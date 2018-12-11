Security: Back Doors, BGP and Firmware Update
Feds Charge Three in Mass Seizure of Attack-for-hire Services
Authorities in the United States this week brought criminal hacking charges against three men as part of an unprecedented, international takedown targeting 15 different “booter” or “stresser” sites — attack-for-hire services that helped paying customers launch tens of thousands of digital sieges capable of knocking Web sites and entire network providers offline.
How 3ve’s BGP hijackers eluded the Internet—and made $29M
Late last month came word of a new scheme. In one of the most sophisticated uses of BGP hijacking yet, criminals used the technique to generate $29 million in fraudulent ad revenue, in part by taking control of IP addresses belonging to the US Air Force and other reputable organizations.
In all, "3ve," as researchers dubbed the ad fraud gang, used BGP attacks to hijack more than 1.5 million IP addresses over a 12-month span beginning in April 2017. The hijacking was notable for the precision and sophistication of the attackers, who clearly had experience with BGP—and a huge amount of patience.
Logitech disables local access on Harmony Hubs, breaks automation systems [Update]
Update, Dec 21, 2:47pm: In response to customers' frustration, Logitech issued another statement today with instructions on how to enable private local API controls. The company created a new XMPP beta program that will give users access to the local controls that were removed in the most recent Harmony Hub firmware update. Logitech plans to release an official firmware update with XMPP controls in January.
The state of RPKI: Q4 2018
In the fall I did a blog post and talk on RPKI about how the current methods of measuring RPKI deployment are broken because they do not take into account network operators actually verifying their imported routes.
Visiting family for Christmas? Replace Windows 10 on their computer with Peppermint OS 9 Respin Linux distro
Every year, millions of Americans get together with family on Christmas. Many adult kids return to a single parent's home to celebrate -- or a house shared by both parents if they beat the odds and aren't divorced. While there, if you know about tech, you may get asked to fix your mom or dad's computer. Be it malware or something else, this can be quite the frustrating task. Look, I know you are happy to help them, but you just want to relax and enjoy the holiday, right? How can you get the nightmare of fixing their Windows-based PC to stop? This Christmas, you should give them the gift of a stable and secure operating system that doesn't spy on them. Enter Linux. Yes, a Linux distribution can stop this woe, giving your family member a more secure platform that is less susceptible to malware (and less likely to need your fixing). If they live in the web browser anyway, Windows is just a liability these days. What if I told you that there was a Linux distribution that you could loosely tie into the holiday? Well, candy canes are traditionally peppermint flavored, and wouldn't you know it, there is a new version of the excellent Peppermint OS out now! Called "9 Respin," it is a refresh of the previously released Peppermint OS 9 -- this time with many improvements and changes.
Open Hardware: MIPS and Porting Alpine Linux to RISC-V
today's howtos
Ubuntu 2018 Recap: From Memory Leak to Marvellous LTS
Ubuntu began the year on a buoyant note, carried high by a wave of (much-needed) positive press resulting from the release of Ubuntu 17.10 ‘Artful Aardvark’ a few months prior. But with a new long-term support release looming large, a reimagined installer to debate, and a gaping memory hole to plug in GNOME Shell, the rest of 2018 was a little less plain sailing for Ubuntu’s engineers! In this post we take a look back at Ubuntu’s key moments in 2018, plus give a shout-out to the notable Snap app releases that showed up along the way…
