- wlug - University of Waikato Mail Lists

Snapdragon chip flaws put >1 billion Android phones at risk of data theft

by Peter Reutemann

'A billion or more Android devices are vulnerable to hacks that can turn them into spying tools by exploiting more than 400 vulnerabilities in Qualcomm’s Snapdragon chip, researchers reported this week. The vulnerabilities can be exploited when a target downloads a video or other content that’s rendered by the chip. Targets can also be attacked by installing malicious apps that require no permissions at all. From there, attackers can monitor locations and listen to nearby audio in real time and exfiltrate photos and videos. Exploits also make it possible to render the phone completely unresponsive. Infections can be hidden from the operating system in a way that makes disinfecting difficult. Snapdragon is what’s known as a system on a chip that provides a host of components, such as a CPU and a graphics processor. One of the functions, known as digital signal processing, or DSP, tackles a variety of tasks, including charging abilities and video, audio, augmented reality, and other multimedia functions. Phone makers can also use DSPs to run dedicated apps that enable custom features.' -- source: https://arstechnica.com/information-technology/2020/08/snapdragon-chip-flaw… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 hours, 11 minutes

1
0
0 0

Researcher Discovers New 'HTTP Request Smuggling Attack' Variants

by Peter Reutemann

'Some scary new variants of "HTTP request smuggling" have been discovered by Amit Klein, VP of security research at SafeBreach, reports Security Week: Specifically, an HTTP request smuggling attack, which can be launched remotely over the internet, can allow a hacker to bypass security controls, gain access to sensitive data, and compromise other users of the targeted app. While the attack method has been known for more than a decade, it still hasn't been fully mitigated. Klein has managed to identify five new attack variants and he has released proof-of-concept (PoC) exploits. He demonstrated his findings using the Abyss X1 web server from Aprelium and the Squid caching and forwarding HTTP web proxy. The developers of Abyss and Squid have been notified of the vulnerabilities exploited by Klein during his research, and they have released patches and mitigations. One of the attacks bypasses the OWASP ModSecurity Core Rule Set (CRS), which provides generic attack detection rules for ModSecurity or other web application firewalls. OWASP has also released fixes after being notified. Klein told SecurityWeek ahead of his talk on HTTP request smuggling at the Black Hat conference that an attacker needs to find combinations of web servers and proxy servers with "matching" vulnerabilities in order to launch an attack, which makes it difficult to determine exactly how many servers are impacted. However, an attacker can simply try to launch an attack to determine if a system is vulnerable. "The attack is not demanding resource-wise, so there's no downside to simply trying it," Klein said. In his research, he demonstrated a web cache poisoning attack, in which the attacker forces the proxy server to cache the content of one URL for a request of a different URL. He says attacks can be launched en-masse through a proxy server against multiple different web servers or against multiple proxy servers... While there haven't been any reports of HTTP request smuggling being used in the wild, Klein has pointed out that attacks may have been launched but were not detected by the target.' -- source: https://it.slashdot.org/story/20/08/09/0047219 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 hours, 43 minutes

1
0
0 0

Linus Torvalds: Linux 5.8 "One of our Biggest Releases of All Time"

by Peter Reutemann

'This week saw the release Linux 5.8, which Linus Torvalds called "one of our biggest releases of all time," reports TechRepublic: The new version of the Linux kernel brings a number of updates to Linux 5.7 spanning security, core components, drivers, memory management, networking and improvements to the kernel's design, amongst others. This includes updates for Microsoft's Hyper-V virtualization platform, Intel Tiger Lake Thunderbolt support, improvements to Microsoft's exFAT file system, and support for newer Intel and ARM chips. Torvalds said the kernel had received over 15,000 merge requests and that around 20% of all the files in the kernel source repository had been modified. "That's really a fairly big percentage, and while some of it is scripted, on the whole it's really just the same pattern: 5.8 has simply seen a lot of development," Torvalds said. Translated into numbers, Linux 5.8 includes over 800,000 new lines and over 14,000 changed files. It also received one of the biggest number of merge requests during its merge window — over 14,000 non-merge commits and more than 15,000 including merges, according to Torvalds. "5.8 looks big. Really big," he added.' -- source: https://linux.slashdot.org/story/20/08/09/2046232 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 hours, 44 minutes

1
0
0 0

Infographic: Ubuntu from 2004 to 20.04 LTS

by Peter Reutemann

'Today, the first point release of Ubuntu 20.04 LTS went live! To celebrate, we wanted to share how Ubuntu has evolved since the first release in 2004 to where we are today with 20.04. Thanks to those in the community and our users for your contributions and joining us on this journey. Upgrade to Ubuntu 20.04.1 LTS now!' -- source: https://ubuntu.com/blog/infographic-ubuntu-from-2004-to-20-04-lts Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

1 day, 7 hours

4
4
0 0

Scientists Rename Human Genes To Stop Microsoft Excel From Misreading Them as Dates

by Peter Reutemann

'There are tens of thousands of genes in the human genome: minuscule twists of DNA and RNA that combine to express all of the traits and characteristics that make each of us unique. Each gene is given a name and alphanumeric code, known as a symbol, which scientists use to coordinate research. But over the past year or so, some 27 human genes have been renamed, all because Microsoft Excel kept misreading their symbols as dates. From a report: The problem isn't as unexpected as it first sounds. Excel is a behemoth in the spreadsheet world and is regularly used by scientists to track their work and even conduct clinical trials. But its default settings were designed with more mundane applications in mind, so when a user inputs a gene's alphanumeric symbol into a spreadsheet, like MARCH1 -- short for "Membrane Associated Ring-CH-Type Finger 1" -- Excel converts that into a date: 1-Mar. This is extremely frustrating, even dangerous, corrupting data that scientists have to sort through by hand to restore. It's also surprisingly widespread and affects even peer-reviewed scientific work. One study from 2016 examined genetic data shared alongside 3,597 published papers and found that roughly one-fifth had been affected by Excel errors.' -- source: https://science.slashdot.org/story/20/08/06/147226 This auto-interpreting and getting things wrong has always annoyed me about Excel and other spreadsheet applications. Not sure whether there ever was an option to turn off this "auto-detect of content type"... Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

2 days, 2 hours

3
5
0 0

Yet Another Spreadsheet Screwup

by Lawrence D'Oliveiro

The British Army had to retract a bunch of notifications about promotions incorrectly sent out <https://www.theregister.com/2020/08/07/army_promotion_excel_snafu/>. I suspect the phrase “incorrectly sorted” means they forgot to select all the right columns before doing a sort of the rows, leading to a scrambling of the data. This kind of thing is all too common.

2 days, 2 hours

1
0
0 0

The Next Step In SSD Evolution: NVMe Zoned Namespaces Explained

by Peter Reutemann

'In June we saw an update to the NVMe standard. The update defines a software interface to assist in actually reading and writing to the drives in a way to which SSDs and NAND flash actually works. Instead of emulating the traditional block device model that SSDs inherited from hard drives and earlier storage technologies, the new NVMe Zoned Namespaces optional feature allows SSDs to implement a different storage abstraction over flash memory. This is quite similar to the extensions SAS and SATA have added to accommodate Shingled Magnetic Recording (SMR) hard drives, with a few extras for SSDs. 'Zoned' SSDs with this new feature can offer better performance than regular SSDs, with less overprovisioning and less DRAM. The downside is that applications and operating systems have to be updated to support zoned storage, but that work is well underway. The NVMe Zoned Namespaces (ZNS) specification has been ratified and published as a Technical Proposal. It builds on top of the current NVMe 1.4a specification, in preparation for NVMe 2.0. The upcoming NVMe 2.0 specification will incorporate all the approved Technical Proposals, but also reorganize that same functionality into multiple smaller component documents: a base specification (one for each command set of block, zoned, key-value, and potentially more in the future), and separate specifications for each transport protocol (PCIe, RDMA, TCP). The standardization of Zoned Namespaces clears the way for broader commercialization and adoption of this technology, which so far has been held back by vendor-specific zoned storage interfaces and very limited hardware choices. [...]' -- source: https://hardware.slashdot.org/story/20/08/06/1916230 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 days, 5 hours

2
1
0 0

Can Killing Cookies Save Journalism?

by Peter Reutemann

'In May 2018, as the European Union’s landmark privacy law, the General Data Protection Regulation, went into effect, the main Dutch public broadcaster set in motion a grand experiment. The leadership at Nederlandse Publieke Omroep—essentially the BBC of the Netherlands—interpreted the law strictly, deciding that visitors to any of its websites would now be prompted to opt in or out of cookies, the tracking technology that enables personalized ads based on someone’s browsing history. And, unlike with most companies, who assume that anyone who skips past a privacy notice is OK with tracking, any NPO visitor who clicked past the obtrusive consent screen without making a choice would be opted out by default. The results weren’t terribly surprising: 90 percent of users opted out. Here is where the ad tech industry would have predicted calamity. A study performed by Google last year, for example, concluded that disabling cookies reduced publisher revenue by more than 50 percent. (Research by an independent team of economists, however, pegged the cookie premium at only 4 percent. Needless to say, there were methodological differences.) If the Google study was right, then NPO should have been heading for financial disaster. The opposite turned out to be true. Instead, the company found that ads served to users who opted out of cookies were bringing in as much or more money as ads served to users who opted in. The results were so strong that as of January 2020, NPO simply got rid of advertising cookies altogether. And rather than decline, its digital revenue is dramatically up, even after the economic shock of the coronavirus pandemic.' -- source: https://www.wired.com/story/can-killing-cookies-save-journalism/ Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 days, 6 hours

1
0
0 0

Cluster of 295 Chrome Extensions Caught Hijacking Google and Bing Search Results

by Peter Reutemann

'More than 80 million Chrome users have installed one of 295 Chrome extensions that have been identified to hijack and insert ads inside Google and Bing search results. The malicious extensions were discovered by AdGuard, a company that provides ad-blocking solutions, while the company's staff was looking into a series of fake ad-blocking extensions that were available on the official Chrome Web Store. AdGuard says that most of the extensions (245 out of the 295 extensions) were simplistic utilities that had no other function than to apply a custom background for Chrome's "new tab" page. In addition to the 295 cluster, AdGuard also found a large number of copycat extensions that cloned popular add-ons to capitalize on their brands, and then load malicious code that performed ad fraud or cookie stuffing. ZDNet has the full list of 295 Chrome extensions embedded in their article.' -- source: https://search.slashdot.org/story/20/08/05/213204 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 days, 7 hours

1
0
0 0

Massive 20GB Intel IP Data Breach Floods the Internet, Mentions Backdoors

by Peter Reutemann

'A leaker today posted on Twitter a link to a file sharing service that contains what an anonymous source claims is a portion of Intel's crown jewels: A 20GB folder of confidential Intel intellectual property. The leaker dubbed the release the "Intel exconfidential Lake Platform Release ;)" The folder has been posted by an anonymous source that claims more is coming soon, and while we don't know the exact specifics of the folder's contents, we have verified that it does exist. In fact, the title of many of the documents do correlate to the list of purported information posted by the leaker: Intel ME Bringup guides + (flash) tooling + samples for various platforms Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history) Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES Silicon / FSP source code packages for various platforms Various Intel Development and Debugging Tools Simics Simulation for Rocket Lake S and potentially other platforms Various roadmaps and other documents Binaries for Camera drivers Intel made for SpaceX Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform (very horrible) Kabylake FDK training videos Intel Trace Hub + decoder files for various Intel ME versions Elkhart Lake Silicon Reference and Platform Sample Code Some Verilog stuff for various Xeon Platforms, unsure what it is exactly. Debug BIOS/TXE builds for various Platforms Bootguard SDK (encrypted zip) Intel Snowridge / Snowfish Process Simulator ADK Various schematics Intel Marketing Material Templates (InDesign)' -- source: https://slashdot.org/story/20/08/06/199225 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 days, 8 hours

1
0
0 0

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

wlug