit flips that change critical pieces of data stored on vulnerable computers and servers.

Security: Updates, NSA Back Doors in Windows/Microsoft, Vista 10 Bricking and Intel Back Doors

Filed under
Security
  • Security updates for Friday
  • Windows Under Attack as NSA Exploit Usage Skyrockets

    EternalBlue, the stolen NSA exploit that was used to create the infamous WannaCry ransomware, is back in business, only that this time usage appears to skyrocket, according to security vendor ESET.

    Researcher Ondrej Kubovič notes that while WannaCry attacks have dropped, EternalBlue is still around, and the first months of 2018 brought a worrying increase in the number of attacks based on this exploit.

    EternalBlue is an exploit stolen from the NSA by hacking group Shadow Brokers in April 2016. It takes advantage of a vulnerability in the Windows Server Message Block (SMB) protocol, and Microsoft shipped patches even before the flaw went public.

    But this doesn’t mean that attackers have stopped searching for targets. The researcher says cybercriminals are scanning the Internet for exposed SMB ports and are trying to compromise the host with an exploit that eventually allows for payloads deployed on the target machine and leading to different outcomes.

    “Interestingly, according to ESET’s telemetry, EternalBlue had a calmer period immediately after the 2017 WannaCryptor campaign: over the following months, attempts to use the EternalBlue exploit dropped to “only” hundreds of detections daily,” the researcher notes.

    “Since September last year, however, the use of the exploit has slowly started to gain pace again, continually growing and reaching new heights in mid-April 2018.”

  • Microsoft Says It Won’t Fix a Bug Causing BSODs on Windows 10

    A bug causing Windows machines to crash when a USB drive is inserted won’t get a patch from Microsoft, despite the issue said to be affecting all versions of the operating system, including the newly-launched April 2018 Update.

    Security researcher Marius Tivadar says in a post on GitHub that he first reported the problem to Microsoft in July 2017 after discovering that a USB drive running a handcrafted NTFS image can cause any system to crash even if locked.

    “Microsoft was very responsive regarding my disclosure 1 year ago, but they didn’t issue a security patch,” Tivadar explains.

  • Purism's FSP Reverse Engineering Effort Might Be Stalled

    Purism has been working on reverse-engineering the Intel Firmware Support Package (FSP) module but it looks like that work may have taken a turn.

    A Phoronix reader tipped us off this morning that the Intel FSP reverse-engineering information made public by Purism has now been retracted. The past several months Purism has been working on reverse-engineering the Intel FSP to free the system further to run on only open-source code rather than still having the Intel binary-only module paired with Coreboot. Their big focus this year has been on figuring out the actual silicon initialization code inside the FSP. Purism's Youness Alaoui was very close to finding out this information at the start of April and he wrote a lengthy blog post outlining his reverse-engineering work.

Security Leftovers

Filed under
Security

Security Updates and Intel's Latest Excuses

Filed under
Security
  • Security updates for Thursday
  • Misunderstood Intel Documentation Leads to Multivendor Vulnerability

    Major operating system vendors including Microsoft, Apple and Linux distributions somehow misinterpreted Intel documentation about a hardware debugging feature and ended up exposing users to potential risk. 

    The flaw, which has been identified as CVE-2018-8897, was publicly reported on May 8, though impacted vendors were notified on April 30 and have already released patches. The flaw could have enabled an unauthenticated user to read sensitive data in memory or control low-level operating system functions.

    "In some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception," CERT warned in its advisory on the issue. "The error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions, namely MOV to SS and POP to SS."

Syndicate content

More in Tux Machines

Android Leftovers

Canonical Releases AMD Microcode Updates for All Ubuntu Users to Fix Spectre V2

The Spectre microprocessor side-channel vulnerabilities were publicly disclosed earlier this year and discovered to affect billions of devices made in the past two decades. Unearthed by Jann Horn of Google Project Zero, the second variant (CVE-2017-5715) of the Spectre vulnerability is described as a branch target injection attack. The security vulnerability affects all microprocessors that use branch prediction and speculative execution function, and it can allow unauthorized memory reads via side-channel attacks if the system isn't patched. For example, a local attacker could use it to expose sensitive information, including kernel memory. Read more

PulseAudio 12 Open-Source Sound System Released with AirPlay, A2DP Improvements

Highlights of PulseAudio 12.0 include better latency reporting with the A2DP Bluetooth profile, which also improves A/V sync, more accurate latency reporting on AirPlay devices, the ability to prioritize HDMI output over S/PDIF output, HSP support for more Bluetooth headsets, and the ability to disable input and output on macOS. PulseAudio 12.0 also adds support for Steelseries Arctis 7 USB headset stereo output and Dell's Thunderbolt Dock TB16 speaker jack, a new "dereverb" option that can be used for the Speex echo canceller, a new module-always-source module, better detection of Native Instruments Traktor Audio 6, and improved digital input support for various USB sound cards. Read more

Automatically Change Wallpapers in Linux with Little Simple Wallpaper Changer

Here is a tiny script that automatically changes wallpaper at regular intervals in your Linux desktop. Read more