!publish   1243

« earlier    

Credit card skimmers now need to fear the Reaper | Ars Technica
SkimReaper is aimed specifically at overlays and inserts. It uses a card-shaped sensor with a printed circuit that, when powered, can detect the voltage spikes created by coming in contact with magnetic reader heads. If it detects two or more, there's a skimmer in play.
security  !publish  !share 
5 weeks ago by zephyr777
Intel’s SGX blown wide open by, you guessed it, a speculative execution attack | Ars Technica
SGX, standing for Software Guard eXtensions, is a new feature that Intel introduced with its Skylake processors that enables the creation of Trusted Execution Environments (TEEs). TEEs are secure environments where both the code and the data the code works with are protected to ensure their confidentiality (nothing else on the system can spy on them) and integrity (any tampering with the code or data can be detected). SGX is used to create what are called enclaves ... The processor governs access to the enclave memory

he attack depends on the fact that only data in main memory is encrypted: once it's inside the processor in a cache, it's decrypted. Specifically, if the data is in level 1 cache, the speculative execution can use it before the processor determines that there's no permission to use it.

When the attack was reported to Intel ... It discovered that SGX data isn't the only thing that's at risk. The processor also has other specially protected zones of memory: the Extended Page Tables used by hypervisors, and memory used by System Management Mode (SMM), which can be used for power management or other low-level functions. As with the SGX data, the EPT and SMM data that's held in level 1 cache can be speculatively read and, hence, leaked to an attacker if memory is marked as being not present.
security  !publish 
5 weeks ago by zephyr777
Decade-old Bluetooth flaw lets hackers steal data passing between devices | Ars Technica
attackers can view any exchanged data, which might include contacts stored on a device, passwords typed on a keyboard, or sensitive information used by medical, point-of-sale, or automotive equipment. Attackers could also forge keystrokes on a Bluetooth keyboard to open up a command window or malicious website ... The attack uses a newly developed variant of what cryptographers call an invalid curve attack to exploit a major shortcoming in the Bluetooth protocol that remained unknown for more than a decade. As a result, attackers can force the devices to use a known encryption key [during pairing] ... It’s not mathematically/theoretically novel at all, and it’s in fact about the simplest attack you can do on elliptic curve cryptosystems. Notably, this is a protocol-level fault, so if you implemented the Bluetooth spec out of the book ... Attacks require specialized hardware that probably wouldn’t be hard for more advanced hackers to build or obtain ... For attacks to be successful, both of the paired devices must be vulnerable.
security  !publish 
8 weeks ago by zephyr777
Leaked benchmarks show Intel is dropping hyperthreading from i7 chips | Ars Technica
i7 chips will have 8 cores and 8 threads, leaving the 8 core/16 thread combination for the i9 ... Below the i7s will be i5s with six cores and six threads and below them, i3s with four cores and four threads.

Even without hyperthreading, the new i7s should be faster than old i7s. A part with eight cores is going to be faster than the four-core/eight-thread chips of a couple of generations ago and should in general also be faster than the six-core/12-thread 8th generation chips. Peak clock speeds are pushed slightly higher than they were for the 8th generation chips, too.
HW  !publish 
8 weeks ago by zephyr777
Microsoft is making the Windows command line a lot better | Ars Technica
Microsoft is working to build a better console for Windows, one that we hope will open the door to the same flexibility and capabilities that Unix users have enjoyed for more than 40 years. The APIs seem to be in the latest Windows 10 Insider builds, though documentation is a little scarce for now. The command-line team is publishing a series of blog posts describing the history of the Windows command-line, and how the operating system's console works. The big reveal of the new API is coming soon, and with this, Windows should finally be able to have reliable, effective tabbed consoles, with emoji support, rich Unicode, and all the other things that the Windows console doesn't do... yet.
win10  TechSupport  !publish 
9 weeks ago by zephyr777
Nokia 6.1 Review—The best answer to “What Android phone should I buy?” | Ars Technica
The similarities between HMD and Nokia are so numerous, it is almost suspicious ... It feels more like someone walked into a dusty old Nokia factory, switched on the lights, and started churning out phones again ... The main competition for the $270 Nokia 6.1 is going to be the $249 Moto G6, and I think the Nokia is the better choice ... If you don't think you need to spend $700+ dollars on a flagship smartphone and are just looking for an inexpensive, no-frills device that gets the basics right, the Nokia 6.1 is the phone to buy. You get a metal body, stock Android, a good update policy, USB-C, and a headphone jack. The screen is good enough that you don't feel like you're missing out, and HMD is offering decent performance for this spot in the market. Nokia's two-year update plan is absolutely unheard of at this price point ... the Moto G6 turns in better shots than the Nokia 6.1, and that phone boasts the added bonus of a second rear camera.
cell_phones_tablets  !publish  !share 
9 weeks ago by zephyr777
New Spectre-like attack uses speculative execution to overflow buffers | Ars Technica
The processor assumes that a write to a buffer is safe (even though it actually overflows the buffer), and it speculatively overwrites a code address. The code at that address is then speculatively executed, causing a measurable disturbance to the processor's cache. Eventually, the processor will notice that the array access was invalid, and all the speculative execution will be rolled back. The buffer isn't actually overflowed. But the disturbance to the processor's state, in particular to its cache, doesn't get undone ... Intel processors allow speculative writes to be made to read-only memory, giving even more power to an attacker

The researchers also propose a family of hardware changes that should offer broader protection against this kind of attack. These protections may be possible to implement in a microcode update, offering a way to protect software running on existing processors. Broadly speaking, the changes would prevent the processor from using the speculatively written values in other contexts.
!publish  security 
10 weeks ago by zephyr777
Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records | WIRED
The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses. While the precise number of individuals included in the data isn't clear—and the leak doesn't seem to contain credit card information or Social Security numbers—it does go into minute detail for each individual listed, including phone numbers, home addresses, email addresses, and other highly personal characteristics for every name. The categories range from interests and habits to the number, age, and gender of the person's children.
security  !publish  !share 
11 weeks ago by zephyr777
Hyperthreading under scrutiny with new TLBleed crypto key leak | Ars Technica
The attacking program will prime the TLB in some way: it will try to access a range of memory addresses that pre-populate the TLB with the mappings for those addresses. The encryption program, which performs its own accesses to memory addresses, will cause some of those TLB entries to be evicted and replaced with new mappings. The attacker can then attempt to access its range of addresses again, and it can time how long each access takes ... Precisely how these inferences can be used to determine a victim program's encryption keys is yet to be disclosed, but the researchers told The Register that a key element was not which TLB entries were changed but rather when those TLB entries changed—when looking up a particular address goes from fast to slow (or vice versa

logical cores share the physical core's resources, including the caches and the TLB. With the attacker program running on the same physical core as the victim program, these attacker can detect changes to the TLB as they're made ... the solution is to ensure that the pattern of data lookups remains consistent regardless of the bits of the key ... It's a problem for crypto; it's probably not a problem for everyone.
security  !publish  Core_i7 
12 weeks ago by zephyr777
McMoon: How the Earliest Images of the Moon Were so Much Better than we Realised – World of Indie
The complete mosaic of an image stretched 40 by 45 ft. The engineers laid it out on the floor and all the observers including the astronauts had to crawl over it and take off their shoes. The images were so good, even at this size that some astronomers used magnifying glasses.
Science  !publish  !share 
june 2018 by zephyr777
Why the Future of Machine Learning is Tiny
In the last few years its suddenly become possible to take noisy signals like images, audio, or accelerometers and extract meaning from them, by using neural networks. Because we can run these networks on microcontrollers, and sensors themselves use little power, it becomes possible to interpret much more of the sensor data we’re currently ignoring.

For example, I want to see almost every device have a simple voice interface. By understanding a small vocabulary, and maybe using an image sensor to do gaze detection, we should be able to control almost anything in our environment without needing to reach it to press a button or use a phone app. I want to see a voice interface component that’s less than fifty cents that runs on a coin battery for a year, and I believe it’s very possible with the technology we have right now.
misc  !publish 
june 2018 by zephyr777
Talkin’ Treble: How Android engineers are winning the war on fragmentation | Ars Technica
With the launch of Android 8.0 last year, Google released Project Treble into the world. Treble was one of Android's biggest engineering projects ever, modularizing the Android operating system away from the hardware and greatly reducing the amount of work needed to update a device. The goal here is nothing short of fixing Android's continual fragmentation problem, and now, six months later, it seems like the plan is actually working.
Android  !publish 
june 2018 by zephyr777
A cartoon intro to DNS over HTTPS – Mozilla Hacks – the Web developer blog
we have a resolver that we can trust to protect users’ privacy. This means Firefox can ignore the resolver that the network provides and just go straight to Cloudflare ... By using HTTPS to exchange the DNS packets, we ensure that no one can spy on the DNS requests that our users are making ...  removing the irrelevant parts of the domain name and not including your IP address — means that DNS servers have much less data that they can collect about you.

After you do the DNS lookup to find the IP address, you still need to connect to the web server at that address. To do this, you send an initial request. This request includes a server name indication, which says which site on the server you want to connect to. And this request is unencrypted ... This is sometimes called HTTP/2 connection coalescing, or simply connection reuse. When you open a connection to a server that supports it, that server will tell you what other sites it hosts. Then you can visit those other sites using that existing encrypted connection.
Networking  security  !publish 
june 2018 by zephyr777
Microsoft snaps up GitHub for $7.5 billion | Ars Technica
Microsoft says that it will retain GitHub's status as an "open platform," being free to use for open source projects and agnostic toward programming languages as well as development tools ... Nat Friedman, founder of Xamarin (the open source implementation of .NET that Redmond acquired in 2016) and current Corporate Vice President at Microsoft will become GitHub CEO.
development  !publish 
june 2018 by zephyr777
“Git rebase and the golden rule explained.”
You have probably came across that rule, maybe phrased differently. For those who haven’t, this rule is quite simple. Never, NEVER, NEVER, rebase a shared branch. By shared branch I mean a branch that exists on the distant repository and that other people on your team could pull ... Too often this rule is thrown as a divine truth and I think understanding it could be a good thing if you want to improve your understanding of git.
development  !publish 
june 2018 by zephyr777
Chrome and Firefox leaks let sites steal visitors’ Facebook names, profile pics | Ars Technica
Weißer developed a proof-of-concept exploit that allowed websites to extract the Facebook usernames, profile pictures, and likes of Chrome and Firefox users who visited while they were logged in to Facebook. The PoC used an iframe that linked to social plugins Facebook makes available for websites to display the Facebook login button and like button on their pages ... We cannot access the iframe’s content directly. However, we can put overlays over the iframe that do some kind of graphical interaction with the underlying pixels. Since these overlays are controlled by the attacker’s site, it is possible to measure how long these graphical interactions take. Some of the mix-blend-modes require a variable amount of time based on the color of the underlaying pixel. If the color of the tested pixel has color X, the rendering process can take longer than for color Y. The leak allows [us to] determine the color of individual pixels. We don’t leak the HTML, but the visual contents of the targeted iframe.
security  !publish 
june 2018 by zephyr777
Hackers infect 500,000 consumer routers all over the world with malware | Ars Technica
Stage 1 infects devices running Busybox- and Linux-based firmware and is compiled for several CPU architectures. The primary purpose is to locate an attacker-controlled server on the Internet to receive a more fully featured second stage. Stage 1 locates the server by downloading an image from Photobucket.com and extracting an IP address from six integer values used for GPS latitude and longitude stored in the EXIF field ... This is the stage that persists even after the infected device is restarted.

Cisco researchers described stage 2 as a “workhorse intelligence-collection platform” that performs file collection, command execution, data exfiltration, and device management. Some versions of stage 2 also possess a self-destruct capability that works by overwriting a critical portion of the device firmware and then rebooting ... Stage 3 contains at least two plugin modules. One is a packet sniffer for collecting traffic that passes through the device. Intercepted traffic includes website credentials and Modbus SCADA protocols. A second module allows stage 2 to communicate over the Tor privacy service. Wednesday’s report said Cisco researchers believe stage 3 contains other plugins that have yet to be discovered.

While the researchers still don’t know precisely how the devices are getting infected, almost all of those targeted have known public exploits or default credentials that make compromise straightforward.
security  !publish 
may 2018 by zephyr777
New speculative-execution vulnerability strikes AMD, ARM, and Intel | Ars Technica
A new attack that uses processors' speculative-execution capabilities to leak data, named Speculative Store Bypass (SSB), has been published ... The trick is to make the first step, the store, depend on the results of previous instructions; this means that the processor has to wait before it knows where to store the value. The second step, the load, is, in contrast, constructed in such a way that the address can be determined quickly, without waiting. In this situation, the processor's speculative execution will "ignore" or "bypass" the store (because it doesn't yet know where the value is actually being stored) and just assume that the data currently held at the memory location is valid. This gives the attack its name: the store is speculatively bypassed, enabling the processor to be tricked into reading values that it shouldn't

Eventually the processor will figure out that the store and the load used the same memory address, thus the load picked up the wrong value. The speculative execution is discarded and the correct calculation performed with the correct values. The architectural behavior is therefore properly preserved. But at this point the microarchitectural state of the processor has already been changed. These changes can be detected, and an attacker can use those changes to figure out which value was read.
security  !publish 
may 2018 by zephyr777
Think You’ve Got Your Credit Freezes Covered? Think Again. — Krebs on Security
Kerskie’s investigation revealed that the mobile phone merchants weren’t asking any of the four credit bureaus mentioned above. Rather, the mobile providers were making credit queries with the National Consumer Telecommunications and Utilities Exchange (NCTUE)
Finance  !publish 
may 2018 by zephyr777

« earlier    

related tags

!share  !updates  $tag_more  abine  andres_martinson  android  apple  backup  bash  basic  basics  bestpractices  bookmarks_bar  browser  cell_phones_tablets  core_i7  development  ebooks  ereading  fb  finance  fonts_scripts  hw  ifttt  im  learning  linux  misc  mobile_dev  networking  noobs  privacy  productivity  python  science  security  services  techsupport  virtual_machines  voip  web_dev  win10  密码管理 

Copy this bookmark: