wlug November 2018

wlug@list.waikato.ac.nz

5 participants
39 discussions

by Lawrence D'Oliveiro

For quite a while now, I’ve been annoyed by the system notification volume going to 100% on my Debian systems, regardless of my attempts to set it to a lower level. For example, when I open the KDE System Settings app, change something, then try to close the window, the sound that accompanies the save/discard/cancel alert is always startlingly loud. I think I have finally found a fix: in your /etc/pulse/daemon.conf, put in a line saying flat-volumes = no (You should find an existing comment “; flat-volumes = yes” that indicates the default.) You can make this new setting take effect in the current session immediately without having to logout or reboot, by executing the following as the currently-logged-in user: pulseaudio -k (This kills and restarts the PulseAudio daemon for your user session.) There are several discussions of the pros and cons of this issue online, going back some years. For example, here <https://bugzilla.redhat.com/show_bug.cgi?id=1265267>. Also a mention about the “flat-volumes” setting in the ever-reliable Arch Linux Wiki here <https://wiki.archlinux.org/index.php/PulseAudio>.

9 months, 1 week

Does Wi-Fi Security Really Matter?

by Lawrence D'Oliveiro

Seems the Wi-Fi Alliance is having yet another crack at coming up with a really secure protocol, this time to be called WPA3 <http://www.theregister.co.uk/2018/01/09/wi_fi_wpa3/>. Does anybody care? Remember that on the Internet, security is implemented between the endpoints, the protocols are designed not to care that everything in-between might be pawed through by eavesdroppers, or even active attackers trying to inject fake data.

2 years, 6 months

Microsoft Fixes Notepad

by Lawrence D'Oliveiro

Windows Notepad has never been able to handle any newline convention other than the old DOS/Windows/CP/M one (CR-LF). Now, after so many decades, Microsoft has finally decided to give it “universal newline” capability, so it can handle lines ending in LF-only (Unix/Linux) and CR-only (old MacOS) <http://www.theregister.co.uk/2018/05/08/windows_notepad_unix_macos_line_end…>. Gee, I wonder how many lines of code that took...

2 years, 10 months

Australia Has Rushed Through Its Copyright Amendment Bill

by Lawrence D'Oliveiro

Seems like the Aussie government has disregarded <https://www.theregister.co.uk/2018/11/28/australia_to_build_a_pirateproof_f…> <https://www.techdirt.com/articles/20181127/13425541113/australian-parliamen…> most of the objections to its plan to impose more draconian copyright restrictions on Internet usage. Rightsholders will be able to get injunctions against sites whose “primary effect” (no longer just “primary purpose”) is to facilitate copyright infringement, and they will also have “adaptive injunctions”, meaning they can reinterpret an existing court order as circumstances change, instead of having to go back to court to get a new order. You’d think a statement like “The Government has zero tolerance for online piracy. It is theft...” should be an instant disqualification from making any kind of statement about copyright law...

2 years, 11 months

Mass Router Hack Exposes Millions of Devices To Potent NSA Exploit

by Peter Reutemann

'More than 45,000 Internet routers have been compromised by a newly discovered campaign that's designed to open networks to attacks by EternalBlue, the potent exploit that was developed by, and then stolen from, the National Security Agency and leaked to the Internet at large, researchers say. From a report: The new attack exploits routers with vulnerable implementations of Universal Plug and Play to force connected devices to open ports 139 and 445, content delivery network Akamai said in a blog post. As a result, almost 2 million computers, phones, and other network devices connected to the routers are reachable to the Internet on those ports. While Internet scans don't reveal precisely what happens to the connected devices once they're exposed, Akamai said the ports --which are instrumental for the spread of EternalBlue and its Linux cousin EternalRed -- provide a strong hint of the attackers' intentions. The attacks are a new instance of a mass exploit the same researchers documented in April. They called it UPnProxy because it exploits Universal Plug and Play -- often abbreviated as UPnP -- to turn vulnerable routers into proxies that disguise the origins of spam, DDoSes, and botnets.' -- source: https://tech.slashdot.org/story/18/11/29/1849254 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

2 years, 11 months

Proprietary Software Subverts Security Of Your PC

by Lawrence D'Oliveiro

Audio company Sennheiser has just issued a fix <https://arstechnica.com/information-technology/2018/11/sennheiser-discloses…> for a really nasty vulnerability where their software for Windows and Mac would install a special fake browser certificate that the machine would continue to trust thereafter, even after the software was removed. Unfortunately, because the installation also included the private key for that certificate (which is never supposed to be distributed), it could then be exploited by arbitrary third parties to trick such machines into trusting random sites.

2 years, 11 months

Deleting Windows Server Child Folder Changes Parent Folder Permissions

by Lawrence D'Oliveiro

<https://www.theregister.co.uk/2018/11/28/microsoft_windows_10_server_2016_p…>: ... Microsoft's support team [said] initially that the behaviour was by design and introduced in Windows Server 2016. Interestingly, it only occurs when folders are deleted (or cut and pasted) using File Explorer. Using the command line makes things behave as one would expect. It also only occurred when using a local path. Deleting using a UNC path was fine.

2 years, 11 months

Half of all Phishing Sites Now Have the Padlock

by Peter Reutemann

'You may have heard you should look for the padlock symbol at the top of a website before entering your password or credit card information into an online form. It's well-meaning advice, but new data shows it isn't enough to keep your sensitive information secure. From a report: Recent data from anti-phishing company PhishLabs shows that 49 percent of all phishing sites in the third quarter of 2018 bore the padlock security icon next to the phishing site domain name as displayed in a browser address bar. That's up from 25 percent just one year ago, and from 35 percent in the second quarter of 2018. This alarming shift is notable because a majority of Internet users have taken the age-old "look for the lock" advice to heart, and still associate the lock icon with legitimate sites. A PhishLabs survey conducted last year found more than 80% of respondents believed the green lock indicated a website was either legitimate and/or safe. In reality, the https:// part of the address (also called "Secure Sockets Layer" or SSL) merely signifies the data being transmitted back and forth between your browser and the site is encrypted and can't be read by third parties. The presence of the padlock does not mean the site is legitimate, nor is it any proof the site has been security-hardened against intrusion from hackers.' -- source: https://it.slashdot.org/story/18/11/27/1521240 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

2 years, 11 months

AGM next week

by Peter Reutemann

Hi everyone Just a friendly reminder that our AGM is next Monday: https://www.meetup.com/WaikatoLinuxUsersGroup/events/246737212/ In order to be eligible to vote, "only those people who were paid members in the previous financial year and who have signed a membership form for the then-current financial year will be eligible to vote." (https://github.com/WLUG/charter/blob/master/rules_140120.pdf) See you next Monday! Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

2 years, 11 months

Two Linux Kernels Revert Performance-Killing Spectre Patches

by Peter Reutemann

'Friday Greg Kroah-Hartman released stable point releases of Linux kernel 4.19.4, as well as 4.14.83 and 4.9.139. While they were basic maintenance updates, the 4.19.4 and 4.14.83 releases are significant because they also reverted the performance-killing Spectre patches (involving "Single Thread Indirect Branch Predictors", or STIBP) that had been back-ported from Linux 4.20, according to Phoronix: There is improved STIBP code on the way for Linux 4.20 that by default just applies STIBP to SECCOMP threads and processes requesting it via prctl() but otherwise is off by default (that behavior can also be changed via kernel parameters). Once that code is ready to go for Linux 4.20, we may see it then back-ported to these stable trees. Aside from reverting STIBP, these point releases just have various fixes in them as noted for 4.19.4, 4.14.83, and 4.9.139. Last Sunday Linus Torvalds complained that the performance impact of the STIPB code "was clearly way more expensive than people were told," according to ZDNet: "When performance goes down by 50 percent on some loads, people need to start asking themselves whether it was worth it. It's apparently better to just disable SMT entirely, which is what security-conscious people do anyway," wrote Torvalds. "So why do that STIBP slow-down by default when the people who *really* care already disabled SMT?"' -- source: https://linux.slashdot.org/story/18/11/24/2320228 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

2 years, 11 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

wlug November 2018