Security: Updates, Trustjacking, Breach Detection

• Security updates for Monday

• iOS Trustjacking – A Dangerous New iOS Vulnerability

  An iPhone user's worst nightmare is to have someone gain persistent control over his/her device, including the ability to record and control all activity without even needing to be in the same room. In this blog post, we present a new vulnerability called “Trustjacking”, which allows an attacker to do exactly that. This vulnerability exploits an iOS feature called iTunes Wi-Fi sync, which allows a user to manage their iOS device without physically connecting it to their computer. A single tap by the iOS device owner when the two are connected to the same network allows an attacker to gain permanent control over the device. In addition, we will walk through past related vulnerabilities and show the changes that Apple has made in order to mitigate them, and why these are not enough to prevent similar attacks.

• What Is ‘Trustjacking’? How This New iOS Vulnerability Allows Remote Hacking?

  This new vulnerability called trustjacking exploits a convenient WiFi feature, which allows iOS device owners to manage their devices and access data, even when they are not in the same location anymore.

• Breach detection with Linux filesystem forensics

  Forensic analysis of a Linux disk image is often part of incident response to determine if a breach has occurred. Linux forensics is a different and fascinating world compared to Microsoft Windows forensics. In this article, I will analyze a disk image from a potentially compromised Linux system in order to determine the who, what, when, where, why, and how of the incident and create event and filesystem timelines. Finally, I will extract artifacts of interest from the disk image. In this tutorial, we will use some new tools and some old tools in creative, new ways to perform a forensic analysis of a disk image.

SUSE Launches Beta Program for SUSE Linux Enterprise High Performance Computing

While SUSE is working hard on the major SUSE Linux Enterprise 15 release, they recently announced that the SUSE Linux Enterprise High Performance Computing (HPC) platform is now a dedicated SUSE Linux Enterprise product based on SUSE Linux Enterprise 15, available for public testing on 64-bit and ARM 64-bit architectures. SUSE Linux Enterprise 15 will introduce numerous new features and improvements, including a brand new installer that offers a single unified method to install one of the supported SUSE Linux Enterprise products, including the SUSE Linux Enterprise High Performance Computing module, which comes with a set of components used in high-performance computing environments. Also: SUSE Linux Enterprise 15 Prepares HPC Module

Programming: ThreadStack and Qt for WebAssembly

• ThreadStack: Yet Another C++ Project Trying To Make Multi-Threading Easier

  ThreadStack is yet another C++ project trying to make it easier dealing with multiple CPU threads. This latest open-source C++ threading project comes out of academia research. ThreadStack is self-described by its developer, Erkam Murat Bozkurt, as "an innovative software which produces a class library for C++ multi-thread programming and the outcome of the ThreadStack acts as an autonomous management system for the thread synchronization tasks. ThreadStack has a nice and useful graphical user interface and includes a short tutorial and code examples. ThreadStack offers a new way for multi-thread computing and it uses a meta program in order to produce an application specific thread synchronization library." Erkam has been working the rounds trying to raise awareness for this research on the GCC and LLVM mailing lists.

• Beta for Qt for WebAssembly Technology Preview

  WebAssembly is a bytecode format intended to be executed in a web browser. This allows an application to be deployed to a device with a compliant web browser without going through any explicit installation steps. The application will be running inside a secure sandbox in the web browser, making it appropriate for applications that do not need full access to the device capabilities, but benefits from a swift and uncomplicated installation process.

• Qt for WebAssembly Tech Preview Reaches Beta

  As part of next month's Qt 5.11 tool-kit update, a new technology preview module will be WebAssembly support for running Qt5 user-interfaces within your web-browser.

today's howtos

• AWS S3 + GitLab CI = automatic deploy for every branch of your static website

• How to Stop Ubuntu From Collecting Data About Your PC

• How To Upgrade Ubuntu from 16.04 LTS to 18.04 LTS using Command Lines

• Install Dropbox In Ubuntu 18.04 LTS Desktop

• Linux id Command Tutorial for Beginners (5 Examples)

• An introduction to Python bytecode

• Swift Language: How to easily install SWIFT on Linux

• How to install Coppermine Photo Gallery on Ubuntu 16.04 LTS

• Raspberry Pi Series Part 1: Laying Out The Basics