Slashdot security articles

Syndicate content Slashdot: Generated for TarPitt (217247)
News for nerds, stuff that matters: Generated for TarPitt (217247)
Updated: 4 hours 52 min ago

Mozilla's 'Privacy Not Included' Gift Report Highlights Security Concerns

Wed, 11/14/2018 - 23:00
Mozilla has released its second annual "Privacy Not Included" guide that rates 70 products to help give you an idea as to how secure or insecure they are. "We want to provide people information about how to make informed decisions when shopping for gifts that are connected to the internet," says Ashley Boyd, vice president of advocacy at Mozilla. "These products are becoming really popular. And in some cases, it's easy to forget that they're even connected to the internet." Wired reports: Among the important signifiers of a trustworthy stocking stuffer, according to Mozilla's rubric: the use of encryption, pushing automatic software security updates, strong password hygiene, a way to deal with vulnerabilities should they arise, and a privacy policy that doesn't take a PhD to parse. The most surprising result of Mozilla's testing may be how many products actually earned its seal of approval. Thirty-three of the 70 items in the "Privacy Not Included" guide passed muster; fans of the Nintendo Switch, Google Home, and Harry Potter Kano Coding Kit can sleep a little easier. On the other end of the scale, Mozilla highlighted seven products that may not hit the mark -- yes, including the sous vide wand, the Anova Precision Cooker. Also scoring low marks in Mozilla's accounting: the DJI Spark Selfie Drone (no encryption, does not require users to change the default password), the Parrot Bebop 2 drone (no encryption, complex privacy policy), and unsurprisingly, at least one baby monitor. The remaining 30 items on the list all exist somewhere in the murky middle, usually because Mozilla was unable to confirm at least one attribute. Which may be the real takeaway from the report: Typically, you have no reasonable way to find out if a given internet-connected device is secure. "If you can't tell, that says that there's a problem of communication between manufacturers and consumers," says Boyd. "We would love for makers of these products to be more clear and more transparent about what they're doing and not doing. That's a big place we think change is needed."

Facebook Reportedly Hired a PR Firm That Wrote Negative Articles About Rivals, Pushed George Soros Conspiracy Theory

Wed, 11/14/2018 - 17:25
According to a recently-published report in the New York Times, Facebook hired a public relations firm last year that wrote dozens of articles critical of rivals Google and Apple and pushed the idea that liberal financier George Soros was behind a growing anti-Facebook movement. "Facebook expanded its relationship with Definers Public Affairs in October 2017 after enduring a year's worth of external criticism over its handling of Russian interference on its social network," CNBC summarizes. From the report: The firm reportedly wrote articles that blasted Google and Apple while downplaying the impact of Russian interference on Facebook. Those articles were published on NTK Network, an affiliate of the firm whose content is often followed by politically conservative outlets, including Breitbart, the report says. Definers Public Affairs also reportedly pressed reporters to explore Soros' financial connections with groups that protested Facebook at Congressional hearings in July. Facebook's relationship with Definers Public Affairs were outlined as part of a broader report that looked at the company's handling of numerous scandals over the past three years, including Russian interference and the Cambridge Analytica scandal in March. Other revelations in the report include Sheryl Sandberg's apparent fury when former security chief told the board of directors in fall 2017 about the full extent of Russian interference on the platform, and Mark Zuckerberg ordering managers to use Android phones after Apple CEO Tim Cook criticized the company's approach to privacy earlier this year.

Safari Tests 'Not Secure' Warning For Unencrypted Websites

Wed, 11/14/2018 - 16:45
Similar to Chrome, Apple's Safari browser is testing a warning system for when users visit websites that aren't protected by HTTPS encryption. "The feature for now is only in Safari Technology Preview 70, a version of the web browser Apple uses to test technology it typically brings to the ordinary version of Safari," reports CNET. From the report: Apple didn't immediately respond to a request for comment on its plans for bringing the warning to mainstream Safari. Apple's browser does warn you already if you have an insecure connection to a very sensitive website for typing in passwords or credit card numbers.

Why is Antivirus Software Still a Thing?

Wed, 11/14/2018 - 12:46
Antivirus has been around for more than 20 years. But do you still need it to protect yourself today? From a report: In general, you probably do. But there are caveats. If you are worried about your iPhone, there's actually no real antivirus software for it, and iOS is engineered to make it extremely difficult for hackers to attack users, especially at scale. In the case of Apple's computers, which run MacOS, there are fewer antiviruses, but given that the threat of malware on Mac is increasing ever so slightly, it can't hurt to run an AV on it. If you have an Android phone, on the other hand, an antivirus does not hurt -- especially because there have been several cases of malicious apps available on the Google Play Store. So, on Android, an antivirus will help you, according to Martijn Grooten, the editor of trade magazine Virus Bulletin. When it comes to computers running Windows, Grooten still thinks you should use an AV. "What antivirus is especially good at is making decisions for you," Grooten told Motherboard, arguing that if you open attachments, click on links, and perhaps you're not too technically savvy, it's good to have an antivirus that can prevent the mistakes you may make in those situations. For Grooten and Simon Edwards, the founder of SE Labs, a company that tests and ranks antivirus software, despite the fact that Windows' own antivirus -- called Defender -- is a good alternative, it's still worth getting a third-party one. "Even if [Defender] wasn't the best and it isn't the best, it's is still a lot better than having nothing," Edwards told Motherboard. Yet, "we do see a benefit in having paid for AV product."

Researchers Discover Seven New Meltdown and Spectre Attacks

Wed, 11/14/2018 - 10:05
A team of nine academics has revealed today seven new CPU attacks. The seven impact AMD, ARM, and Intel CPUs to various degrees. From a report: Two of the seven new attacks are variations of the Meltdown attack, while the other five are variations on the original Spectre attack -- two well-known attacks that have been revealed at the start of the year and found to impact CPUs models going back to 1995. Researchers say they've discovered the seven new CPU attacks while performing "a sound and extensible systematization of transient execution attacks" -- a catch-all term the research team used to describe attacks on the various internal mechanisms that a CPU uses to process data, such as the speculative execution process, the CPU's internal caches, and other internal execution stages. The research team says they've successfully demonstrated all seven attacks with proof-of-concept code. Experiments to confirm six other Meltdown-attacks did not succeed, according to a graph published by researchers. Update: In a statement to Slashdot, an Intel spokesperson said, "the vulnerabilities documented in this paper can be fully addressed by applying existing mitigation techniques for Spectre and Meltdown, including those previously documented here, and elsewhere by other chipmakers. Protecting customers continues to be a critical priority for us and we are thankful to the teams at Graz University of Technology, imec-DistriNet, KU Leuven, & the College of William and Mary for their ongoing research."

ProtonVPN Passes 1 Million Users and Launches on iOS

Wed, 11/14/2018 - 08:46
Encrypted email service provider ProtonMail has launched its standalone VPN app for iOS devices. From a report: The announcement comes more than a year after ProtonVPN launched globally for desktop users and 10 months after it landed on Android, so the iOS launch has been a long time coming. There is, of course, no shortage of VPN apps out there already, but ProtonMail has built a solid reputation in the encrypted communications realm since it was founded out of CERN in 2013. Following the launch of its privacy-focused email service nearly three years ago, the company subsequently added two-factor authentication (2FA), Tor support, an encrypted contacts manager, and of course a VPN service. ProtonMail offers various pricing tiers for ProtonVPN, ranging from free to $24 per month. Those who choose not to pay can access three countries' servers, with access on one device, but will have slower speeds, while the top $24/month tier offers access on 10 devices with server access in all available countries. In related news, ProtonMail said that ProtonVPN now has 1 million users globally.

Facebook Patches Vulnerability That Could Have Exposed User Data

Tue, 11/13/2018 - 15:30
Yet another vulnerability has been patched that could have exposed user data. According to security company Imperva, the bug "allowed websites to obtain private information about Facebook users and their friends through unauthorized access to a company API, playing off a specific behavior in the Chrome browser," reports The Verge. From the report: In technical terms, the attack is a cross-site request forgery, using a legitimate Facebook login in unauthorized ways. For the attack to work, a Facebook user must visit a malicious website with Chrome, and then click anywhere on the site while logged into Facebook. From there, attackers could open a new pop-up or tab to the Facebook search page and run any number of queries to extract personal information. Some examples Imperva gives are checking if a user has taken photos in a certain location or country, if the user has written any recent posts that contain specific text, or checking if a user's friends like a company's Facebook page. In essence, the vulnerability exposed the interests of a user and their friends even if privacy settings were set so interests were only visible to a user's friends. Imperva says the vulnerability was not a common technique and the issue has been resolved with Facebook. However, it does mention that these more sophisticated social engineering attacks could become more common in 2019. A Facebook representative told The Verge: "We appreciate this researcher's report to our bug bounty program. We've fixed the issue in our search page and haven't seen any abuse. As the underlying behavior is not specific to Facebook, we've made recommendations to browser makers and relevant web standards groups to encourage them to take steps to prevent this type of issue from occurring in other web applications."

Nigerian Firm Takes Blame For Routing Google Traffic Through China

Tue, 11/13/2018 - 14:50
Earlier today, it was reported that Google suffered a brief outage on Monday that pushed some of its traffic through networks in Russia, China, and Nigeria. Soon after Google said it would conduct an investigation, Nigeria's Main One Cable Company fessed up to the incident. According to Reuters, the company says it "accidentally caused the problem during a network upgrade." From the report: Main One said in an email that it had caused a 74-minute glitch by misconfiguring a border gateway protocol filter used to route traffic across the internet. That resulted in some Google traffic being sent through Main One partner China Telecom, the West African firm said. Even though Main One said it was to blame, some security experts said the incident highlighted concerns about the potential for hackers to conduct espionage or disrupt communications by exploiting known vulnerabilities in the way traffic is routed over the internet. Main One, which describes itself as a leading provider of telecom and network services for businesses in West Africa, said that it had investigated the matter and implemented new processes to prevent it from happening again.

WannaCry is Still Dominating Ransomware

Tue, 11/13/2018 - 10:40
An anonymous reader writes: WannaCry, once the greatest cybersecurity calamity in history, now doesn't work. A website critical to its function is now controlled by civic-minded security researchers, and the fixed deadline to pay the ransom has long passed. Yet WannaCry still accounts for 28% of ransomware attacks -- the most of any ransomware family. According to a new study by Kaspersky Lab, the defanged North Korea linked ransomware is still spreading uncontrollably. The spreading mechanism that passed WannaCry from victim to victim that was so virulent in the 2017 attack is still active, even if the ransomware itself isn't. The firm discovered that since the WannaCry outbreak in May 2017 has affected 74,621 users across the globe.

Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 Smartphones Hacked At Pwn2Own Tokyo

Tue, 11/13/2018 - 09:20
wiredmikey writes: Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 smartphones were all hacked on the first day of the Pwn2Own Tokyo 2018 contest taking place this week alongside the PacSec security conference in Tokyo, Japan. Pwn2Own Tokyo 2018 participants earned a total of $225,000 on the first day of the event. On the second day, at least two teams will make additional attempts to hack the iPhone X and the Xiaomi Mi 6.

Google Suffered a Brief Outage on Monday Which Pushed Some of Its Traffic Through Russia, China and Nigeria; Company Says It Will Do an Investigation

Tue, 11/13/2018 - 07:20
Google suffered a brief outage and slowdown Monday, with some of its traffic getting rerouted through networks in Russia, China and Nigeria. From a report: Incorrect routing instructions sent some of the search giant's traffic to Russian network operator TransTelekom, China Telecom (which, as you may recall, has been found of misdirecting internet traffic in recent months) and Nigerian provider MainOne between 1:00 p.m. and 2:23 p.m. PT, according to internet research group ThousandEyes. "This incident at a minimum caused a massive denial of service to G Suite and Google Search," wrote Ameet Naik, ThousandEyes' technical marketing manager, in a blog post. "However, this also put valuable Google traffic in the hands of ISPs in countries with a long history of Internet surveillance. Applications like Gmail and Google Drive don't appear to have been affected, but YouTube users experienced some slowdown. Google noted that the issue was resolved and said it would conduct an internal investigation. Update: Nigeria's Main One Cable Co has taken responsibility for the glitch.

The Next Version of HTTP Won't Be Using TCP

Mon, 11/12/2018 - 16:45
"The HTTP-over-QUIC experimental protocol will be renamed to HTTP/3 and is expected to become the third official version of the HTTP protocol, officials at the Internet Engineering Task Force (IETF) have revealed," writes Catalin Cimpanu via ZDNet. "This will become the second Google-developed experimental technology to become an official HTTP protocol upgrade after Google's SPDY technology became the base of HTTP/2." From the report: HTTP-over-QUIC is a rewrite of the HTTP protocol that uses Google's QUIC instead of TCP (Transmission Control Protocol) as its base technology. QUIC stands for "Quick UDP Internet Connections" and is, itself, Google's attempt at rewriting the TCP protocol as an improved technology that combines HTTP/2, TCP, UDP, and TLS (for encryption), among many other things. Google wants QUIC to slowly replace both TCP and UDP as the new protocol of choice for moving binary data across the Internet, and for good reasons, as test have proven that QUIC is both faster and more secure because of its encrypted-by-default implementation (current HTTP-over-QUIC protocol draft uses the newly released TLS 1.3 protocol). In a mailing list discussion last month, Mark Nottingham, Chair of the IETF HTTP and QUIC Working Group, made the official request to rename HTTP-over-QUIC as HTTP/3, and pass it's development from the QUIC Working Group to the HTTP Working Group. In the subsequent discussions that followed and stretched over several days, Nottingham's proposal was accepted by fellow IETF members, who gave their official seal of approval that HTTP-over-QUIC become HTTP/3, the next major iteration of the HTTP protocol, the technology that underpins today's World Wide Web.

US Chip Cards Are Being Compromised In the Millions

Mon, 11/12/2018 - 14:40
According to a study from Gemini Advisory, some 60 million U.S. cards were compromised in the past 12 months. "Of those, 93 percent were EMV chip-enabled," reports Threatpost. "Also, crucially, 75 percent, or 45.8 million, were records stolen from in-person transactions." From the report: These were likely compromised through card-skimming malware and point-of-sale (POS) breaches at establishments like retailers, hotels and restaurants, the likes of which continue to make headlines. Further results show that the U.S. leads the rest of the world in the total amount of compromised EMV payment cards by a massive 37.3 million records. In the past 12 months, about 15.9 million compromised non-U.S. payment cards were posted for sale on the underground, split between 11.3 million card-not-present (online transaction) records and 4.6 million card-present records, of which 4.3 million were EMV enabled. This means that the theft level of EMV-enabled card data in the U.S. is 868 percent higher than the rest of the world combined. The reason for this state of affairs, according to Gemini, is the lack of U.S. merchant compliance -- too many of them still use the mag-stripe function at PoS terminals. Gemini also said that card-present data "is also collected via a more manual method by skimmer groups, who are utilizing custom made hardware known as 'shimmers' to record and exfiltrate data from ATMs and POS systems. The firm also found that while most large U.S. merchants have fully transitioned to EMV, gas pump terminals and small/medium size businesses are emerging as the main targets for cybercriminals going forward.

Apple Confirms Its T2 Security Chip Blocks Some Third-Party Repairs of New Macs

Mon, 11/12/2018 - 14:03
An anonymous reader shares a report from The Verge about Apple's new security-focused T2 chip found in the newest Mac computers. The introduction of the chip "has renewed concerns that Apple is trying to further lock down its devices from third-party repair services," The Verge reports. From the report: The T2 is "a guillotine that [Apple is] holding over" product owners, iFixit CEO Kyle Wiens told The Verge over email. That's because it's the key to locking down Mac products by only allowing select replacement parts into the machine when they've come from an authorized source -- a process that the T2 chip now checks for during post-repair reboot. "It's very possible the goal is to exert more control over who can perform repairs by limiting access to parts," Wiens said. "This could be an attempt to grab more market share from the independent repair providers. Or it could be a threat to keep their authorized network in line. We just don't know." Apple confirmed to The Verge that this is the case for repairs involving certain components on newer Macs, like the logic board and Touch ID sensor, which is the first time the company has publicly acknowledged the tool's use. But Apple could not provide a list of repairs that required this or what devices were affected. It also couldn't say whether it began this protocol with the iMac Pro's introduction last year or if it's a new policy instituted recently. First revealed last month by MacRumors and Motherboard, both of which got their hands on an internal Apple document, the T2 chip could render a computer inoperable if, say, the logic board is replaced, unless the chip recognizes a special piece of diagnostic software has been run. That means if you wanted to repair certain key parts of your MacBook, iMac, or Mac mini, you would need to go to an official Apple Store or a repair shop that's part of the company's Authorized Service Provider (ASP) network. If you want to repair or rebuild portions of those devices on your own, you simply can't -- at least, according to this document. The parts affected, according to the document, are the display assembly, logic board, top case, and Touch ID board for the MacBook Pro, and the logic board and flash storage on the iMac Pro. It is also likely that logic board repairs on the new MacBook Air and Mac mini are affected, as well as the Mac mini's flash storage. Yet, the document, which is believed to have been distributed earlier this year, does not mention those products because they were unannounced at the time. Regardless, to replace those parts, a technician would need to run what's known as the AST 2 System Configuration suite, which Apple only distributes to Apple Stores and certified ASPs. So DIY shops and those out of the Apple network would be out of luck.

More Than 50 Nations Launch 'Paris Call' To Fix Hate Speech and Cyberattacks; China and Russia Not Among Signatories, Trump Administration Reluctant To Sign

Mon, 11/12/2018 - 13:25
French President Emmanuel Macron on Monday launched a push to regulate the internet. France and U.S. technology giants, including Microsoft, are pushing for governments and companies worldwide to sign up for a new initiative aimed at establishing regulations for the internet, to fight such online threats as cyber attacks, hate speech and online censorship. A report adds: With the launch of a declaration entitled the 'Paris call for trust and security in cyberspace,' French President Emmanuel Macron is hoping to revive efforts to regulate cyberspace after the last round of United Nations negotiations failed in 2017. In the document, which is supported by many European countries but, crucially, not China or Russia, the signatories urge governments to beef up protections against cyber meddling in elections and prevent the theft of trade secrets. The Paris call was initially pushed for by tech companies but was redrafted by French officials to include work done by U.N. experts in recent years. [...] In another sign of the Trump administration's reluctance to join international initiatives it sees as a bid to encroach on U.S. sovereignty, French officials said Washington might not become a signatory, though talks are continuing.

Cloudflare's 1.1.1.1 Service Launches on Android and iOS

Sun, 11/11/2018 - 11:05
harrymcc writes: Content-distribution network Cloudflare has introduced iOS and Android versions of 1.1.1.1, a free service which helps shield you from snoops by replacing your standard DNS with its encrypted (and speedy) alternative. The mobile incarnation of the PC service it launched last April, the apps don't require you to do anything other than downloaded and install them, give your device permission to install a VPN, and flip a switch -- making them approachable for the masses, not just geeks.

Can Facebook Keep Large-Scale Misinformation From the Free World?

Sun, 11/11/2018 - 03:34
You can have a disaster-free Election Day in the social media age, writes New York Times columnist Kevin Roose, "but it turns out that it takes constant vigilance from law enforcement agencies, academic researchers and digital security experts for months on end." It takes an ad hoc "war room" at Facebook headquarters with dozens of staff members working round-the-clock shifts. It takes hordes of journalists and fact checkers willing to police the service for false news stories and hoaxes so that they can be contained before spreading to millions. And even if you avoid major problems from bad actors domestically, you might still need to disclose, as Facebook did late Tuesday night, that you kicked off yet another group of what appeared to be Kremlin-linked trolls... Most days, digging up large-scale misinformation on Facebook was as easy as finding baby photos or birthday greetings... Facebook was generally responsive to these problems after they were publicly called out. But its scale means that even people who work there are often in the dark... Other days, combing through Facebook falsehoods has felt like watching a nation poison itself in slow motion. A recent study by the Oxford Internet Institute, a department at the University of Oxford, found that 25 percent of all election-related content shared on Facebook and Twitter during the midterm election season could be classified as "junk news"... Facebook has framed its struggle as an "arms race" between itself and the bad actors trying to exploit its services. But that mischaracterizes the nature of the problem. This is not two sovereign countries locked in battle, or an intelligence agency trying to stop a nefarious foreign plot. This is a rich and successful corporation that built a giant machine to convert attention into advertising revenue, made billions of dollars by letting that machine run with limited oversight, and is now frantically trying to clean up the mess that has resulted... It's worth asking, over the long term, why a single American company is in the position of protecting free and fair elections all over the world. Despite whatever progress has been made, the article complains that "It took sustained pressure from lawmakers, regulators, researchers, journalists, employees, investors and users to force the company to pay more attention to misinformation and threats of election interference. Facebook has shown, time and again, that it behaves responsibly only when placed under a well-lit microscope. "So as our collective attention fades from the midterms, it seems certain that outsiders will need to continue to hold the company accountable, and push it to do more to safeguard its users -- in every country, during every election season -- from a flood of lies and manipulation."

Credit Card Chips Have Failed to Halt Fraud (So Far)

Sun, 11/11/2018 - 00:34
An anonymous reader quotes Fortune: New chip-enabled credit cards, which were rolled out to U.S. consumers starting in 2015, were supposed to put an end to rampant credit card fraud. So much for that. A new report from the research firm Gemini Advisory has found that, of more than 60 million cases of credit card theft in the last 12 months, a whopping 93% of the stolen cards had the new chip technology... In theory, EMV should reduce fraud because every card transaction requires an encrypted connection between the chip card and the merchant's point-of-sale terminal... But while the EMV standard is supposed to ensure the card data cannot be captured, many merchants are failing to properly configure their systems, according to a Gemini Advisory executive who spoke with Fortune... The upshot is that criminals have been able to insert themselves into the transaction data steam, either by hacking into merchant networks or installing skimmer devices in order to capture card information... The report concludes by noting that big merchants have begun to tighten up their implementation of the EMV system, which will make them less of a target. Instead, criminals are likely to begin focusing on smaller businesses. The report estimates that in just the last twelve months, 41.6 million records have been stolen from chip-enabled cards.

Were Russian Hackers Deterred From Interfering In America's Election?

Sat, 11/10/2018 - 18:39
"Despite probing and trolling, a Russian cyberattack is the dog that did not bark in Tuesday's midterm elections," writes national security columnist Eli Lake. This is the assessment of the Department of Homeland Security, which says there were no signs of a coordinated campaign to disrupt U.S. voting. This welcome news raises a relevant and important question: Were cyber adversaries actually deterred from infiltrating voter databases and changing election results...? In September the White House unveiled a new policy aimed at deterring Russia, China, Iran and North Korea from hacking U.S. computer networks in general and the midterms in particular. National security adviser John Bolton acknowledged as much last week when he said the U.S. government was undertaking "offensive cyber operations" aimed at "defending the integrity of our electoral process." There aren't many details. Reportedly this entailed sending texts, pop-ups, emails and direct messages warning Russian trolls and military hackers not to disrupt the midterms. U.S. officials tell me much more is going on that remains classified. It is part of a new approach from the Trump administration that purports to unleash U.S. Cyber Command to hack the hackers back, to fight them in their networks as opposed to America's. Bolton has said the policy reverses previous restrictions on military hackers to disrupt the networks from which rival powers attack the U.S. Sometimes this is called "persistent engagement" or "defend forward." And it represents a shift in the broader U.S. approach to engaging adversaries in cyberspace.... The difference now is that America's cyber warriors will routinely try to disrupt cyberattacks before they begin... The object of cyberdeterrence is not to get an adversary to never use cyberweapons. It's to prevent attacks of certain critical systems such as voter registration databases, electrical grids and missile command-and-control systems. The theory, at least, is to force adversaries to devote resources they would otherwise use to attack the U.S. to better secure their own networks. Jason Healey, a historian of cyber conflicts at Columbia University's School for International and Public Affairs, asks "How much of cyberspace will survive the war?" warning that "persistent engagement" could lead to a dangerous miscalculation by an adversarial nation-state -- or even worse, a spiral of escalation, with other state's following America's lead, changing the open Internet into more of a battleground.

Disgruntled Security Researcher Publishes Major VirtualBox 0-Day Exploit

Sat, 11/10/2018 - 12:34
"A Russian security researcher has published details about a zero-day vulnerability affecting VirtualBox, an Oracle software application for running virtual machines," reports ZDNet. According to a text file uploaded on GitHub, Saint Petersburg-based researcher Sergey Zelenyuk has found a chain of bugs that can allow malicious code to escape the VirtualBox virtual machine (the guest OS) and execute on the underlying (host) operating system. Once out of the VirtualBox VM, the malicious code runs in the OS' limited userspace (kernel ring 3), but Zelenyuk said that attackers can use many of the already known privilege escalation bugs to gain kernel-level access (ring 0). "The exploit is 100% reliable," Zelenyuk said. "It means it either works always or never because of mismatched binaries or other, more subtle reasons I didn't account." The Russian researcher says the zero-day affects all current VirtualBox releases, works regardless of the host or guest operating system the user is running, and is reliable against the default configuration of newly created VMs. Besides a detailed write-up of the entire exploit chain, Zelenyuk has also published video proof, showing the zero-day in action against an Ubuntu VM running inside VirtualBox on an Ubuntu host OS. Long-time Slashdot reader Artem Tashkinov warns that the exploit utilizes "bugs in the data link layer of the default E1000 network interface adapter which makes this vulnerability critical for everyone who uses virtualization to run untrusted code." According to ZDNet, the same security researcher "found and reported a similar issue in mid-2017, which Oracle took over 15 months to fix." "This lengthy and drawn-out patching process appears to have angered Zelenyuk, who instead of reporting this bug to Oracle, has decided to publish details online without notifying the vendor."