Tag Archives: programming

Scout Browser goes under peer review

Scout Browser goes under peer review

It’s not enough to say you are good. The moment of truth is when an outside expert or peer takes a hard look at what you do – and then gives you an educated thumbs up. In academia, this is a peer review and it is essential for any worthwhile paper. For software developers, it […]

The post Scout Browser goes under peer review appeared first on Avira Blog.

Another Russian Hacker Arrested In Spain Reportedly Over U.S. Election Hacking

A Russian computer hacker and alleged spam kingpin was arrested in Barcelona, Spain, on Friday reportedly over suspicion of being involved in hacking attacks linked to alleged interference in last year’s United States presidential election process.

36-year-old Pyotr Levashov from St. Petersburg was detained by police in Barcelona after US authorities issued an international arrest warrant for

Microsoft is Shutting Down CodePlex, Asks Devs To Move To GitHub

Microsoft has announced to shut down CodePlex — its website for hosting repositories of open-source software projects — on December 15, 2017.

Launched in 2006, CodePlex was one of the Microsoft’s biggest steps towards the world of open source community — where any programmer, anywhere can share the code for their software or download and tweak the code to their liking.

However, Microsoft

A Typo in Zerocoin's Source Code helped Hackers Steal ZCoins worth $585,000

Are you a programmer?

If yes, then you would know the actual pain of… “forgetting a semicolon,” the hide and seek champion since 1958.

Typos annoy everyone. Remember how a hacker’s typo stopped the biggest bank heist in the history, saved $1 billion of Bangladesh bank from getting stolen.

But this time a typo in the Zerocoin source code costs the company more than $585,000 in losses.
<!–

Critical glibc Flaw Puts Linux Machines and Apps at Risk (Patch Immediately)

glibc-linux-flaw

A highly critical vulnerability has been uncovered in the GNU C Library (glibc), a key component of most Linux distributions, that leaves nearly all Linux machines, thousands of apps and electronic devices vulnerable to hackers that can take full control over them.

Just clicking on a link or connecting to a server can result in remote code execution (RCE), allowing hackers to steal credentials, spy on users, seize control of computers, and many more.
The vulnerability is similar to the last year’s GHOST vulnerability (CVE-2015-0235) that left countless machines vulnerable to remote code execution (RCE) attacks, representing a major Internet threat.
GNU C Library (glibc) is a collection of open source code that powers thousands of standalone apps and most Linux distributions, including those distributed to routers and other types of hardware.
The recent flaw, which is indexed as CVE-2015-7547, is a stack-based buffer overflow vulnerability in glibc’s DNS client-side resolver that is used to translate human-readable domain names, like google.com, into a network IP address.
The buffer overflow flaw is triggered when the getaddrinfo() library function that performs domain-name lookups is in use, allowing hackers to remotely execute malicious code.

How Does the Flaw Work?

The flaw can be exploited when an affected device or app make queries to a malicious DNS server that returns too much information to a lookup request and floods the program’s memory with code.
This code then compromises the vulnerable application or device and tries to take over the control over the whole system.
It is possible to inject the domain name into server log files, which when resolved will trigger remote code execution. An SSH (Secure Shell) client connecting to a server could also be compromised.
However, an attacker need to bypass several operating system security mechanisms – like ASLR and non-executable stack protection – in order to achieve successful RCE attack.
Alternatively, an attacker on your network could perform man-in-the-middle (MitM) attacks and tamper with DNS replies in a view to monitoring and manipulating (injecting payloads of malicious code) data flowing between a vulnerable device and the Internet.

Affected Software and Devices

All versions of glibc after 2.9 are vulnerable. Therefore, any software or application that connects to things on a network or the Internet and uses glibc is at RISK.
The widely used SSH, sudo, and curl utilities are all known to be affected by the buffer overflow bug, and security researchers warn that the list of other affected applications or code is almost too diverse and numerous to enumerate completely.
The vulnerability could extend to a nearly all the major software, including:
  • Virtually all distributions of Linux.
  • Programming languages such as the Python, PHP, and Ruby on Rails.
  • Many others that use Linux code to lookup the numerical IP address of an Internet domain.
  • Most Bitcoin software is reportedly vulnerable, too.

Who are Not Affected

The good news is users of Google’s Android mobile operating system aren’t vulnerable to this flaw. As the company uses a glibc substitute known as Bionic that is not susceptible, according to a Google representative.
Additionally, a lot of embedded Linux devices, including home routers and various gadgets, are not affected by the bug because these devices use the uclibc library as it is more lightweight than hefty glibc.
The vulnerability was first introduced in May 2008 but was reported to the glibc maintainers July 2015.
The vulnerability was discovered independently by researchers at Google and Red Hat, who found that the vulnerability has likely not been publicly attacked.
The flaw was discovered when one of the Google’s SSH apps experienced a severe error called a segmentation fault each time it attempted to contact to a particular Internet address, Google’s security team reported in a blog post published Monday.

Where glibc went Wrong

Google researchers figured out that the error was due to a buffer overflow bug inside the glibc library that made malicious code execution attacks possible. The researchers then notified glibc maintainers.
Here’s what went wrong, according to the Google engineers:

“glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated.”

“Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow.”

Proof-of-Concept Exploit Released

Google bod Fermin J. Serna released a Proof-of-Concept (POC) exploit code on Tuesday.
With this POC code, you can verify if you are affected by this critical issue, and verify any mitigations you may wish to enact.

Patch glibc Vulnerability

Google researchers, working with security researchers at Red Hat, have released a patch to fix the programming blunder.
However, it is now up to the community behind the Linux OS and manufacturers, to roll out the patch to their affected software and devices as soon as possible.
For people running servers, fixing the issue will be a simple process of downloading and installing the patch update.
But for other users, patching the problem may not be so easy. The apps compiled with a vulnerable glibc version should be recompiled with an updated version – a process that will take time as users of affected apps have to wait for updates to become available from developers.
Meanwhile, you can help prevent exploitation of the flaw, if you aren’t able to immediately patch your instance of glibc, by limiting all TCP DNS replies to 1024 bytes, and dropping UDP DNS packets larger than 512 bytes.
For more in-depth information on the glibc flaw, you can read Red Hat blog post.

Next Hacker to Organize Biggest Java Programming Competition In Germany

Great news for Hackers and Bug-hunters who enjoy Programming and playing around with Software.

A worldwide group of like-minded computer programmers is hosting The Next Hacker IPPC event on the 26th and 27th of February in Berlin, Germany, where participants can meet hackers and programmers from around the world while getting an opportunity to participate in one of the major

Infomatrix 2015: they’ve got skills!

InfoMatrix took place in Bucharest, Romania and it was organized by Lumina Educational Institutions, the Ministry of National Education and ISMB to encourage young people to apply their imagination, their passion, and their creativity to technology innovations that can make a difference in the world today.

For this year’s edition, 4651 students and teachers representing 461 schools from 63 different countries submitted a total of 1899 projects.

Avira was excited to also delegate a jury member for the competition. Alexandru Mihai, Web Backend Software Engineer in the Cloud Services & Infrastructure Department contributed to choosing the best project in the Programming section of InfoMatrix.

InfoMatrix 2015 : The Best Projects

  • Visionbot: Alexandru Ionut Budişteanu obtained the gold medal for the ‘VisionBot Pick and Place machine’ project. Visionbot is a robotic machine able to automatically create electronic products by introducing surface-mount devices (SMD) as capacitors, resistors, and integrated circuits on printed circuit boards (PCB). This machine should allow engineers and even SMBs to transform their prototypes into industrial products (electronics, computers, consumer electronics).
  • R-Walker: Victor Ricardo and Matias Garcia from Mexico also won a gold medal with the R-Walker project: a prototype of alternative energy and urban mobility consisting of three electrical systems, mechanical and hydraulic ensuring safety, comfort and speed of use. This personal scooter is not only cheap but since its main source of energy is obtained through alternative methods it can be a decisive help in reducing pollution.
  • Usertik: Haris Başici and Nedim Şişici from Bosnia received the first prize at the Programming section with an ingenious solution that allows automated delivery and integration of high quality web services. More details about the project are available on their official website.
  • Noriy.NET: Roşca Codreanu-Ionescu Alexandru, representing Romania, created a cloud service for parental control. His goal was for parents to ensure safe Internet browsing on their children’s devices as well as help them benefit from a system of notifications for potentially dangerous activities.
  • Low poly dreams: you can check out for yourself the cool 3D video animation that helped Juanro Cobian from Mexico to win the 1st place in the “Computerized Graphics” section.

We’re already looking forward to the 2016 edition of this wonderful event that brings together so many talented students from all around the world.

The post Infomatrix 2015: they’ve got skills! appeared first on Avira Blog.