close
  • Ar chevron_right

    OpenWRT is vulnerable to attacks that execute malicious code

    news.movim.eu / ArsTechnica · Tuesday, 31 March - 20:25

Screenshot of OpenWrt.

Enlarge (credit: OpenWRT )

For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said.

OpenWRT has a loyal base of users who use the freely available package as an alternative to the firmware that comes installed on their devices. Besides routers, OpenWRT runs on smartphones, pocket computers and even laptops and desktop PCs. Users generally find OpenWRT to be a more secure choice because it offers advanced functions and its source code is easy to audit.

Security researcher Guido Vranken, however, recently found that updates and installation files were delivered over unencrypted HTTPs connections, which are open to attacks that allow adversaries to completely replace legitimate updates with malicious ones. The researcher also found that it was trivial for attackers with moderate experience to bypass digital-signature checks that verify a downloaded update as the legitimate one offered by OpenWTR maintainers. The combination of those two lapses makes it possible to send a malicious update that vulnerable devices will automatically install.

Read 10 remaining paragraphs | Comments

index?i=pdlr4BzWXIQ:vGpc91CSVuI:V_sGLiPBpWUindex?i=pdlr4BzWXIQ:vGpc91CSVuI:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    Bugcrowd tries to muzzle hacker who found Netflix account compromise weakness

    news.movim.eu / ArsTechnica · Thursday, 19 March - 17:15

Bugcrowd tries to muzzle hacker who found Netflix account compromise weakness

Enlarge

A Netflix security weakness that allows unauthorized access to user accounts over local networks is out of the scope of the company’s bug bounty program, the researcher who reported the threat said. Despite dismissing the report, the Bugcrowd vulnerability reporting service is trying to prevent public disclosure of the weakness.

The researcher's proof-of-concept exploit uses a classic man-in-the-middle attack to steal a Netflix session cookie. These browser cookies are the equivalent of a wristband that music venues use so paying customers aren’t charged an entrance fee a second time. Possession of a valid session cookie is all that’s required to access a target’s Netflix account.

Still unencrypted after all these years

Varun Kakumani, the security researcher who discovered the weakness and privately reported it through Bugcrowd, said the attack is possible because of two things: (1) the continued use of clear-text HTTP connections rather than encrypted HTTPS connections by some Netflix subdomains and (2) the failure of Netflix to equip the session cookie with a secure flag , which prevents transmission over unencrypted connections.

Read 15 remaining paragraphs | Comments

index?i=Xikv8I17JMw:Bw-cE3lkjRE:V_sGLiPBpWUindex?i=Xikv8I17JMw:Bw-cE3lkjRE:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Mo chevron_right

    Movim 0.17 – Catalina

    Timothée Jaussoin · pubsub.movim.eu / Movim · Friday, 14 February - 14:58 edit · 2 minutes

Here comes a new exciting Movim release. Two months after Cesco, here comes Catalina.

In this releases, many fixes but also some nice new features, both for the social and messaging sections of Movim.

New features

Global chatroom search

From the chatrooms widget, you can now directly search rooms globaly and join them in a click. This new feature relies on the search.jabber.network service, that is also implemented in Conversations and Gajim.

Global search

New design for the XMPP forms

The XMPP forms handling and display has been fully redesigned. With nice icons and proper labels it will now be simpler to configure Communities, chatrooms and other XMPP items.

XMPP Form redesigned

Disable social features

Pod admins can now disable all the social features in one click in the admin panel. This is useful for those that only wants to use Movim as a chat frontend for their XMPP services.

Messages retractation

After ConverseJS Movim is the second XMPP client that implements the message retractation feature. This allow you to delete any published messages from the history. Be careful, this only works if the contact is also using a compatible client.

Retracted message

New night theme colors and design adjustments

Some small design adjustments were made to improve user experience. Some useless paddings were also removed to give more space to the content (like around the chat bubbles).

The night theme is now having darker, bluer colors, strongly inspired by the Aritim-Dark KDE/GTK theme.

New dark theme

Fixes and improvements

Beside those changes, many things were fixed in this release, regarding chatroom presences handling, notification counters or complex JID handling (especially if you're using transport services such as IRC or Telegram).

But the biggest internal change was to bring a new request type to the frontend. Now the current Movim UI (HTML + Javascript + CSS) can request the backend in 3 different ways regarding the usage.

  1. Pure WebSocket requests: the request and the response are not linked together. This is the default case for the Movim requests.
  2. Ajax requests to the daemon: this is useful when the UI needs to know if the message was handled by the server (useful when you publish articles or send chat messages) and if those messages needs to be processed by the daemon (to trigger XMPP requests for example)
  3. And, since this version, some good ol' pure Ajax requests. They directly requests the HTTP backend, without even touching the daemon internaly. This is useful to load pieces of the UI and allows parallelisation. With this changes you'll see that parts of the UI (especially on the chat page) are now loaded way faster, without disturbing the daemon.

Requests

What's next?

In the upcoming weeks we're planning to do some maintenance on the XMPP services. Add some new features and do some administration. On Movim side, nothing really planned for now.

That's all folks!

#movim #ajax #http #release #xmpp