Bug

Linux 4.0 Has a File-System Corruption Problem, RAID Users Warned 202

Posted by timothy
from the don't-store-the-ark-there dept.
An anonymous reader writes: For the past few days kernel developers and Linux users have been investigating an EXT4 file-system corruption issue affecting the latest stable kernel series (Linux 4.0) and the current development code (Linux 4.1). It turns out that Linux users running the EXT4 file-system on a RAID0 configuration can easily destroy their file-system with this newest "stable" kernel. The cause and fix have materialized but it hasn't yet worked its way out into the mainline kernel, thus users should be warned before quickly upgrading to the new kernel on systems with EXT4 and RAID0.
Education

AP Computer Science Education Scalability: Advantage, Rupert Murdoch? 47

Posted by Soulskill
from the teaching-the-next-generation-of-voicemail-hackers dept.
theodp writes: Code.org's AP Computer Science offering won't be going mainstream until the 2016-2017 school year. In the meantime, NewsWorks' Avi Wolfman-Arent reports that Rupert Murdoch's Amplify MOOC just wrapped up its second year of offering AP Computer Science A. And unlike Microsoft TEALS, Google CS First, and Code.org — programs constrained by the number of volunteers, teacher and classroom availability, professional development requirements, and money — Murdoch's AP CS MOOC holds the promise of open-access, unlimited-enrollment, learn-anywhere-and-anytime classes, a la Coursera, Udacity and EdX. So, did Microsoft, Google, Amazon, Facebook, and their leaders place a $30 million bet on the wrong horse when it comes to AP Computer Science scalability? And, even if they've got a more scalable model, will Murdoch's Amplify and schools be willing to deal with higher MOOC failure rates, and allow large numbers of students to try — and possibly drop or fail — AP CS without economic or academic consequences?
Software

Software Glitch Caused Crash of Airbus A400M Military Transport Aircraft 119

Posted by Soulskill
from the complexity-breeds-failures dept.
An anonymous reader writes: A software glitch caused the crash of an Airbus A400M military transport aircraft, claims German newspaper Der Spiegel (Google translation). The accident, which happened in Seville on the vehicle's first production test flight on 9 May, killed four crew members. Airbus is investigating the system controlling the aircraft's engines. The early suspicions are that it was an installation problem, rather than a design problem.
Security

United Airlines Invites Hackers To Find Security Vulnerabilities 54

Posted by timothy
from the how-to-get-non-flyer-miles dept.
An anonymous reader writes: Following a recent spike of interest regarding the potential to hack planes, United Airlines has created the first rewards-for-exploits scheme in the aviation industry. The 'Bug-Bounty' program offers up to a million air miles for submitters who find a specific range of exploits in the company's websites and digital infrastructure. The scheme not only bans participants from probing on-board flight systems but threatens criminal prosecution for any such attempt.
Security

'Venom' Security Vulnerability Threatens Most Datacenters 95

Posted by Soulskill
from the holes-in-legacy-code dept.
An anonymous reader sends a report about a new vulnerability found in open source virtualization software QEMU, which is run on hardware in datacenters around the world (CVE-2015-3456). "The cause is a widely-ignored, legacy virtual floppy disk controller that, if sent specially crafted code, can crash the entire hypervisor. That can allow a hacker to break out of their own virtual machine to access other machines — including those owned by other people or companies." The vulnerable code is used in Xen, KVM, and VirtualBox, while VMware, Hyper-V, and Bochs are unaffected. "Dan Kaminsky, a veteran security expert and researcher, said in an email that the bug went unnoticed for more than a decade because almost nobody looked at the legacy disk drive system, which happens to be in almost every virtualization software." The vulnerability has been dubbed "Venom," for "Virtualized Environment Neglected Operations Manipulation."
Windows

Windows 10 the Last Version of Windows? Not So Fast. 154

Posted by Soulskill
from the branding-is-the-devil dept.
A multitude of tech sites are breathlessly reporting that Windows 10 will be the last version of Windows. These claims are based on a brief comment from developer evangelist Jerry Nixon while speaking a Microsoft Ignite session on "Tiles, Notifications, and Action Center." However, as Paul Thurrott points out, you probably shouldn't take this news too seriously. Windows development has been changing for the past several years. At the very least, we've known since we learned Windows 8 would be developed for multiple form factors. We've known it specifically about Windows 10 since it was announced — Microsoft has talked about transitioning away from giant, monolithic updates. Thurrott says, The reason anyone is talking like this is that Microsoft is pushing a "Windows as a service" vision, which doesn't mean "subscription service" but rather that it plans to upgrade Windows 10 going forward with both functional and security updates, plus of course bug fixes. You know, just like it's done with every single version of Windows. Ever. ... In other words, nothing to see here. Beyond the usual: things change. If it makes sense to keep updating Windows 10 and not change the brand or version number, Microsoft will do that. If it makes sense to release something called Windows 10 R2, Windows 11, or Windows Yoghurt — seriously, who cares? — then they'll do that.
Cloud

Anonymous Tor Cloud Project Closes Down 23

Posted by timothy
from the use-sneakernet-cloud dept.
Mark Wilson writes: The Tor browser is used by many to stay anonymous online — and it's something that has been embraced by the likes of WikiLeaks as a way to safely gather information whilst hopefully avoiding the surveillance of the NSA. One lesser known project from the same stables is the Tor Cloud service, and Tor has announced that it is closing down. From the linked article: Based on the Amazon EC2 cloud computing platform, Tor Cloud provided a way to share computing resources and allow faster uncensored access to the internet. However, the project is plagued with 'at least one major bug ... that makes it completely dysfunctional' and after failing to find anyone to undertake the work, the decision was taken to shutter Tor Cloud. This does not mean that Tor itself is dead — far from it — and developers are being encouraged to create their own forked versions of Tor Cloud.
Security

Cyberlock Lawyers Threaten Security Researcher Over Vulnerability Disclosure 87

Posted by Soulskill
from the what-year-is-this dept.
qubezz writes: Security researcher Phar (Mike Davis/IOActive) gave his 30 days of disclosure notice to Cyberlock (apparently a company that makes electronic lock cylinders) that he would release a public advisory on vulnerabilities he found with the company's security devices. On day 29, their lawyers responded with a request to refrain, feigning ignorance of the previous notice, and invoking mention of the DMCA (this is not actually a DMCA takedown notice, as the law firm is attempting to suppress initial disclosure through legal wrangling). Mike's blog states: "The previous DMCA threats are from a company called Cyberlock, I had planned to do a fun little blog post (cause i ... hate blog posts) on the fun of how I obtained one, extracted the firmware bypassing the code protection and figured out its "encryption" and did various other fun things a lock shouldn't do for what its marketed as.. But before I could write that post I needed to let them know what issues we have deemed weaknesses in their gear.. the below axe grinderery is the results. (sic)" What should researchers do when companies make baseless legal threats to maintain their security-through-obscurity? Related: Bitcoin exchange company Coinbase has been accused of spying on a dark net researcher.
Bug

The BBC Looks At Rollover Bugs, Past and Approaching 59

Posted by timothy
from the ought-to-be-enough-for-anybody dept.
New submitter Merovech points out an article at the BBC which makes a good followup to the recent news (mentioned within) about a bug in Boeing's new 787. The piece explores various ways that rollover bugs in software have led to failures -- some of them truly disastrous, others just annoying. The 2038 bug is sure to bite some people; hopefully it will be even less of an issue than the Year 2000 rollover. From the article: It was in 1999 that I first wrote about this," comments [programmer William] Porquet. "I acquired the domain name 2038.org and at first it was very tongue-in-cheek. It was almost a piece of satire, a kind of an in-joke with a lot of computer boffins who say, 'oh yes we'll fix that in 2037' But then I realised there are actually some issues with this.
Privacy

Hacking the US Prescription System 78

Posted by timothy
from the quite-a-dose-you're-taking dept.
An anonymous reader writes: It appears that most pharmacies in the US are interconnected, and a breach in one leads to access to the other ones. A security advisory released [Friday] shows how a vulnerability in an online pharmacy granted access to prescription history for any US person with just their name and date of birth. From the description linked above: During the signup process, PillPack.com prompts users for their identifying information. In the end of the signup rocess, the user is shown a list of their existing prescriptions in all other pharmacies in order to make the process of transferring them to PillPack.com easier. ... To replicate this issue, an attacker would be directed to the PillPack.com website and choose the signup option. As long as the full name and the date of birth entered during signup match the target, the attacker will gain access to the target's full prescription history.
Bug

Long Uptime Makes Boeing 787 Lose Electrical Power 250

Posted by timothy
from the have-you-tried-turning-off-and-then-on-again? dept.
jones_supa writes: A dangerous software glitch has been found in the Boeing 787 Dreamliner. If the plane is left turned on for 248 days, it will enter a failsafe mode that will lead to the plane losing all of its power, according to a new directive from the US Federal Aviation Administration. If the bug is triggered, all the Generator Control Units will shut off, leaving the plane without power, and the control of the plane will be lost. Boeing is working on a software upgrade that will address the problems, the FAA says. The company is said to have found the problem during laboratory testing of the plane, and thankfully there are no reports of it being triggered on the field.
Security

Once a Forgotten Child, OpenSSL's Future Now Looks Bright 76

Posted by samzenpus
from the shot-in-the-arm dept.
Trailrunner7 writes: Rarely does anything have a defined turning point in its history, a single day where people can point and say that was the day everything changed. For OpenSSL, that day was April 7, 2014, the day that Heartbleed became part of the security lexicon. Heartbleed was a critical vulnerability in the venerable crypto library. OpenSSL is everywhere, in tens of thousands of commercial and homespun software projects. And so too, as of last April, was Heartbleed, an Internet-wide bug that leaked enough memory that a determined hacker could piece together anything from credentials to encryption keys.

"Two years ago, it was a night-and-day difference. Two years ago, aside from our loyal user community, we were invisible. No one knew we existed," says Steve Marquess, cofounder, president and business manager of the OpenSSL Foundation, the corporate entity that handles commercial contracting for OpenSSL. "OpenSSL is used everywhere: hundreds, thousands of vendors use it; every smartphone uses it. Everyone took that for granted; most companies have no clue they even used it." To say OpenSSL has been flipped on its head—in a good way—is an understatement.

Heartbleed made the tech world realize that the status quo wasn't healthy to the security and privacy of ecommerce transactions and communication worldwide. Shortly after Heartbleed, the Core Infrastructure Initiative was created, uniting The Linux Foundation, Microsoft, Facebook, Amazon, Dell, Google and other large technology companies in funding various open source projects. OpenSSL was the first beneficiary, getting enough money to hire Dr. Steve Henson and Andy Polyakov as its first full-timers. Henson, who did not return a request to be interviewed for this article, is universally known as the one steady hand that kept OpenSSL together, an unsung hero of the project who along with other volunteers handled bug reports, code reviews and changes.
Bug

Tattoos Found To Interfere With Apple Watch Sensors 403

Posted by timothy
from the clashing-hipsterisms dept.
An anonymous reader writes: A number of early Apple Watch adopters have complained that their tattoos cause interference with many of the new product's key features. According to multiple tattooed sources, inked wrists and hands can disrupt communication with the wearable's sensors installed in the underside of the device leading to malfunction. Owners of Apple Watch have taken to social media to voice their frustration using the hashtag #tattoogate and sharing their disappointment over the newly discovered Apple flaw. One user reported that the Watch's lock system did not disable as it should when the device was placed on a decorated area of skin – forcing those affected to constantly enter their security pins. A further source suggested that notification alerts would fail to 'ping' as they are supposed to, and that heart rate monitoring differed significantly between tattooed and non-tattooed wrist readings.
Transportation

Crashing iPad App Grounds Dozens of American Airline Flights 263

Posted by Soulskill
from the have-you-tried-pushing-the-button dept.
infolation writes: American Airlines was forced to delay multiple flights on Tuesday night after the iPad app used by pilots crashed. Introduced in 2013, the cockpit iPads are used as an "electronic flight bag," replacing 16kg (35lb) of paper manuals which pilots are typically required to carry on flights. In some cases, the flights had to return to the gate to access Wi-Fi to fix the issue.
Bug

RealTek SDK Introduces Vulnerability In Some Routers 35

Posted by Soulskill
from the won't-fix dept.
jones_supa writes: SOHO routers from manufacturers including at least Trendnet and D-Link allow attackers anywhere in the world to execute malicious code on the devices, according to a security advisory issued over the weekend. The remote command-injection vulnerability resides in the "miniigd SOAP service" as implemented by the RealTek SDK. Before someone asks, there is no comprehensive list of manufacturers or models that are affected. Nerds may be able to spot them by using the Metasploit framework to query their router. If the response contains "RealTek/v1.3" or similar, the device is likely vulnerable. For now, the vulnerable routers should be restricted to communicate only with trusted devices. HP's Zero Day Initiative reported the bug confidentially to RealTek in August 2013, but the issue was disclosed 20 months later as no fix has been provided.
Security

New Zero Day Disclosed In WordPress Core Engine 89

Posted by Soulskill
from the pressing-words-is-risky-business dept.
Trailrunner7 writes: WordPress security issues have for the most part involved a vulnerable plug-in, but a Finnish researcher has disclosed some details on a zero-day vulnerability he discovered in the WordPress 4.2 and earlier core engine that could lead to remote code execution on the webserver. Juoko Pynnonen of Klikki Oy reported a new and unpatched stored cross-site scripting vulnerability in the platform; a similar bug was patched this week by WordPress developers, but only 14 months after it was reported. The vulnerability allows an attacker to inject JavaScript in the WordPress comment field; the comment has to be at least 66,000 characters long and it will be triggered when the comment is viewed, Pynnonen said.

"An unauthenticated attacker can store JavaScript on WordPress pages and blog posts. If triggered by an administrator, this leads to server-side code execution under default settings," Pynnonen said. "A usable comment form is required. It looks like the script is not executed in the admin Dashboard, but only when viewing the post/page where the comment was entered. If comment moderation is enabled (the default setting) then the comment won't appear on the page until it has been approved by an admin/moderator. Under default settings, after one 'harmless' comment is approved, the attacker is free from subsequent moderation and can inject the exploit to several pages and blog posts."
Google

Google Officially Discontinues Nexus 7 Tablet 160

Posted by samzenpus
from the end-of-the-road dept.
An anonymous reader writes: Google's 7-inch tablet has disappeared from the Google Store, where a note in red type simply states that the device is no longer available for purchase. "The Nexus 7 was first released back in 2013, so it's fair to say it had a good run. The Android-based tablet received great reviews, but what really made it a long-term success was the fact that it was affordable and continually received updates from Google. Manufactured by Asus, the Nexus 7 was even treated to Android Lollipop, the latest version of the operating system, although not with bug-free results. The discontinuation shouldn't come as a big surprise, however, as Google pulled a similar move back in March with the Nexus 5 smartphone, not to mention the Nexus 9 tablet's release last fall."
Security

Microsoft Opens Vulnerability Bounty Program For Spartan Browser 53

Posted by timothy
from the why-not-leave-the-code-to-survive-infancy-alone? dept.
jones_supa writes: As it did in the past when it tried to make Internet Explorer more secure, Microsoft has launched a new bug bounty program for Spartan browser, the default application of Windows 10 for surfing the information highway. A typical remote code execution flaw can bring between $1,500 and $15,000, and for the top payment you also need to provide a functioning exploit. The company says that it could pay even more than that, if you convince the jury on the entry quality and complexity. Sandbox escape vulnerabilities with Enhanced Protected Mode enabled, important or higher severity vulnerabilities in Spartan or its engine, and ASLR info disclosure vulnerabilities are also eligible. If you want to accept the challenge, Microsoft provides more information on how to participate.
Windows

Buggy Win 95 Code Almost Wrecked Stuxnet Campaign 93

Posted by timothy
from the when-governments-attack dept.
mask.of.sanity writes: Super-worm Stuxnet could have blown its cover and failed its sabotage mission due to a bug that allowed it to spread to ancient Windows boxes, malware analysts say. Stuxnet was on the brink of failure thanks to buggy code allowing it to spread to PCs running older and unsupported versions of Windows, and probably causing them to crash as a result. Those blue screens of death would have raised suspicions at the Natanz nuclear lab.
Bug

Groupon Refuses To Pay Security Expert Who Found Serious XSS Site Bugs 148

Posted by samzenpus
from the pay-the-man dept.
Mark Wilson writes: Bounty programs benefit everyone. Companies like Microsoft get help from security experts, customers gain improved security, and those who discover and report vulnerabilities reap the rewards financially. Or at least that's how things are supposed to work. Having reported a series of security problems to discount and deal site Groupon, security researcher Brute Logic from XSSposed.org was expecting a pay-out — but the site refuses to give up the cash. In all, Brute Logic reported more than 30 security issues with Groupon's site, but the company cites its Responsible Disclosure policy as the reason for not handing over the cash.