Language Selection

English French German Italian Portuguese Spanish

Security: Updates, ZombieLoad, FTP, Hack.lu, Hacking SETI, and Microsoft Chaos

Filed under
Security
  • Security updates for Thursday
  • ZombieLoad Mitigation Costs For Intel Haswell Xeon, Plus Overall Mitigation Impact

    With tests over the past week following the disclosure of the Microarchitectural Data Sampling (MDS) vulnerabilities also known as "Zombieload", we've looked at the MDS mitigation costs (and now the overall Spectre/Meltdown/L1TF/MDS impact) for desktop CPUs, servers, and some laptop hardware. I've also begun doing some tests on older hardware, such as some Phoronix readers curious how well aging Intel Haswell CPUs are affected.

  • How to enhance FTP server security [Ed: It just needs to be abandoned]
  • Hack.lu 2019 Call for Papers, Presentations and Workshops

    The purpose of the hack.lu convention is to give an open and free playground where people can discuss the implication of new technologies in society. hack.lu is a balanced mix convention where technical and non-technical people can meet each others and share freely all kind of information. The convention will be held in the Grand-Duchy of Luxembourg in October (22-24.10.2019). The most significant new discoveries about computer network attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a three days series of informative tutorials. We would like to announce the opportunity to submit papers, and/or lightning talk proposals for selection by the hack.lu technical review committee. This year we will be doing workshops on the first day PM and talks of 1 hour or 30 minutes in the main track for the three days.

  • Hacking SETI
  • Legal Threats Make Powerful Phishing Lures

    On or around May 12, at least two antivirus firms began detecting booby-trapped Microsoft Word files that were sent along with some various of the following message: [...]

  • US officials say foreign election [cracking] is inevitable

    "Systems that are connected to the Internet, if they're targeted by a determined adversary with enough time and resources, they will be breached," Hickey said. "So, we need to be focusing on resilience."

  • Why a Windows flaw patched nine days ago is still spooking the Internet

    The vulnerability resides in Microsoft’s proprietary Remote Desktop Protocol, which provides a graphical interface for connecting to another computer over the Internet. Exploiting the vulnerability—which is present in older versions of Windows but not the much better secured Windows 8 and 10—requires only that an attacker send specific packets to a vulnerable RDP-enabled computer. In a testament to the severity, Microsoft took the highly unusual step of issuing patches for Windows 2003, XP, and Vista, which haven’t been supported in four, five, and seven years, respectively.

  • Serial publisher of Windows 0-days drops exploits for 2 more unfixed flaws

    In Tuesday’s disclosure, SandboxEscaper wrote that the Task Scheduler vulnerability works by exploiting a flaw in the way the Task Scheduler processes changes to discretionary access control list permissions for an individual file. An advisory published Wednesday by US Cert confirmed that the exploit worked against both 32-bit and 64-bit versions of Windows 10.

More in Tux Machines

today's howtos

Leftovers: IBM, Mozilla and SUSE

  • What Is Razee, and Why IBM Open Sourced It
    The continuous delivery software that's been doing the heavy lifting on IBM's global Kubernetes platform is now open source.
  • View Source 5 comes to Amsterdam
    Mozilla’s View Source Conference is back for a fifth year, this time in Amsterdam, September 30 – October 1, 2019. Tickets are available now.
  • SUSE & SAP “A 20 years of Partnership”
  • SUSE on the IO500 List for HPC Storage
    If you haven’t been hanging around the Ceph world for a bit, you may not realize that Ceph was originally intended to provide a distributed file-system to service HPC clusters.  While this was the original intent, Ceph has taken a round-a-bout path to relevance in this space, especially given that we are only supporting multiple active MDS servers since the Luminous release.  The result is that we are, only now, really starting to see adoption in the HPC space, and mostly for the second tier storage needs. Enter, the science project.  Given an all-flash environment on SATA SSDS with a fast storage pool on Intel Optane for the metadata, would it be possible to provide a reasonable storage environment for HPC clusters?

GAFAM and 'Cloud': Google, Microsoft, Amazon and GitHub

  • Daniel Stenberg: Google to reimplement curl in libcrurl
    By throwing a lot of man power on it. As the primary author and developer of the libcurl API and the libcurl code, I assume that Cronet works quite differently than libcurl so there’s going to be quite a lot of wrestling of data and code flow to make this API work on that code. The libcurl API is also very versatile and is an API that has developed over a period of almost 20 years so there’s a lot of functionality, a lot of options and a lot of subtle behavior that may or may not be easy or straight forward to mimic. The initial commit imported the headers and examples from the curl 7.65.1 release.
  • Microsoft, you should look away now: Google's cloud second only to AWS in dev survey [Ed: Longtime Microsoft booster Tim Anderson  on Azure being a failure after so many entryism attempts and underhanded tactics]
    Coders use Google Cloud Platform (GCP) more than Microsoft Azure, though Amazon Web Services (AWS) has a comfortable lead, according to a Developer Ecosystem survey conducted by tools vendor JetBrains. Developer usage is 67 per cent AWS versus 28 per cent GCP and 21 per cent Azure, according to the new survey. Unfortunately, the question was posed in a different way in the 2018 survey, adding on-premises into the mix, but last year Azure and GCP had equal share after AWS. The survey had 19,000 participants invited via "Twitter ads, Facebook ads, Google Adwords and JetBrains' own communication channels," the tools vendor said, though "only the responses of 6,993 respondents were included in the report." Responses were removed to reduce bias, yet it warned "some bias may be present as JetBrains users may have been more willing on average to compete the survey".
  • Get your coat, you've pulled a Pull Panda: GitHub goes home with code collab specialists [Ed: Notice how Microsoft only takes GitHub in more of a proprietary software direction. That says a lot – they have plans and they’re really detrimental to FOSS]

Kernel: Linux Changes, Certifications, Graphics, PCI Express 6.0 and Bug

  • PowerCap/RAPL Code To Support Icelake Desktop / X / Xeon D With Linux 5.3
    While as of Linux 5.2 the support for Intel's Icelake CPUs appear production ready with all of the bits in place from new IDs to the much enhanced "Gen 11" graphics, there are a few stragglers of items to land with the upcoming Linux 5.3 merge window though could be back-ported to current series. Fortunately, we haven't found anything major to be missing. One of the latest bits of Icelake Linux support is handling of these next-generation processors within the PowerCap / RAPL (Running Average Power Limit) driver code. In particular, the desktop/workstation Icelake parts. This is the code for reading the estimated CPU package power consumption based on hardware performance counters and the ability to artificially limit the power draw of the processor via software.
  • Six Niche Linux Certifications
  • AMD Navi GPU stack bares all in Linux graphics driver update
    Eight Navi GPU variants have been spotted in Linux driver code. AMD’s next-gen RDNA graphics chips are set for launch on July 7, 2019 within the RX 5700 XT and RX 5700, but the red team has plenty of silicon in store for a range of applications. Including console, laptops, desktop, and mobile phones. The GPU codenames were spotted within Linux display drivers after the additional code was submitted and signed off by two AMD employees. The code adds support for Display Core Next, or DCN2, which “is the display block for Navi10.” Each entry following adds the necessary ASIC IDs for each Navi chip in the stack, starting with Navi 10 and down to Navi 21 LITE.
  • Nouveau Driver Picking Up NVIDIA TU116 GPU Support For Linux 5.3
    Building off the initial Turing mode-setting bits that were in place since Linux 5.0 and have continued stepping along to support newer variants on successive kernel releases, the Linux 5.3 kernel is slated to add support for the TU116 graphics processor.
  • PCI-SIG® Announces Upcoming PCI Express® 6.0 Specification to Reach 64 GT/s
  • PCI Express 6.0 Announced With 4-Times The Bandwidth Of PCIe 4.0
    With the increasing demand for bandwidth across a wide range of devices used in consumer and enterprise domains, PCI Express, the high-speed serial computer expansion bus standard has also evolved over the years. PCI Special Interest Group, a body that sets standards for PCIe, has announced PCI Express 6 that promises four times the bandwidth offered by PCIe 4.0 and twice of PCIe 5.0.
  • PCI Express 6.0 Announced For Release In 2021 With 64 GT/s Transfer Rates
    While PCI Express 4.0 up to this point has only been found in a few systems like Talos' POWER9 platforms and coming soon with the new AMD graphics cards and chipsets, the PCI SIG today announced PCI Express 6.0. PCI Express 5.0 was only announced last month with 32GT/s transfer rates while already the PCI SIG announced PCI Express 6.0.
  • Netflix researcher spots TCP SACK flaws in Linux and FreeBSD
  • TCP SACK Panic Flaw Could Compromise Production Linux Machines