Labels

Sunday, February 3, 2019

"iOS 12.1.4 is coming to fix the worst iPhone and iPad bug to date" by Adrian Kingsley-Hughes

https://www.zdnet.com/article/ios-12-1-4-is-coming-to-fix-the-worst-iphone-and-ipad-bug-to-date/


iOS 12.1.4 will fix a FaceTime bug that offered a way for another iPhone or iPad user to eavesdrop on another iOS user by activating a FaceTime call without the user's consent. What made this bug all the worse is how trivial it was to implement.

As is expected, this bug already resulted in at least one lawsuit.

Apple has now disable Group FaceTime ability at the server end, putting a stop to this bug. However, this feature will remain disabled for all iOS users not running iOS 12.1.4 or later.

Back in December, Apple fixed another FaceTime bug – this one just an annoyance, and not a major privacy risk – with iOS 12.1.1.

Keep an eye out for iOS 12.1.4, because it could land any time now.

The recommended way to update your devices is to tap Settings > General > Software Update and carry out the update from there. You will need Wi-Fi access and your battery to be charged above 50 percent, or the device will need to be connected to a charger.

Alternatively, if you have Automatic Updates enabled (you can find this setting in Settings > General > Software Update) then you can just wait for it to come in when it's ready.

Or, if you like doing things the long, hard way, you can connect the iPhone to a PC or Mac running iTunes and do the upgrade from there (keep in mind that this makes the download much bigger).


"iOS 13 rumors: Everything you need to know" by Jason Cross

https://www.macworld.com/article/3336145/iphone-ipad/ios-13-rumors-features-release-date.html

Like clockwork, Apple releases a major revision of iOS every year. The company formally unveils the new operating system for iPhone and iPad at WWDC in June, followed by a beta testing period and then a final release in the fall (typically in September, just before the new iPhones hit the shelves).
One never really knows exactly what new features and design changes Apple will bring until the company gets on stage at WWDC, but the rumor mill churns early and often. After all, iOS is one of the widest-used and most influential consumer operating systems in the world. We have our own wishlist of iOS 13 features, but we’ve also collected all the rumors about iOS 13 here.
  1. Dark Mode
  2. CarPlay Improvements
  3. iPad-focused Upgrades

Sunday, November 12, 2017

Linux 4.14 Has Been Released

https://linux.slashdot.org/story/17/11/12/219238/linux-414-has-been-released?utm_source=feedly1.0mainlinkanon&utm_medium=feed

Linux 4.11 has been released. This release adds support for bigger memory limits in x86 hardware (128PiB of virtual address space, 4PiB of physical address space); support for AMD Secure Memory Encryption; a new unwinder that provides better kernel traces and a smaller kernel size; support for the zstd compression algorithm has been added to Btrfs and Squashfs; support for zero-copy of data from user memory to sockets; support for Heterogeneous Memory Management that will be needed in future GPUs; better cpufreq behaviour in some corner cases; faster TBL flushing by using the PCID instruction; asynchronous non-blocking buffered reads; and many new drivers and other improvements.

Tuesday, March 7, 2017

WikiLeaks publishes 'biggest ever leak of secret CIA documents' by Ewen MacAskill

https://www.theguardian.com/media/2017/mar/07/wikileaks-publishes-biggest-ever-leak-of-secret-cia-documents-hacking-surveillance

The 8,761 documents published by WikiLeaks focus mainly on techniques for hacking and surveillance

The US intelligence agencies are facing fresh embarrassment after WikiLeakspublished what it described as the biggest ever leak of confidential documents from the CIA detailing the tools it uses to break into phones, communication apps and other electronic devices.
Thousands of documents focus mainly on techniques for hacking, including how the CIA cooperated with British intelligence to engineer a way to compromise smart televisions and turn them into improvised surveillance devices.
The leak, dubbed “Vault 7” by WikiLeaks, will once again raise questions about the inability of US spy agencies to protect secret documents in the digital age. It follows disclosures about Afghanistan and Iraq by army intelligence specialist Chelsea Manning in 2010 and about the National Security Agency and Britain’s GCHQ by Edward Snowden in 2013.
The documents appear to be from the CIA’s 200-strong Center for Cyber Intelligence and show in detail how the agency’s digital specialists engage in hacking.
According to the documents:

  • CIA hackers targeted smartphones and computers.
  • The Center for Cyber Intelligence is based at the CIA headquarters in Virginia but it has a second covert base in the US consulate in Frankfurt which covers Europe, the Middle East and Africa.
  • A programme called Weeping Angel describes how to attack a Samsung F8000 TV set so that it appears to be off but can still be used for monitoring.

Friday, March 3, 2017

Researchers Store Computer OS, Short Movie On DNA

https://hardware.slashdot.org/story/17/03/02/210247/researchers-store-computer-os-short-movie-on-dna?utm_source=feedly1.0mainlinkanon&utm_medium=feed

In a new study published in the journal Science, a pair of researchers at Columbia University and the New York Genome Center (NYGC) show that an algorithm designed for streaming video on a cellphone can unlock DNA's nearly full storage potential by squeezing more information into its four base nucleotides. They demonstrate that this technology is also extremely reliable. Erlich and his colleague Dina Zielinski, an associate scientist at NYGC, chose six files to encode, or write, into DNA: a full computer operating system, an 1895 French film, "Arrival of a train at La Ciotat," a $50 Amazon gift card, a computer virus, a Pioneer plaque and a 1948 study by information theorist Claude Shannon. They compressed the files into a master file, and then split the data into short strings of binary code made up of ones and zeros. Using an erasure-correcting algorithm called fountain codes, they randomly packaged the strings into so-called droplets, and mapped the ones and zeros in each droplet to the four nucleotide bases in DNA: A, G, C and T. The algorithm deleted letter combinations known to create errors, and added a barcode to each droplet to help reassemble the files later. In all, they generated a digital list of 72,000 DNA strands, each 200 bases long, and sent it in a text file to a San Francisco DNA-synthesis startup, Twist Bioscience, that specializes in turning digital data into biological data. Two weeks later, they received a vial holding a speck of DNA molecules. To retrieve their files, they used modern sequencing technology to read the DNA strands, followed by software to translate the genetic code back into binary. They recovered their files with zero errors, the study reports.

The study also notes that "a virtually unlimited number of copies of the files could be created with their coding technique by multiplying their DNA sample through polymerase chain reaction (PCR)." The researchers also "show that their coding strategy packs 215 petabytes of data on a single gram of DNA."

Tuesday, February 21, 2017

Unpatched Python and Java Flaws Let Hackers Bypass Firewall Using FTP Injection by Swati Khandelwal

http://thehackernews.com/2017/02/python-java-ftp-protocol-injection.html


This newly discovered bugs in Java and Python is a big deal today.

The two popular programming languages, Java and Python, contain similar security flaws that can be exploited to send unauthorized emails and bypass any firewall defenses.

And since both the flaws remain unpatched, hackers can take advantage to design potential cyber attack operations against critical networks and infrastructures.

The unpatched flaws actually reside in the way Java and Python programming languages handle File Transfer Protocol (FTP) links, where they don't syntax-check the username parameter, which leads to, what researchers call, protocol injection flaw.




Java/Python FTP Injection to Send Unauthorized SMTP Emails


In a blog post published over the past week, security researcher Alexander Klink detailed the FTP protocol injection vulnerability in Java's XML eXternal Entity (XXE) that allows attackers to inject non-FTP malicious commands inside an FTP connection request.

To demonstrate the attack, Alexander showed how to send an unauthorized email via SMTP (Simple Mail Transfer Protocol) in an FTP connection attempt, even though the FTP connection failed, as FTP servers does support authentication, but doesn't check for the present of carriage returns (CR) or line feeds (LF) in usernames.
"This attack is particularly interesting in a scenario where you can reach an (unrestricted, maybe not even spam- or malware-filtering) internal mail server from the machine doing the XML parsing," Alexander concluded.

Java/Python FTP Injections Allow to Bypass Firewall

 However, two days later in a separate security advisory, security researcher Timothy Morgan from Blindspot Security came forward with his findings, showing more threatening exploitation scenario where the FTP URL handlers in both Java and Python can be used to bypass firewalls.


Morgan said such FTP protocol injection flaw could be used to trick a victim's firewall into accepting TCP connections from the web to the vulnerable host's system on its "high" ports (from 1024 to 65535).

Besides the FTP protocol injection attack, there's reside a decade old security issue in FTP protocol called classic mode FTP – an insecure mechanism of client-server FTP interactions, but many firewall vendors still support it by default.

When a classic mode FTP connection is initiated, the firewall temporarily opens a port – typically between 1024 and 65535 – specified in the PORT command, which introduces security risks.

Using the FTP protocol injection issue in Java and Python, an attacker who knows the targeted host’s internal IP address can start a classic mode FTP connection, which attackers can use for nefarious purposes.

Morgan has determined that an attacker can open up one port in the targeted firewall with only three requests:
  1. Identify the victim's internal IP address – this requires an attacker to "send an URL, see how the client behaves, then try another until the attack is successful."
  2. Determine packet alignment and ensure that the PORT command is injected at the right moment, making the attack work.
  3. Exploit the vulnerability.

Each additional request can be used to open up another TCP port.


Easily Exploitable Protocol Injection Flaw


However, the researcher warned that his exploit could be used for man-in-the-middle (MitM) attacks, server-side request forgery (SSRF), an XEE attack and more – and once bypassed the firewall, desktop hosts can be attacked even if they do not have Java installed.

All an attacker need is to convince victims into accessing a malicious Java or Python applications installed on a server to bypass the entire firewall.
"If a desktop user could be convinced to visit a malicious website while Java is installed, even if Java applets are disabled, they could still trigger Java Web Start to parse a JNLP (Java Network Launch Protocol) file," Morgan said. "These files could contain malicious FTP URLs which trigger this bug."
"Also note, that since Java parses JNLP files before presenting the user with any security warnings, the attack can be entirely successful without any indication to the user (unless the browser itself warns the user about Java Web Start being launched)."
According to Morgan, a nearly identical flaw also exists in Python's urllib2 and urllib libraries, although "this injection appears to be limited to attacks via directory names specified in the URL."


Protocol Injection Flaw Is Still Unpatched


Morgan said the FTP protocol injection flaw was reported to the Python team in January 2016 and Oracle in November 2016 by his company, but neither of the two has issued any update to address the issue.

Morgan has developed a proof-of-concept (PoC) exploit but is currently holding back publication of his exploit until Oracle and Python respond to the disclosure and release patches.

The Morgan's exploit has successfully been tested against Palo Alto Networks and Cisco ASA firewalls, though researchers believe many commercial firewalls are also vulnerable to FTP stream injection attacks.

So until patches become available, Morgan suggests users uninstall Java on their desktops and in browsers, as well as disable support for "classic mode" FTP on all firewalls.

Monday, February 20, 2017

Windows wins the desktop, but Linux takes the world By Steve Ranger

http://www.zdnet.com/article/windows-wins-the-desktop-but-linux-takes-the-world/

The city with the highest-profile Linux desktop projects is turning back to Windows, but the fate of Linux isn't tied to the PC anymore.

After a nearly decade-long project to move away from Windows onto Linux, Munich has all but decided on a dramatic u-turn. It's likely that, by 2021, the city council will start to replace PCs running LiMux (its custom version of Ubuntu) with Windows 10.
Going back maybe 15 or 20 years, it was seriously debated as to when Linux would overtake Windows on the desktop. When Ubuntu was created in 2004, for example, it was with the specific intention of replacing Windows as the standard desktop operating system.
Spoiler: it didn't happen.
Linux on the desktop has about a two percent market share today and is viewed by many as complicated and obscure. Meanwhile, Windows sails on serenely, currently running on 90 percent of PCs in use. There will likely always be a few Linux desktops around in business -- particularly for developers or data scientists.
But it's never going to be mainstream.
There has been lots of interest in Munich's Linux project because it's one of the biggest around. Few large organizations have switched from Windows to Linux, although there are some others, like the French Gendarmerie and the city of Turin. But Munich was the poster child: losing it as a case study will undoubtedly be a blow to those still championing Linux on the desktop.
But the reality is that most companies are happy to go with the dominant desktop OS, given all of the advantages around integration and familiarity that come with it.
It's not entirely clear how much of the problems that some staff have complained about are down to the LiMux software and how much the operating system is being blamed for unrelated issues. But whatever Munich finally decides to do, Linux's fate is not going to be decided on the desktop -- Linux lost the desktop war years ago.
That's probably OK because Linux won the smartphone war and is doing pretty well on the cloud and Internet of Things battlefields too.
There's a four-in-five chance that there's a Linux-powered smartphone in your pocket (Android is based on the Linux kernel) and plenty of IoT devices are Linux-powered too, even if you don't necessarily notice it.
Devices like the Raspberry Pi, running a vast array of different flavours of Linux, are creating an enthusiastic community of makers and giving startups a low-cost way to power new types of devices.
Much of the public cloud is running on Linux in one form or another, too; even Microsoft has warmed up to open-source software. Regardless of your views about one software platform or another, having a rich set of options for developers and users is good for choice and good for innovation.
The dominance of the desktop is not what it once was: it's now just one computing platform among many. Indeed, the software on the PC becomes less and less relevant as more apps become device- and OS-independent, residing in the cloud instead.
The twists and turns of the Munich saga and the adventures of Linux on the desktop are fascinating, but they don't tell the full story.