Language Selection

English French German Italian Portuguese Spanish

Microsoft

SAMBA versus SMB: Adversarial Interoperability is Judo for Network Effects

Filed under
Microsoft

Before there was Big Tech, there was "adversarial interoperability": when someone decides to compete with a dominant company by creating a product or service that "interoperates" (works with) its offerings.

In tech, "network effects" can be a powerful force to maintain market dominance: if everyone is using Facebook, then your Facebook replacement doesn't just have to be better than Facebook, it has to be so much better than Facebook that it's worth using, even though all the people you want to talk to are still on Facebook. That's a tall order.

Adversarial interoperability is judo for network effects, using incumbents' dominance against them. To see how that works, let's look at a historical example of adversarial interoperability role in helping to unseat a monopolist's dominance.

The first skirmishes of the PC wars were fought with incompatible file formats and even data-storage formats: Apple users couldn't open files made by Microsoft users, and vice-versa. Even when file formats were (more or less) harmonized, there was still the problems of storage media: the SCSI drive you plugged into your Mac needed a special add-on and flaky driver software to work on your Windows machine; the ZIP cartridge you formatted for your PC wouldn't play nice with Macs.

But as office networking spread, the battle moved to a new front: networking compatibility. AppleTalk, Apple's proprietary protocol for connecting up Macs and networked devices like printers, pretty much Just Worked, providing you were using a Mac. If you were using a Windows PC, you had to install special, buggy, unreliable software.

And for Apple users hoping to fit in at Windows shops, the problems were even worse: Windows machines used the SMB protocol for file-sharing and printers, and Microsoft's support for MacOS was patchy at best, nonexistent at worst, and costly besides. Businesses sorted themselves into Mac-only and PC-only silos, and if a Mac shop needed a PC (for the accounting software, say), it was often cheaper and easier just to get the accountant their own printer and backup tape-drive, rather than try to get that PC to talk to the network. Likewise, all PC-shops with a single graphic designer on a Mac—that person would often live offline, disconnected from the office network, tethered to their own printer, with their own stack of Mac-formatted ZIP cartridges or CD-ROMs.

[...]

Someone attempting to replicate the SAMBA creation feat in 2019 would likely come up against an access control that needed to be bypassed in order to peer inside the protocol's encrypted outer layer in order to create a feature-compatible tool to use in competing products.

Another thing that's changed (for the worse) since 1993 is the proliferation of software patents. Software patenting went into high gear around 1994 and consistently gained speed until 2014, when Alice v. CLS Bank put the brakes on (today, Alice is under threat). After decades of low-quality patents issuing from the US Patent and Trademark Office, there are so many trivial, obvious and overlapping software patents in play that anyone trying to make a SAMBA-like product would run a real risk of being threatened with expensive litigation for patent infringement.

Read more

How the Open Source Operating System Has Silently Won Over the World

Filed under
GNU
Linux
Microsoft

The current and future potential for Linux based systems is limitless. The system’s flexibility allows for the hardware that uses it to be endlessly updated. Functionality can, therefore, be maintained even as the technology around the devices change. This flexibility also means that the function of the hardware can be modified to suit an ever-changing workplace.

For example, because the INSYS icom OS has been specifically designed for use in routers, this has allowed it to be optimised to be lightweight and hardened to increase its security.

Multipurpose OS have large libraries of applications for a diverse range of purposes. Great for designing new uses, but these libraries can also be exploited by actors with malicious intent. Stripping down these libraries to just what is necessary through a hardening process can drastically improve security by reducing the attackable surfaces.

Overall, Windows may have won the desktop OS battle with only a minority of them using Linux OS. However, desktops are only a minute part of the computing world. Servers, mobile systems and embedded technology that make up the majority are predominately running Linux. Linux has gained this position by being more adaptable, lightweight and portable than its competitors.

Read more

Operating Systems: Debian, Clear Linux, OpenSUSE and Vista 10

Filed under
GNU
Linux
Microsoft
Debian
SUSE
  • John Goerzen: Tips for Upgrading to, And Securing, Debian Buster

    Wow.  Once again, a Debian release impresses me — a guy that’s been using Debian for more than 20 years.  For the first time I can ever recall, buster not only supported suspend-to-disk out of the box on my laptop, but it did so on an encrypted volume atop LVM.  Very impressive!

    For those upgrading from previous releases, I have a few tips to enhance the experience with buster.

  • Clear Linux Could Soon Be Faster Within Containers On AVX2 Systems

    While Clear Linux as part of its standard bare metal installations has long defaulted to having an AVX2-optimized GNU C Library installed by default, it turns out that it wasn't part of the default os-core bundle as used by containers. That though is changing and should yield even better out-of-the-box performance when running Clear Linux within containers.

    Intel's William Douglas sent out the proposal for adding the AVX2 version of the Glibc libraries into the os-core bundle in order to get picked up by containers and other bare/lightweight Clear configurations.

  • OpenSUSE Enables LTO By Default For Tumbleweed - Smaller & Faster Binaries

    The past few months openSUSE developers have been working on enabling LTO by default for its packages while now finally with the newest release of the rolling-release openSUSE Tumbleweed this goal has been accomplished. 

    As of today, the latest openSUSE Tumbleweed release is using Link-Time Optimizations (LTO) by default. For end-users this should mean faster -- and smaller -- binaries thanks to the additional optimizations performed at link-time. Link-time optimizations allow for different optimizations to be performed at link-time for the different bits comprising a single module/binary for the entire program. Sadly not many Linux distributions are yet LTO'ing their entire package set besides the aggressive ones like Clear Linux. 

  • Investigating why my 7-year old Windows 10 laptop became unbearably slow

    The laptop had also begun to run into blue screens of death (BSoD) whenever I used the built-in camera and when I opened Spotify or Netflix in a web browser. The slowdown and crashes were actually related, but I didn’t realize this at first. The camera-induced BSoD error message blamed the camera vendor’s driver without any further details. This sounds believable enough for a 7-year old laptop so I didn’t think any more of it.

Windows vs Ubuntu

Filed under
GNU
Linux
Microsoft
Ubuntu

Kubuntu is my favorite derivative of all the Ubuntu-based operating systems. I can not point out any features as favorite because I like all of them. Everything mentioned above is part of my daily workflow.

Now when you know all of this it is worth trying them out. I was skeptical at first but later when I built my flow and learned how to utilize these features I can do everything faster, with fewer keystrokes and the most important thing is that I have a nicely organized desktop that helps me to minimize brain fatigue while doing my job.

Kubuntu is a great distro to switch to if you’re coming from Windows. They have a quite similar UI, and Kubuntu has all the features Windows has, plus more.

Read more

Best Linux Distro for Windows 7 Refugees: Manjaro KDE

Filed under
GNU
Linux
Microsoft

Manjaro is based off of Arch Linux, but I like to describe it to people as the “Ubuntu of Arch” for its user-friendly design choices and its particular attention to helping new Linux users to learn what they are doing. Another great perk of the Arch foundation underneath Manjaro is the use of the Arch Linux Wiki.

The Arch wiki is easily one of the largest resources of help, information, and know-how for all Linux users— regardless of distribution, many of the articles found can be applied.

Back in the spring of 2017 I wrote a series of articles discussing various Desktop Environments for Linux systems, such as Cinnamon and KDE just to name a couple, and overall for Windows users who have decided to take the plunge, I’m recommending KDE.

Regardless of distribution, KDE is filled with eye candy, is highly-customizable, one of the most powerful file-browsers available (Dolphin), and is deeply documented with a long-standing history (KDE was created in 1996).

Read more

Confirmed: Microsoft Windows Zero-Day Exploit Used In Government Espionage Operation

Filed under
Microsoft
Security

It has been revealed that a threat actor once best known for cyber bank robbery in Russia has made a move to espionage. The highly targeted attacks against government institutions in Eastern Europe, which took place during June 2019, employed the use of a Microsoft Windows zero-day exploit. In and of itself this isn't unusual as there have been plenty of Windows zero-days discovered. However, this is the first time that researchers had seen the Buhtrap group using a zero-day attack, although the group has been involved in the cyber-spying business for some years now across Eastern Europe and Central Asia.

Anton Cherepanov, a senior malware researcher at security vendor ESET, explained how the zero-day exploit abused a local privilege escalation vulnerability in Microsoft Windows in order to run arbitrary code and install applications, and view or change data on the compromised systems. As soon as the researchers had properly analyzed the exploit, it was reported to the Microsoft Security Response Center, and a fix was included in the July 9 "Patch Tuesday" update.

The vulnerability itself only impacted older versions of Windows, specifically variations of Windows and Windows Server 2008. This is because, as Cherepanov explained, "since Windows 8 a user process is not allowed to map the NULL page. Microsoft back-ported this mitigation to Windows 7 for x64-based systems." The advice, predictably, is to upgrade to a newer version of the operating system if possible. Especially as critical security updates will disappear soon when extended support for Windows 7 Service Pack 1 ends in January 2020. Gavin Millard, vice-president of intelligence at Tenable, warns users not to be complacent seeing as the vulnerability is "now being actively exploited in the wild," advising that "patches should be deployed as soon as possible."

Read more

Openwashing, Microsoft Censorship of FOSS, and Microsoft Making Traps 'Open'

Filed under
Microsoft
OSS

Proprietary Software Insecurity

Filed under
Microsoft
Mac
  • Why recent hacks show Apple’s security strength, not its weakness [Ed: Spinning bug doors as a strength? Apple has its share of liars coming to the rescue of proprietary software (not the first such bug). Moving from Microsoft to Apple "for security" is like swapping vodka for rum to cure one's liver.]

    It might be tempting to follow that line of thinking in light of two recent stories of vulnerabilities affecting the Mac and the Apple Watch. In the first instance, the Zoom video-calling app could be abused to let someone spy on you through your webcam. In the second, a flaw in Apple’s Walkie Talkie app could let a hacker eavesdrop on your iPhone conversations. They’re both troubling security issues.

  • Eavesdropping Concerns Cause Apple Watch’s Walkie-Talkie App to Be Disabled

    Just like any other Internet of things device, it’s important to remember that smartwatches are still devices. And many cool features can also be used for unethical purposes. There is always another side of the coin.

    This is what Apple Watch users found this week when Apple disabled the Walkie-Talkie app when it was discovered that it allowed users to listen in on each other’s iPhone calls without the other person’s knowledge.

  • 250M Accounts Affected By ‘TrickBot’ Trojan’s New Cookie Stealing Ability

    Popular malware TrickBot is back and this time it has learned some new capabilities like stealing cookies. So far, it has infected around 250 million Gmail accounts.

    As per the research firm Deep Instinct, among the affected accounts, some belonging to the governments of the US, the UK, and Canada have also fallen victim to TrickBot.

  • TrickBooster – TrickBot’s Email-Based Infection Module - Deep Instinct

    Seeing a signed malware binary delivered to a customer environment prompted us to investigate further. We analyzed the malware sample and found swaths of PowerShell code in its memory. Analysis of this PowerShell code immediately led us to the conclusion that we are dealing with a mail-bot.

  • A better zip bomb

    This article shows how to construct a non-recursive zip bomb that achieves a high compression ratio by overlapping files inside the zip container. "Non-recursive" means that it does not rely on a decompressor's recursively unpacking zip files nested within zip files: it expands fully after a single round of decompression. The output size increases quadratically in the input size, reaching a compression ratio of over 28 million (10 MB → 281 TB) at the limits of the zip format. Even greater expansion is possible using 64-bit extensions. The construction uses only the most common compression algorithm, DEFLATE, and is compatible with most zip parsers.

Security: Microsoft Windows Strikes Again

Filed under
Microsoft
Security
  • U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack

    The U.S. Coast Guard has issued an official warning to owners of ships that cybersecurity at sea needs updating, and updating urgently. In the Marine Safety Alert published June 8, the Coast Guard "strongly encourages" that cybersecurity assessments are conducted to "better understand the extent of their cyber vulnerabilities." This follows an interagency investigation, led by the Coast Guard, into a "significant cyber incident" that had exposed critical control systems of a deep draft vessel bound for the Port of New York in February 2019 to what it called "significant vulnerabilities."

  • Malware on the High Seas: US Coast Guard Issues Alert [iophk: Windows TCO is not a laughing matter. Get rid of it.]

    The ship's network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard, according to the report.

  • Eurofins Scientific: Forensic services firm paid ransom after cyber-attack [iophk: Windows TCO]

    BBC News has not been told how much money was involved in the ransom payment or when it was paid.

    The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid.

  • Eurofins Scientific Paid Up in Response to Ransomware Attack: Report [iophk: Windows TCO]

    Luxembourg-based laboratory testing services giant Eurofins Scientific reportedly paid the ransom demanded by cybercriminals following a successful ransomware attack that led to the company taking offline many of its systems and servers.

  • Eurofins Scientific forensics firm pays after hit with ransomware [iophk: Windows TCO]

    Eurofins didn’t disclose how much it paid to retrieve its information but the money was likely paid between June 10, when Eurofins issued a statement about the attack, and June 24 when it published an update saying it had “identified the variant of the malware used” in the attack and had strengthened its cybersecurity.

  • [Old] Combating WannaCry and Other Ransomware with OpenZFS Snapshots [iophk: use FreeBSD, OpenBSD, or GNU/Linux on the desktop to avoid ransomware and servers to avoid ransomware damage]

    OpenZFS is the powerful file system at the heart of every storage system that iXsystems sells and of its many features, snapshots can provide fast and effective recovery from ransomware attacks at both the individual user and enterprise level as I talked about in 2015. As a copy-on-write file system, OpenZFS provides efficient and consistent snapshots of your data at any given point in time. Each snapshot only includes the precise delta of changes between any two points in time and can be cloned to provide writable copies of any previous state without losing the original copy. Snapshots also provide the basis of OpenZFS replication or backing up of your data to local and remote systems. Because an OpenZFS snapshot takes place at the block level of the file system, it is immune to any file-level encryption by ransomware that occurs over it. A carefully-planned snapshot, replication, retention, and restoration strategy can provide the low-level isolation you need to enable your storage infrastructure to quickly recover from ransomware attacks.

German data protection organization: use of Office 365 in schools is illegal

Filed under
Microsoft

The data protection officer of the German federal state of Hessen has warned that the cloud-based Office 365 solution is not a compliant solution for use in schools when student information is being stored on it. This fits with earlier, similar conclusions by the Swedish and Dutch governments – US cloud solutions are not GDPR compliant.

Read more

Syndicate content