Language Selection

English French German Italian Portuguese Spanish

Security: BGP Hijack Factory, IDN, Microsoft Windows Back Doors and Intel Defects

Filed under
Security
  • Shutting down the BGP Hijack Factory

    It started with a lengthy email to the NANOG mailing list on 25 June 2018: independent security researcher Ronald Guilmette detailed the suspicious routing activities of a company called Bitcanal, whom he referred to as a “Hijack Factory.” In his post, Ronald detailed some of the Portuguese company’s most recent BGP hijacks and asked the question: why Bitcanal’s transit providers continue to carry its BGP hijacked routes on to the global [I]nternet?

    This email kicked off a discussion that led to a concerted effort to kick this bad actor, who has hijacked with impunity for many years, off the [I]nternet.

  • Malformed Internationalized Domain Name (IDN) Leads to Discovery of Vulnerability in IDN Libraries

    The Punycode decoder is an implementation of the algorithm described in section 6.2 of RFC 3492. As it walks the input string, the Punycode decoder fills the output array with decoded code point values. The output array itself is typed to hold unsigned 32-bit integers while the Unicode code point space fits within 21 bits. This leaves a remainder of 11 unused bits that can result in the production of invalid Unicode code points if accidentally set. The vulnerability is enabled by the lack of a sanity check to ensure decoded code points are less than the Unicode code point maximum of 0x10FFFF. As such, for offending input, unchecked decoded values are copied directly to the output array and returned to the caller.

  • GandCrab ransomware adds NSA tools for faster spreading

    "It no longer needs a C2 server (it can operate in airgapped environments, for example) and it now spreads via an SMB exploit -- including on XP and Windows Server 2003 (along with modern operating systems)," Beaumont wrote in a blog post. "As far as I'm aware, this is the first ransomware true worm which spreads to XP and 2003 -- you may remember much press coverage and speculation about WannaCry and XP, but the reality was the NSA SMB exploit (EternalBlue.exe) never worked against XP targets out of the box."

  • Intel Discloses New Spectre Flaws, Pays Researchers $100K

    Intel disclosed a series of vulnerabilities on July 10, including new variants of the Spectre vulnerability the company has been dealing with since January.

    Two new Spectre variants were discovered by security researchers Vladimir Kiriansky and Carl Waldspurger, who detailed their findings in a publicly released research paper tilted, "Speculative Buffer Overflows: Attacks and Defenses."

    "We introduce Spectre1.1, a new Spectre-v1 variant that leverages speculative stores to create speculative buffer over-flows," the researchers wrote. "We also present Spectre 1.2 on CPUs that do not enforce read/write protections, speculative stores can overwrite read-only data and code pointers to breach sandboxes."

More in Tux Machines

Meet the New Linux Desktop Champion: System76 Thelio

The American dream has driven millions upon millions of people to come to a country filled with possibility and opportunity. Sometimes, you get caught up in the gears of enterprise and learn that the machinations of big business tend to run counter to that dream. But, sometimes, you start a company on an ideal and cling to that initial spark no matter what. That’s what Carl Richell did when he created System76. That was more than a decade ago, when the company’s goal was to sell computer hardware running open source operating systems. System76 has been a bastion of hope for Linux and open source fans, as they’ve proved, year after year, that the dream can be fulfilled, that Linux can be sold on the desktop and laptop space. Read more

Raspberry Pi HAT serves up robotics control smorgasbord

The “Adafruit Crickit HAT” is a Python-oriented RPi HAT add-on for robotics that includes servos, motor control, drive outputs, touch inputs, NeoPixel driver, 3W amp, and more. Adafruit has released a $35 robotics HAT add-on for any 40-pin Raspberry Pi board. The Adafruit Crickit (Creative Robotics & Interactive Construction Kit) HAT is designed for controlling motors, servos, or solenoids using Python 3. The board is limiting to powering 5V devices and requires a 5V power supply. Read more

MIPS ISA to be available under royalty-free license

Wave Computing will follow in RISC-V’s path by offering its MIPS ISA as “open source” code without royalties or proprietary licensing. The MIPS Open initiative will focus on the development of SoCs for emerging IoT edge applications. The RISC-V Foundation, which promotes the development of processors built on a standardized, open source instruction set architecture (ISA) is widely seen as a potential threat to Arm’s proprietary RISC ISA juggernaut. Yet, it’s also affecting other computer architectures, from Intel’s x86 to fading, legacy platforms such as Power and MIPS. This week, Wave Computing, which acquired the MIPS chip business from Imagination Technologies in June, announced a MIPS Open Initiative to reinvigorate MIPS development by offering access to the most recent 32- and 64-bit MIPS ISA versions free of charge with no licensing or royalty fees. Read more

Working with tarballs on Linux

The word “tarball” is often used to describe the type of file used to back up a select group of files and join them into a single file. The name comes from the .tar file extension and the tar command that is used to group together the files into a single file that is then sometimes compressed to make it smaller for its move to another system. Tarballs are often used to back up personal or system files in place to create an archive, especially prior to making changes that might have to be reversed. Linux sysadmins, for example, will often create a tarball containing a series of configuration files before making changes to an application just in case they have to reverse those changes. Extracting the files from a tarball that’s sitting in place will generally be faster than having to retrieve the files from backups. Read more