harrysintonen

joined 2 years ago
 

#OpenSSH client is vulnerable to MitM attacks if VerifyHostKeyDNS is enabled - https://www.openwall.com/lists/oss-security/2025/02/18/1

#CVE_2025_26465 #coordinateddisclosure #infosec #cybersecurity

 

#Nordnet - nordic digital platform for savings and investments - had an issue where people could see each others information. The website has been taken down for now.

https://www.nordnet.fi/

#infosec #infosecurity #cybersecurity #privacy

 

Another reminder to keep your critical content out of the cloud - Do no trust someone else's computer.

https://www.msn.com/en-us/news/technology/uk-orders-apple-to-let-it-spy-on-users-encrypted-accounts/ar-AA1yzETB

#apple #icloud #privacy

 

In my youth I wrote m68k assembly programs with tens of thousands of lines and speed optimized every section of the code, even initialization/cleanup executed exactly once. It was very very silly. It was a lot of fun.

#development #assembly #coding #programming

[–] [email protected] 3 points 2 months ago

The latest curl version 8.12.0 (released today) is affected.

 

#cURL doesn't validate SSH host identity if known_hosts file is missing. I think this is a #vulnerability, but the project disagrees. Advisory is here: https://sintonen.fi/advisories/curl-ssh-insufficient-host-identity-verification.txt

#infosec #cybersecurity #nocve

[–] [email protected] 1 points 2 months ago

The details of the #AMD Microcode Signature Verification #Vulnerability are out:

#infosec #infosecurity #cybersecurity

[–] [email protected] 1 points 2 months ago

In total surprise to no one, #NVIDIA #RTX5080 card is just "meh": https://www.youtube.com/watch?v=sEu6k-MdZgc

 

Easy prediction: Lesser #NVIDIA 5000 series graphics cards will suck since multi frame generation won't really help due to increased latency (not to mention the added artifacting). Unfortunately it's likely that many non-experts will drink the NVIDIA "RTX4070 better than RTX4090" kool-aid.

https://youtu.be/B_fGlVqKs1k "Hardware Unboxed - Is DLSS 4 Multi Frame Generation Worth It?"

#gaming #dlss #framegeneration

 

Warning: Do not trust *.g.co urls! #GoogleWorkspace domain verification seems to be quite lax and allow arbitrary .g.co to be created. This allows for extremely convincing #phishing to be performed where all communication appears to be coming from "google".

ref. https://gist.github.com/zachlatta/f86317493654b550c689dc6509973aa4

#infosec #cybersecurity

[–] [email protected] 3 points 2 months ago

So what could you do if the microcode signature verification can be bypassed? While not directly applicable, this #defcon presentation "DEF CON 31 - Backdoor in the Core - Altering Intel x86 Instruction Set at Runtime - Krog, Skovsende" gives some ideas: https://www.youtube.com/watch?v=Zda7yMbbW7s

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago)

@gabrielesvelto Yeah, information for that vulnerability is non-existent as well. In all the vulnerability management doesn't seem to be going great here.

Update: The "PeCoffLoader memory overflow issue for security" likely is CVE-2024-38796: https://nvd.nist.gov/vuln/detail/cve-2024-38796

 

Apparently there's a major #vulnerability in #AMD CPUs: "AMD Microcode Signature Verification Vulnerability."

The vulnerability was leaked by #ASUS in their beta BIOS changelog:

https://web.archive.org/web/20250106151231/https://rog.asus.com/motherboards/rog-strix/rog-strix-x870-i-gaming-wifi/helpdesk_bios/

ASUS has since removed this entry from the changelog since it likely broke the embargo. Either way, this is not great as the new firmware is largely not yet available and likely won't be for a long while.

#infosec #cybersecurity

 

If you're using #Adobe #Acrobat you might want to check if your organization allows use of the by default enabled generative AI features: Acrobat sends the documents to cloud for processing, which likely goes against the data #privacypolicy of many orgs.

If unsure, go to Preferences > Generative AI and deselect "Enable generative AI features in Acrobat".

https://helpx.adobe.com/acrobat/using/disable-generative-ai.html

#privacy #defaults #enshittification

[–] [email protected] 5 points 3 months ago

I had actually forgotten I still had Docker installed on this system. I've now fixed this issue by uninstalling the malicious app. I'm using #podman elsewhere already, just had this install lingering still. Apple: Thanks for the warning!

[–] [email protected] 4 points 3 months ago (1 children)

@[email protected] Oof, that's not good at all.

 

Apparently #macOS now considers #Docker malware.

#infosec #cybersecurity

 

The #Volkswagen #geolocation leak is a great example of why I am such a Luddite when it comes to sharing data with companies. I use as few cloud services as possible (for example, with Apple, I only use the "Find My" service from iCloud).

Even if you make an informed decision to share your data with a company, the data can still leak by accident or through a system compromise. The unfortunate fact is that these days, many services are made difficult or even impossible to use without accepting excessive data sharing.

https://www.carscoops.com/2024/12/vw-group-data-breach-exposed-location-info-for-800000-evs/

#privacy #GDPR #infoleaks #volksdaten

 

The white whale CRT, 43" #Sony KX-45ED1 / PVM-4300 found, rescued and restored. The adventure is lovingly documented in this great #shankmods video: https://www.youtube.com/watch?v=JfZxOuc9Qwk

#technology #crt #retrogaming

[–] [email protected] 1 points 4 months ago (1 children)

@[email protected] it's restricted for other than macOS, it seems. In macOS it worked fine with location in Finland.

[–] [email protected] 1 points 4 months ago

So far all my Apple Intelligence tests have been using a local model. The privacy report from Setting > Privacy & Security > Apple Intelligence Report > Export Activity generates JSON with:

{
"modelRequests": [],
"privateCloudComputeRequests": []
}

#appleintelligence #privacy

[–] [email protected] 1 points 4 months ago (3 children)

@[email protected] Really? It works for me and I'm in Finland, part of European Union. My account is indicates this as well.

[–] [email protected] 1 points 4 months ago

@[email protected] Nah, but there's another booze bottle in the game that is exact same alcvol as Koskenkorva. They are of course actively avoiding trademark issues by creating their own labels and trademarks for items.

[–] [email protected] 1 points 4 months ago

Here's a way to check if the #Spotlight searches are being shared with #Apple from the command line:

defaults read com.apple.assistant.support "Search Queries Data Sharing Status"

The values are:

1 - Enabled (data is being shared)
2 - Disabled (data is not shared)

NOTE: I do not know if there are other possible values, or what happens if the key is missing.

view more: ‹ prev next ›