Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Wickedly Clever USB Stick Installs a Backdoor on Locked PCs

    You probably know by now that plugging a random USB into your PC is the digital equivalent of swallowing a pill handed to you by a stranger on the New York subway. But serial hacker Samy Kamkar‘s latest invention may make you think of your computer’s USB ports themselves as unpatchable vulnerabilities—ones that open your network to any hacker who can get momentary access to them, even when your computer is locked.

  • How does your encrypted Linux system respond to the Cryptsetup bug?

    In all three case, the encrypted system partition is still encrypted, so you data is still save. However, as detailed in the bug report, unencrypted partitions, like ones mounted at /boot and /boot/efi (on UEFI systems) might still be open for exploitation. But how far can an attacker go on such system, when the system partition is still encrypted? Not far, I hope.

    A bug always has a solution, and in this case, the authors provided an easy-to-apply workaround. I’ve expanded on it a bit in the code block below. If after applying the workaround you discover that it does not work, welcome to the club. It didn’t work on all the encrypted systems I applied it on – Ubuntu 16.10, Manjaro 16.10, and Fedora Rawhide. By the way, all three distributions were running either Cryptsetup 1.7.2 or 1.7.3.

  • Holding down the Enter key can smash through Linux's defenses
  • 7 open source security predictions for 2017

    Everyone uses open source. It’s found in around 95 per cent of applications and it’s easy to understand why. Open source’s value in reducing development costs, in freeing internal developers to work on higher-order tasks, and in accelerating time to market is undeniable.

    The rapid adoption of open source has outpaced the implementation of effective open source management and security practices. In the annual ‘Future of Open Source Survey’ conducted earlier this year by Black Duck, nearly half of respondents said they had no formal processes to track their open source, and half reported that no one has responsibility for identifying known vulnerabilities and tracking remediation.

    The flip side of the open source coin is that if you’re using open source, the chances are good that you’re also including vulnerabilities known to the world at large. Since 2014, the National Vulnerability Database (NVD) has reported over 8,000 new vulnerabilities in open source software.

Security News

Filed under
Security
  • How to fix the Cryptsetup vulnerability in Linux

    Linux enjoys a level of security that most platforms cannot touch. That does not, in any way, mean it is perfect. In fact, over the last couple of years a number of really ugly vulnerabilities have been found — and very quickly patched. Enough time has passed since Heartbleed for those that do to find yet another security issue.

  • Get root on Linux: learn the secret password
  • Security advisories for Wednesday
  • The Web-Shaking Mirai Botnet Is Splintering—But Also Evolving

    Over the last few weeks, a series of powerful hacker attacks powered by the malware known as Mirai have used botnets created of internet-connected devices to clobber targets ranging from the internet backbone company Dyn to the French internet service provider OVH. And just when it seemed that Mirai might be losing steam, new evidence shows that it’s still dangerous—and even evolving.

    Researchers following Mirai say that while the number of daily assaults dipped briefly, they’re now observing development in the Mirai malware itself that seems designed to allow it to infect more of the vulnerable routers, DVRs and other internet-of-things (IoT) gadgets it’s hijacked to power its streams of malicious traffic. That progression could actually increase the total population available to the botnet, they warn, potentially giving it more total compute power to draw on.

    “There was an idea that maybe the bots would die off or darken over time, but I think what we are seeing is Mirai evolve,” says John Costello, a senior analyst at the security intelligence firm Flashpoint. “People are really being creative and finding new ways to infect devices that weren’t susceptible previously. Mirai is not going away.”

  • This $5 Device Can Hack Your Locked Computer In One Minute

    Next time you go out for lunch and leave your computer unattended at the office, be careful. A new tool makes it almost trivial for criminals to log onto websites as if they were you, and get access to your network router, allowing them to launch other types of attacks.

    Hackers and security researchers have long found ways to hack into computers left alone. But the new $5 tool called PoisonTap, created by the well-known hacker and developer Samy Kamkar, can even break into password-protected computers, as long as there’s a browser open in the background.Kamkar explained how it works in a blog post published on Wednesday.

Gone in 70 seconds: Holding Enter key can smash through defense

Filed under
Linux
Security

Attackers with a little more than a minute to spare can get their foot in the door on Linux boxes by holding down the Enter key for 70 seconds – an act that gifts them a root initramfs shell .

The simple exploit, which requires physical access to the system, exists due to a bug in the Linux Unified Key Setup (LUKS) used in popular variations of Linux. With access to an initramfs environment shell, an attacker could then attempt to decrypt the encrypted filesystem by brute-force. The attack also potentially works on virtual Linux boxen in clouds.

Read more

Also: Press the Enter Key For 70 Seconds To Bypass Linux Disk Encryption Authentication

Evolution of the SSL and TLS protocols

Filed under
Security

The Transport Layer Security (TLS) protocol is undoubtedly the most widely used protocol on the Internet today. If you have ever done an online banking transaction, visited a social networking website, or checked your email, you have most likely used TLS. Apart from wrapping the plain text HTTP protocol with cryptographic goodness, other lower level protocols like SMTP and FTP can also use TLS to ensure that all the data between client and server is inaccessible to attackers in between. This article takes a brief look at the evolution of the protocol and discusses why it was necessary to make changes to it.

Read more

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • You Can Bypass Linux Disk Encryption Authentication by Pressing the Enter Key for 70 Seconds

    An error in the implementation of the Cryptsetup utility used for encrypting hard drives allows an attacker to bypass the authentication procedures on some Linux systems just by pressing the Enter key for around 70 seconds. This results in the attacked system opening a shell with root privileges.

  • TalkTalk hack: 17-year-old admits to seven offences in court

    A 17-YEAR OLD has appeared in court today and admitted seven offences in relation to last October's TalkTalk hack.

    The teen, who cannot be named for legal reasons, was arrested in Norwich in November 2015 and charged with breaching the Computer Misuse Act 1990.

    The attacks on TalkTalk resulted in the personal data of almost 160,000 people, and the banking details of 15,656 people, being accessed.

  • 5 ways President Trump may affect computer security

    Trump campaigned as the “law and order” candidate, so I expect law enforcement to be better funded and sentences for breaking the law to be intensified. Law enforcement will probably be enabled with more ways to catch and identify hackers and those able to be brought to American justice will likely face longer and more severe sentences.

    I, of course, support these measures. Unfortunately, all administrations learn how hard it is to catch and prosecute hackers, especially when they are located in unreachable areas. On a related note, I don’t think the new administration will be any more successful in trying to put down all the Russian ransomware campaigns.

Tails 2.7 Anonymous Live CD Ships with Let's Encrypt Certificates, Tor 0.2.8.9

Filed under
Security
Debian

After a small delay, the Debian-based Tails amnesic incognito live system has been updated today, November 15, 2016, to version 2.7, bringing us all the latest tools and technologies for surfing the Web anonymously.

Read more

Major Cryptsetup Vulnerability Affects Some LUKS-Encrypted GNU/Linux Systems

Filed under
Security

According to a recent security advisory published by Hector Marco and Ismael Ripoll as CVE-2016-4484 and entitled "Cryptsetup Initrd root Shell," it would appear that there's a major vulnerability in Cryptsetup affecting many GNU/Linux systems.

Read more

Security Leftovers

Filed under
Security
  • Cryptsetup Vulnerability Allows Easily Getting To A Root Shell

    CVE-2016-4484 was disclosed on Monday as a Cryptsetup issue that allows users to easily gain access to a root initramfs shell on affected systems in a little over one minute of simply hitting the keyboard's enter key.

    This Cryptsetup vulnerability is widespread and easy to exploit, simply requiring a lot of invalid passwords before being dropped down a root shell. The data on the LUKS-encrypted volume is still protected, but you have root shell access. The CVE reads, "This vulnerability allows to obtain a root initramfs shell on affected systems. The vulnerability is very reliable because it doesn't depend on specific systems or configurations. Attackers can copy, modify or destroy the hard disc as well as set up the network to exflitrate data. This vulnerability is specially serious in environments like libraries, ATMs, airport machines, labs, etc, where the whole boot process is protect (password in BIOS and GRUB) and we only have a keyboard or/and a mouse."

  • CVE-2016-4484: Cryptsetup Initrd root Shell
  • Security updates for Tuesday
  • Super Mari-owned: Startling Nintendo-based vulnerability discovered in Ubuntu

Security News

Filed under
Security
  • Boy, 17, admits TalkTalk hacking offences

    A 17-year-old boy has admitted hacking offences linked to a data breach at the communications firm TalkTalk.

    Norwich Youth Court was told he had used hacking tool software to identify vulnerabilities on target websites.

  • Upgrade for KDE neon Security Issue

    Last month we moved the neon archive to a new server so packages got built on our existing server then uploaded to the new server. Checking the config it seemed I’d made the nasty error of leaving it open to the world rather than requiring an ssh gateway to access the apt repository, so anyone scanning around could have uploaded packages. There’s no reason to think that happened but the default in security is to be paranoid for any possibility.

  • Security B-Sides conferences attract growing information security crowd

    The Security B-Sides DC conference is part of the B-Sides movement, which was created to provide a community framework to build events for and by information security practitioners. Alex Norman, the co-director of Security B-Sides DC, tells us how he wants to expand information security beyond security professionals, and to involve a larger, more diverse community.

Syndicate content

More in Tux Machines

Desktop Themes

  • Numix White Icons Looks Better On Dark Themes, Install In Ubuntu/Linux Mint Via PPA
  • Make Your Gnome Shell Kind Of Look Like Unity With United Gnome Theme
    Beside theme you can install these extensions to make desktop look more like Unity. Dash to dock: Enable panel mode and position it on the left; Dynamic Panel Transparency: The non-dark variant comes with a semi-transparent panel. Square icons used in the following screenshots.
  • Albatross Theme Forked From Shimmer Project For Ubuntu/Linux Mint
    It is glad to see that theme development is much faster now than past. Albatross theme is forked from Shimmer project team, they stopped the development long ago. If you want to keep your desktop simple, clean and elegant then for sure this theme is for you, it is specially targeting Gnome desktop and may work with Xfce. Currently this theme is compatible with Gtk 3.24+/3.22/3.20. If you intend to use this theme in the Xfce desktop then you must use xfwm4 from "Greybird/Adwaita" since that is not packed with this theme. Since this theme is in active development, if you encounter any bug or problem with this theme then report it to get it fixed. Obsidian-1 icons used in the following screenshot.
  • Pop Theme Suite: Make Your Ubuntu/Linux Look Like System76 Upcoming Desktop
    As I mentioned in my previous posts that lots theme development going on now but Linux community and a company is not even behind called "System76". Well they designed theme and icons for their own computers that run Ubuntu but good news is that it is free and comes under GPL-V2 license that means anyone can copy, share or remake their theme suite.

Hands on with the Pinebook

The Pine A64 was a 64-bit Quad-Core Single Board Computer which was kickstarted at the tail end of 2015 for delivery in the middle of 2016. Costing just $15, and hailed as a “Raspberry Pi killer,” the board raised $1.7 million from 36,000 backers. It shipped to its backers to almost universally poor reviews. Now they’re back, this time with a laptop—a 11.6-inch model for $89, or a 14-inch model for $99. Both are powered by the same 64-bit Quad-Core ARM Cortex A53 as the original Pine A64 board, but at least Pine are doing a much better job this time around of managing user expectations. Read more

OpenELEC 8.0.3

Linux, Graphics, and Tonight's Release

  • Linux 4.11 Set To Be Released Today
    After it was postponed last weekend, the Linux 4.11 kernel is set to be officially released in a matter of hours. As of writing, the Linux 4.11 codename remains the "Fearless Coyote", but there is the possibility that Torvalds may rename it when tagging the official 4.11.0 release today.
  • Linux Kernel 3.18.51 Released with MIPS, ARM, and CIFS Changes, Updated Drivers
  • Linux Kernel 4.4.65 LTS Is a Small Patch with Networking and File System Fixes
  • USB Type-C Port Manager Coming To Linux 4.12
    Another feature to look forward to with the Linux 4.12 kernel for those using newer hardware featuring USB Type-C is a port manager. The "TCPM" driver is queued as a new staging driver via usb-next for entering the Linux 4.12 kernel in the next two weeks. This USB Type-C Port Manager driver implements a power delivery state machine for source/sink ports. This driver serves as a state machine while other USB Type-C drivers are responsible for the rest of the functionality.
  • DirectFB Is Back To Being Dormant
    Back in August of 2015, DirectFB disappeared with its project site and code vanishing. Last November DirectFB re-appeared along with a new site and renewed focus on the project. Unfortunately, it's once again gone silent. With all the news this month about Ubuntu dropping Mir / Unity 8 and the continued work by many different desktop/compositor teams on Wayland, I was curious this weekend to check on how DirectFB is doing in 2017... Sadly, DirectFB.net as the new DirectFB site launched last November is now down again. The original DirectFB (dot) org web-site remains squatted. I've been unable to find any other "new" DirectFB website.
  • Sway Wayland Compositor Adding Proprietary NVIDIA Driver Support
    The Sway Wayland compositor that aims to be i3-compatible continues picking up new features.