136365210
submission
Artem S. Tashkinov writes:
Gizmodo Australia reports: On Thursday, users on 4chan posted what they claimed was the source code of Windows XP. Posting an image of a screenshot allegedly of the source code in front of Window’s XP iconic Bliss background, one user wrote ‘sooooo Windows XP Source code leaked’. Another Redditor helpfully has uploaded the code as a torrent, assisting in its spread. While there is no confirmation that this code is definitely Windows XP, independent researchers have begun to pick through the source code and believe it stands up to scrutiny.
The Windows XP source code is not the only code which might have leaked. A screenshot of the torrent files contains files and folders named, Xbox, Windows Research Kernel, MS DOS 6.0, Windows NT 3.5 and 4 source code, Windows Embedded and CE and many others.
If true, that could spell a disaster for Microsoft because large chunks of Windows XP source code are still used in Windows 10, and as for Open Source, this leak could become a boom for Wine development because Microsoft is notorious for having a great number of internal APIs and various hacks in their APIs which make it difficult to reimplement them properly.
135732070
submission
Artem S. Tashkinov writes:
253 emails have been leaked from from Debian private high-level mailing lists in which its representatives vocally complain about the talk Linus Torvalds gave at the most recent DebConf conference and some people insist that he should be permanently banned from future conferences because the language he uses is inappropriate and infringes on the project's Code of Conduct. This could set a very bad precedent for the open source community which has recently seen an influx of various CoC policies applied to a number of high profile projects mostly after very vocal concerns from the people who barely participate in the Open Source community. Some observers believe that it's a plot by Microsoft to destroy the open source movement from the inside.
127301266
submission
Artem S. Tashkinov writes:
Some patients who recovered from Covid-19 have suffered reduced lung function and now experience problems such as gasping for air when walking quickly, Hong Kong’s Hospital Authority has revealed. The authority released its findings on Thursday after observing the first group of discharged coronavirus patients. Some patients might have around a drop of 20 to 30 per cent in lung function after recovery. A review of lung scans of nine infected patients at Princess Margaret found patterns similar to frosted glass in all of them, suggesting there was organ damage.
126890458
submission
Artem S. Tashkinov writes:
Tom's Hardware reports a new paper released by the Graz University of Technology details two new "Take A Way" attacks, Collide+Probe and Load+Reload, that can leak secret data from AMD processors by manipulating the L1D cache predictor. The researchers claim that the vulnerability impacts all AMD processors from 2011 to 2019, meaning that the Zen microarchitecture is also impacted. (PDF) The university says it disclosed the vulnerabilities to AMD on August 23, 2019, meaning it was disclosed in a responsible manner (unlike the CTS Labs debacle), but there isn't any word of a fix yet.
We reverse-engineered AMD’s L1D cache way predictor in microarchitectures from 2011 to 2019, resulting in two new attack techniques. With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core. With Load+ Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core. While Load+Reload relies on shared memory, it does not invalidate the cache line, allowing stealthier attacks that do not induce any last level-cache evictions.
The researchers were able to exploit the vulnerability via JavaScript run on Chrome and Firefox browsers. The paper suggests several possible remedies for the vulnerability through a combined software and hardware approach, but doesn't speculate on the performance hit associated with the suggested fixes.
122573514
submission
Artem S. Tashkinov writes:
SHA-1 has been known to be insecure for quite some time and major web browsers, along with major operating systems have long stopped trusting SHA-1 hash sums as a method of verifying that the source data hasn't been tampered with however to this date attacks against this hashing algorithm haven't been practical in a sense that they required enormous resources and money. Now, researchers from two universities have published a website and paper (PDF) where they disclose a method of successful SHA-1 attack, called SHA-mbles, using commodity hardware and not a lot of money. It reduced the cost of a collision attack from 264.7 to 261.2, and the cost of a chosen-prefix collision attack from 267.1 to 263.4 (on a GTX 970 GPU) and it shows that it now costs less than 100k USD to break cryptography with a security level of 64 bits.
117408096
submission
Artem S. Tashkinov writes:
For some reasons Slashdot didn't pay attention to quite an alarming story when a development version of the most popular ad-blocker add-on for Google Chrome, uBlock Origin, was removed from the Chrome Web Store. Google's automated systems gave this reason for the removal: "the bundling of unrelated functionality in extensions". The developer of uBlock Origin, Raymond Hill, was unfazed and said this, "I won't re-submit to try to have the dev build restored in the CWS, uBO does not "bundle unrelated functionality" as implied in the email, thus closing as wontfix". The issue immediately sparked a public outcry on Reddit and other social media, and only a Google engineer manually intervened the add-on was reinstated. It's understandable that Google automates a large number of its internal processes using, e.g. neural networks, but when a major add-on gets delisted in a perfect world it should raise alarms, so that the human beings could intervene and obviously nothing like that happened. The same Google engineer also added that if something like that happens again, the developer should write to him directly in Twitter which obviously means that a situation like this may and will happen again and Google doesn't want to immediately address the issue, "Public outcry isn't necessary, but communication is. Run-ins with review are, unfortunately, one of the side effects of centralized stores. Short term I'd strongly encourage u/gorhill4 to reach out to me (preferably via Twitter) when something like this happens so I can jump on it right away. Longer term I'm hopeful that we can improve our developer communications to make it a bit easier on devs and clearer as to what their options are in terms of requesting clarification or contesting review decisions."
As a continuation of the story, an open source app implementing the WireGuard protocol was rejected in Play Store because the app had a link which opened a page for donations. The existence of such a link ostensibly infringed on Google apps "Payments Policy". What's strange about this is that Play Store has literally hundreds of thousands of apps which open full screen ads, which add shortcuts with advertisements to your home screen and do other nasty things which apparently comply with Google's high standards.
What does Slashdot think about that?
117154390
submission
Artem S. Tashkinov writes:
More than a year has passed since Bloomberg Businessweek grabbed the lapels of the cybersecurity world with a bombshell claim: that Supermicro motherboards in servers used by major tech firms, including Apple and Amazon, had been stealthily implanted with a chip the size of a rice grain that allowed Chinese hackers to spy deep into those networks. Apple, Amazon, and Supermicro all vehemently denied the report. The NSA dismissed it as a false alarm. The Defcon hacker conference awarded it two Pwnie Awards, for "most overhyped bug" and "most epic fail." And no follow-up reporting has yet affirmed its central premise.
But even as the facts of that story remain unconfirmed, the security community has warned that the possibility of the supply chain attacks it describes is all too real. The NSA, after all, has been doing something like it for years, according to the leaks of whistle-blower Edward Snowden. Now researchers have gone further, showing just how easily and cheaply a tiny, tough-to-detect spy chip could be planted in a company's hardware supply chain. And one of them has demonstrated that it doesn't even require a state-sponsored spy agency to pull it off—just a motivated hardware hacker with the right access and as little as $200 worth of equipment.
113403550
submission
Artem S. Tashkinov writes:
Researchers from security company Eclypsium have discovered that more than forty drivers from at least twenty different vendors – including every major BIOS vendor, as well as hardware vendors like ASUS, Toshiba, NVIDIA, and Huawei – include critical vulnerabilities allowing an escalation of privileges full system level access. Considering how widespread these drivers are, and the fact that they are digitally signed by Microsoft, they allow an attacker to more successfully penetrate target systems and networks, as well as remain hidden. Also some of these drivers "are designed to update firmware, the driver is providing not only the necessary privileges, but also the mechanism to make changes" which means the attacker can gain a permanent foothold. Eclypsium has already notified Microsoft about the issues and at least NVIDIA has already released fixed drivers.
113334272
submission
Artem S. Tashkinov writes:
Huawei's long-rumored Android alternative, Hongmeng, has been finally made official. The OS is said to be faster and safer than Android. The software is primarily aimed at IoT products (such as smart displays, wearables, smart speakers and in-car devices) instead of smartphones. A Huawei CEO stated that when Huawei can no longer access Google's Android ecosystem, it can deploy Harmony OS "at any time." Until then, Huawei will continue to support Android.
In a nutshell, Harmony OS is positioned as a future-proof, "microkernel-based, distributed OS for all scenarios." The platform is open source, and it's actually more of a competitor to Google's upcoming Fuchsia, given that both are microkernel-based and can be used on multiple types of devices at once. In contrast, his on-stage presentation said Android isn't as efficient due to its redundant codes, outdated scheduling mechanism and general fragmentation issues.
With a microkernel design, Harmony OS should be safer from the get-go as there is no root access available — the microkernel is protected by isolation from external kernel services. The system also applies formal verification — a set of mathematical approaches used in security-critical fields — to reliably spot vulnerabilities, whereas traditional methods are likely to miss some spots.
Despite being a lightweight system, Harmony OS is said to offer some performance boosts. For one, it'll feature a "Deterministic Latency Engine" that can better allocate system resources using real-time analysis and forecasting. Android, on the other hand, is stuck with the Linux kernel's less-intelligent fair scheduling mechanism.
113217968
submission
Artem S. Tashkinov writes:
A security researcher has published proof-of-concept (PoC) code for a vulnerability in the KDE software framework. A fix is not available at the time of writing. The bug was discovered by Dominik "zer0pwn" Penner and impacts the KDE Frameworks package 5.60.0 and below. The KDE Frameworks software library is at the base of the KDE desktop environment v4 and v5 (Plasma), currently included with a large number of Linux distributions.
The vulnerability occurs because of the way the KDesktopFile class (part of KDE Frameworks) handles .desktop or .directory files. It was discovered that malicious .desktop and .directory files could be created that could be used to run malicious code on a user's computer. When a user opens the KDE file viewer to access the directory where these files are stored, the malicious code contained within the .desktop or .directory files executes without user interaction — such as running the file.
Zero user interaction is required to trigger code execution — all you have to do is to browse a directory with a malicious file using any of KDE file system browsing applications like Dolphin.
113213998
submission
Artem S. Tashkinov writes:
A new variant of the Spectre 1 speculative execution side channel vulnerabilities that could allow a malicious program to access and read the contents of privileged memory in an operating system, has been disclosed. It was assigned CVE-2019-1125. This SWAPGS vulnerability allows local programs, like malware, to read data from memory that is should normally not have access to, such as the Windows or Linux kernel memory. Andrei Vlad Lutas of Bitdefender discovered this vulnerability while performing research on CPU internals and reported it to Intel in August 2018.
The attack allows to break the memory isolation provided by the CPU, allowing an unprivileged attacker to access privileged, kernel memory. This is done through the SWAPGS instruction found in 64-bit CPUs that when manipulated successfully can be used to leak sensitive information from kernel memory even when the malicious process is running with low user permissions.
While Microsoft, Intel, and Red Hat all state that this vulnerability exists in all modern CPUs, the researchers say they have only been able to successfully exploit the vulnerability on Intel CPUs.
113061428
submission
Artem S. Tashkinov writes:
Mathy Vanhoef and Eyal Ronen have recently disclosed two new additional bugs impacting WPA3. The security researched duo found the new bugs in the security recommendations the WiFi Alliance created for equipment vendors in order to mitigate the initial Dragonblood attacks. Just like the original Dragonblood vulnerabilities from April, these two new ones allow attackers to leak information from WPA3 cryptographic operations and brute-force a WiFi network's password.
On their webpage the researchers lamented that, "once again, it shows that privately creating security recommendations and standards is at best irresponsible and at worst inept".
112509056
submission
Artem S. Tashkinov writes:
Starting Wednesday, July 17, 2019, the Kazakhstan government has started intercepting all HTTPS internet traffic inside its borders. Local internet service providers (ISPs) have been instructed by the local government to force their respective users into installing a government-issued certificate on all devices, and in every browser. The certificate, once installed, will allow local government agencies to decrypt users' HTTPS traffic, look at its content, encrypt it again with their certificate, and send it to its destination. Kazakh users trying to access the internet since yesterday have been redirected to web pages that contained instructions on how to install the government's root certificate in their respective browsers, may it be a desktop or mobile device.
110958086
submission
Artem S. Tashkinov writes:
First identified in 1975 in the leafy New England town of Old Lyme, Connecticut, Lyme disease has now reached what experts consider pandemic proportions. According to the Centers for Disease Control and Prevention (CDC), the number of confirmed cases of Lyme disease in the U.S. has more than doubled in the two decades leading up to 2017 (the most recent year for which final figures are available) and increased 17% from 2016 to 2017 alone. More than half the counties in the U.S. are considered high-risk areas for Lyme, according to the CDC, and in some areas, as many as six out of 10 ticks carry the infection. It’s estimated that 300,000 people contract Lyme every year in the U.S., with victims found not just in traditionally tick-heavy areas like upstate New York and Maine, but also in all 50 states and Washington, D.C. In North America, news reports in Maine and southern Canada this spring featured a shocking number of sightings of what are called ghost moose—skeletal-looking, malnourished, denuded animals that have rubbed off their fur in response to tick irritation after hosting up to 75,000 feeding ticks through the winter. Many emerged anemic after being the source of so many blood meals, and a number of calves died after losing too much blood to ticks—a vampire-like end to life known as exsanguination.
110561394
submission
Artem S. Tashkinov writes:
Ubuntu and their downstream flavors all stopped shipping x86 32-bit images and now for the 19.10 cycle they have decided to stop their i386 support entirely. Beginning with Ubuntu 19.10, the archive/packages will not be built for x86 32-bit. Longtime Ubuntu developer Steve Langasek announced their decision that the i386 architecture will be dropped starting with Ubuntu 19.10, affecting all Ubuntu-based platforms / those relying upon the official Ubuntu Eoan archives. The decision to drop it now for Ubuntu 19.10 was made since they don't want to support i386 for another LTS cycle and thus for sufficient testing/notice they are doing it ahead of the Ubuntu 20.04 LTS cycle. Users still needing Ubuntu x86 32-bit packages can stick to using Ubuntu 18.04 LTS or otherwise setup a chroot on top of Ubuntu 19.10+ that is based on the Ubuntu 18.04 LTS package set. This may cause some snags for the likes of Steam, but we'll see the path they take now moving forward.
