Language Selection

English French German Italian Portuguese Spanish

Security: Intel Back Door, Hacking a Fingerprint Biometric, Dashlane, Vault 8, Cryptojacking, MongoDB and More

Filed under
Security
  • Recent Intel Chipsets Have A Built-In Hidden Computer, Running Minix With A Networking Stack And A Web Server

    The "Ring-3" mentioned there refers to the level of privileges granted to the ME system. As a Google presentation about ME (pdf) explains, operating systems like GNU/Linux run on Intel chips at Ring 0 level; Ring-3 ("minus 3") trumps everything above -- include the operating system -- and has total control over the hardware. Throwing a Web server and a networking stack in there too seems like a really bad idea. Suppose there was some bug in the ME system that allowed an attacker to take control? Funny you should ask; here's what we learned earlier this year...

    [...]

     Those don't seem unreasonable requests given how serious the flaws in the ME system have been, and probably will be again in the future. It also seems only fair that people should be able to control fully a computer that they own -- and that ought to include the Minix-based computer hidden within.

  •  

     

  • “Game Over!” — Intel’s Hidden, MINIX-powered ME Chip Can Be Hacked Over USB

    Even the creator of MINIX operating system didn’t know that his for-education operating system is on almost every Intel-powered computer.

  • Researchers find almost EVERY computer with an Intel Skylake and above CPU can be owned via USB

     

    Turns out they were right. Security firm Positive Technologies reports being able to execute unsigned code on computers running the IME through USB. The fully fleshed-out details of the attack are yet to be known, but from what we know, it’s bad.

  •  
     

  • Hacking a Fingerprint Biometric
  •  

  • Dashlane Password Manager Now Supports Linux [Ed: But why would anyone with a clue choose to upload his/her passwords?]

    Dashlane, the popular password manager, now supports Linux (and ChromeOS and Microsoft Edge) thanks to new web extension and web app combination.

  • Source Code For CIA’s Spying Tool Hive Released By Wikileaks: Vault 8

    From November 9, Wikileaks has started a new series named Vault 8. As a part of this series, the first leak contains the source code and analysis for Hive software project. Later, the other leaks of this series are expected to contain the source code for other tools as well.

  • Cryptojacking found on 2496 online stores

    Cryptojacking - running crypto mining software in the browser of unsuspecting visitors - is quickly spreading around the web. And the landgrab extends to online stores. The infamous CoinHive software was detected today on 2496 e-commerce sites.

  • 2,500+ Websites Are Now “Cryptojacking” To Use Your CPU Power And Mine Cryptocurrency
  • MongoDB update plugs security hole and sets sights on the enterprise

    Document database-flinger MongoDB has long positioned itself as the dev's best friend, but after ten years it is now fluffing itself up for the enterprise.

    The firm, which went public just last month and hopes to earn up to $220m, has now launched the latest version of its database, which aims to appeal to these bigger customers.

  • How AV can open you to attacks that otherwise wouldn’t be possible [Ed: Any proprietary software put on top of any other software (FOSS included) is a threat and a possible back door]

    Antivirus programs, in many cases, make us safer on the Internet. Other times, they open us to attacks that otherwise wouldn't be possible. On Friday, a researcher documented an example of the latter—a vulnerability he found in about a dozen name-brand AV programs that allows attackers who already have a toehold on a targeted computer to gain complete system control.

    AVGater, as the researcher is calling the vulnerability, works by relocating malware already put into an AV quarantine folder to a location of the attacker's choosing. Attackers can exploit it by first getting a vulnerable AV program to quarantine a piece of malicious code and then moving it into a sensitive directory such as C:\Windows or C:\Program Files, which normally would be off-limits to the attacker. Six of the affected AV programs have patched the vulnerability after it was privately reported. The remaining brands have yet to fix it, said Florian Bogner, a Vienna, Austria-based security researcher who gets paid to hack businesses so he can help them identify weaknesses in their networks.

  • Estonia arrests suspected FSB agent accused of “computer-related crime”

    Estonian authorities announced this week that they had recently arrested a Russian man suspected of being an agent of the Federal Security Service (FSB) who was allegedly planning "computer-related crime."

    The 20-year-old man, whose identity was not made public, was arrested last weekend in the Estonian border city of Narva as he was trying to return to Russia.

More in Tux Machines

Essential System Tools: Timeshift – Reliable system restore tool for Linux

This is the twelfth in our series of articles highlighting essential system tools. These are small, indispensable utilities, useful for system administrators as well as regular users of Linux based systems. The series examines both graphical and text based open source utilities. For this article, we’ll look at Timeshift, a graphical and command-line tool similar to the System Restore functionality offered by Windows, and the Time Machine Tool in Mac OS. For details of all tools in this series, please check the table at the summary page of this article. Timeshift is a GTK3-based, open source, system restore utility which takes incremental snapshots of the system using rsync and hard-links. These snapshots can be restored at a later date to undo all changes that were made to the system after the snapshot was taken. Snapshots can be taken manually or at regular intervals using scheduled jobs. This application is designed to protect only system files and settings. User files such as documents, pictures and music are not protected. This ensures that your files remains unchanged when you restore your system to an earlier date. For the avoidance of any doubt, if you’re looking for a complete backup solution (including data backups), you’ll need to use different software. Read more

Android Leftovers

Meet The Linux Desktop That's More Beautiful Than Windows 10 And MacOS

As a fairly new desktop Linux user I've been a distro-hopping fanatic, exploring the functionality and key differences between the array of excellent options out there. While a "forever distro" is the ultimate goal, the journey has been exciting and educational. Recently my Linux adventures led me to Deepin, an OS that captured my attention and boasts a few key ingredients I fell in love with. Read more

The Open-Source NVIDIA "Nouveau" Linux Driver Performance At The End Of 2018

As it's been a while since last looking at the NVIDIA vs. Nouveau Linux OpenGL driver performance, here's a look at the current performance difference as the end of the year quickly approaches. This benchmarking roundabout features multiple generations of GeForce GPUs while testing with the NVIDIA 415 proprietary driver against the Nouveau stack on Linux 4.19 and Mesa 19.0-devel. Sadly there isn't much positive news to report as 2018 draws to a close for the open-source NVIDIA scene... The main highlight of the year is the ongoing work by Red Hat (Karol Herbst and others) on bringing up SPIR-V/compute support to the Nouveau driver and somewhat related work by Jerome Glisse around Heterogeneous Memory Management and the new Heterogeneous Memory System with Nouveau driver support. The Nouveau SPIR-V compute support isn't yet mainlined but hopefully will be in 2019. Read more