CVE-2018-5407 “Portsmash”: New Intel CPU vulnerability helps steal data from encrypted content

… : New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data … :

“A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled.

The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities discovered in the past year, including Meltdown and Spectre, TLBleed, and Foreshadow.”

$34 billion: IBM buys Red Hat, “investment in hybrid cloud”

IBM acquires Red Hat | ZDNet as reported by my old friend Steven:

In an unexpected report, Bloomberg stated IBM is close to announcing that it will be acquiring Red Hat. The news has been confirmed. IBM is acquiring Red Hat for $190.00 per share in cash. This a total enterprise value of approximately $34 billion.”

“Rometty continued,”Most companies today are only 20 percent along their cloud journey, renting compute power to cut costs. The next 80 percent is about unlocking real business value and driving growth. This is the next chapter of the cloud. It requires shifting business applications to hybrid cloud, extracting more data and optimizing every part of the business, from supply chains to sales.”

… and Jim himself on the Red Hat blog

“We have barely scratched the surface of the opportunity that is ahead of us. Open source is the future of enterprise IT. We believe our total addressable market to be $73 billion by 2021. If software is eating the world – and with digital transformation occurring across industries, it truly is – open source is the key ingredient.

Powered by IBM, we can dramatically scale and accelerate what we are doing today. Imagine Red Hat with greater resources to grow into the opportunity ahead of us. Imagine Red Hat with the ability to invest even more and faster to accelerate open source innovation in emerging areas. Imagine Red Hat reaching all corners of the world, with even deeper customer and partner relationships than we have today. Imagine us helping even more customers benefit from the choice and flexibility afforded by hybrid and multi-cloud. Joining forces with IBM offers all of that, years ahead of when we could have achieved it alone. Together we can become the leading hybrid cloud solutions provider.”

Here’s the full press release by Red Hat … 

The challenges with the open-source model

Reality update: Open source and the demise of proprietary software – Timescale … :

The challenges with the open-source model

Developing a successful open-source project is not easy As we can see from its history, there has always been a tension in open source: e.g., philosophical licenses focused on preserving “freedom” vs. permissive licenses taking a pragmatic approach. But there are two larger tensions today: (1) how to balance openness with sustainability and (2) how to manage the transition to the cloud.

Remember Chinese Spy Chips? It’s complicated – and probably a hoax

Reality update: Hype um “chinesische Spionagechips” kommt vom Pentagon – fm4.ORF.at
Especially regarding:

Die Sensationsmeldung des Wirtschaftsportals Bloomberg über manipulierte Hardware für Cloud Computing stellt sich im FM4-Faktencheck als fast völlig faktenfrei heraus. Am Freitag kam ein langerwarteter Bericht des Pentagon heraus, der vor der Elektronikfertigung in China warnt. (…) Der Börsenkurs des Motherboard-Herstellers Supermicro wurde fast halbiert, etwa 500 Millionen Dollar an Börsenwert gingen verloren. (…) In Folge gingen auch völlig unbeteiligte Hardwarefertiger aus China in den Börsenkeller, Lenovo etwa notierte am Freitag bei minus 15 Prozent. Insgesamt gingen damit mehrere Milliarden Dollar an Börsenwert den großen Datenstrom hinunter, obwohl erst Supermicro, dann Amazon und Apple in scharfen Worten dementiert hatten. Diesen Dementis folgte noch ein weiteres und zwar von Bloomberg selbst, direkt am Ende des Artikels: „Auch Bloomberg LLP ist Kunde von Supermicro. Laut einem Sprecher des Unternehmens sind keine Indizien gefunden, dass die von Bloomberg benutzte Hardware solche Probleme aufweist, wie sie im Artikel beschrieben sind.”

Strange, um? 

A new approach to Security? Post-Infection Thread Hunting

Reality update: A New Paradigm For Cyber Threat Hunting … :

Threat hunting requires a shift to a post-infection mentality and sets of tools such as SIEM (security incident and event management), EDR (endpoint detection and response) and NDR (network detection and response). Even with these tools, threat hunting is a challenge for a variety of reasons. For one thing, these solutions are “heavy.” They require some kind of data collection that involves installing agents on endpoints and/or hardware placed on networks. This can get quite expensive for a large enterprise.

Do good and talk about it might bring you to jail in the US

Reality update: Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI … :

I do not think the whole story is clear yet, but my intuition tells me to doubt the US version of this story – and I know many people are thankful to Mr. Hutchins for stopping Wannacry, however accidentally that may have been. But what is going on in the court room here? I can’t tell. But the sad part is – as long as it remains unclear, this guy is another Snowden, locked away from home:  

Hutchins, who is living in Los Angeles on bail, is unable to leave the United States since last year due to his pending criminal charges. Hutchins stormed to fame and hailed as a hero earlier last year when he accidentally stopped a global epidemic of the WannaCry ransomware attack that crippled computers all across the world.

Vacation in Russia anybody? Your VPN may be forbidden – and you could be fined…

Reality update: Russia to Fine Search Engines for Linking to Banned VPN services … :

According to the bill, individuals who break the law will face fine of 3,000 to 5,000 rubles (approx. $48 to $80), officials will face fines up to 50,000 rubles (approx. $800), and legal entities could be fined 500,000 to 700,000 (nearly $8,019 to $11,227), reports Russian State Duma Government site.

Blokada – Efficient Filtering of Ads and Trackers on Android

This is one of the best tools for Google’s broken mobile OS I have ever found. Thanks to my deer friend Dmitri Popov, I am now blocking thousands of Ads I wasn’t even aware of. No root access required, a great tool. You will only need F-Droid for installation, because of course Google and the other big three don’t like this at all.

Side channel attacks via CSS in FF and Chrome…

Side-channel attacking browsers through CSS3 features | Security Research – Evonide https://www.evonide.com/side-channel-attacking-browsers-through-css3-features/

With the staggering amount of features that were introduced through HTML5 and CSS3 the attack surface of browsers grew accordingly. Consequently, it is no surprise that interactions between such features can cause unexpected behavior impacting the security of their users. In this article, we describe such a practical attack and the research behind it.

4 Billion Euro GDPR Case Filed Against Facebook et al

#DSGVO #:GDPR:  Max Schrems files first cases under GDPR against Facebook and Google … :

Three complaints worth €3.9 billion were filed in the early hours of Friday morning against Facebook and two subsidiaries, WhatsApp and Instagram via data regulators in Austria, Belgium and Hamburg. Another complaint worth €3.7 billion was filed with French data protection authority France CNIL in the case of Google’s Android operating system for smartphones.

You can and should support Max Schrems and NOYB (None Of Your Business) on their website: