For Amazon, security is an inconvenience

March 5, 2016 – 11:16 AM

If you ever needed a definition of hypocrisy, Amazon just served up one hot plate.

Amazon has removed device encryption from its tablets and phones, a day after the company filed a brief supporting Apple in its fight against the FBI over encryption.

The retail giant turned cloud and device maker confirmed in a statement it had removed device encryption from its Fire OS 5 because the company “found customers weren’t using it.”

In other words, Amazon will continue to encrypt your data in transit, but it won’t scramble the contents of its customers’ Fire tablets or phones. That means thieves and law enforcement will have an easier time grabbing user data from these devices without too much effort.

Though the decision was made last year, the brouhaha ignited this week after one Fire tablet owner David Scovetta posted a screenshot on Twitter showing that encryption on older Fire HD and Fire HDX tablets is “no longer supported.” Now it appears that Amazon is reversing course and will add back encryption in a Spring update, according to TechCrunch.

Nevertheless, Amazon’s timing of the upgrade is striking, given that it pushed the software to older devices at a tense moment in the tech industry.

Source:
http://www.zdnet.com/article/amazon-tablet-phone-security-as-an-inconvenience/

Angler Exploit Learns New Tricks, Finds Home On Popular Website

February 26, 2016 – 8:28 PM

Researchers report Angler Exploit Kit attacks have become more brazen and are now targeting top websites with new tricks that can evade browser-based antimalware protection. Karl Sigler, a SpiderLabs researcher at Trustwave, told Threatpost his lab found the Angler Exploit Kit on a popular website for the second time in a week, exposing just under million visitors monthly to possible TeslaCrypt ransomware infections. Sigler said Trustwave researchers spotted the exploit on Extendoffice[.]com, a site that sells software for customizing Microsoft Office software applications.

A number of things stuck out as unique about this iteration of Angler Exploit Kit, according to Trustwave. One was the fact that attackers were targeting a destination site as opposed to a random webpage that had traffic driven to it via phishing attacks, Sigler said. According to site analysis tool Compete.com, Extendoffice attracted 963,000 unique visitors in January. “That many not seem like a lot of traffic for a website, but for a watering-hole attack, they hit the jackpot,” Sigler said.

Source:
https://threatpost.com/angler-exploit-kit-learns-new-tricks-finds-home-on-popular-website/116509/

Beware of hacked ISOs if you downloaded Linux Mint on February 20th!

February 21, 2016 – 7:13 AM

We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below.

What happened?

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it.

Does this affect you?

As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition.

If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either.

Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.

How to check if your ISO is compromised?

If you still have the ISO file, check its MD5 signature with the command “md5sum yourfile.iso” (where yourfile.iso is the name of the ISO).

Source:
http://blog.linuxmint.com/?p=2994&_utm_source=1-2-2

Gmail’s new security indicators

February 11, 2016 – 5:32 AM

Google added two new security indicators to its email service Gmail which reveal TLS encryption support and whether the sender could be authenticated.

Many popular email services, including Gmail, support TLS (Transport Layer Security) encryption to protect data while it is in transit.

TLS is only useful if both the sending and receiving email service supports it, and one of the new features highlights on Gmail when TSL encryption is not supported by another service.

Gmail highlights the fact with a red open padlock image in the email header. You can click on the lock icon to display additional information, but it means effectively that the third-party mail server did not encrypt the message (likely because it is not configured to use TLS).

Source:
http://www.ghacks.net/2016/02/11/web-gmail-gets-two-new-security-indicators/

When security products make systems less secure

February 6, 2016 – 7:13 AM

There has been an increase in reports pf security products recently which make user systems less secure when they are installed, used or even just present on the system.

Many antivirus companies have added tools and products to their security programs in recent years to increase the perceived value of the product, add new features to them that users may find useful, and to add new revenue opportunities in form of custom search deals.

It is quite common for instance that companies deploy browser extensions on systems that change the search provider, new tab page or home page. Others have created custom versions of the Chromium browser to improve user security while the browser is being used, often calling these custom browsers secure or safe to indicate that.

Google started to analyze browser extensions and custom browsers recently and the results are quite disturbing.

The three custom Chromium-based browsers the company analyzed were found to weaken security instead of improving it.

Source:
http://www.ghacks.net/2016/02/06/avast-safezone-browser-vulnerability-disclosed-by-google/