DecryptedTech

Tuesday05 July 2022

Sean Kalinich

Sean Kalinich

After Google talked about their response to Apple requiring user acceptance for cross app tracking on mobile devices, the internet sort of exploded with different articles about the pros and cons of each. We wrote about this 2 days ago and gave out thoughts on both solutions. You can read the full article, or just read on for the summation. In short, Apple requiring a user to explicitly allow an app to perform cross tracking and data collection is better than Google’s current plan to collect everything and allow controlled access to the data via API. Google’s plan has even brought up the specter of anti-competition laws as they would literally control all the data on a mobile device. Yes, it is that bad.

Linux has always had something of a mystique about it. Regardless of the distro (flavor) of Linux there simply certain misconception around Linux that are both entertaining and concerning. One of my all-time favorites was/is that it is a “hacker” OS. This fun little misunderstand was so bad at one point that it was part of a parent’s guide on how to tell if your child is a hacker. Nothing says out of touch like labelling an entire OS line as a “hacker” OS. The other side of the coin is the belief that it is secure out of the box. In simple terms, no OS is secure out of the box, all of them have vulnerabilities including serious ones that allow for complete compromise.

Will someone tell Microsoft (again) that to lead in the industry means not just following the competition? They seem to have lost that message again as we are hearing that they will require a Microsoft account to set up and use future versions of Windows 11 Pro. This frustrating need to be attached to the internet and beholden to Microsoft just to use your operating system has always been an odd choice to me, but it is Microsoft and when they can’t figure out what to do, they tend to just copy features (and bad ones at that) from Apple or Google.

Researchers have identified Trickbot in use in campaigns targeting several financial institutions. These groups along with a few tech companies thrown in a predominantly in the US and appear to be using an evolved version of the malware to get in and avoid detection by legacy anti-malware (signature based). It is usually part of a targeted spearphishing campaign where poisoned office documents are either contain links to malicious websites or can contain HTA code to execute a PowerShell command to download the second stage of the malware.

Life would not be the same without new popping up that one state level threat actor or another was attacking and compromising US defense contractors or other businesses linked to US national security and defense. The counties of origin for these actors become a blur over time, although you do see some highlighted depending on current political trends. The two most often bandied about are Russia and China with North Korea getting an honorable mention.

A couple of weeks ago Meta, Facebook’s parent company, announced that they were losing money (to the tune of $10 Billion) due to changes in the way Apple mobile devices handle user tracking by apps. The move by Apple was a bit of a surprise considering some of Apple’s history, but when you consider that Apple and Meta will probably be VR competitors it was not that much of one. The announcement also caused many to wonder if Google would follow suit.

Firefox was once one of the leading “alternative” browsers on the internet. After the death of Netscape Firefox came along and offered people an alternative to the building Windows Internet Explorer and even to Safari on macOS. This trend continued into the mobile arena, at least until Google launched the Chrome Browser. Although Chrome had a bit of a rocky start (with clear indications of data collection), it has grown in popularity and gobble up about 64% of the browsing on the internet.

Apache and their open-source tools have gotten a lot of press lately. After the Lgo4Shell vulnerability in their Log4J tool, and the massive response from vendors and security organizations we are now learning that researchers have discovered a remote code execution flaw in the NoSQL database management tool Cassandra. This time, unlike Log4J flaw the disclosure comes with a patch already available for installation.

Meta (Facebook) has a long history of privacy and other abuses of the platform they control. We have seen everything from abusing facial recognition technology to tracking users’ internet history after existing the platform. These types of abuses are concerning for both obvious and not so obvious reasons. On the surface the collection of personal information outside of actual platform use by Facebook is not a good thing, but when you also roll in the fact that large tech groups like Facebook also share information with government agencies freely and without recourse it makes the problem larger.

Google has announced the release of a new version of Chrome. The new version comes with fixes for eight vulnerabilities. Once of these vulnerabilities CVE-2022-0609, which is describes as a user-after-free vulnerability is already being exploited in the wild. This has led them to advise users to updated Chrome as soon as possible to avoid compromise. The flaws were found by Google’s own Threat Analysis Group.

Page 9 of 210