Configure Windows telemetry in your organization (Windows 10)

Microsoft does not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user’s device. If we determine that sensitive information has been inadvertently received, we delete the information.

Source: Configure Windows telemetry in your organization (Windows 10)

Cyanogen Inc shutting down CyanogenMod nightly builds and other services, CM will live on as Lineage

The CyanogenMod team has posted an update of their own, confirming the shutdown of the CM infrastructure and outlining a plan to continue the open-source initiative as Lineage, which we suspected was going to be the case last week.

Source: Cyanogen Inc shutting down CyanogenMod nightly builds and other services, CM will live on as Lineage [Updated]

0-days hitting Fedora and Ubuntu open desktops to a world of hurt

The exploit ending in .flac works as a drive-by attack when a Fedora 25 user visits a booby-trapped webpage. With nothing more than a click required, the file will open the desktop calculator. With modification, it could load any code an attacker chooses and execute it with the same system privileges afforded to the user. While users typically don’t have the same unfettered system privileges granted to root, the ones they do have are plenty powerful.

Source: 0-days hitting Fedora and Ubuntu open desktops to a world of hurt

Here’s a blurb from the researcher’s blog post about this:

Resolving all the above, I present here a full, working, reliable, 0day exploit for current Linux distributions (Ubuntu 16.04 LTS and Fedora 25). It’s a full drive-by download in the context of Fedora. It abuses cascading subtle side effects of an emulation misstep that at first appears extremely difficult to exploit but ends up presenting beautiful and 100% reliable exploitation possibilities.

Source: Redux: compromising Linux using… SNES Ricoh 5A22 processor opcodes?!

“Most serious” Linux privilege-escalation bug ever is under active exploit

The vulnerability, a variety known as a race condition, was found in the way Linux memory handles a duplication technique called copy on write. Untrusted users can exploit it to gain highly privileged write-access rights to memory mappings that would normally be read-only. More technical details about the vulnerability and exploit are available here, here, and here. Using the acronym derived from copy on write, some researchers have dubbed the vulnerability Dirty COW.

Source: “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

With Windows 10, Microsoft Blatantly Disregards User Choice and Privacy

The tactics Microsoft employed to get users of earlier versions of Windows to upgrade to Windows 10 went from annoying to downright malicious. Some highlights: Microsoft installed an app in users’ system trays advertising the free upgrade to Windows 10. The app couldn’t be easily hidden or removed, but some enterprising users figured out a way. Then, the company kept changing the app and bundling it into various security patches, creating a cat-and-mouse game to uninstall it.

Source: With Windows 10, Microsoft Blatantly Disregards User Choice and Privacy: A Deep Dive | Electronic Frontier Foundation

And while users can disable some of these settings, it is not a guarantee that your computer will stop talking to Microsoft’s servers. A significant issue is the telemetry data the company receives. While Microsoft insists that it aggregates and anonymizes this data, it hasn’t explained just how it does so.

Outages

I’m migrating this web server to a more modern Fedora from Fedora 14 and there have been problems.  Had to ditch the new MariaDB for community mysql because the former cannot read in a common SQL file describing this simple WordPress database without marking it corrupt.  See:

MySQL to MariaDB migration: handling privilege table differences when using mysqldump

Community mysql works well and all databases read in like SQL should.  There have been memory leak problems bringing down services at random times which might be an OS problem or httpd problem so I’m getting ready to rebuild on a modern CentOS distro which should be more stable.  I don’t feel like debugging this since it should just work when installed.  The latest crash was SELinux which activated itself after a reboot and it doesn’t like anything running on its system.

The Fedora 14 VM has been rock solid since 2010 and I’ll still use it as a backup.  I wanted to create a VM in VirtualBox and Fedora 14 is too old to build from scratch.  This modern Fedora seems very unreliable.

tl;dr This site will be under construction and may fall over every now and then.

“Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

As involved as that process was, getting unauthorized code covertly installed into an official operating system and keeping it there for years would appear to be an even more complicated—and brazen—undertaking. This 2013 article published by Der Spiegel reported that an NSA operation known as FEEDTHROUGH worked against Juniper firewalls and gave the agency persistent backdoor access.

Source: “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic | Ars Technica

secmodel_securelevel

The securelevel mechanism is intended to allow protecting the persistence of code and data on the system, or a subset thereof, from modification, even by the super-user by providing convenient means of “locking down” a system to a degree suited to its environment.

Source: NetBSD 6.1.5 – man page for secmodel_securelevel (netbsd section 9) – Unix & Linux Commands

Highly secure mode may seem Draconian, but is intended as a last line of defence should the super-user account be compromised. Its effects preclude circumvention of file flags by direct modification of a raw disk device, or erasure of a file system by means of newfs(8). Further, it can limit the potential damage of a compromised “firewall” by prohibiting the modification of packet filter rules. Preventing the system clock from being set backwards aids in post-mortem analysis and helps ensure the integrity of logs. Precision timekeeping is not affected because the clock may still be slowed.