Language Selection

English French German Italian Portuguese Spanish

Security

pfSense: Not Linux, Not Bad

Filed under
Security
BSD

Through the years, I've used all sorts of router and firewall solutions at home and at work. For home networks, I usually recommend something like DD-WRT, OpenWRT or Tomato on an off-the-shelf router. For business, my recommendations typically are something like a Ubiquiti router or a router/firewall solution like Untangled or ClearOS. A few years ago, however, a coworker suggested I try pfSense instead of a Linux-based solution. I was hesitant, but I have to admit, pfSense with its BSD core is a rock-solid performer that I've used over and over at multiple sites.

Read more

Security: Minix, Shadow Brokers, Kaspersky

Filed under
Security
  • The Truth About the Intel’s Hidden Minix OS and Security Concerns

    That supplemental unit is part of the chipset and is NOT on the main CPU die. Being independent, that means Intel ME is not affected by the various sleep state of the main CPU and will remain active even when you put your computer in sleep mode or when you shut it down.

  • Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core

    Mr. Williams had written on his company blog about the Shadow Brokers, a mysterious group that had somehow obtained many of the hacking tools the United States used to spy on other countries. Now the group had replied in an angry screed on Twitter. It identified him — correctly — as a former member of the National Security Agency’s hacking group, Tailored Access Operations, or T.A.O., a job he had not publicly disclosed. Then the Shadow Brokers astonished him by dropping technical details that made clear they knew about highly classified hacking operations that he had conducted.

  • UK spymasters raise suspicions over Kaspersky software's Russia links

Security: Fancy Bear, MINIX, WikiLeaks Vault 8, Face ID

Filed under
Security
  • New Microsoft Word attacks infect PCs sans macros

    Fancy Bear, the advanced hacking group researchers say is tied to the Russian government, is actively exploiting a newly revived technique that gives attackers a stealthy means of infecting computers using Microsoft Office documents, security researchers said this week.

    Fancy Bear is one of two Russian-sponsored hacking outfits researchers say breached Democratic National Committee networks ahead of last year's presidential election. The group was recently caught sending a Word document that abuses a feature known as Dynamic Data Exchange. DDE allows a file to execute code stored in another file and allows applications to send updates as new data becomes available.

  • Minix Inside!

    Everything was find but in May a major security flaw was discovered and the fix required an update data to the AMT code. An update that many machines are unlikely to get. Since then various security researchers, mostly Google-based, have been looking into the hardware and the software and have made the discovery that there is an additional layer in the hardware that Intel doesn't talk about. Ring 3 is user land, Ring 0 is OS land and Ring -1 is for hypervisors. These we know about, but in addition there is Ring -2, used for the secure UEFI kernel and Ring -3, which is where the management OS runs. Guess what the management OS is Minix 3 - or rather a closed commercial version of Minix 3.

  • WikiLeaks: CIA impersonated Kaspersky Labs as a cover for its malware operations

    WikiLeaks, under its new Vault 8 series of released documents, has rolled out what it says is the source code to a previously noted CIA tool, called Hive, that is used to help hide espionage actions when the Agency implants malware.
    Hive supposedly allows the CIA to covertly communicate with its software by making it hard or impossible to trace the malware back to the spy organization by utilizing a cover domain. Part of this, WikiLeaks said, is using fake digital certificates that impersonate other legitimate web groups, including Kaspersky Labs.

  • My Younger Brother Can Access My iPhone X: Face ID Is Not Secure

    What this means is family members, who are probably the people you don’t want accessing your device, can now potentially access your iPhone. Especially your younger brother, or Mom… or Grandma.

Security: Intel Back Door, Hacking a Fingerprint Biometric, Dashlane, Vault 8, Cryptojacking, MongoDB and More

Filed under
Security
  • Recent Intel Chipsets Have A Built-In Hidden Computer, Running Minix With A Networking Stack And A Web Server

    The "Ring-3" mentioned there refers to the level of privileges granted to the ME system. As a Google presentation about ME (pdf) explains, operating systems like GNU/Linux run on Intel chips at Ring 0 level; Ring-3 ("minus 3") trumps everything above -- include the operating system -- and has total control over the hardware. Throwing a Web server and a networking stack in there too seems like a really bad idea. Suppose there was some bug in the ME system that allowed an attacker to take control? Funny you should ask; here's what we learned earlier this year...

    [...]

     Those don't seem unreasonable requests given how serious the flaws in the ME system have been, and probably will be again in the future. It also seems only fair that people should be able to control fully a computer that they own -- and that ought to include the Minix-based computer hidden within.

  •  

     

  • “Game Over!” — Intel’s Hidden, MINIX-powered ME Chip Can Be Hacked Over USB

    Even the creator of MINIX operating system didn’t know that his for-education operating system is on almost every Intel-powered computer.

  • Researchers find almost EVERY computer with an Intel Skylake and above CPU can be owned via USB

     

    Turns out they were right. Security firm Positive Technologies reports being able to execute unsigned code on computers running the IME through USB. The fully fleshed-out details of the attack are yet to be known, but from what we know, it’s bad.

  •  
     

  • Hacking a Fingerprint Biometric
  •  

  • Dashlane Password Manager Now Supports Linux [Ed: But why would anyone with a clue choose to upload his/her passwords?]

    Dashlane, the popular password manager, now supports Linux (and ChromeOS and Microsoft Edge) thanks to new web extension and web app combination.

  • Source Code For CIA’s Spying Tool Hive Released By Wikileaks: Vault 8

    From November 9, Wikileaks has started a new series named Vault 8. As a part of this series, the first leak contains the source code and analysis for Hive software project. Later, the other leaks of this series are expected to contain the source code for other tools as well.

  • Cryptojacking found on 2496 online stores

    Cryptojacking - running crypto mining software in the browser of unsuspecting visitors - is quickly spreading around the web. And the landgrab extends to online stores. The infamous CoinHive software was detected today on 2496 e-commerce sites.

  • 2,500+ Websites Are Now “Cryptojacking” To Use Your CPU Power And Mine Cryptocurrency
  • MongoDB update plugs security hole and sets sights on the enterprise

    Document database-flinger MongoDB has long positioned itself as the dev's best friend, but after ten years it is now fluffing itself up for the enterprise.

    The firm, which went public just last month and hopes to earn up to $220m, has now launched the latest version of its database, which aims to appeal to these bigger customers.

  • How AV can open you to attacks that otherwise wouldn’t be possible [Ed: Any proprietary software put on top of any other software (FOSS included) is a threat and a possible back door]

    Antivirus programs, in many cases, make us safer on the Internet. Other times, they open us to attacks that otherwise wouldn't be possible. On Friday, a researcher documented an example of the latter—a vulnerability he found in about a dozen name-brand AV programs that allows attackers who already have a toehold on a targeted computer to gain complete system control.

    AVGater, as the researcher is calling the vulnerability, works by relocating malware already put into an AV quarantine folder to a location of the attacker's choosing. Attackers can exploit it by first getting a vulnerable AV program to quarantine a piece of malicious code and then moving it into a sensitive directory such as C:\Windows or C:\Program Files, which normally would be off-limits to the attacker. Six of the affected AV programs have patched the vulnerability after it was privately reported. The remaining brands have yet to fix it, said Florian Bogner, a Vienna, Austria-based security researcher who gets paid to hack businesses so he can help them identify weaknesses in their networks.

  • Estonia arrests suspected FSB agent accused of “computer-related crime”

    Estonian authorities announced this week that they had recently arrested a Russian man suspected of being an agent of the Federal Security Service (FSB) who was allegedly planning "computer-related crime."

    The 20-year-old man, whose identity was not made public, was arrested last weekend in the Estonian border city of Narva as he was trying to return to Russia.

Security: Updates and Intel Back Doors

Filed under
Security

Security Leftovers

Filed under
Security
  • What Is ARP Spoofing? — Attacks, Detection, And Prevention

    Spoofing is often defined as imitating (something) while exaggerating its characteristic features for comic effect. Not in the real world but also in the computer networking world, spoofing is a common practice among notorious users to intercept data and traffic meant for a particular user.

  • New Hope for Digital Identity

    For your inconvenience, every organization's identity system is also a separate and proprietary silo, even if it is built with open-source software and methods. Worse, an organization might have many different silo'd identity systems that know little or nothing about each other. Even an organization as unitary as a university might have completely different identity systems operating within HR, health care, parking, laundry, sports and IT—as well as within its scholastic realm, which also might have any number of different departmental administrative systems, each with its own record of students past and present.

  • Linux has a whole crock of USB vulnerabilities
  • Google Patches KRACK Vulnerability in Android

Security: Vault 8 From Wikileaks, Yahoo and Other Massive Data Leaks

Filed under
Security
  • Vault 8

    Source code and analysis for CIA software projects including those described in the Vault7 series.

    This publication will enable investigative journalists, forensic experts and the general public to better identify and understand covert CIA infrastructure components.

    Source code published in this series contains software designed to run on servers controlled by the CIA. Like WikiLeaks' earlier Vault7 series, the material published by WikiLeaks does not contain 0-days or similar security vulnerabilities which could be repurposed by others.

  • Marissa Mayer sounds distraught over Yahoo’s massive data breach

    Former Yahoo CEO Marissa Mayer appeared distraught at a US Senate hearing Wednesday (Nov. 8) on the unprecedented data breaches at the company during her tenure.

    “As you know, Yahoo was the victim of criminal, state-sponsored attacks on its systems, resulting in the theft of certain user information,” Mayer said in her opening remarks, rarely looking up from her notes. “As CEO, these thefts occurred during my tenure, and I want to sincerely apologize to each and every one of our users.”

Security: USB. WPA2, Updates, Magento

Filed under
Security

Microsoft and Intel Back Doors

Filed under
Microsoft
Security

10 Most Secure Linux Distros For Complete Privacy & Anonymity | 2017 Edition

Filed under
GNU
Linux
Security

One of the most compelling reasons to use Linux is its ability to deliver a secure computing experience. There are some specialized secure Linux distros for security that add extra layers and make sure that you complete your work anonymously and privately. Some of the popular secure Linux distros for 2017 are Tails, Whoix, Kodachi, etc.

Read more

Syndicate content

More in Tux Machines

Security: New Release of HardenedBSD, Windows Leaks Details of Windows Back Doors

  • Stable release: HardenedBSD-stable 11-STABLE v1100054
  • Kaspersky blames NSA hack on infected Microsoft software
    Embattled computer security firm Kaspersky Lab said Thursday that malware-infected Microsoft Office software and not its own was to blame for the hacking theft of top-secret US intelligence materials. Adding tantalizing new details to the cyber-espionage mystery that has rocked the US intelligence community, Kaspersky also said there was a China link to the hack.
  • Investigation Report for the September 2014 Equation malware detection incident in the US
    In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were true, we decided to conduct an internal investigation to attempt to answer a few questions we had related to the article and some others that followed it:
  • Kaspersky: Clumsy NSA leak snoop's PC was packed with malware
    Kaspersky Lab, the US government's least favorite computer security outfit, has published its full technical report into claims Russian intelligence used its antivirus tools to steal NSA secrets. Last month, anonymous sources alleged that in 2015, an NSA engineer took home a big bunch of the agency's cyber-weapons to work on them on his home Windows PC, which was running the Russian biz's antimalware software – kind of a compliment when you think about it. The classified exploit code and associated documents on the personal system were then slurped by Kremlin spies via his copy of Kaspersky antivirus, it was claimed.

OSS Leftovers

  • Open Source Networking Days: Think Globally, Collaborate Locally
    Something that we’ve learned at The Linux Foundation over the years is that there is just no substitute for periodic, in-person, face-to-face collaboration around the open source technologies that are rapidly changing our world. It’s no different for the open networking projects I work with as end users and their ecosystem partners grapple with the challenges and opportunities of unifying various open source components and finding solutions to accelerate network transformation. This fall, we decided to take The Linux Foundation networking projects (OpenDaylight, ONAP, OPNFV, and others) on the road to Europe and Japan by working with local site hosts and network operators to host Open Source Networking Days in Paris, Milan, Stockholm, London, Tel Aviv, and Yokohama.
  • The Open-Source Driving Simulator That Trains Autonomous Vehicles
    Self-driving cars are set to revolutionize transport systems the world over. If the hype is to be believed, entirely autonomous vehicles are about to hit the open road. The truth is more complex. The most advanced self-driving technologies work only in an extremely limited set of environments and weather conditions. And while most new cars will have some form of driver assistance in the coming years, autonomous cars that drive in all conditions without human oversight are still many years away. One of the main problems is that it is hard to train vehicles to cope in all situations. And the most challenging situations are often the rarest. There is a huge variety of tricky circumstances that drivers rarely come across: a child running into the road, a vehicle driving on the wrong side of the street, an accident immediately ahead, and so on.
  • Fun with Le Potato
    At Linux Plumbers, I ended up with a Le Potato SBC. I hadn't really had time to actually boot it up until now. They support a couple of distributions which seem to work fine if you flash them on. I mostly like SBCs for having actual hardware to test on so my interest tends to be how easily can I get my own kernel running. Most of the support is not upstream right now but it's headed there. The good folks at BayLibre have been working on getting the kernel support upstream and have a tree available for use until then.
  • PyConf Hyderabad 2017
    In the beginning of October, I attended a new PyCon in India, PyConf Hyderabad (no worries, they are working on the name for the next year). I was super excited about this conference, the main reason is being able to meet more Python developers from India. We are a large country, and we certainly need more local conferences :)
  • First Basilisk version released!
    This is the first public version of the Basilisk web browser, building on the new platform in development: UXP (code-named Möbius).
  • Pale Moon Project Rolls Out The Basilisk Browser Project
    The developers behind the Pale Moon web-browser that's been a long standing fork of Firefox have rolled out their first public beta release of their new "Basilisk" browser technology. Basilisk is their new development platform based on their (Gecko-forked) Goanna layout engine and the Unified UXL Platform (UXP) that is a fork of the Mozilla code-base pre-Servo/Rust... Basically for those not liking the direction of Firefox with v57 rolling out the Quantum changes, etc.
  • Best word processor for Mac [iophk: "whole article fails to mention OpenDocument Format"]
  • WordPress 4.9: This one's for you, developers!
    WordPress 4.9 has debuted, and this time the world's most popular content management system has given developers plenty to like. Some of the changes are arguably overdue: syntax highlighting and error checking for CSS editing and cutting custom HTML are neither scarce nor innovative. They'll be welcomed arrival will likely be welcomed anyway, as will newly-granular roles and permissions for developers. The new release has also added version 4.2.6 of MediaElement.js, an upgrade that WordPress.org's release notes stated has removed dependency on jQuery, improves accessibility, modernizes the UI, and fixes many bugs.”
  • New projects on Hosted Weblate
  • Cilk Plus Is Being Dropped From GCC
    Intel deprecated Cilk Plus multi-threading support with GCC 7 and now for GCC 8 they are looking to abandon this support entirely. Cilk Plus only had full support introduced in GCC 5 while now for the GCC 8 release early next year it's looking like it will be dropped entirely.
  • Software Freedom Law Center vs. Software Freedom Conservancy

    On November 3rd, the Software Freedom Conservancy (SFC) wrote a blog post to let people know that the Software Freedom Law Center (SFLC) had begun legal action against them (the SFC) over the trademark for their name.

  • What Is Teletype For Atom? How To Code With Fellow Developers In Real Time?
    In a short period of three years, GitHub’s open source code editor has become one of the most popular options around. In our list of top text editors for Linux, Atom was featured at #2. From time to time, GitHub keeps adding new features to this tool to make it even better. Just recently, with the help of Facebook, GitHub turned Atom into a full-fledged IDE. As GitHub is known to host some of the world’s biggest open source collaborative projects, it makes perfect sense to add the collaborative coding ability to Atom. To make this possible, “Teletype for Atom” has just been announced.
  • Microsoft Is Trying To Make Windows Subsystem For Linux Faster (WSL)
  • Microsoft and GitHub team up to take Git virtual file system to macOS, Linux

Ubuntu: New Users, Unity Remix, 18.04 LTS News

  • How to Get Started With the Ubuntu Linux Distro
    The Linux operating system has evolved from a niche audience to widespread popularity since its creation in the mid 1990s, and with good reason. Once upon a time, that installation process was a challenge, even for those who had plenty of experience with such tasks. The modern day Linux, however, has come a very long way. To that end, the installation of most Linux distributions is about as easy as installing an application. If you can install Microsoft Office or Adobe Photoshop, you can install Linux. Here, we’ll walk you through the process of installing Ubuntu Linux 17.04, which is widely considered one of the most user-friendly distributions. (A distribution is a variation of Linux, and there are hundreds and hundreds to choose from.)
  • An ‘Ubuntu Unity Remix’ Might Be on the Way…
    A new Ubuntu flavor that uses the Unity 7 desktop by default is under discussion. The plans have already won backing from a former Unity developer.
  • Ubuntu News: Get Firefox Quantum Update Now; Ubuntu 18.04 New Icon Theme Confirmed
    Earlier this week, Mozilla earned big praises in the tech world for launching its next-generation Firefox Quantum 57.0 web browser. The browser claims to be faster and better than market leader Google Chrome. Now, Firefox Quantum is available for all supported Ubuntu versions from the official repositories. The Firefox Quantum Update is also now available.
  • New Icon Theme Confirmed for Ubuntu 18.04 LTS
    ‘Suru’ is (apparently) going to be the default icon theme in Ubuntu 18.04 LTS. That’s Suru, the rebooted community icon theme and not Suru, the Canonical-created icon theme that shipped on the Ubuntu Phone (and was created by Matthieu James, who recently left Canonical).

OnePlus 5T Launched

  • OnePlus 5T Keeps the Headphone Jack, Introduces Face Unlock and Parallel Apps
    Five months after it launched its OnePlus 5 flagship Android smartphone, OnePlus unveiled today its successor, the OnePlus 5T, running the latest Android 8.0 (Oreo) mobile OS. OnePlus held a live event today in New York City to tell us all about the new features it implemented in the OnePlus 5T, and they don't disappoint as the smartphone features a gorgeous and bright 6.0-inches Optic AMOLED capacitive touchscreen with multitouch, a 1080x2160 pixels resolution, 18:9 ratio, and approximately 402 PPI density. The design has been changed a bit as well for OnePlus 5T, which is made of anodized aluminum.
  • OnePlus 5T Launched: Comes With Bigger Screen, Better Dual Camera, And Face Unlock
    Whenever costly phones like iPhone X or Google Pixel 2 are bashed (here and here) and their alternatives are discussed, OnePlus is always mentioned. In the past few years, the company has amassed a fan base that has found the concept of “Never Settle” impressive.
  •