Your Android may suffer a Meltdown

Subject: General Tech | August 8, 2018 - 02:19 PM |
Tagged: Android, galaxy s7, Samsung, security, meltdown

Researchers in Austria have found a way to utilize Meltdown to hack Galaxy S7 smartphones, a bad sign for security.  It was previously discovered that ARM's Cortex A75 was susceptible to the vulnerability but this is the first time we have seen this exploit successfully used on a Snapdragon 820 or Exynos 8890 chipset.  Even better is that these researchers have discovered variants which can affect older chipsets, meaning that far more phones may be vulnerable than we ever imagined.  You can take a peek over at The Inquirer, if you are looking to ruin your day.

Droid_torture_rack.png

"IF YOU LIVE IN THE PAST then best pick your ears up as researchers have found Samsung's Galaxy S7 is vulnerable to hacking due to a chip security flaw."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

About time Intel thought of ME!

Subject: General Tech | July 19, 2018 - 02:53 PM |
Tagged: security, patch, intel management engine, Intel, IME

A bit before Christmas last year, Intel provided sysadmins with a lovely present, vulnerabilities in the on chip Intel Management Engine which you could not even tell if they had been used to breach your systems.  Intel have now publicly released four advisories pertaining to the IME, so that interested parties can investigate for themselves.  These were already released to system builders and patches released, after a quite a long delay.  This is better late than never ... assuming you are not running anything older than a fourth generation Core processor. 

The Register has links to the advisories if you are interested in a little light reading.

Intel-Inside.jpg

"Now that Intel's advisory is public, it's clear that Chipzilla has known the particulars for some time, and has been privately working with computer manufacturers to push fixes ahead of disclosure. For example, Lenovo emitted firmware fixes in April, and Dell no later than June."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Spectre doesn't stand a ghost of a chance on the new Chrome, nor will your available RAM

Subject: General Tech | July 12, 2018 - 02:10 PM |
Tagged: chrome, security, spectre

Chrome's predilection for gobbling up vast amounts of RAM will soon increase to new levels but it is for a very good reason.  Chrome 67 will offer a Site Isolation feature which will protect you against a variety of Spectre attacks.   When you have this feature enabled in Chrome each site would be isolated, with the a single renderer process per page.  This means coss-site iframes and pop-ups will be unable to read data from other pages; in fact a single site may spawn multiple render processes, each running in isolation.

There is of course a cost, The Inquirer was quoted an increase of 10-13% in RAM usage ... so better get a 128GB kit.

d3aql.png

"The new feature basically splits the render process into separate tasks using out-of-process iframes, which makes it difficult for speculative execution exploits like Spectre to snoop on data."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Inquirer

Driver IRQL not less or equal, please schedule a patch at your local car dealership

Subject: General Tech | July 5, 2018 - 01:15 PM |
Tagged: security

Chris Roberts, who's claims to fame include taking over the thrust control of an airplane via the in flight entertainment system, spoke at length about the lack of security on less expensive vehicles.  With the electronics of cars and trucks becoming more and more complex and interactive, new threats are appearing almost daily and almost nothing is being done about it.  Car manufacturers will need to set up a method to update the software running on their vehicles, especially considering the fact that current laws make it illegal for owners to install patches on their own. 

The terrifying part is that he told The Register that the automobile industry is far ahead of all other transportation industries; apart from Tesla, the last newsworthy software update involved fudged emissions, not security enhancements.

140602132450-car-software-1024x576.jpg

"I put a network sniffer on the big truck to see what it was sharing. Holy crap! The GPS, the telemetry, the tracking. There's a lot of data this thing is sharing."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Cortana's feeling vulnerable; that's why she's always eavesdropping on you

Subject: General Tech | June 13, 2018 - 12:39 PM |
Tagged: security, windows 10, cortana, microsoft, spectre

If your Win10 machine did not go beep in the night, you might want to get on that reboot as there are numerous security patches waiting to install.  One of them is a long standing flaw which effects those who haven't disembowelled the Cortana search assistant on their computer.  For those that have managed to subdue Cortana, rest assured she is not listening to you at all times; those who haven't should be aware that she is always listening, even in her sleep.  As creepy as that already is, it has also been a way to take advantage of long standing security flaw in the assistant.   This, as well as a patch for a Spectre variant and a variety of other patches is waiting your installation. 

You can check out information on Cortana's bad habits over at The Inquirer.

dims.jpg

"Lane Thames, a senior security researcher at Tripwire, spoke out about the long-standing flaw with Cortana, that meant the AI helper was always listening for commands, even when a PC is locked."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Inquirer

Has your Amazon Fire TV been running a little hot lately?

Subject: General Tech | June 12, 2018 - 01:36 PM |
Tagged: amazon fire tv, amazon, security, cryptocurrency, Android, ADB.Miner

New cryptomining malware has been popping up on Android devices recently, especially Fire TV's with debugging mode or installation of unsigned apps enabled. ADB.Miner runs a program called Test under com.google.time.time and will happily suck up as much of your devices processing power as it can, causing slow performance and occasionally interrupting video playback with a screen which reads Test.  If you have seen this you should probably disable debug, set the device to block unsigned apps and do a factory reset. 

The Inquirer also describes an Amazon store app called Total Commander which should remove it, but the factory reset will offer a better guarantee of removal.

41-EH8m42xL._SY300_QL70_.jpg

"AFTVnews has the scoop and reports that the threat, a malware worm variant dubbed 'ADB.Miner', is installing itself on Amazon gadgets as an app called 'Test' under the package name 'com.google.time.time.' "

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Why we can't have nice things, part infinity ... Samsung escapes security support

Subject: General Tech | June 1, 2018 - 12:41 PM |
Tagged: Samsung, security, lawyers

It is unlikely you spend much time following Dutch court cases; thankfully The Register had an ear out though as this particular case is of interest to many.  The Dutch Consumers Association launched a case which would have made Samsung legally responsible for providing security updates to phones for up to four years after launch, two years after sale.  A judgment in favour of this would have meant an appeal, of course, but could eventually have meant Android updates for all as it would be a bizarre decision on Samsung's part to geographically limit security updates.  We should expect to see more cases, hopefully somewhere is a judge that does not consider a maximum of six years of security updates unacceptably onerous for Samsung to provide.

9d5691b0a23c.jpg

"The case could have had far-reaching impacts, since there's little point in writing software for only one market. The Consumentenbond wanted the court to force the smartphone giant to provide security updates for four years after a product was launched, and/or two years after a product was sold."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Remember Rowhammer; it has a long enough memory to remember you

Subject: General Tech | May 10, 2018 - 02:05 PM |
Tagged: rowhammer, security, throwhammer

Rowhammer dates back to 2015, a vulnerability which is able to flip bits in DRAM and NAND.  An enterprising attacker could use it to target page table entries which would allow them to gain root access to Linux machines, but it was a local attack and could not be performed remotely ... until now.  Researchers have discovered a new way to exploit this vector using carefully crafted network packages to attack high end network cards which utilize remote direct memory access.  That feature is very handy, allowing the network card to move large amounts of data without taking CPU cycles but it is vulnerable to this new attack.  Drop by Ars Technica for all the depressing details about Throwhammer.

5a0b8178d6a13f94a844a35ad618563a.jpg

"For the first time, researchers have exploited the Rowhammer memory-chip weakness using nothing more than network packets sent over a local area network. The advance is likely to further lower the bar for triggering bit flips that change critical pieces of data stored on vulnerable computers and servers."

Here is some more Tech News from around the web:

Tech Talk

 

Source: Ars Technica

Fools! You thought you had seen the last of ... The Spectre?

Subject: General Tech | May 4, 2018 - 12:55 PM |
Tagged: Specter NG, Intel, security

Not to ruin your Friday, but it seems we have a sequel.  Spectre Next Generation refers to eight new vulnerabilities Intel CPUs posses, some of which Heise suggests could be even worse than the previously revealed flaws.  Intel's official response can be read at The Inquirer, AMD have stated they are investigating to see if there is any possible way their chips and vulnerable while ARM decided not to comment at all.  One of the more disturbing vulnerabilities can cross between or out of VMs, rendering your sandbox unsafe.  It is still early yet so we cannot say exactly what product lines are vulnerable, nor do we have specifics on the the eight flaws but you can expect to hear a lot more in the coming days.

kzMVKjH.png

"The flaws, first reported by German tech site Heise which said it has been given full technical details on the vulnerabilities and said Intrl had reserved Common Vulnerabilities and Exposures (CVE) numbers for them."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

The cure worse than the disease; get your new patches or enjoy a total meltdown

Subject: General Tech | April 27, 2018 - 12:59 PM |
Tagged: meltdown, microsoft, security, patch, Windows 7, server 2008 r2

Wasn't it hilarious when Microsoft released a patch for the Meltdown flaw that made things even worse by allowing write access to kernel memory as well as read access?  Well, if you haven't the patch which fixes the patch in place you won't be laughing so hard today.  The Register has seen proof of concept code which makes use of this flaw to elevate a DOS shell window to NT AUTHORITY\System from a user without admin privileges.  Get yourself patched up, especially that Server 2008 instance!

stop-hitting-yourself-meme.jpg

"If you're not up-to-date with your Intel CPU Meltdown patches for Windows 7 or Server 2008 R2, get busy with that, because exploit code for Microsoft's own-goal flaw is available."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register