Keep OSNews alive by becoming a Patreon, by donating through Ko-Fi, or by buying merch!

Privacy, Security Archive

Breaking Into a Laptop Via Wi-Fi

An attacker could gain complete control over a laptop by sending malformed network traffic to a vulnerable computer, David Maynor, a senior researcher at security service provider SecureWorks, said in a presentation at the Black Hat security event. Maynor, along with researcher Jon 'Johnny Cache' Ellch, showed a video of a successful attack on an Apple Computer MacBook. However, the attack is possible also on other computers, both laptops and desktops, and not just MacBooks, the researchers said. The recent security fixes issued by Intel are not related to this issue.

5 Ways to Get Vista’s Security Now

"Millions of Windows users run the OS with an administrator account because Microsoft's never made it easy to do anything different. In fact, you have to work a lot harder to run with fewer rights. Microsoft will push Vista as the solution to the ever-increasing number and ingenuity of attacks. But why wait? With our five strategies, you can give Windows XP a taste of Vista's UAC protection."

Symantec Report: Vista Code Contains Security Loopholes

A new report from Symantec security researchers contends that Microsoft's much-awaited Vista operating system could harbor a range of vulnerabilities that will make it less secure than previous iterations of Windows. According to research published July 18 by Symantec, a number of Vista's software components, specifically a handful of protocols related to its redesigned networking technologies, could become security loopholes if Microsoft does not fix the problems or ensure that the product is configured appropriately to hide the glitches when it is shipped.

Sophos: Because of Malware Home Users Should Switch to Macs

Sophos has published new research into the past six months of cyber crime. The Sophos Security Threat Management Report Update reveals that while there has been a vast drop in new viruses and worms, this has been over-compensated by increases in other types of malware, as cyber criminals turn their attention to stealing information and money. Most interestingly, new Trojans now outweigh viruses and worms by 4:1, compared to 2:1 in the first half of 2005. In addition, the continued dominance of Windows-based threats has prompted Sophos to suggest that many home users should consider switching to Apple Macs, to shield themselves from the malware onslaught.

Creating a Safe Directory with PAM, EncFS

"This HowTo is about creating a user-session-safe directory which offers security on- and offline. This is done with PAM, a module named pam_script and Encfs ('Encrypted Filesystem'). This safe directory is used to store credentials and other sensitive information during a session. When a usersession is ended, in the worst case an encrypted directory remains on the harddrive. In the best case everything is removed. This construction is only meant to store information during a session, not for documents or any other valid information."

Researchers Claim Flaw in Symantec AntiVirus

A gaping security flaw in the latest versions of Symantec's anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25. Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action".

How Shellcodes Work

Here is an article explaining how shellcodes work: "This article is not a guide on writing exploits, nor an overview of popular vulnerabilities. This is a step-by-step guide on developing a shellcode, a crucial point of any exploit software. Hopefully, learning how they work will help conscientious and respectable developers and system administrators to understand how malefactors think and to defend their systems against them."

Wield the Shield: How Trustworthy Is Your OS?

Trusted operating systems have been used for some time to lock down the most sensitive of information in the most sensitive of organizations. But with security concerns rising and changing by the hour, it's now a matter of trust for any organization looking to tighten its computing ship. Several vendors, including Red Hat, Sun Microsystems and Novell, are responding by adding and/or improving trusted elements in their operating system offerings.

Computer Security – the Next 50 Years

"Security and validation are critical issues in computing, and the next fifty years will be harder than the last. There are a number of proven programming techniques and design approaches which are already helping to harden our modern systems, but each of these must be carefully balanced with usability in order to be effective. In this talk, Alan Cox, fellow at Red Hat Linux, explores the future of what may be the biggest threat facing software engineers, the unverified user."

Why Windows Is Less Secure Than Linux

"Windows has grown so complicated that it is harder to secure. Well, these images make the point very well. Both images are a complete map of the system calls that occur when a web server serves up a single page of html with a single picture. The same page and picture. A system call is an opportunity to address memory. A hacker investigates each memory access to see if it is vulnerable to a buffer overflow attack. The developer must do QA on each of these entry points. The more system calls, the greater potential for vulnerability, the more effort needed to create secure applications."

Open Source Security Testing Methodology Manual

ISECOM is an open, collaborative, security research community established in January 2001. Recently, Pete Herzog, founder of ISECOM and creator of the OSSTMM, talked about the upcoming revision 3.0 of the Open Source Security Testing Methodology Manual. He discusses why we need a testing methodology, why use open source, the value of certifications, and plans for a new vulnerability scanner developed with a different approach than Nessus.

Microsoft Says Recovery from Malware Becoming Impossible

In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit."

Review: Trustware BufferZone 1.6

"Security company Trustware has a product that takes a new approach on protecting the end users. BufferZone is centered on a concept of virtualization technology, that creates a whole new secluded environment on your computer. After installing the software, you are guided through a mini presentation that introduces you to the process of setting up your BufferZone. Although usage of terms like 'virtualization' and 'buffer' might be a bit complicated for the average PC user, the concept is very easy to comprehend and to setup."

VM Rootkits: The Next Big Threat?

Lab rats at Microsoft Research and the University of Michigan have teamed up to create prototypes for virtual machine-based rootkits that significantly push the envelope for hiding malware and that can maintain control of a target operating system. The proof-of-concept rootkit, called SubVirt, exploits known security flaws and drops a VMM (virtual machine monitor) underneath a Windows or Linux installation. Once the target operating system is hoisted into a virtual machine, the rootkit becomes impossible to detect because its state cannot be accessed by security software running in the target system.