close

If the French service Qwant.com is set as the #search provider in your web #browser (Firefox, Iridium...), it may occur that it shows a message telling it's not "available" in your region. This can happen if you're using TOR, a VPN, or for other reasons.

To circumvent this, you may :

  1. Go to the search bar (CTRL + L), edit qwant.com as ddg.gg and hit Enter, you'll go to #DuckDuckGo with the same request.
  2. Or for the next searches, write as following into the search bar: !ddg my keywords to perform the same search throught Duck Duck Go, instead of your original #request my keywords

If it happens too often, change the default search engine.

  • Ar chevron_right

    Chrome users have faced 3 security concerns over the past 24 hours

    news.movim.eu / ArsTechnica · Friday, 5 February - 21:21

Chrome users have faced 3 security concerns over the past 24 hours

(credit: Chrome )

Users of Google’s Chrome browser have faced three security concerns over the past 24 hours in the form of a malicious extension with more than 2 million users, a just-fixed zero-day, and new information about how malware can abuse Chrome's sync feature to bypass firewalls. Let’s discuss them one by one.

First up, the Great Suspender, an extension with more than 2 million downloads from the Chrome Web Store, has been pulled from Google servers and deleted from users’ computers. The extension has been an almost essential tool for users with small amounts of RAM on their devices. Since Chrome tabs are known to consume large amounts of memory, the Great Suspender temporarily suspends tabs that haven’t been opened recently. That allows Chrome to run smoothly on systems with modest resources.

Characteristically terse

Google's official reason for the removal is characteristically terse. Messages displayed on devices that had the extension installed say only, “This extension contains malware” along with an indication that it has been removed. A Google spokesman declined to elaborate.

Read 11 remaining paragraphs | Comments

index?i=ooMPqnL1CuE:eWEW5oucaNA:V_sGLiPBpWUindex?i=ooMPqnL1CuE:eWEW5oucaNA:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ga chevron_right

    Update your NVIDIA drivers due to multiple security issues found

    news.movim.eu / GamingOnLinux · Sunday, 10 January - 12:00 · 1 minute

Here's something we missed with the latest NVIDIA driver updates - turns out that NVIDIA had multiple security issues that they put out in a recent security bulletin. Multiple issues affect both Windows and Linux, across multiple versions of the official NVIDIA proprietary driver.

The ones that affect the Linux desktop are:

  • CVE‑2021‑1052: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure."
  • CVE‑2021‑1053: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service."
  • CVE‑2021‑1056: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure."

There's also some vGPU security issues too, which also affect Linux but they're not regular desktop stuff.

If you want to make sure you're totally safe you should update to the latest driver in the series you're using. Going by the information on the NVIDIA security page you should be good on (or better) 460.32.03 which is the latest "Production Branch" driver, 450.102.04 and 390.141 being the latest Legacy driver.

You can look out for future security info here from NVIDIA.

Article from GamingOnLinux.com - do not reproduce this article without permission. This RSS feed is intended for readers, not scrapers.
  • Ar chevron_right

    Florida posted the password to a key disaster system on its website

    news.movim.eu / ArsTechnica · Wednesday, 9 December - 18:29 · 1 minute

The words

Enlarge / Florida's apparently being a little too welcoming at the moment. (credit: iLLiePhotography | Getty Images )

Florida police said a raid they conducted Monday on the Tallahassee home of Rebekah Jones, a data scientist who the state fired from her job in May, was part of an investigation into an unauthorized access of a state emergency-responder system. It turns out, however, that not only do all state employees with access to that system share a single username and password, but also those credentials are publicly available on the Internet for anyone to read.

The background

Jones on Monday shared a video of the police raid on her house as part of a Twitter thread in which she explained the police were serving a search warrant on her house following a complaint from the Department of Health. That complaint, in turn, was related to a message sent to Florida emergency responders back in November.

About 1,700 members of Florida's emergency-response team received the communication on November 10, according to the affidavit ( PDF ) cited in the search warrant for Jones' home. The message urged recipients to "speak up before another 17,000 people are dead. You know this is wrong. You don’t have to be a part of this. Be a hero. Speak out before it's too late."

Read 10 remaining paragraphs | Comments

index?i=9Zw1hsVWFxY:QCNGt_YTFU0:V_sGLiPBpWUindex?i=9Zw1hsVWFxY:QCNGt_YTFU0:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    Apple lets some Big Sur network traffic bypass firewalls

    news.movim.eu / ArsTechnica · Tuesday, 17 November - 20:48 · 1 minute

A somewhat cartoonish diagram illustrates issues with a firewall.

Enlarge (credit: Patrick Wardle)

Firewalls aren’t just for corporate networks. Large numbers of security- or privacy-conscious people also use them to filter or redirect traffic flowing in and out of their computers. Apple recently made a major change to macOS that frustrates these efforts.

Beginning with Big Sur released last week, some 50 Apple-specific apps and processes are no longer routed through firewalls like Little Snitch and Lulu. The undocumented exemption came to light only after Patrick Wardle, a security researcher at a Mac and iOS enterprise developer Jamf, disclosed the change over the weekend.

“100% blind”

To demonstrate the risks that come with this move, Wardle—a former hacker for the NSA—demonstrated how malware developers could exploit the change to make an end-run around a tried-and-true security measure. He set Lulu to block all outgoing traffic on a Mac running Big Sur and then ran a small programming script that interacted with one of the apps that Apple exempted. The python script had no trouble reaching a command and control server he set up to simulate one commonly used by malware to receive commands and exfiltrate sensitive data.

Read 9 remaining paragraphs | Comments

index?i=XUr9W5AHxRs:f8o-Q-ENo-E:V_sGLiPBpWUindex?i=XUr9W5AHxRs:f8o-Q-ENo-E:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    Study shows which messengers leak your data, drain your battery, and more

    news.movim.eu / ArsTechnica · Monday, 26 October, 2020 - 21:31

Stock photo of man using smartphone.

Enlarge (credit: Getty Images )

Link previews are a ubiquitous feature found in just about every chat and messaging app, and with good reason. They make online conversations easier by providing images and text associated with the file that’s being linked.

Unfortunately, they can also leak our sensitive data, consume our limited bandwidth, drain our batteries, and, in one case, expose links in chats that are supposed to be end-to-end encrypted. Among the worst offenders, according to research published on Monday , were messengers from Facebook, Instagram, LinkedIn, and Line. More about that shortly. First a brief discussion of previews.

When a sender includes a link in a message, the app will display the conversation along with text (usually a headline) and images that accompany the link. It usually looks something like this:

Read 9 remaining paragraphs | Comments

index?i=0Kq0Z1maFmo:q1e7Z5XZB2g:V_sGLiPBpWUindex?i=0Kq0Z1maFmo:q1e7Z5XZB2g:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    A watch designed exclusively for kids has an undocumented spying backdoor

    news.movim.eu / ArsTechnica · Monday, 12 October, 2020 - 13:00 · 1 minute

A watch designed exclusively for kids has an undocumented spying backdoor

Enlarge (credit: Xplora )

A popular smartwatch designed exclusively for children contains an undocumented backdoor that makes it possible for someone to remotely capture camera snapshots, wiretap voice calls, and track locations in real time, a researcher said.

The X4 smartwatch is marketed by Xplora, a Norway-based seller of children’s watches. The device, which sells for about $200, runs on Android and offers a range of capabilities, including the ability to make and receive voice calls to parent-approved numbers and to send an SOS broadcast that alerts emergency contacts to the location of the watch. A separate app that runs on the smartphones of parents allows them to control how the watches are used and receive warnings when a child has strayed beyond a present geographic boundary.

But that’s not all

It turns out that the X4 contains something else: a backdoor that went undiscovered until some impressive digital sleuthing. The backdoor is activated by sending an encrypted text message. Harrison Sand, a researcher at Norwegian security company Mnemonic, said that commands exist for surreptitiously reporting the watch’s real-time location , taking a snapshot and sending it to an Xplora server, and making a phone call that transmits all sounds within earshot.

Read 15 remaining paragraphs | Comments

index?i=CFOuMqjFxg4:29JG5L79UWk:V_sGLiPBpWUindex?i=CFOuMqjFxg4:29JG5L79UWk:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    Apple’s T2 security chip has an unfixable flaw

    news.movim.eu / ArsTechnica · Saturday, 10 October, 2020 - 11:04 · 1 minute

2014 Mac mini and 2012 Mac mini

Enlarge / The 2014 Mac mini is pictured here alongside the 2012 Mac mini. They looked the same, but the insides were different in some key—and disappointing—ways. (credit: Andrew Cunningham )

A recently released tool is letting anyone exploit an unusual Mac vulnerability to bypass Apple's trusted T2 security chip and gain deep system access. The flaw is one researchers have also been using for more than a year to jailbreak older models of iPhones . But the fact that the T2 chip is vulnerable in the same way creates a new host of potential threats. Worst of all, while Apple may be able to slow down potential hackers, the flaw is ultimately unfixable in every Mac that has a T2 inside.

In general, the jailbreak community hasn't paid as much attention to macOS and OS X as it has iOS, because they don't have the same restrictions and walled gardens that are built into Apple's mobile ecosystem. But the T2 chip, launched in 2017 , created some limitations and mysteries. Apple added the chip as a trusted mechanism for securing high-value features like encrypted data storage, Touch ID, and Activation Lock, which works with Apple's "Find My" services. But the T2 also contains a vulnerability, known as Checkm8, that jailbreakers have already been exploiting in Apple's A5 through A11 (2011 to 2017) mobile chipsets. Now Checkra1n, the same group that developed the tool for iOS, has released support for T2 bypass.

On Macs, the jailbreak allows researchers to probe the T2 chip and explore its security features. It can even be used to run Linux on the T2 or play Doom on a MacBook Pro's Touch Bar. The jailbreak could also be weaponized by malicious hackers, though, to disable macOS security features like System Integrity Protection and Secure Boot and install malware. Combined with another T2 vulnerability that was publicly disclosed in July by the Chinese security research and jailbreaking group Pangu Team, the jailbreak could also potentially be used to obtain FileVault encryption keys and to decrypt user data. The vulnerability is unpatchable, because the flaw is in low-level, unchangeable code for hardware.

Read 13 remaining paragraphs | Comments

index?i=W0mOsUwthoo:meuHwbliPw0:V_sGLiPBpWUindex?i=W0mOsUwthoo:meuHwbliPw0:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA