emhmki.org RSS news feed http://emhmki.org/ Technology news feed. http://emhmki.org/feed/images/emhmki.ico emhmki.ico http://emhmki.org/ NGO “Broadband for America” utilized in astroturfing campaign funded by internet broadband corporations during the FCC Repeal Net Neutrality Proceedings of 2017 https://ag.ny.gov/sites/default/files/oag-fakecommentsreport.pdf Fri, 7 May 2021 10:50:00 CST New York State Office of the Attorney General Letitia James:

This report seeks to expose the hidden parties that are responsible for fake comments, the tactics they used, and the harms they caused, so that regulatory agencies and lawmakers can take steps to curb such abuse and provide law enforcement with the tools necessary to hold accountable those who corrupt the democratic process. The report also proposes concrete reforms to enhance accountability and transparency, deter future misconduct, and restore public confidence in the participatory processes that give people a voice in how our government operates.

Read more here.

]]>
CISA: Apply Microsoft April 2021 Security Update to Mitigate Newly Disclosed Microsoft Exchange Vulnerabilities https://us-cert.cisa.gov/ncas/current-activity/2021/04/13/apply-microsoft-april-2021-security-update-mitigate-newly Wed, 14 Apr 2021 17:40:00 CST CISA:

Microsoft's April 2021 Security Update mitigates significant vulnerabilities affecting on-premises Exchange Server 2016 and 2019. An attacker could exploit these vulnerabilities to gain access and maintain persistence on the target host. CISA strongly urges organizations to apply Microsoft's April 2021 Security Update to mitigate against these newly disclosed vulnerabilities. Note: the Microsoft security updates released in March 2021 do not remediate against these vulnerabilities.

Read more here.

]]>
OpenSSL Security Advisory: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450) https://www.openssl.org/news/secadv/20210325.txt Fri, 26 Mar 2021 07:16:00 CST OpenSSL Security Advisory:

Severity: High

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default.

Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check.

An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates.

If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application.

In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose.

OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k.

OpenSSL 1.0.2 is not impacted by this issue.

This issue was reported to OpenSSL on 18th March 2021 by Benjamin Kaduk from Akamai and was discovered by Xiang Ding and others at Akamai. The fix was developed by Tomáš Mráz.

]]>
(External Video) Mob Mentality Threatens The Free Software Movement https://odysee.com/@DistroTube:2/mob-mentality-threatens-the-free:b Thu, 25 Mar 2021 09:21:00 CST Derek Taylor:

Richard Stallman recently announced on a video that he's back. He's back at the Free Software Foundation and is reinstated as a board member. And the haters are out in full force, actively trying to cancel Richard again. And not just Richard, the haters actually are trying to force the entire board of the FSF to resign.

Odysee video link.

]]>
CISA: TrickBot Malware Alert (AA21-076A) https://us-cert.cisa.gov/ncas/alerts/aa21-076a Sat, 20 Mar 2021 12:24:00 CST CISA:

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have observed continued targeting through spearphishing campaigns using TrickBot malware in North America. A sophisticated group of cybercrime actors is luring victims, via phishing emails, with a traffic infringement phishing scheme to download TrickBot.

Read more here.

]]>
The Ulysses Group, LLC - Telematics Intelligence Executive Summary. https://assets.documentcloud.org/documents/20515640/ulysses-document.pdf Sat, 20 Mar 2021 11:35:00 CST I’ve been expecting a surveillance system like the Ulysses Group proposes to role out any year now, at least since 2015. It was supposed to have happened before 2020, but there were some technical delays from the OEM’s, a period of consumer adoption, and a pandemic.

If you own or have acquired a modern vehicle since 2013, then there’s a good chance it is equipped with a Telemetics Unit (TMU) and cellular radio. If the car was acquired brand-new, then it would have included a free temporary service contract with a connected vehicle system (CVS.)

  • myAudi
  • AcuraLink
  • Connected Drive (BMW)
  • myCadillac
  • myChevrolet
  • Uconnect Access
  • SYNC Connect (Ford)
  • GENESIS connected services (Hyundai) Also know as Blue Link.
  • myGMC
  • HondaLink
  • UVO (Kia)
  • Lexus Enform Remote
  • Mazda Mobile Start
  • mbrace (Mercedes)
  • Mitsubishi Connect
  • NissanConnect
  • STARLINK (Subaru)
  • Tesla
  • Toyota Remote Connect
  • Volvo On Cal
  • Car-Net (Volkswagen)

These systems provide some enticing yet superficial technical features that the customer can interact with from a mobile phone application. The features are mostly non-critical to the vehicles operation (Tesla and other network dependent vehicles making the exception.)

The TMU system can collect car information such as performance, sensor diagnostics, user generated interactions and habits, and car location details.

The collected information is transmitted through embedded cellular radios operating over LTE networks. This level of connectivity is known as V2X “Vehicle to Everything” which generally encompasses V2I (Vehicle to Infrastructure), V2V (Vehicle to Vehicle), V2C (Vehicle to Cloud), and V2P (Vehicle to Pedestrian).

The cost in running such a service is afforded by the OEM through customer subscription plans and selling customer data to marketing aggregators, insurance providers, and soon to be (for the USA at least) military ISTAR units.

Example image of a Telemetics Unit from a Hyundai vehicle. (Some units are embedded into the infotainment system.)


Example image of an LTE modem and antenna from a Hyundai vehicle.



References

1. https://en.wikipedia.org/wiki/Connected_car

2. https://assets.documentcloud.org/documents/20515640/ulysses-document.pdf

3. https://www.govinfo.gov/content/pkg/FR-2018-12-26/pdf/2018-27785.pdf

4. https://fccid.io/ ]]> Scholars Under Surveillance: How Campus Police Use High Tech to Spy on Students https://www.eff.org/deeplinks/2021/03/scholars-under-surveillance-how-campus-police-use-high-tech-spy-students Fri, 12 Mar 2021 20:40:00 CST EFF - Dave Maass:

It may be many months before college campuses across the U.S. fully reopen, but when they do, many students will be returning to a learning environment that is under near constant scrutiny by law enforcement.

Read more here.

]]>
Jonah Edwards - Internet Archive Infrastructure https://archive.org/details/jonah-edwards-presentation Thu, 04 Mar 2021 18:04:00 CST Presentation to Internet Archive staff

Read more here.

]]>
CISA: Mitigate Microsoft Exchange Server Vulnerabilities https://us-cert.cisa.gov/ncas/alerts/aa21-062a Thu, 04 Mar 2021 10:40:00 CST CISA Alerts:

This Alert includes both tactics, techniques and procedures (TTPs) and the indicators of compromise (IOCs) associated with this malicious activity. To secure against this threat, CISA recommends organizations examine their systems for the TTPs and use the IOCs to detect any malicious activity. If an organization discovers exploitation activity, they should assume network identity compromise and follow incident response procedures. If an organization finds no activity, they should apply available patches immediately and implement the mitigations in this Alert

Read more here.

]]>
The Document Foundation: Announcing LibreOffice New Generation https://blog.documentfoundation.org/blog/2021/01/29/announcing-libreoffice-new-generation/ Fri, 29 Jan 2021 21:54:00 CST Read more here.

]]>
NSA: Adopting Encrypted DNS in Enterprise Environments. https://media.defense.gov/2021/Jan/14/2002564889/-1/-1/0/CSI_ADOPTING_ENCRYPTED_DNS_U_OO_102904_21.PDF Sat, 21 Jan 2021 13:37:00 CST From the NSA Cybersecurity advisory.

[Download PDF]

]]>
Joint Statement by the FBI, CISA, ODNI, and the NSA - Solar Winds https://www.cisa.gov/news/2021/01/05/joint-statement-federal-bureau-investigation-fbi-cybersecurity-and-infrastructure Tue, 6 Jan 2021 11:29:00 CST On behalf of President Trump, the National Security Council staff has stood up a task force construct known as the Cyber Unified Coordination Group (UCG), composed of the FBI, CISA, and ODNI with support from NSA, to coordinate the investigation and remediation of this significant cyber incident involving federal government networks. The UCG is still working to understand the scope of the incident but has the following updates on its investigative and mitigation efforts... Read more here.

]]>
Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data. https://us-cert.cisa.gov/ncas/alerts/aa20-345a Tue, 15 Dec 2020 12:53:00 CST The FBI, CISA, and MS-ISAC have received numerous reports of ransomware attacks against K-12 educational institutions. In these attacks, malicious cyber actors target school computer systems, slowing access, and—in some instances—rendering the systems inaccessible for basic functions, including distance learning. Adopting tactics previously leveraged against business and industry, ransomware actors have also stolen—and threatened to leak—confidential student data to the public unless institutions pay a ransom.

According to MS-ISAC data, the percentage of reported ransomware incidents against K-12 schools increased at the beginning of the 2020 school year. In August and September, 57% of ransomware incidents reported to the MS-ISAC involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July.

The five most common ransomware variants identified in incidents targeting K-12 schools between January and September 2020—based on open source information as well as victim and third-party incident reports made to MS-ISAC—are Ryuk, Maze, Nefilim, AKO, and Sodinokibi/REvil.

]]>
Emergency Directive 21-01: SolarWinds Orion Code Compromise https://cyber.dhs.gov/ed/21-01/ Mon, 14 Dec 2020 02:08:00 CST SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems.

]]>
CentOS founder Gregory Kurtzer to start new rebuild of RHEL https://github.com/rocky-linux/rocky Wed, 9 Dec 2020 12:05:00 CST Rocky Linux is a community enterprise Operating System designed to be 100% bug-for-bug compatible with Enterprise Linux, now that CentOS has shifted direction.

]]>
CentOS Project shifts focus to CentOS Stream (RIP in pepperoni CentOS) https://lists.centos.org/pipermail/centos-announce/2020-December/048208.html Tue, 8 Dec 2020 12:05:00 CST

The future of the CentOS Project is CentOS Stream, and over the next year we’ll be shifting focus from CentOS Linux, the rebuild of Red Hat Enterprise Linux (RHEL), to CentOS Stream, which tracks just ahead of a current RHEL release. CentOS Linux 8, as a rebuild of RHEL 8, will end at the end of 2021. CentOS Stream continues after that date, serving as the upstream (development) branch of Red Hat Enterprise Linux. Meanwhile, we understand many of you are deeply invested in CentOS Linux 7, and we’ll continue to produce that version through the remainder of the RHEL 7 life cycle. https://access.redhat.com/support/policy/updates/errata/#Life_Cycle_Dates

CentOS Stream will also be the centerpiece of a major shift in collaboration among the CentOS Special Interest Groups (SIGs). This ensures SIGs are developing and testing against what becomes the next version of RHEL. This also provides SIGs a clear single goal, rather than having to build and test for two releases. It gives the CentOS contributor community a great deal of influence in the future of RHEL. And it removes confusion around what “CentOS” means in the Linux distribution ecosystem.

When CentOS Linux 8 (the rebuild of RHEL8) ends, your best option will be to migrate to CentOS Stream 8, which is a small delta from CentOS Linux 8, and has regular updates like traditional CentOS Linux releases. If you are using CentOS Linux 8 in a production environment, and are concerned that CentOS Stream will not meet your needs, we encourage you to contact Red Hat about options.

We have an FAQ - https://centos.org/distro-faq/ - to help with your information and planning needs, as you figure out how this shift of project focus might affect you.

See also: Red Hat's perspective on this.

https://www.redhat.com/en/blog/centos-stream-building-innovative-future-enterprise-linux

]]>