Archive for the ‘linux’ Category

KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files

August 7th, 2019
If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any ".desktop" or ".directory" file for a while. A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run arbitrary code on a user's

Posted in hacking news, KDE, linux, Linux Desktop, linux security, Linux Vulnerability, Vulnerability | Comments (0)

A New ‘Arbitrary File Copy’ Flaw Affects ProFTPD Powered FTP Servers

July 23rd, 2019
A German security researcher has publicly disclosed details of a serious vulnerability in one of the most popular FTP server applications, which is currently being used by more than one million servers worldwide. The vulnerable software in question is ProFTPD, an open source FTP server used by a large number of popular businesses and websites including SourceForge, Samba and Slackware, and

Posted in Debian, FTP hacker, ftp protocol, FTP server, hacking news, linux, remote code execution, server security, Ubuntu, Vulnerability | Comments (0)

Digging into the new features in OpenZFS post-Linux migration

June 20th, 2019
Stylized representation of internal computer parts.

Enlarge / There have been some big developments for ZFS in the past several weeks. (credit: Aurich Lawson)

ZFS on Linux 0.8 (ZoL) brought tons of new features and performance improvements when it was released on May 23. They came after Delphix announced that it was migrating its own product to Linux back in March 2018. We'll go over some of the most exciting May features (like ZFS native encryption) here today.

For the full list—including both new features and performance improvements not covered here—you can visit the ZoL 0.8.0 release on Github. (Note that ZoL 0.8.1 was released last week, but since ZFS on Linux follows semantic versioning, it's a bugfix release only.)

Unfortunately for Ubuntu fans, these new features won't show up in Canonical's repositories for quite some time—October 2019's forthcoming interim release, Eoan Ermine, is still showing 0.7.12 in its repos. We can hope that Ubuntu 20.04 LTS (which has yet to be named) will incorporate the 0.8.x branch, but there's no official word so far; if you're running Ubuntu 18.04 (or later) and absolutely cannot wait, the widely-used Jonathon F PPA has 0.8.1 available. Debian has 0.8.0 in its experimental repo, Arch Linux has 0.8.1 in its zfs-dkms AUR package, and Gentoo has 0.8.1 in testing at sys-fs/zfs. Users of other Linux distributions can find instructions for building packages directly from master at https://zfsonlinux.org/.

Read 15 remaining paragraphs | Comments

Posted in Delphix, file systems, linux, OpenZFS, Tech, ZFS, ZoL | Comments (0)

New vulnerabilities may let hackers remotely SACK Linux and FreeBSD systems

June 18th, 2019
New vulnerabilities may let hackers remotely SACK Linux and FreeBSD systems

Enlarge (credit: JIP)

The Linux and FreeBSD operating systems contain newly discovered vulnerabilities that make it easy for hackers to remotely crash servers and disrupt communications, researchers have warned. OS distributors are advising users to install patches when available or to make system settings that lower the chances of successful exploits.

The most severe of the vulnerabilities, dubbed SACK Panic, can be exploited by sending a specially crafted sequence of TCP Selective ACKnowledgements to a vulnerable computer or server. The system will respond by crashing, or in the parlance of engineers, entering a kernel panic. Successful exploitation of this vulnerability, tracked as CVE-2019-11477, results in a remote denial of service (DoS).

A second vulnerability also works by sending a series of malicious SACKs that consumes computing resources of the vulnerable system. Exploits most commonly work by fragmenting a queue reserved for retransmitting TCP packets. In some OS versions, attackers can cause what’s known as an “expensive linked-list walk for subsequent SACKs.” This can result in additional fragmentation, which has been dubbed “SACK slowness.” Exploitation of this vulnerability, tracked as CVE-2019-11478, drastically degrades system performance and may eventually cause a complete DoS.

Read 5 remaining paragraphs | Comments

Posted in Biz & IT, Denial of Service, DOS, freebsd, linux, MSS, sack | Comments (0)

If you haven’t patched Vim or NeoVim text editors, you really, really should

June 13th, 2019
If you haven’t patched Vim or NeoVim text editors, you really, really should

Enlarge (credit: unknown)

A recently patched vulnerability in text editors preinstalled in a variety of Linux distributions allows hackers to take control of computers when users open a malicious text file. The latest version of Apple’s macOS is continuing to use a vulnerable version, although attacks only work when users have changed a default setting that enables a feature called modelines.

Vim and its forked derivative, NeoVim, contained a flaw that resided in modelines. This feature lets users specify window dimensions and other custom options near the start or end of a text file. While modelines restricts the commands available and runs them inside a sandbox that’s cordoned off from the operating system, researcher Armin Razmjou noticed the source! command (including the bang on the end) bypassed that protection.

“It reads and executes commands from a given file as if typed manually, running them after the sandbox has been left,” the researcher wrote in a post earlier this month.

Read 5 remaining paragraphs | Comments

Posted in Biz & IT, exploits, linux, MacOS, neovim, text editors, vim, vulnerabilities | Comments (0)

Advanced Linux backdoor found in the wild escaped AV detection

May 30th, 2019
Advanced Linux backdoor found in the wild escaped AV detection

Enlarge (credit: Jeremy Brooks / Flickr)

Researchers say they’ve discovered an advanced piece of Linux malware that has escaped detection by antivirus products and appears to be actively used in targeted attacks.

HiddenWasp, as the malware has been dubbed, is a fully developed suite of malware that includes a trojan, rootkit, and initial deployment script, researchers at security firm Intezer reported on Wednesday. At the time Intezer’s post went live, the VirusTotal malware service indicated Hidden Wasp wasn’t detected by any of the 59 antivirus engines it tracks, although some have now begun to flag it. Time stamps in one of the 10 files Intezer analyzed indicated it was created last month. The command and control server that infected computers report to remained operational at the time this article was being prepared.

Some of the evidence analyzed—including code showing that the computers it infects are already compromised by the same attackers—indicated that HiddenWasp is likely a later stage of malware that gets served to targets of interest who have already been infected by an earlier stage. It’s not clear how many computers have been infected or how any earlier related stages get installed. With the ability to download and execute code, upload files, and perform a variety of other commands, the purpose of the malware appears to be to remotely control the computers it infects. That's different from most Linux malware, which exists to perform denial of service attacks or mine cryptocurrencies.

Read 9 remaining paragraphs | Comments

Posted in backdoors, Biz & IT, linux, malware, rootkits, trojans | Comments (0)

Windows dual booting no longer looking likely on Pixebooks

May 15th, 2019
Google's Pixelbook.

Enlarge / Google's Pixelbook. (credit: Valentina Palladino)

Just under a year ago, there were signs that Google was modifying the firmware of its Pixelbook laptop to enable dual booting into Windows 10. The firmware was updated to give the Pixelbook the ability to boot into an "Alternative OS" ("AltOS" mode). The work included references to the Windows Hardware Certification Kit (WHCK) and the Windows Hardware Lab Kit (HLK), Microsoft's testing frameworks for Windows 8.1 and Windows 10 respectively.

Google now appears to have abandoned this effort. A redditor called crosfrog noticed that AltOs mode was now deprecated (via Android Police). Pixelbooks are going to be for Chrome OS only, after all.

The dual boot work was being done under the name Project Campfire. There appears to have been little development work on Project Campfire since last December. This suggests that Google actually decided not to bother with dual booting many months ago.

Read 1 remaining paragraphs | Comments

Posted in Chrome OS, dual boot, google, linux, microsoft, Open Source, Tech, Windows | Comments (0)

Ubuntu 19.04: The Disco Dingo arrives and will really make your IT dept. happy

May 12th, 2019
Behold, the default desktop for the latest Canonical release: Ubuntu 19.04, gloriously nicknamed "Disco Dingo."

Enlarge / Behold, the default desktop for the latest Canonical release: Ubuntu 19.04, gloriously nicknamed "Disco Dingo." (credit: Scott Gilbertson)

Canonical recently released Ubuntu 19.04, the latest version of its flagship GNOME-based Linux desktop. But if you're a desktop user, you might be feeling a little left out.

The big points of emphasis in this latest release are on Ubuntu as a tool for infrastructure development, server deployment, and the good old Internet of Things. For the server version of Ubuntu, the OS ships with all the latest cloud computing tools. In fact, that's already available in optimized builds on the major cloud services.

Elsewhere, the latest version of the venerable Ubuntu desktop packs quite a few additional, tempting reasons to upgrade for Linux gamers. Ubuntu 19.04 makes the leap to the Linux kernel 5.x series, for instance, which offers much improved graphics support.

Read 38 remaining paragraphs | Comments

Posted in Biz & IT, Features, linux, Tech, Ubuntu | Comments (0)

Microsoft: The open source company

May 10th, 2019
Microsoft: The open source company

Enlarge

The news from Microsoft's Build developer conference that surprised me most was that Microsoft will ship a genuine Linux kernel—GPLed, with all patches published—with Windows. That announcement was made with the announcement of Windows Terminal, a new front-end for command-line programs on Windows that will, among other things, support tabs.

Microsoft's increased involvement with open source software isn't new, as projects such as Visual Studio Code and the .NET runtime have operated as open source, community-driven projects. But this week's announcements felt a bit different.

The Linux kernel will be powering Microsoft's second generation Windows Subsystem for Linux (WSL). The first generation WSL contains a partial re-implementation of the Linux kernel API that uses the Windows NT kernel to perform its functionality. In choosing this approach, Microsoft avoided using any actual Linux code, and hence the company avoided the GPL license with its "viral" stipulations that would have arguably forced Microsoft to open source WSL and perhaps even parts of Windows itself.

Read 5 remaining paragraphs | Comments

Posted in development, GPL, linux, microsoft, Open Source, Tech, Windows | Comments (0)

Microsoft Windows 10 will get a full built-in Linux Kernel for WSL 2

May 7th, 2019
Yes, you heard me right. Microsoft is taking another step forward to show its love for Linux and open source community by shipping a full Linux kernel in Windows 10 this summer. No, that doesn't mean Microsoft is making its Windows 10 a Linux distro, but the company will begin to ship an in-house custom built Linux kernel later this year starting with the Windows 10 Insider builds. <!--

Posted in linux, Linux operating system, linux subsystem, Microsoft Windows 10, Windows 10, windows linux | Comments (0)