Show Notes: selfhosted.show/22

The post Slow Cooked Servers | Self-Hosted 22 first appeared on Jupiter Broadcasting.

Show Notes: selfhosted.show/10

The post Compromised Cameras | Self-Hosted 10 first appeared on Jupiter Broadcasting.

Show Notes: selfhosted.show/6

The post Low Cost Home Camera System | Self-Hosted 6 first appeared on Jupiter Broadcasting.

Show Notes: selfhosted.show/1

The post The First One | Self-Hosted 1 first appeared on Jupiter Broadcasting.

Show Notes: error.show/50

The post Understand The Hype | User Error 50 first appeared on Jupiter Broadcasting.

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: Linux Academy

Converting a MIddle School to Linux

OBS – Open Broadcaster Software

OBS Studio (formerly known as OBS Multiplatform) is a complete rewrite of the original OBS from the ground up, with the main goals being multiplatform support, a more thorough feature set, and a much more powerful API. While still in its early stages, releases are currently available for Windows, Mac and Linux.

ZeeVee TV

ZeeVee is leading the way in developing video distribution platforms that ensure the highest quality video – on any display device – leveraging existing or new cable infrastructure.
ZeeVee engineers and manufactures innovative products that challenge the status quo and leverage industry standards to distribute HD to Ultra-HD/4K video. Simply and Rapidly.
ZeeVee is leading convergence of AV and IP, bringing to market innovative, cost effective and easy to install IP video distribution platforms.

• Global manufacturer of video and signal distribution technology for ProAV and IT markets
• Only manufacturer today that can deliver multimedia content across any network – coax, fiber, and CATx and from any source – HDMI, component, composite, VGA or HD-SDI
• Award-winning SD to HD to Ultra-HD/4K solutions delivering innovative, cost effective and easy to install distribution platforms
• World-class customer support (pre and post sale)
• ZeeVee is installed in thousands of facilities worldwide, across multiple industries, where there is a need to transport HD to Ultra-HD/4K video
• Made in the United States
• Industry leading warranties
• Robust features are included in every ZeeVee model

Logitech C920

Connect with everyone in Full HD 1080p on Skype, or in fluid HD 720p on FaceTime for Mac.

Also make high-quality video calls with Google Hangouts and video-calling clients. Even chat with your Facebook® friends with video calling powered by Skype or Facebook Messenger.

• Logitech C930e

6 Best Linux Distributions For Educational Use – LinuxAndUbuntu

For those in Education, there are quite a number of specialized Linux distributions that are geared towards education.

— PICKS —

Runs Linux

Real-Time Graphics in Pixar Film Production, Runs Linux

• Thanks to Eno_ who Spotted this and submitted it right away

Desktop App Pick

peek: Simple animated Gif screen recorder for GNOME 3

A simple tool that allows you to record short animated GIF images from your screen.

Currently only Linux with X11 is supported. Other Unix like systems using X11
should work as well. It is planned to also support Wayland and maybe other
operating systems in the future.

Spotlight

micro: A modern and intuitive terminal-based text editor

Micro is a terminal-based text editor that aims to be easy to use and intuitive, while also taking advantage of the full capabilities
of modern terminals. It comes as one single, batteries-included, static binary with no dependencies, and you can download and use it right now.

New Linux Show: User Error

• User Error | Jupiter Broadcasting

— NEWS —

• Ting data price drop
• Ting drops data prices to $10 GB beyond the first gig

​Florida Man Arrested for Allegedly Hacking Key Linux Servers | Motherboard

A_ustin allegedly broke into several named servers, including “Odin1,” “Zeus1,” and “Pub3,” as well as Linux Kernel Organization founder Peter Anvin’s private email server, and installed the “Phalanx” rootkit—a backdoor that would allow him to connect to the infected computer and install additional software on the target—and the “Ebury” trojan, which harvested credentials of those logging into the infected computer. He also allegedly used his unauthorized administrative privileges to insert messages that would display when the servers restarted._

• Bloke accused of Linux kernel.org hack nabbed during traffic stop • The Register

Austin was released from jail on payment of $50,000 in bail money, and will have to appear in court in San Francisco at 0930 on September 21 before the Honorable Sallie Kim. If found guilty, he faces a possible sentence of 40 years in prison and $2m in fines.

Linux.Rex.1, a new Linux Trojan the creates a P2P BotnetSecurity Affairs

The botnet composed of machines infected by the Linux.Rex.1 is a P2P botnet, each node of the malicious network is able to share data with peers by using a protocol implemented by the malware authors.

• Linux.Rex.1

A multifunctional self-replicating Trojan for Linux written in Go. The Trojan implements the ВРЕ protocol to share data with other P2P botnet’s nodes and is launched as a node that receives and processes RPC messages. Probably, this malware program’s modification is still under development because it generates a large number of debugging messages recorded to the /dev/null device.

OpenOffice, after years of neglect, could shut down

As LibreOffice soars, OpenOffice management considers retiring the project.

GNOME web-API dependent apps have another run-in with changing services

GNOME Maps and GNOME Weather have both recently had bad luck with online service providers who either discontinues or changes data APIs with crippling results for their users. Maybe it’s time to acknowledge that APIs are unstable and unreliable, and build for expectation of failure instead.

PC-BSD Evolves into TrueOS

We are proud to announce that the PC-BSD project has evolved into TrueOS: a modern, cutting-edge distribution of FreeBSD focused on security, simplicity, and stability for desktops, servers, and beyond! TrueOS harnesses the best elements of PC-BSD, combines it with security technologies from OpenBSD, and layers it on top of FreeBSD to provide a complete system for modern machines.

FreeNAS 10-BETA is Now Available!

Mail Bag

• https://slexy.org/view/s2D4l86gIO

• https://slexy.org/view/s2KR8IUt4F

• https://slexy.org/view/s2MfqaYkJO

@ChrisLAS what was the lightbulb that the listener sent you that doesn't require internet connection? Can't find in the show notes

— biffbiffbiff (@biffbiffbiff) August 30, 2016

Call Box

• Chris’ call out for the community to help him with his background

Catch the show LIVE SUNDAY:

• Noon Pacific
• https://jblive.tv
• Network Calendar

— CHRIS’ STASH —

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux
• Ryan Sipes – ryanleesipes
• System76 – system76

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

The post Linux Gets Schooled | LAS 433 first appeared on Jupiter Broadcasting.

Project Zero lays into Symantec’s enterprise products, the botnet you’ll never find & the poor security of HTML5 video ads.

Plus your questions, our answers & much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Google’s Project Zero lays into Symantec’s Enterprise Endpoint Security products

• “Symantec is a popular vendor in the enterprise security market, their flagship product is Symantec Endpoint Protection. They sell various products using the same core engine in several markets, including a consumer version under the Norton brand.”
• “Today we’re publishing details of multiple critical vulnerabilities that we discovered, including many wormable remote code execution flaws.”
• “These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”
• “As Symantec use the same core engine across their entire product line, all Symantec and Norton branded antivirus products are affected by these vulnerabilities, including:”
• Norton Security, Norton 360, and other legacy Norton products (All Platforms)
• Symantec Endpoint Protection (All Versions, All Platforms)
• Symantec Email Security (All Platforms)
• Symantec Protection Engine (All Platforms)
• Symantec Protection for SharePoint Servers
• And so on.
• “Some of these products cannot be automatically updated, and administrators must take immediate action to protect their networks. Symantec has published advisories for customers, available here.”
• “Many developers will be familiar with executable packers like UPX, they’re tools intended to reduce the size of executables by compressing them. This causes a problem for antivirus products because it changes how executables look.”
• Packers can be designed to obfuscate the executable, and make it harder for virus scanners to match against their signature database, or heuristically detect bad code
• “Antivirus vendors solve this problem with two solutions. First, they write dedicated unpackers to reverse the operation of the most common packers, and then use emulation to handle less common and custom packers.”
• “The problem with both of these solutions is that they’re hugely complicated and prone to vulnerabilities; it’s extremely challenging to make code like this safe. We recommend sandboxing and a Security Development Lifecycle, but vendors will often cut corners here. Because of this, unpackers and emulators continue to be a huge source of vulnerabilities, we’ve written about examples in Comodo, ESET, Kaspersky, Fireeye and many more.”
• “Let’s look at an example from Symantec and Norton Antivirus. This vulnerability has an unusual characteristic: Symantec runs their unpackers in the Kernel!”
• “Reviewing Symantec’s unpacker, we noticed a trivial buffer overflow when a section’s SizeOfRawData field is greater than SizeOfImage. When this happens, Symantec will allocate SizeOfImage bytes and then memcpy all available data into the buffer.”
• “This was enough for me to make a testcase in NASM that reliably triggered Symantec’s ASPack unpacker. Once I verified this work with a debugger, building a PE header that mismatched SizeOfImage and SizeOfRawData would reliably trigger the vulnerability.”
• “Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it – the victim does not need to open the file or interact with it in anyway. Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences to Norton and Symantec customers.”
• “An attacker could easily compromise an entire enterprise fleet using a vulnerability like this. Network administrators should keep scenarios like this in mind when deciding to deploy Antivirus, it’s a significant tradeoff in terms of increasing attack surface.”
• There is also a buffer overflow in the Power Point decomposer (used to check for macros etc)
• There is another vulnerability in “Advanced Heuristic Protection” or “Bloodhound Heuristics” mode
• “As with all software developers, antivirus vendors have to do vulnerability management. This means monitoring for new releases of third party software used, watching published vulnerability announcements, and distributing updates.”
• “Nobody enjoys doing this, but it’s an integral part of secure software development. Symantec dropped the ball here.”
• “A quick look at the decomposer library shipped by Symantec showed that they were using code derived from open source libraries like libmspack and unrarsrc, but hadn’t updated them in at least 7 years.”
• “Dozens of public vulnerabilities in these libraries affected Symantec, some with public exploits. We sent Symantec some examples, and they verified they had fallen behind on releases.”
• There is “behind” and then there is 7 years, which is pretty much “definitely didn’t bother to look at all”
• “As well as the vulnerabilities we described in detail here, we also found a collection of other stack buffer overflows, memory corruption and more.”
• Additional Coverage: Fortune.com
• Additional Coverage: Ars Technica

Botnet made up to CCTV Cameras and DVRs conducts DDoS attacks

• As we reported in TechSNAP #259 a security research found that 70 different CCTV-DVR vendors are just reselling devices from the same Chinese manufacturer, with the same firmware
• This firmware has a number of critical security flaws that the vendor was notified about, but refused to fix
• Original coverage from March
• Now criminals have exploited one or more of these known vulnerabilities to turn these devices into a large botnet
• Unlike a typical botnet made up of personal computers that are turned on and off at random, and where a user might notice sluggish performance, infected embedded devices tend to be always on, and performance issues are rarely noticed
• A botnet of over 25,000 of these CCTV systems is being used to conduct layer7 DDoS attacks against various businesses
• One of the victims, a Jewelry store, moved their site behind a WAF (Web Application Firewall), to protect it from the attack
• Unlike most attackers, instead of admitting defeat and moving on, the attacker stepped up the attack, and prolonged it for multiple days
• Most botnets lose strength the longer the attack is sustained, because infected machines are shutdown, isolated, reported, or disconnected.
• The fact that this botnet is made up of embedded CCTV devices gives it more staying power, and it is not likely to be considered the source of the problem if abuse reports do come in.

Security of HTML5 Video Ads

• For a long time many have railed against Flash, and accused it of being the root of all evil when it comes to Malvertising
• “For the last several years, Adobe Flash has been an enemy of the online community. In general, the position is well deserved: there were more than 300 vulnerabilities found in Flash Player during 2015 alone, making it the most vulnerable PC software of the year.”
• This study provides a comparison between Flash and HTM5 based advertisements
• Flash ads tend to be smaller. HTML5 ads also on average 100kb larger, using more bandwidth, which on mobile can be a big deal
• Flash ads may be more work to create, since they are not responsive, and a different file must be created for each different ad size
• HTML5 ads do not require a plugin to run, but older browsers do not support them. This is becoming less of an issue the number of aged devices dwindles
• Flash ads tend to provide better picture quality, due to sub-pixel support
• HTML5 provides better mobile support, where Flash on mobile is rare
• There is currently a larger community of Flash developers, but this is changing
• HTML5 is not controlled by a single entity like Adobe
• Flash provides better optimization
• HTML5 provides better usability and semantic support
• This study finds that killing off Adobe Flash will not solve the security problems, HTML5 has plenty of its own security issues
• “Even if Flash is prohibited, malvertising can still be inserted in the first two stages of video ad delivery.”
• “The proponents pushing for Flash to be prohibited from use in an ad creative are saying that HTML5 is the remedy that can handle security threats in the advertising industry. It stands to reason that if the ad unit itself is clean, then the user won’t have any problems. Unfortunately, this is an inaccurate statement. Malvertising attacks using video ads were already occurring in late 2015 and early 2016.”
• A typical flash malvertising campaign, the ad calls the flash externalCall interface, and runs some malicious javascript, creating a popup, that if you user accepts, may infect their computer
• In an HTML5 based attack, the malvertising campaign payload is not in the actual advertisement, but in the VAST/VPAID metadata, as the tracking url. This silently navigates the user to an Angler exploit kit, where they are infected with no required user interaction
• “the second scenario shows how the ad unit itself is not the only piece of the malvertising pie”
• “The main root of the video ad malvertising problem is, unfortunately, fundamental. VAST/VPAID standards, developed in 2012, provide extensive abilities so that ad industry players can create a rich ad experience.”
• “Since these standards allow advertisers to receive data about the user, they allow for third-party codes to be inserted inside the ad. Once a third-party code is allowed, there is an open door for bad actors to perpetrate malicious activities, i.e. insert malicious code.”
• “Now that we have debunked the idea that malvertising would be eliminated if the industry prohibited the use of Flash in their ads, let’s discuss solutions.”
• Even if malicious ads could be eliminated by better screening, malactors can compromise the ad network, and inject the malicious ads there
• In the end, maybe we need to stop allowing advertisements to have the ability to execute code
• Does anyone remember when advertisements were just animated .gif files?

Feedback:

• Jason

• Rob

• Ray –

• TheCloudisaLie

Round Up:

• Google’s giant new trans-Pacific internet cable goes online Thursday
• Vacationing Security Researcher finds skimmer in the wild
• Resold hard drives on eBay, Craigslist are often still ripe with leftover data
• Google CEO Sundar Pichais has Quota account hacked by “OurMine”
• FBI’s use of Tor exploit is like peering through “broken blinds”
• NASCAR team pays ransomware fee of $500 to recover 2 million dollar design files
• Chrome DRM bug makes it easy to download streaming video
• Java, PHP, NodeJS, and Ruby exposed to Swagger vulnerability
• Bits, Please!: QSEE privilege escalation vulnerability and exploit (CVE-2015-6639)
• Video: Lecture 13 – How to Build an Insecure System out of Perfectly Good Cryptography
• DoJ report: less than a quarter of one percent of wiretaps encounter any crypto
• Exfiltrate data from an air-gapped computer by modulating the fan speed — Fansmitter
• Microsoft to make saying no to Windows 10 update easier
• IRS kills off doomed PIN authentication method early. Authentication with your last years adjusted gross income to remain standard
• Javascript 7th edition released
• StartEncrypt had design, get a certificate for dropbox or github by faking API calls

The post Make Ads GIF Again | TechSNAP 273 first appeared on Jupiter Broadcasting.