Pages

Monday, January 4, 2016

News: Tutorials with node.js and jpm.

Dear friends,
... today I started a new series of tutorials.
The subject from this is firefox add-ons with node.js.
Into this tutorial, we can see the first steps to make one unsigned default addon.
I used Windows OS, but also you can install under Linux OS easy node.js.
Most of Linux users can know how to do it.
The first tutorial is here.
Thank you. Best regards.

 



News: OpenBSD and Nightly Mozilla Firefox security.

W^X ("Write XOR Execute"; spoken as W xor X[1]) is the name of a security feature present in the OpenBSD operating system. It is a memory protection policy whereby every page in a process' address space is either writable or executable, but not both simultaneously. from wikipedia.

The new Nightly Mozilla Firefox comes with enabled the security feature W^X.
Also will be it available to other versions of its web browser once they are upgraded to version 46.
The implementation of W^X makes all Just in Time ( named JIT) code page working with the browser.
This will need to write to pages, a function needs to be called to explicitly make the page writable. Also, that will remove the execute flag at the same time. The good thing is the permissions for memory pages which allows the compiler to patch code without performance overhead.

Wednesday, December 30, 2015

Joanna Rutkowska talk on the 32C3 streaming site.

Joanna Rutkowska covered the last few decades of security on computers.
You can see Joanna Rutkowska 32c3 streaming media.

Tuesday, December 29, 2015

Nemesis Bootkit Malware the new stealthy Payment Card.

After I read many articles I got this infos about Nemesis Bootkit Malware:
 - suspected to originate from Russia;
 - infect PCs by loading before Windows starts
 - has ability to modify the legitimate volume boot record;
 - seam to be like another Windows rootkit named Alureon;
 - intercepts several system interrupts to pass boot process;
 - can steal payment data from anyone's not just targeting financial institutions and retailers;
 - this malware hides between partitions and is also almost impossible to remove;

I think about the antivirus and internet security solutions can deal with this type of issues.

Take a look at how fast working the scan disk and how it's working the memory traps, how it's working the booting process or maybe try to see how selinux works.
In my opinion these Antivirus and Internet security solutions are just not effective in design and heuristic detection.
Most of that the prices of this softwars is huge versus non make anything all.

Maybe will see into the future a mega malware wich jump from first boot to any operating system and this because the hardware is more complex and fast.

Thursday, December 24, 2015

How to fix Grub2 bootloader flaw.

According to researchers Ismael Ripoll and Hector Marco,who wrote this article:

A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). And so, the attacker may take control of the computer.

Just hit the backspace key 28 times at the Grub username prompt during power-up.
This will open a Grub rescue shell with the rescue shell allows unauthenticated access to a computer and the ability to load another environment.
The Grub versions 1.98 to 2.02 are affected and suffer integer overflow problem.
The basic of the fault lies within two functions; the grub_password_get() function and the and grub_password_get() script.
To fix it use this patch.

Sunday, November 22, 2015

Ghostscript tutorial ...

Today I wrote a simple tutorial about Ghostscript under Windows 10.
Most parts of this tutorial can be used also with Linux - example only.
Also the part of stack working on Linux like Windows.
I will come also with one tutorial about Ghostscript and Linux only.
The tutorial can be found here.