Collaborate Disseminate
Unicode, the wonderful extension to to ASCII that gives us gems like “✈”, “⌨”, and “☕”, has had some unexpected security ramifications. The most common problems with Unicode are visual security issues, like character confusion between letters. For example, the English “M” (U+004D) is indistinguishable from the Cyrillic “М” (U+041C). …read more
Continue reading This Week in Security: Unicode, Truecrypt, and NPM Vulnerabilities
An issue in Unix virtual private networks was disclosed recently, where an attacker could potentially hijack a TCP stream, even though that stream is inside the VPN. This attack affects OpenVPN, Wireguard, and even IPSec VPNs. How was this possible? Unix systems support all manner of different network scenarios, and …read more
Continue reading This Week in Security: VPNs, Patch Tuesday, and Plundervault
CVE-2019-5700 is a vulnerability in the Nvidia Tegra bootloader, discovered by [Ryan Grachek], and breaking first here at Hackaday. To understand the vulnerability, one first has to understand a bit about the Tegra boot process. When the device is powered on, a irom firmware loads the next stage of the …read more
Continue reading This Week in Security: Tegra Bootjacking, Leaking SSH, and StrandHogg
Microsoft seems to have an every-other-version curse. We’re not sure how much of this is confirmation bias, but consider the track record of releases. Windows 95 was game-changing, Windows 98 famously crashed during live demo. Windows 2000 was amazing, Windows ME has been nicknamed the “Mistake Edition”. XP was the …read more
Continue reading Updating to Windows 10 for Fun and Profit: Make Those OEM Keys Go Further
Malware embedded in office documents has been a popular attack for years. Many of those attacks have been fixed, and essentially all the current attacks are unworkable when a document is opened in protected view. There are ways around this, like putting a notice at the top of a document, …read more
Today I have a tale of mystery, of horror, and of hope. The allure of a newer kernel and packages was too much to resist, so I found myself upgrading to Fedora 30. All the packages had downloaded, all that was left was to let DNF reboot the machine and …read more
Continue reading Tales from the Sysadmin: Dumped into the Grub Command Line
There is another WhatsApp flaw, but instead of malicious GIFs, this time it’s malicious mp4 files. Facebook announced the vulnerability late last week. An update has been released, so first go make sure WhatsApp is updated. Facebook’s advisory is a bit light on the details, simply saying that a “stack-based …read more
An issue was discovered in libarchive through Google’s ClusterFuzz project. Libarchive is a compression and decompression library, widely used in utilities. The issue here is how the library recovers from a malformed archive. Hitting an invalid header causes the memory in use to be freed. The problem is that it’s …read more
Continue reading This Week in Security: Fuzzing Fixes, Foul Fonts, TPM Timing Attacks, and More!
There’s been a spate of apocalypse related articles over the last few weeks, but when I saw an AM radio made from a hand-wound coil and an oxidized British penny, I couldn’t help but be impressed. We’ve covered foxhole radios, stereotypical radios that are cobbled together from found parts during …read more
We’ve talked about PXE booting the Raspberry Pi 3B+, and then looked at the Raspberry Pi 4 as a desktop replacement. But there’s more! The Pi 4 sports a very useful new feature, the flashable bootloader. Just recently a beta version of that bootloader was released that supports PXE — …read more