• Ga chevron_right

    How law enforcement gets around your smartphone’s encryption: Openings provided by iOS and Android security are there for those with the right tools

    Danie van der Merwe · / gadgeteerza-tech-blog · 13:04

It's ironic that it's still unpatched vulnerabilities that catch users and corporations out. And we've seen these on an ongoing basis even with the likes of Cisco, Microsoft, and all the big names. These known exploits lie unpatched often for very long periods as end users and admins don't run patch updates.

Mobile phones are probably worse as they stop receiving updates after relatively short periods of 2 years or more. So even shutting down your phone after each time you use it, the chances are you are not getting all the security patches and updates you should be receiving. Average users just have to go with what they've got, and it all depends on the state of your data at rest on the phone after it is unlocked and in use. Most users want speed and convenience and those are at odds with greater security.


#technology #encryption #security #privacy #mobile

  • Ar chevron_right

    How law enforcement gets around your smartphone’s encryption / ArsTechnica · Yesterday - 17:54 · 1 minute

Uberwachung, Symbolbild, Datensicherheit, Datenhoheit

Enlarge / Uberwachung, Symbolbild, Datensicherheit, Datenhoheit (credit: Westend61 | Getty Images)

Lawmakers and law enforcement agencies around the world, including in the United States , have increasingly called for backdoors in the encryption schemes that protect your data , arguing that national security is at stake . But new research indicates governments already have methods and tools that, for better or worse, let them access locked smartphones thanks to weaknesses in the security schemes of Android and iOS.

Cryptographers at Johns Hopkins University used publicly available documentation from Apple and Google as well as their own analysis to assess the robustness of Android and iOS encryption. They also studied more than a decade's worth of reports about which of these mobile security features law enforcement and criminals have previously bypassed, or can currently, using special hacking tools. The researchers have dug into the current mobile privacy state of affairs and provided technical recommendations for how the two major mobile operating systems can continue to improve their protections.

“It just really shocked me, because I came into this project thinking that these phones are really protecting user data well,” says Johns Hopkins cryptographer Matthew Green, who oversaw the research. “Now I’ve come out of the project thinking almost nothing is protected as much as it could be. So why do we need a backdoor for law enforcement when the protections that these phones actually offer are so bad?”

Read 19 remaining paragraphs | Comments

  • Ga chevron_right

    Update your NVIDIA drivers due to multiple security issues found / GamingOnLinux · 6 days ago - 12:00 · 1 minute

Here's something we missed with the latest NVIDIA driver updates - turns out that NVIDIA had multiple security issues that they put out in a recent security bulletin. Multiple issues affect both Windows and Linux, across multiple versions of the official NVIDIA proprietary driver.

The ones that affect the Linux desktop are:

  • CVE‑2021‑1052: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure."
  • CVE‑2021‑1053: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service."
  • CVE‑2021‑1056: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure."

There's also some vGPU security issues too, which also affect Linux but they're not regular desktop stuff.

If you want to make sure you're totally safe you should update to the latest driver in the series you're using. Going by the information on the NVIDIA security page you should be good on (or better) 460.32.03 which is the latest "Production Branch" driver, 450.102.04 and 390.141 being the latest Legacy driver.

You can look out for future security info here from NVIDIA.

Article from - do not reproduce this article without permission. This RSS feed is intended for readers, not scrapers.
  • Ar chevron_right

    Florida posted the password to a key disaster system on its website / ArsTechnica · Wednesday, 9 December - 18:29 · 1 minute

The words

Enlarge / Florida's apparently being a little too welcoming at the moment. (credit: iLLiePhotography | Getty Images )

Florida police said a raid they conducted Monday on the Tallahassee home of Rebekah Jones, a data scientist who the state fired from her job in May, was part of an investigation into an unauthorized access of a state emergency-responder system. It turns out, however, that not only do all state employees with access to that system share a single username and password, but also those credentials are publicly available on the Internet for anyone to read.

The background

Jones on Monday shared a video of the police raid on her house as part of a Twitter thread in which she explained the police were serving a search warrant on her house following a complaint from the Department of Health. That complaint, in turn, was related to a message sent to Florida emergency responders back in November.

About 1,700 members of Florida's emergency-response team received the communication on November 10, according to the affidavit ( PDF ) cited in the search warrant for Jones' home. The message urged recipients to "speak up before another 17,000 people are dead. You know this is wrong. You don’t have to be a part of this. Be a hero. Speak out before it's too late."

Read 10 remaining paragraphs | Comments

  • In chevron_right

    Using OPA for multicloud policy and process portability / infoworldcom · Wednesday, 9 December - 11:00 edit

As multicloud strategies become fully mainstream, companies and dev teams are having to figure out how to create consistent approaches among cloud environments. Multicloud, itself, is ubiquitous: Among companies in the cloud, a full 93% have multicloud strategies—meaning they use more than one public cloud vendor like Amazon Web Services, Google Cloud Platform, or Microsoft Azure. Furthermore, 87% or those companies have a hybrid cloud strategy, mixing public cloud and on-premises cloud environments.

The primary reason that companies move to the cloud at all is to improve the performance, availability, scalability, and cost-effectiveness of compute, storage, network, and database functions. Then, organizations adopt a multicloud strategy largely to avoid vendor lock-in.

To read this article in full, please click here

Značky: #Security, #Kubernetes, #Rozne

  • Pe chevron_right

    Customize BBQ Firewall / perishablepress · Tuesday, 24 November - 00:41 edit

BBQ Firewall is a lightweight, super-fast plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong Apache/.htaccess firewall. BBQ is kept as lightweight as possible, so there are no options or settings to change default behavior. Based on years of feedback, the default […]

Značky: #Rozne, #firewall, #Security, #blacklist, #plugins, #WordPress

  • In chevron_right

    Anti-adversarial machine learning defenses start to take root / infoworldcom · Thursday, 19 November - 11:00 edit

Much of the anti-adversarial research has been on the potential for minute, largely undetectable alterations to images (researchers generally refer to these as “noise perturbations”) that cause AI’s machine learning (ML) algorithms to misidentify or misclassify the images. Adversarial tampering can be extremely subtle and hard to detect, even all the way down to pixel-level subliminals. If an attacker can introduce nearly invisible alterations to image, video, speech, or other data for the purpose of fooling AI-powered classification tools, it will be difficult to trust this otherwise sophisticated technology to do its job effectively.

Growing threat to deployed AI apps

This is no idle threat. Eliciting false algorithmic inferences can cause an AI-based app to make incorrect decisions, such as when a self-driving vehicle misreads a traffic sign and then turns the wrong way or, in a worst-case scenario, crashes into a building, vehicle, or pedestrian. Though the research literature focuses on simulated adversarial ML attacks that were conducted in controlled laboratory environments, general knowledge that these attack vectors are available will almost certainly cause terrorists, criminals, or mischievous parties to exploit them.

To read this article in full, please click here

Značky: #Rozne, #Security

  • Ar chevron_right

    Apple lets some Big Sur network traffic bypass firewalls / ArsTechnica · Tuesday, 17 November - 20:48 · 1 minute

A somewhat cartoonish diagram illustrates issues with a firewall.

Enlarge (credit: Patrick Wardle)

Firewalls aren’t just for corporate networks. Large numbers of security- or privacy-conscious people also use them to filter or redirect traffic flowing in and out of their computers. Apple recently made a major change to macOS that frustrates these efforts.

Beginning with Big Sur released last week, some 50 Apple-specific apps and processes are no longer routed through firewalls like Little Snitch and Lulu. The undocumented exemption came to light only after Patrick Wardle, a security researcher at a Mac and iOS enterprise developer Jamf, disclosed the change over the weekend.

“100% blind”

To demonstrate the risks that come with this move, Wardle—a former hacker for the NSA—demonstrated how malware developers could exploit the change to make an end-run around a tried-and-true security measure. He set Lulu to block all outgoing traffic on a Mac running Big Sur and then ran a small programming script that interacted with one of the apps that Apple exempted. The python script had no trouble reaching a command and control server he set up to simulate one commonly used by malware to receive commands and exfiltrate sensitive data.

Read 9 remaining paragraphs | Comments