MetaFilter posts tagged with Security and linux

Thanks for two hours of your time

the man of twists and turns — Fri, 26 Oct 2012 03:34:40 -0800

"I am calling you from Windows": A tech support scammer dials Ars Technica Earlier this month, the Federal Trade Commission

launched a major international crackdown on tech support scams in which telemarketers masquerade as major computer companies, con consumers into believing that their computers are riddled with viruses, spyware and other malware, and then charge hundreds of dollars to remotely access and “fix” the consumers’ computers. At the request of the FTC, a U.S. District Court Judge has ordered a halt to six alleged tech support scams pending further hearings, and has frozen their assets.

More Ars: How To Troll A Tech Support Scammer

A good troll is a prepared troll, and Ted was ready. He dragged out the call by pretending to connect his Windows 95 and Windows Vista computers to CompuServe via dial-up Internet, by providing an expired credit card number, and by providing absurd answers to basic questions.

After FTC crackdown, users chronicle tech support scam calls: Recording of Scam Telemarketers (Video) Trolling The Windows Indian Phone Call Scam (Youtube) Scamming the scammers -- catching the virus call centre scammers red-handed (Youtube)

SEAndroid

jeffburdges — Sat, 21 Jan 2012 18:53:10 -0800

The U.S. National Security Agency (NSA) has begun releasing Security-Enhanced Android patches and tools, which port their Security-Enhanced Linux tools to Android devices. SEAndroid and SELinux provide mandatory access control designed to limit the amount of damage that rogue or exploited software can do. There was a talk about this at the Linux Security Summit in September 2011 which spawned various news stories. See the Unofficial and Official SELinux Intros/FAQs. All the security enhancements here pertain only to securing processes running on the device from interfering with one another, i.e. it's careful app sandboxing, not encryption. There are not afaik any plans to provide any message layer security infrastructure publicly, although the NSA builds such tools for government security purposes, and certifies encryption standards. Android users could already obtain VoIP, IM, Email, etc. encryption, and anonymity software from the Guardian Project though.

Cracking voyeurism

Foci for Analysis — Fri, 11 Mar 2011 08:35:53 -0800

Using honeypots and logging tools, some server admins have logged actual server break-in attempts by nincompoop crackers. The honeypot in question is Kippo. You might want to run fail2ban to partially combat break-in attempts.

Chowned

Marisa Stole the Precious Thing — Mon, 21 Dec 2009 09:22:46 -0800

While many Linux users cite the system's security against malware, the appearance of malware disguised as a screensaver reminded everyone that no system is 100% safe. Ubuntu users were quick to identify the virus, identify the perpetrators, and create a fix, but this isn't the first time this has happened, and will in all likelihood not be the last. The criticism in the community is directed squarely at the user base: "In general the lesson to be learned is if you want a secure system, don't download any software outside the official package sources without at least looking at the source code first."

Why Can't MS Do This?

DU — Mon, 17 Aug 2009 06:50:40 -0800

An 8 year old critical security bug in the Linux kernel? No problem, we can fix that without even rebooting. You heard me, it is possible to apply a source code patch to a running kernel without reboot.

15 bits of crypto should be enough for anybody

finite — Fri, 16 May 2008 22:01:42 -0800

On May 13, security advisories published by Debian and Ubuntu revealed that, for over a year, their OpenSSL libraries have had a major flaw in their CSPRNG, which is used by key generation functions in many widely-used applications, which caused the "random" numbers produced to be extremely predictable. [lolcat summary] How bad is it? It's pretty bad. Understand that these keys are used not only for encryption, but also for authentication. The keyspace has been reduced to a mere 32,768 possibilities, and you can already download them all, along with tools to use them. Worse still, in the days before the issue became publicly known, there was a noticeable spike in the number of brute-force attacks on SSH servers, indicating that there has already been significant exploitation of this vulnerability. Partial timeline of events: In May 2006, a bug led to a question which led to the fateful patch being applied to md_rand.c (in Debian's "unstable" development branch). In April 2007, Debian 4.0 "etch" and Ubuntu 7.04 were both released, which was the beginning of the inclusion of the buggy version of OpenSSL in officially-released distributions. The bug remained unfixed through the releases of Ubuntu 7.10 and 8.04. On May 7, 2008, the patch to fix the problem was committed to Debian's source repository, and on May 13 the issue was officially disclosed and updated packages were made available to users. (The patch's availability days before public disclosure of the bug appears to be a violation of Debian's policy.) Here are some responses from Debian blogs, and two from an OpenSSL developer.

The Winux virus

fooljay — Wed, 28 Mar 2001 14:41:22 -0800

The Winux virus is reported to affect both Windows and Linux boxes/applications. The article says it's "written in a primitive computer language called 'assembly language'." On a side note, who do they get to write these articles? Certainly they are uncomfortable with technology...

Up to 20% of the internet vulnerable

borgle — Sun, 25 Mar 2001 17:27:41 -0800

Up to 20% of the internet vulnerable to a virus. There is a new Linux worm virus. Apparently, it steals passwords, installs and hides other hacking tools on infected systems, and then uses those systems to seek other servers to attack. Sys admins are advised to run a check on their servers and upgrade their BIND version.

Linux no longer foolproof?

mecawilson — Mon, 22 Jan 2001 09:35:48 -0800

Linux no longer foolproof? And a smile descened upon Redmond...

baylink — Sat, 23 Dec 2000 11:09:51 -0800

Well, we talked about NORAD a few posts back, I guess now it's time for everyone's *other* favorite agency: the NSA has a logo. That's funny. No, really, the topic of this posting is their release of Security-Enhanced Linux, including Mandatory Access Control and other cool B-1'ish stuff. Ted T'so has some interesting observations in this Slashdot thread on the topic as well.

m.polo — Wed, 20 Sep 2000 11:20:15 -0800

Apparently, the conventional wisdom is not quite right. The SDMI's Executive Director says they have "thousands of entries" in their contest to hack the various proposed digital music security schemes. As I pointed out recently in a similar context, the "Linux community" and the population of computer literate, financially motived, non-OS-sectarian hackers are far from being one and the same...

RedHat Linux security problem uncovered.

delfuego — Mon, 24 Apr 2000 21:38:33 -0800

RedHat Linux security problem uncovered. Today, apparently it was discovered that if you install the Piranha package with RedHat 6.2 (ostensibly part of the default installation, but there's controversy over this), a default password is installed that would give anyone access to the Piranha configuration package; from there, it is apparently trivial to execute any command on the box that you want.
I find it very interesting that the fact that Microsoft had a "backdoor password" in a DLL made huge news (and it turned out to be patently false), yet this has gotten almost no press. I'd like to think otherwise, but I know it's because people hate Microsoft, and thus are eager to deride it... and yet here's proof that even the mighty Linux is susceptible to the same exact problems.
Next time you reach for the keyboard to cry out "nyah nyah!" at the discovery of some problem with Windows, remember this...