
J'ai jamais activé le paiement NFC sur mon smartphone. Et pourtant je comprends que c'est pratique.
The FBI has dismantled a massive network of compromised devices that Chinese state-sponsored hackers have used for four years to mount attacks on government agencies, telecoms, defense contractors, and other targets in the US and Taiwan.
The botnet was made up primarily of small office and home office routers, surveillance cameras, network-attached storage, and other Internet-connected devices located all over the world. Over the past four years, US officials said, 260,000 such devices have cycled through the sophisticated network, which is organized in three tiers that allow the botnet to operate with efficiency and precision. At its peak in June 2023, Raptor Train, as the botnet is named, consisted of more than 60,000 commandeered devices, according to researchers from Black Lotus Labs, making it the largest China state botnet discovered to date.
Another useful practice is to reboot the devices every week or so, or more frequently if practical. Nosedive, like the vast majority of other IoT malware, resides solely in memory, and therefore can't persist once a device restarts.Ça reste un pis-aller, mais c'est toujours mieux que rien. Je me demande si "redémarrer régulièrement les équipements réseaux" deviendra une pratique standard dans la liste des recommendations de sécurité (mais peut-être que c'est déjà le cas).
The majority of open source project maintainers are not being paid for their work, spend three times as much time on security than they did three years ago, and have become less trusting of contributors following the xz backdoor, according to open source package security firm Tidelift.
Small wonder then that the maintainer population is aging – not enough newcomers want the undercompensated, unappreciated job.
Tidelift on Tuesday published its 2024 State of the Open Source Maintainer Report [PDF], the result of a survey answered by over 400 maintainers.
Some 45 percent of the survey takers have been maintainers for more than 10 years and the age distribution is getting older.
According to the report, "the percentage of maintainers self-reporting that they are 46–55 or 56–65 has doubled since our first survey in 2021 (2021: 11 percent; 2023: 27 percent; 2024: 21 percent). Meanwhile, the percentage of maintainers under 26 has dropped precipitously from 25 percent in our 2021 survey to 12 percent last year and 10 percent today."
RemediationPas mal
Disable and remove the cups-browsed service if you don’t need it (and probably you don’t).
Update the CUPS package on your systems.
In case your system can’t be updated and for some reason you rely on this service, block all traffic to UDP port 631 and possibly all DNS-SD traffic (good luck if you use zeroconf).
Entirely personal recommendation, take it or leave it: I’ve seen and attacked enough of this codebase to remove any CUPS service, binary and library from any of my systems and never again use a UNIX system to print. I’m also removing every zeroconf / avahi / bonjour listener. You might consider doing the same.
flanker (./2173) :Probablement pas, et les comptes qui alimentent les instances Nitter sautent régulièrement. D'un autre côté, vu comment Musk lui-même se vante de ne pas respecter les règles qui ne lui plaisent pas, ça ne m'empêche pas de dormir ^^
Mais est-ce que ça respecte les conditions d'utilisation de Twitter ?
In part II of this series (date TBD since there’s another disclosure in process), we’ll see how to use these new bettercap modules (not yet released) to attack Apple macOS.
Affected Systems
CUPS and specifically cups-browsed are packaged for most UNIX systems:
most GNU/Linux distributions
some BSDs.
Google Chromium / ChromeOS … maybe?
Oracle Solaris
Possibly more?
Zerosquare (./2176) :Je pense plutôt au commentaire sur la licence « AGPLv3 licensed, no proprietary instances permitted ».
Lionel > merci pour les infos !flanker (./2173) :Probablement pas, et les comptes qui alimentent les instances Nitter sautent régulièrement. D'un autre côté, vu comment Musk lui-même se vante de ne pas respecter les règles qui ne lui plaisent pas, ça ne m'empêche pas de dormir ^^
Mais est-ce que ça respecte les conditions d'utilisation de Twitter ?
Lionel Debroux (./2179) :sauf que dans le lot, il y a les macOS, qui sont légèrement plus populaires en desktop que Linux
Bien sûr, on parle moins des BSDs et de Solaris dans la communication à ce propos parce qu'ils sont moins populaires en desktop que Linux
flanker (./2181):Naturellement que macOS est plus populaire en desktop que Linux, et j'y ai pensé quand j'ai écrit ma phraseLionel Debroux (./2179) :sauf que dans le lot, il y a les macOS, qui sont légèrement plus populaires en desktop que Linux
Bien sûr, on parle moins des BSDs et de Solaris dans la communication à ce propos parce qu'ils sont moins populaires en desktop que Linux
flanker (./2180) :À mon avis, c'est moins de l'hypocrisie qu'un parafoudre pour le projet : il y a beaucoup plus de risque de se faire tomber dessus par X si c'est utilisé pour faire du profit.
Je trouve incohérent de la part du développeur d'être pointilleux sur sa licence logicielle alors qu'il ne respecte pas les conditions d'utilisation (mais j'avoue, ce n'est pas le premier que je vois comme ça ^^).
Ecovacs's privacy policy – available elsewhere in the app – allows for blanket collection of user data for research purposes, including:
• The 2D or 3D map of the user's house generated by the device
• Voice recordings from the device's microphone
• Photos or videos recorded by the device's camera
It also states that voice recordings, videos and photos that are deleted via the app may continue to be held and used by Ecovacs.
An Ecovacs spokesperson confirmed the company uses the data collected as part of its product improvement program to train its AI models.