Debian

Privacy-Focused Debian-Based Tails 3.0 Reaches RC Status (betanews.com) 25

BrianFagioli quotes BetaNews: Today, Tails achieves an important milestone. Version 3.0 reaches RC status -- meaning the first release candidate (RC1). In other words, it may soon be ready for a stable release -- if testing confirms as much. If you want to test it and provide feedback, you can download the ISO now. This is quite the significant upgrade, as the operating system is moving to a new base — Debian 9 "Stretch." The Debian kernel gets upgraded to 4.9.0-3, which is based on Linux kernel 4.9.25. As previously reported back in February, Tails 3.0 will drop 32-bit processor support too.

Using Tor is a huge part of the privacy aspect of Tails, and the tor web browser sees an update to 7.0a4. Tor itself is updated to 0.3.0.7-1. Less important is the move from Icedove to Thunderbird for email. This is really in name only, as Debian has begun using the "Thunderbird" branding again. From a feature perspective, it is inconsequential.

Government

Julian Assange Still Faces Legal Jeopardy In Three Countries (chicagotribune.com) 192

Though Sweden dropped an investigation into rape allegations against Julian Assange, "I can conclude, based on the evidence, that probable cause for this crime still exists," chief prosecutor Marianne Ny told reporters in Stockholm. An anonymous reader quotes Newsweek: Ny stressed in her statement Friday that the investigation could be reopened before the statute of limitations on the case expires in 2020. If Assange "went into British custody, then the Swedes may well revisit their decision ⦠as extradition is suddenly easier", tweeted legal expert David Allen Green. Assange failed to answer a bail hearing when he took refuge in the embassy, resulting in an active warrant for his arrest by London's Metropolitan Police, punishable by up to a year in prison. Foremost of Assange's concerns is possible extradition to the U.S., where he he could be detained on espionage charges... Ecuador has offered Assange asylum should he be able to leave Britain.
Meanwhile, The Chicago Tribune reports that "a federal inquiry is widely assumed to be underway by prosecutors in Virginia." According to a former senior Justice Department official, who requested anonymity to discuss the Assange case, American authorities are now presented with a "cat and mouse game." "The decision on whether to indict him rests largely on whether they can get their hands on him," the former official said. Indicting the head of an organization such as WikiLeaks presents a huge number of First Amendment issues, but the Trump White House has indicated such issues may be less of a hurdle than during previous administrations. Prosecutors could seek a sealed indictment -- or may have one already -- to be unveiled if and when Assange strays within reach of American law enforcement, the former official said.
Networking

Netgear Adds Support For "Collecting Analytics Data" To Popular R7000 Router 105

An anonymous reader writes: Netgear's latest firmware update for the R7000 includes new support for collecting analytics data. The update release notes include this caution:

NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router s web GUI and configure the settings for this feature.

An article on Netgear's KB states updated last week that Netgear collects information including IP addresses, MAC, certain WiFi information, and information about connected devices.

Transportation

Delta Airlines Tests Facial Recognition To Speed Up Baggage Check-In (cnn.com) 56

Would you let Delta airlines scan your face if it meant you could skip the line to check-in your baggage? An anonymous reader quotes CNN: Delta is testing a face-scanning kiosk for baggage check... It uses facial recognition technology to match your identity to your passport photo. You tag your own bags, pay the fee and drop your luggage on a conveyor belt... Delta will test four of the machines at Minneapolis-St. Paul International Airport this summer. The airline spent $600,000 on the four kiosks.
A senior staff attorney at the EFF warns this could be a slippery slope -- at what point this morphs into airline surveillance? But a Delta spokerspeson insists the images won't be stored, that they're complying with privacy laws, and that the kiosks could double the number of passengers whisking through their check-in procedures.
Blackberry

BlackBerry Working With Automakers On Antivirus Tool For Your Car (reuters.com) 45

An anonymous reader quotes a report from Reuters: BlackBerry is working with at least two automakers to develop a security service that would remotely scan vehicles for computer viruses and tell drivers to pull over if they were in critical danger, according to a financial analyst. The service, which would also be able to install security patches to an idle car, is being tested by luxury automakers Aston Martin and Range Rover. The service could be launched as early as next year, generating about $10 a month per vehicle for BlackBerry, according to Papageorgiou, who has followed BlackBerry for more than 15 years. Vehicles increasingly rely on dozens of computers that connect to each other as well as the internet, mobile networks and Bluetooth communications systems that make them vulnerable to remote hacks.
Windows

Almost All WannaCry Victims Were Running Windows 7 (theverge.com) 119

An anonymous reader quotes a report from The Verge: According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections. Windows 7 is still by far the most common version of Windows, running on roughly four times as many computers as Windows 10 worldwide. Since more recent versions of Windows aren't vulnerable to WannaCry, it makes sense that most of the infections would hit computers running 7. Still, the stark disparity emphasizes how small of a role Windows XP seems to have played in spreading the infection, despite early concerns about the outdated operating system. The new figures also bear on the debate over Microsoft's patching practices, which generated significant criticism in the wake of the attack. Microsoft had released a public patch for Windows 7 months before the attack, but the patch for Windows XP was only released as an emergency measure after the worst of the damage had been done. The patch was available earlier to paying Custom Support customers, but most XP users were left vulnerable, each unpatched computer a potential vector to spread the ransomware further. Still, Kaspersky's figures suggest that unpatched XP devices played a relatively small role in the spread of the ransomware.
United States

Federal Agents Used a Stingray To Track an Immigrant's Phone (detroitnews.com) 103

An anonymous reader shares a report: Investigators from Immigration and Custom Enforcement as well as the FBI have been using controversial cell-spoofing devices to secretly track down undocumented immigrants, court records show. According to a report the Detroit News, which obtained an unsealed federal search warrant affidavit, FBI and ICE agents in Michigan used a Stingray device to ensnare a restaurant worker from El Salvador in March. The devices, which were originally intended for counter-terrorism use, have come under fire because there are currently no clear rules governing when law enforcement is allowed to deploy them. Even in cases where authorities have a clear target in mind, they run the risk of exposing personal information of other innocent people in range. Until 2015, Federal investigators were free to deploy the devices without a search warrant. At that point the Justice Department laid out a policy requiring investigators get approval to use the devices first.
Twitter

A Bug in Twitter's Old Vine App May Have Exposed Your Email (cnet.com) 6

An anonymous reader shares a report: If you had a Vine account, there's an alert you may want to know about. The video app, which Twitter bought in 2012 and shut down last year after its six-second videos failed to take off, sent out emails to some users Friday alerting them to a vulnerability in its service. Yeah, that's right, Vine is dead, but your account may have been compromised anyway. Apparently, the "bug" potentially exposed email addresses to hackers or other "third parties under certain circumstances." The vulnerability apparently existed for less than 24 hours, or 14,400 Vine videos. "We take these incidents very seriously, and we're sorry this occurred," Vine wrote in its email. It also said the information exposed could not be used to access accounts, and there were no indications any of the data had been misused.
Security

French Researchers Find Last-ditch Cure To Unlock WannaCry Files (reuters.com) 36

French researchers said on Friday they had found a last-chance way for technicians to save Windows files encrypted by WannaCry, racing against a deadline as the ransomware threatens to start locking up victims' computers first infected a week ago. From a report: WannaCry, which started to sweep round the globe last Friday and has infected more than 300,000 computers in 150 nations, threatens to lock out victims who have not paid a sum of $300 to $600 within one week of infection. A loose-knit team of security researchers scattered across the globe said they had collaborated to develop a workaround to unlock the encryption key for files hit in the global attack, which several independent security researchers have confirmed. The researchers warned that their solution would only work in certain conditions, namely if computers had not been rebooted since becoming infected and if victims applied the fix before WannaCry carried out its threat to lock their files permanently. Also see: Windows XP PCs Infected By WannaCry Can Be Decrypted Without Paying Ransom.
Security

Hacker Steals 17 Million Zomato Users' Data, Briefly Puts It On Dark Web (hackread.com) 32

Waqas reports via Hack Read: Recently, HackRead found out a vendor going by the online handle of âoenclayâ is claiming to have hacked Zomato and selling the data of its 17 million registered users on a popular Dark Web marketplace. The database includes emails and password hashes of registered Zomato users while the price set for the whole package is USD 1,001.43 (BTC 0.5587). The vendor also shared a trove of sample data to prove that the data is legit. Here's a screenshot of the sample data publicly shared by "nclay." Upon testing the sample data on Zomato.com's login page, it was discovered that each and every account mentioned in the list exists on Zomato. Although Zomato didn't reply to our email but in their latest blog post the company has acknowledged the breach. Here's a full preview of the blog post published by Zomato 7hours ago: "Over 120 million users visit Zomato every month. What binds all of these varied individuals is the desire to enjoy the best a city has to offer, in terms of food. When Zomato users trust us with their personal information, they naturally expect the information to be safeguarded. And that's something we do diligently, without fail. We take cyber security very seriously -- if you've been a regular at Zomato for years, you'd agree."
Databases

Font Sharing Site DaFont Has Been Hacked, Exposing Thousands of Accounts (zdnet.com) 17

A popular font sharing site DaFont.com has been hacked, resulting in usernames, email addresses, and hashed passwords of 699,464 user accounts being stolen. ZDNet reports: The passwords were scrambled with the deprecated MD5 algorithm, which nowadays is easy to crack. As such, the hacker unscrambled over 98 percent of the passwords into plain text. The site's main database also contains the site's forum data, including private messages, among other site information. At the time of writing, there were over half-a-million posts on the site's forums. The hacker told ZDNet that he carried out his attack after he saw that others had also purportedly stolen the site's database. "I heard the database was getting traded around so I decided to dump it myself -- like I always do," the hacker told me. Asked about his motivations, he said it was "mainly just for the challenge [and] training my pentest skills." He told me that he exploited a union-based SQL injection vulnerability in the site's software, a flaw he said was "easy to find." The hacker provided the database to ZDNet for verification.
Windows

Windows XP PCs Infected By WannaCry Can Be Decrypted Without Paying Ransom (arstechnica.com) 60

An anonymous reader quotes a report from Ars Technica: Owners of some Windows XP computers infected by the WCry ransomware may be able to decrypt their data without making the $300 to $600 payment demand, a researcher said Thursday. Adrien Guinet, a researcher with France-based Quarkslab, has released software that he said allowed him to recover the secret decryption key required to restore an infected XP computer in his lab. The software has not yet been tested to see if it works reliably on a large variety of XP computers, and even when it does work, there are limitations. The recovery technique is also of limited value because Windows XP computers weren't affected by last week's major outbreak of WCry. Still, it may be helpful to XP users hit in other campaigns. "This software has only been tested and known to work under Windows XP," he wrote in a readme note accompanying his app, which he calls Wannakey. "In order to work, your computer must not have been rebooted after being infected. Please also note that you need some luck for this to work (see below), and so it might not work in every case!"
Businesses

'WannaCry Makes an Easy Case For Linux' (techrepublic.com) 407

An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.
Security

Any Half-Decent Hacker Could Break Into Mar-a-Lago (alternet.org) 326

MrCreosote writes: Properties owned and run by the Trump Organization, including places where Trump spends much of his time and has hosted foreign leaders, are a network security nightmare. From a report via ProPublica (co-published with Gizmodo): "We parked a 17-foot motor boat in a lagoon about 800 feet from the back lawn of The Mar-a-Lago Club in Palm Beach and pointed a 2-foot wireless antenna that resembled a potato gun toward the club. Within a minute, we spotted three weakly encrypted Wi-Fi networks. We could have hacked them in less than five minutes, but we refrained. A few days later, we drove through the grounds of the Trump National Golf Club in Bedminster, New Jersey, with the same antenna and aimed it at the clubhouse. We identified two open Wi-Fi networks that anyone could join without a password. We resisted the temptation. We have also visited two of President Donald Trump's other family-run retreats, the Trump International Hotel in Washington, D.C., and a golf club in Sterling, Virginia. Our inspections found weak and open Wi-Fi networks, wireless printers without passwords, servers with outdated and vulnerable software, and unencrypted login pages to back-end databases containing sensitive information. The risks posed by the lax security, experts say, go well beyond simple digital snooping. Sophisticated attackers could take advantage of vulnerabilities in the Wi-Fi networks to take over devices like computers or smart phones and use them to record conversations involving anyone on the premises."
Communications

Region-Locked Content Drives UK Users To Try a VPN (itproportal.com) 57

An anonymous reader writes: A new report has revealed that VPN usage in the UK has increased with almost one in six people now using a VPN alongside their internet connection. According to YouGov's 'Incognito Individual' report, 16 percent of British adults have used either a VPN or proxy server. This up-tick in users trying a VPN was often the direct result of trying access region-locked content or websites. Of those surveyed, 48 percent of respondents admitted to using a VPN or a proxy to access content they would otherwise be unable to view. VPNs are often used by security conscious individuals who are concerned with their privacy and not having their browsing data logged. YouGov's report found that 44 percent of VPN users utilised such a service for better security and that 37 percent did so for improved privacy.
Crime

Chelsea Manning Set To Be Released From Prison, 28 Years Early (nbcnews.com) 540

An anonymous reader quotes a report from NBC News: Army whistleblower Chelsea Manning is set to walk out of prison Wednesday -- but she won't be entirely free. Manning's 35-year sentence for leaking an enormous trove of military intelligence records was commuted by President Barack Obama in January. But Manning is still appealing her conviction in a case that could take years, and the government has yet to respond to the appeal. And all the while, Private First Class Manning, 29, will remain an active duty soldier in the U.S. Army. She won't be paid a salary, and it's highly unlikely that she will be called to serve. But being placed on voluntary excess leave rather than discharged, says one of her attorneys, makes her vulnerable to new military punishment or charges if she steps out of line. Such an offense could be anything from getting into a fistfight to revealing previously unreleased classified information. Manning could even get into trouble with the military for speaking and writing. The Army private then known as Bradley Manning was just 22-year-old when she leaked nearly 750,000 military files and cables to WikiLeaks. Manning was court-martialed and sentenced in 2013 to 35 years in prison, with opportunity for parole after seven years served. n a statement given to the TODAY show the day after sentencing, Manning came out as a transgender woman. Last Tuesday, in Manning's first official statement about her plans after prison, she said, "I can see a future for myself as Chelsea."
Facebook

European Privacy Regulators Take Coordinated Action Against Facebook 53

An anonymous reader writes: European privacy regulators from as number of countries has made a coordinated action against Facebook for violating data protection laws. The French CNIL has sanctioned Facebook with a 150,000 EUR fine, and the regulator from Netherlands is considering a similar action. Regulators are concerned with new privacy policies of Facebook, lack of transparency, cookie handling and tracking Facebook users on third-party sites -- all without user knowledge or control. Such coordinated move is unprecedented in the history of European data protection regulators.
Security

Group Linked To NSA Spy Leaks Threatens Sale of New Tech Secrets (reuters.com) 105

Hacker group Shadow Brokers, which has taken credit for leaking NSA cyber spying tools -- including ones used in the WannaCry global ransomware attack -- has said it plans to sell code that can be used to hack into the world's most used computers, software and phones. From a report on Reuters: Using trademark garbled English, the Shadow Brokers group said in an online statement that, from June, it will begin releasing software to anyone willing to pay for access to some of the tech world's biggest commercial secrets. In the blog post, the group said it was setting up a "monthly data dump" and that it could offer tools to break into web browsers, network routers, phone handsets, plus newer exploits for Windows 10 and data stolen from central banks. It said it was set to sell access to previously undisclosed vulnerabilities, known as zero-days, that could be used to attack Microsoft's latest software system, Windows 10. The post did not identify other products by name. It also threatened to dump data from banks using the SWIFT international money transfer network and from Russian, Chinese, Iranian or North Korean nuclear and missile programs, without providing further details.
Security

Hackers Aligned With Vietnam Government Are Attacking Foreign Companies (cnbc.com) 19

A hacker group "aligned with Vietnamese government interests" carried out attacks on corporate companies, journalists and overseas governments over the past three years, according to a report from cyber security firm FireEye. FireEye, which works with large companies to secure their assets from cyber threats, said it has tracked at least 10 separate attacks from the group -- referred to as OceanLotus, or APT32 -- since 2014. Targets included members of the media, and private and public sector organizations from across Germany, China, the U.S., the Philippines, the UK and Vietnam itself, according to the report. From an article: APT refers to advanced persistent threat -- one that involves a continuous hacking process using sophisticated techniques that exploit vulnerabilities within a network. Nick Carr, a senior manager at FireEye's Mandiant team that responds to threats and incidents, told CNBC what set APT32 apart from other groups was the kind of information the hackers were looking for within a company's breached network. "Several cases here, it appears APT32 was conducting intrusions to investigate the victims' operations and assess their adherence to regulations," Carr said. "That's where it starts to be really unusual and is a significant departure from the wide-scale intellectual property theft and espionage that you see from a Chinese group, or political espionage or information operations from a Russian group." To be clear, the attacks carried out by APT32 are unrelated to the WannaCry ransomware that has hit 200,000 victims in at least 150 countries since Friday.
Security

Breach at DocuSign Led To Targeted Email Malware Campaign (krebsonsecurity.com) 20

Digital signature service DocuSign said Monday that an unnamed third-party had got access to email addresses of its users after hacking into its systems. From a report: DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems. The company stresses that the data stolen was limited to customer and user email addresses, but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign. [...] In an update late Monday, DocuSign confirmed that this malicious third party was able to send the messages to customers and users because it had broken in and stolen DocuSign's list of customers and users.

Slashdot Top Deals