Language Selection

English French German Italian Portuguese Spanish

Microsoft

Microsoft Breaches and Their Impact

Filed under
Microsoft
Security

Microsoft Openwashing and Spin

Filed under
Microsoft

Microsoft Dirty Tricks and Entryism

Filed under
Microsoft

Security: Brutal Kangaroo Targets Windows, Linux Updates Available, Reproducible Builds, and Patching Stack Clash

Filed under
Linux
Microsoft
Security
  • Brutal Kangaroo

    Today, June 22nd 2017, WikiLeaks publishes documents from the Brutal Kangaroo project of the CIA. Brutal Kangaroo is a tool suite for Microsoft Windows that targets closed networks by air gap jumping using thumbdrives. Brutal Kangaroo components create a custom covert network within the target closed network and providing functionality for executing surveys, directory listings, and arbitrary executables.

    The documents describe how a CIA operation can infiltrate a closed network (or a single air-gapped computer) within an organization or enterprise without direct access. It first infects a Internet-connected computer within the organization (referred to as "primary host") and installs the BrutalKangaroo malware on it. When a user is using the primary host and inserts a USB stick into it, the thumbdrive itself is infected with a separate malware. If this thumbdrive is used to copy data between the closed network and the LAN/WAN, the user will sooner or later plug the USB disk into a computer on the closed network. By browsing the USB drive with Windows Explorer on such a protected computer, it also gets infected with exfiltration/survey malware. If multiple computers on the closed network are under CIA control, they form a covert network to coordinate tasks and data exchange. Although not explicitly stated in the documents, this method of compromising closed networks is very similar to how Stuxnet worked.

    The Brutal Kangaroo project consists of the following components: Drifting Deadline is the thumbdrive infection tool, Shattered Assurance is a server tool that handles automated infection of thumbdrives (as the primary mode of propagation for the Brutal Kangaroo suite), Broken Promise is the Brutal Kangaroo postprocessor (to evaluate collected information) and Shadow is the primary persistence mechanism (a stage 2 tool that is distributed across a closed network and acts as a covert command-and-control network; once multiple Shadow instances are installed and share drives, tasking and payloads can be sent back-and-forth).

  • Security updates for Wednesday
  • Reproducible Builds: week 112 in Stretch cycle
  • 5 things you need to know about Stack Clash to secure your shared Linux environment

    The vulnerability is present in Unix-based systems on i386 and amd64 architectures. Affected Linux distributions include Red Hat, Debian, Ubuntu, SUSE, CentOS and Gentoo. Solaris is owned by Oracle. FreeBSD, OpenBSD and NetBSD are also impacted. Qualys has been working with distributions and vendors since May to get the vulnerabilities fixed, and the updates are just beginning to be released. Administrators need to act promptly to update affected machines with the security updates.

Linux vs. Windows Server OS Comparison

Filed under
OS
Linux
Microsoft

A comparison between Linux and Windows while selecting the server operating system is like being in stalemate while playing the chess game where the outcome is unpredictable. Various versions of the Microsoft—from Windows—and the Linux-based operating systems are available in plenty today. But deciding the best option is a tougher task, rather, finding the right solution that fits the organizational requirements is easier.

Read more

Microsoft Openwashing by the Linux Foundation, Lockin Model, and More Openwashing With the Linux Foundation

Filed under
Microsoft
OSS

Openwashing and Parasites

Filed under
Microsoft
OSS

You Can’t Open the Microsoft Surface Laptop Without Literally Destroying It

Filed under
Microsoft
  • You Can’t Open the Microsoft Surface Laptop Without Literally Destroying It

    The company, which provides repair tools and manuals for popular gadgets like the iPhone and PlayStation, has handed the Surface Laptop a score of 0 out of 10 in terms of user repairability, stating definitively that the laptop "is not meant to be opened or repaired; you can't get inside without inflicting a lot of damage."

  • 2017 Surface Pro least repairable ever; Surface Laptop is made of glue

    iFixit's pictures, as ever, give a great look at the insides of the two machines. The Laptop has no external screws at all; to get into the system, iFixit had to peel off the glued-down fabric keyboard surround, an operation that obviously can't be undone, producing a machine that offers essentially no serviceability whatsoever.

Microsoft in the Details

Filed under
Microsoft

Openwashing and Attacks on FOSS, OSS Leftovers

Filed under
Microsoft
OSS
  • Microsoft is Bringing Native Linux Container Support and Bash to Windows Server [Ed: Microsoft wants to swallow GNU/Linux in a platform with NSA back doors and keyloggers, not to mention patent tax]
  • ​Microsoft joins Java-oriented Cloud Foundry [Ed: for influence and steering from the inside]
  • FreeNAS 11.0 is Now Here
  • OW2 Consortium: Building Beyond Europe

    This year marks the 10th anniversary of OW2, and the organization is celebrating during its annual conference, on June 26-27, in Paris, France. OSI GM Patrick Masson sat down with Cedric Thomas, CEO of OW2 to learn more about the foundation, it’s accomplishments over the past 10 years, and what’s in store for the anniversary celebration.

    The Open Source Initiative (OSI) Affiliate Membership Program is an international who’s who of open source projects, advocates, and communities: Creative Commons, Drupal Association, Linux Foundation, Mozilla Foundation, Open Source Matters (the foundation supporting Joomla), Python Software Foundation, Wikimedia Foundation, Wordpress Foundation and many more. Open source enthusiasts outside Europe may not be as familiar with another OSI Affiliate Member, OW2, however its impact on open source development and adoption across the EU has been significant.

  • FSFE Newsletter - June 2017
Syndicate content

More in Tux Machines

today's leftovers

'Turbo Boost Max 3.0' and Mesa 17.2.4

  • Turbo Boost Max 3.0 Support For Skylake Fixed With Linux 4.15
    The platform-drivers-x86 updates have been sent in for Linux 4.15 and include a range of improvements for Intel hardware support. One of the bigger items is support for Skylake CPUs with Turbo Boost Max 3.0.
  • Mesa 17.2.4 Graphics Stack Lands for Ubuntu 16.04 LTS and Ubuntu 17.10 Gamers
    Canonical's Timo Aaltonen reports on the availability of the Mesa 17.2.4 open-source graphics drivers stack on the X-SWAT updates PPA for Ubuntu 16.04 LTS and Ubuntu 17.10 systems. Ubuntu systems have always lagged behind the development of the Mesa 3D Graphics Library, the Linux graphics stack containing open-source drivers for Intel, AMD Radeon, and Nvidia GPUs, but they usually catch up with it through a specially crafted PPA (Personal Package Archive) repository that can be easily installed by users.

OSS Leftovers

  • The Future of Marketing Technology Is Headed for an Open-Source Revolution
  • Edging Closer – ODS Sydney
    Despite the fact that OpenStack’s mission statement has not fundamentally changed since the inception of the project in 2010, we have found many different interpretations of the technology through the years. One of them was that OpenStack would be an all-inclusive anything-as-a-service, in a striking parallel to the many different definitions the “cloud” assumed at the time. At the OpenStack Developer Summit in Sydney, we found a project that is returning to its roots: scalable Infrastructure-as-a-Service. It turns out, that resonates well with its user base.
  • Firefox Quantum Now Available on openSUSE Tumbleweed, Linux 4.14 Coming Soon
    Users of the openSUSE Tumbleweed rolling operating system can now update their computers to the latest and greatest Firefox Quantum web browser.
  • Short Delay with WordPress 4.9
    You may have heard WordPress 4.9 is out. While this seems a good improvement over 4.8, it has a new editor that uses codemirror.  So what’s the problem? Well, inside codemirror is jshint and this has that idiotic no evil license. I think this was added in by WordPress, not codemirror itself. So basically WordPress 4.9 has a file, or actually a tiny part of a file that is non-free.  I’ll now have to delay the update of WordPress to hack that piece out, which probably means removing the javascript linter. Not ideal but that’s the way things go.

Red Hat and Fedora Leftovers