Cortana's feeling vulnerable; that's why she's always eavesdropping on you

Subject: General Tech | June 13, 2018 - 12:39 PM |
Tagged: security, windows 10, cortana, microsoft, spectre

If your Win10 machine did not go beep in the night, you might want to get on that reboot as there are numerous security patches waiting to install.  One of them is a long standing flaw which effects those who haven't disembowelled the Cortana search assistant on their computer.  For those that have managed to subdue Cortana, rest assured she is not listening to you at all times; those who haven't should be aware that she is always listening, even in her sleep.  As creepy as that already is, it has also been a way to take advantage of long standing security flaw in the assistant.   This, as well as a patch for a Spectre variant and a variety of other patches is waiting your installation. 

You can check out information on Cortana's bad habits over at The Inquirer.

dims.jpg

"Lane Thames, a senior security researcher at Tripwire, spoke out about the long-standing flaw with Cortana, that meant the AI helper was always listening for commands, even when a PC is locked."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Inquirer

Has your Amazon Fire TV been running a little hot lately?

Subject: General Tech | June 12, 2018 - 01:36 PM |
Tagged: amazon fire tv, amazon, security, cryptocurrency, Android, ADB.Miner

New cryptomining malware has been popping up on Android devices recently, especially Fire TV's with debugging mode or installation of unsigned apps enabled. ADB.Miner runs a program called Test under com.google.time.time and will happily suck up as much of your devices processing power as it can, causing slow performance and occasionally interrupting video playback with a screen which reads Test.  If you have seen this you should probably disable debug, set the device to block unsigned apps and do a factory reset. 

The Inquirer also describes an Amazon store app called Total Commander which should remove it, but the factory reset will offer a better guarantee of removal.

41-EH8m42xL._SY300_QL70_.jpg

"AFTVnews has the scoop and reports that the threat, a malware worm variant dubbed 'ADB.Miner', is installing itself on Amazon gadgets as an app called 'Test' under the package name 'com.google.time.time.' "

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Why we can't have nice things, part infinity ... Samsung escapes security support

Subject: General Tech | June 1, 2018 - 12:41 PM |
Tagged: Samsung, security, lawyers

It is unlikely you spend much time following Dutch court cases; thankfully The Register had an ear out though as this particular case is of interest to many.  The Dutch Consumers Association launched a case which would have made Samsung legally responsible for providing security updates to phones for up to four years after launch, two years after sale.  A judgment in favour of this would have meant an appeal, of course, but could eventually have meant Android updates for all as it would be a bizarre decision on Samsung's part to geographically limit security updates.  We should expect to see more cases, hopefully somewhere is a judge that does not consider a maximum of six years of security updates unacceptably onerous for Samsung to provide.

9d5691b0a23c.jpg

"The case could have had far-reaching impacts, since there's little point in writing software for only one market. The Consumentenbond wanted the court to force the smartphone giant to provide security updates for four years after a product was launched, and/or two years after a product was sold."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Remember Rowhammer; it has a long enough memory to remember you

Subject: General Tech | May 10, 2018 - 02:05 PM |
Tagged: rowhammer, security, throwhammer

Rowhammer dates back to 2015, a vulnerability which is able to flip bits in DRAM and NAND.  An enterprising attacker could use it to target page table entries which would allow them to gain root access to Linux machines, but it was a local attack and could not be performed remotely ... until now.  Researchers have discovered a new way to exploit this vector using carefully crafted network packages to attack high end network cards which utilize remote direct memory access.  That feature is very handy, allowing the network card to move large amounts of data without taking CPU cycles but it is vulnerable to this new attack.  Drop by Ars Technica for all the depressing details about Throwhammer.

5a0b8178d6a13f94a844a35ad618563a.jpg

"For the first time, researchers have exploited the Rowhammer memory-chip weakness using nothing more than network packets sent over a local area network. The advance is likely to further lower the bar for triggering bit flips that change critical pieces of data stored on vulnerable computers and servers."

Here is some more Tech News from around the web:

Tech Talk

 

Source: Ars Technica

Fools! You thought you had seen the last of ... The Spectre?

Subject: General Tech | May 4, 2018 - 12:55 PM |
Tagged: Specter NG, Intel, security

Not to ruin your Friday, but it seems we have a sequel.  Spectre Next Generation refers to eight new vulnerabilities Intel CPUs posses, some of which Heise suggests could be even worse than the previously revealed flaws.  Intel's official response can be read at The Inquirer, AMD have stated they are investigating to see if there is any possible way their chips and vulnerable while ARM decided not to comment at all.  One of the more disturbing vulnerabilities can cross between or out of VMs, rendering your sandbox unsafe.  It is still early yet so we cannot say exactly what product lines are vulnerable, nor do we have specifics on the the eight flaws but you can expect to hear a lot more in the coming days.

kzMVKjH.png

"The flaws, first reported by German tech site Heise which said it has been given full technical details on the vulnerabilities and said Intrl had reserved Common Vulnerabilities and Exposures (CVE) numbers for them."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

The cure worse than the disease; get your new patches or enjoy a total meltdown

Subject: General Tech | April 27, 2018 - 12:59 PM |
Tagged: meltdown, microsoft, security, patch, Windows 7, server 2008 r2

Wasn't it hilarious when Microsoft released a patch for the Meltdown flaw that made things even worse by allowing write access to kernel memory as well as read access?  Well, if you haven't the patch which fixes the patch in place you won't be laughing so hard today.  The Register has seen proof of concept code which makes use of this flaw to elevate a DOS shell window to NT AUTHORITY\System from a user without admin privileges.  Get yourself patched up, especially that Server 2008 instance!

stop-hitting-yourself-meme.jpg

"If you're not up-to-date with your Intel CPU Meltdown patches for Windows 7 or Server 2008 R2, get busy with that, because exploit code for Microsoft's own-goal flaw is available."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

You've been diagnosed with terminal projected gradient descent

Subject: General Tech | April 20, 2018 - 01:10 PM |
Tagged: security, scary, health, PGD

Researchers have demonstrated how a projected gradient descent attack is able to fool medical imaging systems into seeing things which are not there.  A PGD attack degrades pixels in an image to convince an image recognition tool into falsely identifying the presence of something in an image, in this case medical scanners.  The researchers were successful in fooling three tests, a retina scan, an x-ray and a dermatological scan for cancerous moles; regardless of their access level on the scanner itself.  Take a look over at The Register for more information on this specific attack as well as the general vulnerability of image recognition software.

results_1.jpg

"Medical AI systems are particularly vulnerable to attacks and have been overlooked in security research, a new study suggests."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Well SPIt, Intel firmware is a wee bit vulnerable

Subject: General Tech | April 16, 2018 - 01:24 PM |
Tagged: uefi, SPI, security, Intel, bios

The one part of your computer you still rely on to be safe are firmware updates to your UEFI, but of course there are also cases where this too can prove to be vulnerable.  It seems there is a vulnerability in the way the the SPI flash is configured on on a variety of Intel CPUs stretching all the way back to Broadwell, straight through to the current chips.  There is good news as a patch for this vulnerability has already been provided to PC and motherboard manufactures according to the information over at Bleeping Computer so check for BIOS updates over the next while.  As this does stretch back to models which no longer receive regular updates, hopefully even those ancient devices will receive an update.

bios-1004.jpg

"According to Lenovo, who recently deployed the Intel fixes, "the configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware.""

Here is some more Tech News from around the web:

Tech Talk

Alphabet's Jigsaw Launches Outline: An Open Source and Simple To Use Proxy

Subject: General Tech | March 28, 2018 - 10:59 PM |
Tagged: vpn, socks5, shadowsocks, security, proxy, outline, encryption

Alphabet Inc (parent company of Google) through its Jigsaw subsidiary recently took the wraps off of Outline which is a simple to setup proxy based on the popular Shadowsocks project. Aimed at journalists, small companies, and individuals, Outline is an open source project that comes in two parts: a proxy server and client applications that help configure the connection.

Screenshot (750).png

While companies can take advantage of an advanced mode to install Outline's server components onto an existing cloud server or an internal private server, most users can opt for the basic setup which is about as simple as it gets. Currently, Outline integrates with Digital Ocean using Digital Ocean's API and after signing in and authorizing Outline to make changes, it automatically spins up the lowest cost droplet and sets everything up. You never need to SSH into the VPS to configure anything. Rather, what little configuration there is (not much!) is done using a GUI Outline Manager application on a client device. The connection between the management application and the server is encrypted using a self-signed SSL certificate.

The proxy server is based on a Shadowbox image that is imported using Docker and is kept up to date using Watchtower (which is also installed on the droplet) which checks every hour for updated images. A cron job is also automatically configured to run and apply security updates for the host Ubuntu operating system and reboot as needed. Finally, a web server for management of it is installed in a secret path and run on a random port and only responds to queries if the secret path is specified and only over SSL.

Outline Manager.png

After watching Darren Kitchen and Shannon Morse over at Hak5 check it out, I decided to also fire it up to see if it really was that easy, and sure enough it is! The entire process is very simple taking only a few minutes (the longest step was finding my phone for the two factor authentications haha) and the management of it at least seems very hands off with the automated updates.

On the security front, Outline is a SOCK5 proxy that reportedly uses strong encryption with an AEAD 256-bit ChaCha2020 IETF Poly 1305 cipher which, according to Jigsaw, ticks all at least two boxes corners of the CIA triangle (confidentiality and integrity) along with authentication using the secure keys. I think the hardest part about maintaining that security is going to be sharing the access with others as you would need a secure channel of communication to share the needed information with. While you can generate the key easily enough for them, getting them their key for the client device could prove tricky if you are physically far away from them and do not already have a secure method of messaging (e.g. encrypted email) though for most people sending it through signal or a similar mobile app or encrypted skype/facebook/whatever while not the greatest plan is likely to prove secure enough that it balances security and convenience.

In November, Outline was audited by Netherlands-based Radically Open Security and you can find the non-profit's report here (PDF).

Screenshot (752).png

Things are even simpler on the client side, after adding the server using the access key, all they have to do is hit a single connect button to get things connnected for most modern web browsers and other apps that respect the set Windows registry key. Note that for Android and Chrome OS, Outline acts as a system-wide VPN, but for Windows only TCP traffic is secured and not all applications are supported yet. Support for passing UDP traffic through the SOCKS5 proxy and for system-wide VPN tunneling of all traffic is coming soon but right now the only UDP traffic that is passed through the proxy is DNS which is encrypted and uses the Outline server's defualt DNS resolver rather than passing outside fo the proxy and using the Windows-configured DNS and/or ISP's DNS.

In my case, after hitting connect, Chrome automatically configured the proxy settings and I was on my way. I did run into a hiccup with getting the Outline-client app, however. I was able to download it from the Outline website using Chrome and it installed fine, but when trying to grab it through the Get Connected option in the Outline Manager app, the download link opened automatically in Microsoft Edge which proceeded to flag the file as malicous and would not let me open it (heh). Hopefully they are able to get the false posiitive resolved as that may trip up normal users and make it harder to convince them to use your Outline proxy.

Screenshot (749).png

So far I have not run into any other problems with it and things are running smoothly. Web pages are finally loading as fast as they should be as well which makes me think the problems of super slow webpage loads were not with my computer but with Comcast messing with me (we are talking some pages taking a minute to load on a 90/10 connection, even simple ones like Google and Gmail). 

Outline is not a full VPN, but it is extremely easy to setup and share with others and may well be secure enough for most people. If you want to get a little more geeky, there is always OpenVPN which you can setup with a simple script or projects like Algo VPN or free (as in money) commercial solutions like Pro XPN or the built-in VPN in the Opera web browser. On the positive side, Outline does not store any logs (and since its your sever you can access it and monitor it to be sure) and Jigsaw/Alphabet/Google is up front about what information they do collect which includes server IP and non-identifiable information following crashes. Users can opt-in to sharing anonymous metrics but they do not have to and the default setting is off which is good. The downside is that right now it is still fairly new and not as vetted as some of the other options and while it is open source it is not necessarily free. In its best form which is slick setup using the Digital Ocean integration, it is $5 a month, but if you are privacy concious it may be money well spent and if you already have an existing server you can also use that though in that case the ease of configuration edge may not be as great and you may as well run OpenVPN unless you really dig the simple client apps and not having to manually copy and mange keys around to all your devices possibly in a non-GUI way.

Overall, it is a neat solution and I think it has promise. Hopefully if/when Google abandons it for its next big thing they let the community have at it. As of the today, Outline Manager is supported on Windows 7 (or newer) and Linux with Mac OS support coming soon. Outline supports client using apps for Windows 7 (or newer), Android, and Chrome OS with Mac OS and iOS apps coming soon. You can find both the Outline Manager and Outline Client at https://getoutline.org. If you do end up checking it out, let me know what you think about it. More screenshots can be found below.

Source: Jigsaw

Unmasking the Spectre; will the new patches cause a performance Meltdown?

Subject: General Tech | February 28, 2018 - 12:59 PM |
Tagged: Intel, kaby lake, Skylake, security, spectre, meltdown

With the new improved Intel patches to protect against Spectre and Meltdown, The Tech Report made the effort to revisit the performance impact you can expect on a system with a Core i7-7700HQ and a Samsung PM961 512 GB NVMe SSD.  Javascript tests show a noticeable drop in performance and while PCMark Essentials total score showed a dip in performance the gaming specific tests did not.  It will be interesting to see if this levels the playing field between Ryzen and Skylake, as the performance delta is already very small.  Check out the full results here.

Alienware-13-e1494615490833-1024x785__94158.1502603207.500.659.jpg

"Intel recently released stable microcode updates to mitigate the Spectre vulnerability on Skylake and newer CPUs. We ran back-to-back tests with and without the patch on one of our Kaby Lake systems to see just how much performance suffers in exchange for safety."

Here is some more Tech News from around the web:

Tech Talk