By samzenpus from Slashdot's go-ahead-and-ask department
Brian Krebs got his start as a reporter at The Washington Post and after having his entire network taken down by the Lion Worm
, crime and cybersecurity became his focus. In 2005, Krebs started the Security Fix blog and Krebs On Security
in 2009, which remains one of the most popular sources of cybercrime and security news. Brian is credited with being the first journalist to report on Stuxnet and one of his investigative series on the McColo botnet is estimated to have led to a 40-70% decline in junk e-mail sent worldwide. Unfortunately for Krebs, he's also well known to criminals. In 2013 he became one of the first journalists to be a victim of Swatting
and a few months later a package of heroin was delivered to his home
. Brian has agreed to give us some of his time and answer any questions you may have about crime and cybersecurity. As usual, ask as many as you'd like
, but please, one per post.Read Replies (0)
By Soulskill from Slashdot's software-complexity-breeds-security-researchers department
An anonymous reader notes a report from El Reg on a major cross-app resource vulnerability in iOS and Mac OS X
. Researchers say it's possible to break app sandboxes, bypass App Store security checks, and crack the Apple keychain. The researchers wrote, "specifically, we found that the inter-app interaction services, including the keychain and WebSocket on OS X and URL Scheme on OS X and iOS, can all be exploited by [malware] to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote. Further, the design of the App sandbox on OS X was found to be vulnerable, exposing an app’s private directory to the sandboxed malware that hijacks its Apple Bundle ID. As a result, sensitive user data, like the notes and user contacts under Evernote and photos under WeChat, have all been disclosed. Fundamentally, these problems are caused by the lack of app-to-app and app-to-OS authentications." Their full academic paper
(PDF) is available online, as are a series of video demos
. They withheld publication for six months at Apple's request, but haven't heard anything further about a fix.Read Replies (0)
By Soulskill from Slashdot's solid-state-detective-work department
An anonymous reader writes: Algolia is a buzzword-compliant ("Hosted Search API that delivers instant and relevant results")
start-up that uses a lot of open-source software (including various strains of Linux) and a lot of solid-state disk, and as such sometimes runs into problems with each of these. Their blog this week features a fascinating look at troubles that they faced with ext4 filesystems mysteriously flipping to read-only mode: not such a good thing for machines processing a search index, not just dishing it out.
"The NGINX daemon serving all the HTTP(S) communication of our API was up and ready to serve the search queries but the indexing process crashed. Since the indexing process is guarded by supervise, crashing in a loop would have been understandable but a complete crash was not. As it turned out the filesystem was in a read-only mode. All right, let's assume it was a cosmic ray :) The filesystem got fixed, files were restored from another healthy server and everything looked fine again. The next day another server ended with filesystem in read-only, two hours after another one and then next hour another one. Something was going on. After restoring the filesystem and the files, it was time for serious analysis since this was not a one time thing.
The rest of the story explains how they isolated the problem and worked around it; it turns out that the culprit was TRIM, or rather TRIM's interaction with certain SSDs: "The system was issuing a TRIM to erase empty blocks, the command got misinterpreted by the drive and the controller erased blocks it was not supposed to. Therefore our files ended-up with 512 bytes of zeroes, files smaller than 512 bytes were completely zeroed. When we were lucky enough, the misbehaving TRIM hit the super-block of the filesystem and caused a corruption."
< article continued at Slashdot
>Read Replies (0)