Language Selection

English French German Italian Portuguese Spanish

Security: SKS, YouTube, Malware and More

Filed under
Security
  • Impact of SKS keyserver poisoning on Gentoo

    The SKS keyserver network has been a victim of certificate poisoning attack lately. The OpenPGP verification used for repository syncing is protected against the attack. However, our users can be affected when using GnuPG directly. In this post, we would like to shortly summarize what the attack is, what we did to protect Gentoo against it and what can you do to protect your system.

    The certificate poisoning attack abuses three facts: that OpenPGP keys can contain unlimited number of signatures, that anyone can append signatures to any key and that there is no way to distinguish a legitimate signature from garbage. The attackers are appending a large number of garbage signatures to keys stored on SKS keyservers, causing them to become very large and cause severe performance issues in GnuPG clients that fetch them.

    The attackers have poisoned the keys of a few high ranking OpenPGP people on the SKS keyservers, including one Gentoo developer. Furthermore, the current expectation is that the problem won’t be fixed any time soon, so it seems plausible that more keys may be affected in the future. We recommend users not to fetch or refresh keys from SKS keyserver network (this includes aliases such as keys.gnupg.net) for the time being. GnuPG upstream is already working on client-side countermeasures and they can be expected to enter Gentoo as soon as they are released.

  • YouTube's latest ban? Infosec instructional videos are outlawed

    Google's video-sharing site YouTube has started to ban videos that show users how to get past software restrictions and provide instructions on information security.

  • Youtube's ban on "hacking techniques" threatens to shut down all of infosec Youtube

    Youtube banning security disclosures doesn't make products more secure, nor will it prevent attackers from exploiting defects -- but it will mean that users will be the last to know that they've been trusting the wrong companies, and that developers will keep on making the same stupid mistakes...forever.

  • TN men use Bluetooth-enabled tablet to steal cars

    During the interrogation, one of the accused –a car mechanic- said he bought a Bluetooth-enabled tablet online used by car showroom staff to access the vehicles.

  • Kaspersky reinforce collaboration with INTERPOL in the fight against cybercrime

    This cooperation strengthens the existing relationship between the two organizations, ensuring information and technology sharing can support INTERPOL in cybercrime-related investigations. Within the new agreement, Kaspersky will share information about its cyberthreat research and provide the necessary tools to assist with full digital forensics, aimed at strengthening efforts on the prevention of cyberattacks.

  • China Is Forcing Tourists to Install Text-Stealing Malware at its Border

    The malware downloads a tourist’s text messages, calendar entries, and phone logs, as well as scans the device for over 70,000 different files.

  • Chinese border guards reportedly install spy apps on tourists' Android phones

    Border guards reportedly took tourists' phones and secretly installed an app on them which could extract emails, texts and contacts, along with information about the handset; basically a mother-load of privacy-sapping stuff.

    There are reports that in some cases Android phones are returned to those entering the region with an app called Fēng cǎi installed. Apple's iPhones don't appear to come back with the app, but they could have been scanned by border control guards in a separate area after travellers were forced to hand them over.

  • China Snares Tourists’ Phones in Surveillance Dragnet by Adding Secret App

    The app gathers personal data from phones, including text messages and contacts. It also checks whether devices are carrying pictures, videos, documents and audio files that match any of more than 73,000 items included on a list stored within the app’s code.

More in Tux Machines

DebConf19 invites you to Debian Open Day at the Federal University of Technology - Paraná (UTFPR), in Curitiba

DebConf, the annual conference for Debian contributors and users interested in improving the Debian operating system, will be held in Federal University of Technology - Paraná (UTFPR) in Curitiba, Brazil, from July 21 to 28, 2019. The conference is preceded by DebCamp from July 14 to 19, and the DebConf19 Open Day on July 20. The Open Day, Saturday, 20 July, is targeted at the general public. Events of interest to a wider audience will be offered, ranging from topics specific to Debian to the greater Free Software community and maker movement. The event is a perfect opportunity for interested users to meet the Debian community, for Debian to broaden its community, and for the DebConf sponsors to increase their visibility. Less purely technical than the main conference schedule, the events on Open Day will cover a large range of topics from social and cultural issues to workshops and introductions to Debian. Read more

Sparky Linux 5.8

Today we are looking at Sparky Linux 5.8. This point release of Sparky 5 comes with LXQt 0.14.1, Debian Buster, Linux Kernel 4.19 and uses about 350MB of ram when idling. Sparky Linux LXQt has become one of my favorites, as it has a modern feeling, with the latest of Qt and the stability of Debian, makes it one great combination. Enjoy! Read more Direct/video: Sparky Linux 5.8 Run Through Under an hour ago:

  • What?s next Sparky?

    As before, after releasing a new stable version of Sparky, there are a few changes to do. So… Sparky 4 “Tyche” is moved to oldstable line now. The latest 4.11 release is the last one of the 4 line, but it is still supported, the next 2 years about. Sparky 5 “Nibiru” just released, moving it from testing to stable line. The stable live/install media are available for i686, amd64 & armhf archs (the same as the older release).

Android Leftovers

Fedora and IBM/Red Hat: Network Security Toolkit (NST), Fedora CoreOS and Openwashing at OSCON

  • Network Security Toolkit (NST) 30 SVN 11210, which is Based on Fedora 30

    Network Security Toolkit (NST) is a Linux-based live operating system that provides a set of free and open-source computer security and networking tools to perform routine security and networking diagnostic and monitoring tasks. It is based on Fedora and NST has included comprehensive set of Open Source Network Security Tools, which is published in sectools.org website. It is offering an advanced Web User Interface (GUI) for system/network administrator, which allows them to configure many network and security applications. NST Team is pleased to announce the latest NST release of “NST 30 SVN:11210” on 1th July 2019.

  • Fedora announces the first preview release of Fedora CoreOS as an automatically updating Linux OS for containerized workloads

    Three days ago, Fedora announced the first preview release of the open-source project Fedora CoreOS as a secure and reliable host for computer clusters. It is specifically designed for running containerized workloads with automatic updates to the latest OS improvements, bug fixes, and security updates. It is secure, minimal, monolithic and is optimized for working with Kubernetes. The main goal of Fedora CoreOS is to be a reliable container host to run containerized workloads securely and at scale. It integrates Ignition from Container Linux technology and rpm-ostree and SELinux hardening from Project Atomic Host. Fedora CoreOS is expected to be a successor to Container Linux eventually. The Container Linux project will continue to be supported throughout 2019, leaving users with ample time to migrate and provide feedback. Fedora has also assured Container Linux users that continued support will be provided to them without any disruption. Fedora CoreOS will also become the successor to Fedora Atomic Host. The current plan is for Fedora Atomic Host to have at least a 29 version and 6 months of lifecycle.

  • IBM helps developers use open source and machine learning

    As artificial intelligence and machine learning become more widespread, it's essential that developers have access to the latest models and data sets. Today at the OSCON 2019 open source developer conference, IBM is announcing the launch of two new projects for developers.