Language Selection

English French German Italian Portuguese Spanish

Security

10 Free Open Source Tools for Creating Your Own VPN

Filed under
Software
Security

As more people use the Internet everyday they are becoming more conscious about their privacy with regards to how much of the information they don’t want to share at all is being compromised. Tons of VPN services have been created to solidify users’ safety but that doesn’t seem to be enough as there seems to be an increasing need to create custom VPNs.

It isn’t a bad thing to create a VPN service for yourself and there are actually a good number of developers and organizations that favour this habit.

Today, we bring you a list of the best open-source tools that you can use to create your own VPN. Some of them are relatively more difficult to set up and use than the others and they all have their feature highlights.

Depending on the reason why you want to deploy your own VPN, choose the title that is suitable for you.

Read more

Security: UIDAI, Wireshark, Hackers For Good

Filed under
Security
  • Software Patch Claimed To Allow Aadhaar's Security To Be Bypassed, Calling Into Question Biometric Database's Integrity

    As the Huffington Post article explains, creating a patch that is able to circumvent the main security features in this way was possible thanks to design choices made early on in the project. The unprecedented scale of the Aadhaar enrollment process -- so far around 1.2 billion people have been given an Aadhaar number and added to the database -- meant that a large number of private agencies and village-level computer kiosks were used for registration. Since connectivity was often poor, the main software was installed on local computers, rather than being run in the cloud. The patch can be used by anyone with local access to the computer system, and simply involves replacing a folder of Java libraries with versions lacking the security checks.

    The Unique Identification Authority of India (UIDAI), the government body responsible for the Aadhaar project, has responded to the Huffington Post article, but in a rather odd way: as a Donald Trump-like stream of tweets. The Huffington Post points out: "[the UIDAI] has simply stated that its systems are completely secure without any supporting evidence."

  • New CAS BACnet Wireshark Report Tool Helps User to Quickly Locate Intermittent Issues
  • Hackers For Good, Working To Gather Stakeholders To Find Answers To Cyberspace Challenges

    For a number of people, the word hacker means bad news. However, if some hackers have malevolent intentions, there are also hackers for good, and their skills were put to the challenge last week as they tried to save a fictitious city fallen into the hands of a group of cyber terrorists. The challenge was part of a two-day event organised by a young Geneva-based non-governmental organisation seeking to raise awareness about digital trust and bring accountability to cyberspace.

Security: Quantum Computing and Cryptography, Time to Rebuild Alpine Linux Docker Container

Filed under
Security
  • Quantum Computing and Cryptography

    Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length.

    This is why cryptographers are hard at work designing and analyzing "quantum-resistant" public-key algorithms. Currently, quantum computing is too nascent for cryptographers to be sure of what is secure and what isn't. But even assuming aliens have developed the technology to its full potential, quantum computing doesn't spell the end of the world for cryptography. Symmetric cryptography is easy to make quantum-resistant, and we're working on quantum-resistant public-key algorithms. If public-key cryptography ends up being a temporary anomaly based on our mathematical knowledge and computational ability, we'll still survive. And if some inconceivable alien technology can break all of cryptography, we still can have secrecy based on information theory -- albeit with significant loss of capability.

    At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it's easier to smash a plate than to glue all the pieces back together, it's much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind -- one-way functions and trap-door one-way functions -- underlie all of cryptography.

  • This New CSS Attack Restarts iPhones & Freezes Macs
  • Time to Rebuild Alpine Linux Docker Containers After Package Manager Patch
  • GrrCon 2018 Augusta15 Automation and Open Source Turning the Tide on Attackers John Grigg

Security: Updates, PAM HaveIBeenPwned Module, Alpine Linux and Wireshark

Filed under
Security
  • Security updates for Monday
  • PAM HaveIBeenPwned module
  • Remote code exec found in Alpine Linux

    Users of Alpine Linux are advised to update their installations - especially those used for Docker production environments - after a researcher found a remotely exploitable bug in the distribution's package manager.

    Alpine Linux is popular with Docker users due to its small size and package repository.

    Crowdfunded bug bounty program BountyGraph co-founder Max Justicz managed to exploit Alpine .apk package files to create arbitrary files which could be turned into code execution.

  • What is Wireshark? What this essential troubleshooting tool does and how to use it

    Wireshark is the world's leading network traffic analyzer, and an essential tool for any security professional or systems administrator. This free software lets you analyze network traffic in real time, and is often the best tool for troubleshooting issues on your network.

    Common problems that Wireshark can help troubleshoot include dropped packets, latency issues, and malicious activity on your network. It lets you put your network traffic under a microscope, and provides tools to filter and drill down into that traffic, zooming in on the root cause of the problem. Administrators use it to identify faulty network appliances that are dropping packets, latency issues caused by machines routing traffic halfway around the world, and data exfiltration or even hacking attempts against your organization.

    [...]

    While Wireshark supports more than two thousand network protocols, many of them esoteric, uncommon, or old, the modern security professional will find analyzing IP packets to be of most immediate usefulness. The majority of the packets on your network are likely to be TCP, UDP, and ICMP.

    Given the large volume of traffic that crosses a typical business network, Wireshark's tools to help you filter that traffic are what make it especially useful. Capture filters will collect only the types of traffic you're interested in, and display filters will help you zoom in on the traffic you want to inspect. The network protocol analyzer provides search tools, including regular expressions and colored highlighting, to make it easy to find what you're looking for.

Apache SpamAssassin 3.4.2 released

Filed under
Security

On behalf of the Apache SpamAssassin Project Management Committee, I am
very pleased to announce the release of Apache SpamAssassin v3.4.2.
This release contains security bug fixes. A security announcement will
follow within the next 24 hours.

Apache SpamAssassin can be downloaded from
https://spamassassin.apache.org/downloads.cgi and via cpan
(Mail::SpamAssassin).

Our project website is https://spamassassin.apache.org/

Our DOAP is available at https://spamassassin.apache.org/doap.rdf

Read more

Security: Windows/NSA Back Doors, Election Cracking, and Open Source Security Podcast

Filed under
Security
  • Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later

    Yet, more than a year since Microsoft released patches that slammed the backdoor shut, almost a million computers and networks are still unpatched and vulnerable to attack.

  • Leaked NSA exploits are still used to infect at least 919K servers with cryptojacking malware [Ed: Microsoft gave the NSA back doors. It was inevitable that crackers who do not work for the US government would get in too.]

    Although Microsoft indicated that they have closed the backdoor used by this ransomware, more computers globally are not fully secured to prevent the infection by the malware. Interestingly, the hackers have shifted their game from asking for ransom and are now infecting new computers with cryptojacking malware.

  • Cybersecurity Is Only 1 Part of Election Security

    The DEF CON 2018 Voting Machine Hacking Village aimed to raise awareness in voting security through a full day of speakers and panel discussions along with a challenge for attendees to hack more than 30 pieces of voting equipment. A partnership with rOOtz Asylum offered youths between 8 and 16 years old an opportunity to hack replicas of the websites of secretaries of state to demonstrate that even hackers with limited years of experience can easily compromise critical systems. The goal was to break as many voting machine pieces as possible in order to draw attention to the vulnerabilities that will be present in the upcoming 2018 elections.

    The focus on election equipment, however, ignores the greater danger caused by hacking into the diverse collection of sensitive information that flows through political campaigns and the electoral process, and using that to influence and sow distrust among voters. While changing a vote or voting results can be traced back to a particular stakeholder, changing people's understanding of facts is far more insidious.

  • Open Source Security Podcast: Episode 114 - Review of "Click Here to Kill Everybody"

    Josh and Kurt review Bruce Schneier's new book Click Here to Kill Everybody. It's a book everyone could benefit from reading. It does a nice job explaining many existing security problems in a simple manner.

Security: Windows Back Doors, Rogue Kodi Add-on, and Baseband OS (Back Door) in iPhone

Filed under
Security
  • Illegally Released NSA Hacker Tool EternalBlue Being Used to Mine Cryptocurrency [Ed: Microsoft's collusion with NSA for back doors continues to serve crackers well, enriching them.]

    One Year After Their Illegal Release, the NSA’s Classified Exploits Are Still Being Used to Mine Crypto

    One year ago, the National Security Agency suffered one of the worst leaks in its history: a series of classified exploits built by the NSA were stolen and published online. Today, those exploits continue to be used to attack cryptocurrency miners worldwide.

    One of the exploits, called EternalBlue, is a particularly effective backdoor exploit. EternalBlue can be used to silently break into virtually any Windows machine in the world.

    Hackers have used EternalBlue to install ransomware on thousands of computers worldwide. Government organizations, corporations, and even entire towns have ground to a halt due to EternalBlue ransomware attacks.

  • Kodi users fall victim to malware due to malicious add-on
  • x86 finds its way into your iPhone

    The baseband cpu is a standalone core that lives in your phone and is responsible for managing 2g/3g/4g/cdma/5g wireless communications. Given the absurd complexity of these standards, today a baseband cpu must be very powerful and enough general purpose, so the days of custom FPGA based IPs are long gone, at least for the main part. A lot has been said and written about basebands on modern smartphones, so I won’t repeat it. For our purpose, you just need to know that usually basebands are implemented using embedded friendly CPUs, like for example ARM (Cortex-M, Cortex-R or something inbetween), Qualcomm Hexagon (a kind of general purpose, VLIW dsp) or other more or less known architectures.

    Apple is nothing special in this regard, up until the iPhone8/iPhoneX, they used to have two different basebands, one for CDMA markets and one for everything else. The CDMA one was based on Qualcomm Hexagon dsp, while the GSM one was based on Intel XMMxxxx architecture. For those that like to play around with iPhone firmwares, you might have seen MAVxxx and ICExxx files in the ipsw, well those two files contain the firmware respectively for Qualcomm based devices (MAV) and Intel based ones (ICE).

    As you may know, Apple decided to drop Qualcomm and now they’re using exclusively Intel based basebands, so we will concentrate on this.

It's Looking Like WireGuard Could Be Ready In Time For Linux 4.20~5.0

Filed under
Linux
Security

The latest revised patches were sent out on Friday evening for WireGuard, the very promising secure VPN tunnel technology developed over the past few years by Jason Donenfeld.

This marks the fourth time these patches have been revised with this latest series fixing various issues discovered during earlier rounds of review, porting more crypto code to the new Zinc crypto library, documentation improvements, and other code improvements.

Read more

Security: HackRF, WPScan, BGP

Filed under
Security
  • Course Review: Software Defined Radio with HackRF

    Over the past two days, I had the opportunity to attend Michael Ossman’s course “Software Defined Radio with HackRF” at Toorcon XX. This is a course I’ve wanted to take for several years, and I’m extremely happy that I finally had the chance. I wanted to write up a short review for others considering taking the course.

  • WPScan – A Black Box WordPress Vulnerability Scanner

    WordPress is all over the web; it’s the most popular and most used content management system (CMS) out there. Is your website or blog is powered by WordPress? Did you know that malicious hackers are always attacking WordPress sites every minute? If you didn’t, now you know.

    The first step towards securing your website or blog is to perform a vulnerability assessment. This is simply an operation to identify common security loopholes (known to the public), within your site or its underlying architecture.

  • Are BGPs security features working yet?

    This post is a textual version of a talk I gave at NLNOG 2018, You can watch the talk below if that’s your preferred medium: [...]

    BGP has had a problem for quite a while, most of the time when we hear about this in the news outside of the networking word it is referred to as a “BGP Hijack”. Which can be better phrased as “someone routed someone else’s addresses to them”.

Security: Entryism, Alpine Linux, FUD, and Securonix Threat Research on Osiris

Filed under
Security
  • Open Source Security Research Group gets a new office [Ed: "Open Source Security Research Group" = anti-Open Source FUD group connected to Microsoft]
  • Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers

    An infosec bod has documented a remote-code execution flaw in Alpine Linux, a distro that pops up a lot in Docker containers.

    Max Justicz, researcher and creator of crowd-sourced bug bounty system Bountygraph, said on Thursday that the vulnerability could be exploited by someone with man-in-the-middle (MITM) network access, or operating a malicious package mirror, to inject arbitrary code via apk, Alpine's default package manager.

    Justicz said that the vulnerability is particularly dangerous because, first, Alpine is commonly used for Docker images thanks to its small footprint, and second, most of the packages apk handles are not served via secure TLS connections, making them more susceptible to tampering.

    In the worst-case scenario, the attacker could intercept apk's package requests during Docker image building, inject them with malicious code, and pass them along to the target machines that would unpack and run the code within their Docker container.

  • Kodi users on Windows and Linux infected with cryptomining malware [Ed: 1) not many affected. 2) it's due to add-ons, not Kodi. 3) the severity is low because it's mining, not blackmail or destruction of data.]

    What just happened? Unofficial repositories serving third-party add-ons for open source media player Kodi have been serving malicious cryptocurrency mining malware for several months. Fewer than 5,000 victims are estimated but that number could grow as the malware spreads.

  • Securonix Threat Research: KRONOS/Osiris Banking Trojan Attack

    The KRONOS malware was first discovered in June 2014 as a Banker Trojan available for purchase in a Russian underground forum for $7,000 [1]. After staying dormant for few years, a new variant of KRONOS, known as Osiris, was discovered in July 2018, with three distinct campaigns targeting Germany, Japan, and Poland [2]. The new variant contains features like TOR network command and control (C2), keylogging, and remote control via VNC along with older features like form grabbing and web-injection [3].

    [...]

    Infiltration vector(s): The primary infiltration vector used by KRONOS/Osiris malware is phishing email campaigns containing specially crafted Microsoft Word documents/RTF attachments with macro/OLE content that cause malicious obfuscated VB stagers to be dropped and executed. In many scenarios the malware is distributed using exploit kits like RIG EK.

    The malicious document exploits a well-known buffer overflow vulnerability in Microsoft Office Equation Editor Component—CVE-2017-11882—which allows the attacker to perform arbitrary code execution [4][5].

  • KRONOS Trojan, Known For Hacking Bank Accounts, Gets A New Update [Ed: targets Windows]
Syndicate content

More in Tux Machines

Endless OS – A Beautifully Unique Linux Distribution for Your Family

Endless OS is a free Linux-based Operating System that makes computers fun to use. It features a beautiful UI, a somewhat locked-down app manager, and tons of educational software. Endless OS is mostly used to teach computing all over the world so the company has made it simulate a smartphone experience. In place of an app drawer, it uses shortcuts arranged in a grid view on the desktop. Sort of like an iPhone. You can add/delete apps from view as well as create folders for organizing them. Read more

Wayland future and legacy

First I directly admit on what I did teaser for 5.14 in my last update but what will not make it: generic gamma color correction per display. There are two reasons for it. The first one is that some preliminary patches, which needed to be merged first, endured long review phases. The second reason is, that when these patches finally were accepted I had shifted my focus on some other topics, which I decided to give an higher priority. Before delving into these other topics, a short analysis on why the reviews took so long: first there were of course some improvements possible to my patches, but after these got pointed out in the reviews I did fix them back then pretty quickly. The more striking reason is though that we are just short on people who can actually review KWin code changes, in particular with Martin being not maintainer anymore. That is not only a problem for my proposed code changes, but for anyone’s patches to KWin. And this hasn’t improved since back then. We must find a way to reduce the review pressure on the people being capable of doing reviews somehow, at best with only a minimal hit in code quality. I don’t have a full solution for this problem yet, we will see if we find a good one. After this is out of the way, let us talk about these other features, which I prioritized higher. Read more

Games: Release of PlayOnLinux 5.0 Alpha, Aspyr Media, Geneshift, GOG and DotLine

  • Release of PlayOnLinux 5.0 alpha 1
    I'm aware that it has been a while since the last time we gave news to you. Be reassured, the project is moving on and here we are to give you some news.
  • Aspyr Media have a big sale going on the Humble Store, some sweet deals to be had
    For those of you in the mood to start you week with some fun new games, Humble Store is doing an Aspyr Media sale.
  • Top-down shooter Geneshift is getting a Battle Royale mode and it sounds like a lot of fun
    Geneshift (also known as Mutant Factions or Subvein) is a top-down shooter with some seriously good action that's currently in Early Access and the developer has decided to add a Battle Royale mode. Initially, I thought this was a joke. However, it's very much a real thing.
  • GOG added two more Visual Novels with Linux support, Highway Blossoms and A Kiss For The Petals
    For those who love Visual Novels, you might want to know that GOG have expanded their collection a little again recently. The two titles are Highway Blossoms and A Kiss For The Petals - Maidens of Michael. Neither game is particularly new, although it's worth noting that A Kiss For The Petals - Maidens of Michael was removed from Steam so GOG is the easiest option to get it at the moment.
  • Challenging minimalist puzzle game 'DotLine' released with native Linux support
    DotLine from The Selenite Forge who also made Bionic Attack is a minimalist puzzle game that tries to challenge your brain, out now with native Linux support. Note: Key provided by the developer. The basic idea of the game is really simple. You have to guide a ball from start to end, the problem is the path it needs to take is all messed up and you've got the wonderful job of rotating everything into the correct position. What makes it challenging, is that as soon as you rotate the first piece, the ball will begin rolling and so it becomes a mad dash to get everything right. Even if you don't do anything, you only get two seconds before it starts.

Today in Techrights