Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Researchers reveal electronic car lock hack after 2-year injunction by Volkswagen

    In 2012, researchers at Radboud University in the Netherlands discovered a security flaw in a common automotive security chip used in theft prevention by Volkswagen, Audi, Fiat, Honda, and Volvo vehicles. But after they disclosed their results to the auto manufacturers—a full nine months before they planned to publish them—the automakers sued to keep them quiet.

  • How texting a Corvette could stop it in its tracks

    As if recent research on car hacking wasn’t frightening enough, a new study shows yet another danger to increasingly networked vehicles.

    This time around, academics with the University of California analyzed small, third-party devices that are sometimes plugged into a car’s dashboard, known as telematic control units (TCUs).

    Insurance companies issue the devices to monitor driving metrics in order to meter polices. Other uses include fleet management, automatic crash reporting and tracking stolen vehicles.

  • BlackBerry can't catch a break: Now it's fending off Jeep hacking claims

    BlackBerry has denied rumors that its software might have played a role in the infamous "Jeep hack," saying it's "unequivocally" not true.

    In July, security researchers revealed that certain cars built by Fiat Chrysler were vulnerable to potentially life-threatening remote attacks, thanks to a flaw in the automaker's uConnect in-vehicle infotainment system.

    The underlying operating system that powers uConnect is QNX Neutrino, a real-time OS that's made by a BlackBerry subsidiary. On Friday, investment website Seeking Alpha published an editorial questioning whether some kind of flaw in QNX might be implicated in the Jeep hack.

  • Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it

    A design flaw in Intel's processors can be exploited to install malware beneath operating systems and antivirus – making it tough to detect and remove.

    "It's a forgotten patch to a forgotten problem, but opens up an incredible vulnerability," said Christopher Domas, a security researcher with the Battelle Memorial Institute, who revealed the hardware bug at the Black Hat conference in Vegas last week.

  • Security updates for Tuesday
  • Security advisories for Wednesday
  • Tokenless Keystone

    One time paswords (OTPs) in conjunction with Basic Auth or some other way to curry the data to the server provides an interesting alternative. In theory, the user could pass the OTP along at the start of the request, the Horizon server would be responsible for timestamping it, and the password could then be used for the duration. This seems impractical, as we are essentially generating a new bearer token. For all-in-one deployments they would work as well as Basic-Auth.

More in Tux Machines

Android Leftovers

RetroArch 1.9 Released with Many Goodies for Retro Linux Gamers

If you are a hardcore retro gamer, RetroArch is what you want to install on your GNU/Linux distribution to enjoy those awesome cool retro games that you probably played all day long when you were young. The latest release, RetroArch 1.9 is a massive one, bringing lots of goodies for retro gamers. Highlights include a new Explore View for all playlists, which lets you search for content based on various criteria, such as genre, origin, publisher, system, release year, developer, and amount of players. The developers note the fact that the new Explore View will only display search results based on the content that’s already included in your playlists. Also, the metadata is not yet complete. Read more

KPhotoAlbum 5.7.0 out now

We’re pleased to announce a new release of KPhotoAlbum, the KDE photo management software! This time, it’s mostly a maintenance release with a lot of code cleanup and bug fixes. Nevertheless, there are also some changes and new features. In detail... Read more

Beelink GT-R Review – An AMD Ryzen 5 Mini PC Tested with Windows 10 and Ubuntu 20.04

One issue I did encounter both in Windows and in Ubuntu was that my 4-port KVM was not properly recognized. I did get a rather poor HDMI signal to the monitor however the USB port was not working and by extension neither were my wireless keyboard and mouse. However, using a USB-C hub (2 x USB 3.0 and 1 x HDMI) worked fine as did using the various HDMI and USB ports directly including wirelessly connected peripherals. Another point to note is that the power cord from the device to the power adapter is slightly shorter than most and the power adapter itself is quite large meaning care needs to be taken when using a US/EU to AU adapter for example. Overall this is a powerful mini PC (relative to similar form factor devices but excluding the higher-end Intel NUCs and comparable models) and the addition of capable graphics makes gaming possible together with light video editing. Equipped with a very good selection of ports and features including multiple configurable storage options, the GT-R makes a great impression as one of the first AMD based mini PCs. The only negative is that the fans are quite noisy when the processor is under load. Read more