Brief items

Garrett: The Freedom Phone is not great at privacy

Anybody who might be considering acquiring a "Freedom Phone" might want to have a look at Matthew Garrett's analysis first.

Anyway. We have a company that seems to be combining blockchain and MLM [multi-level marketing], has some opinions about Quantum Entanglement, bases the security of its platform on a set of novel cryptographic primitives that seem to have had no external review, has implemented an API that just hands out personal information without any authentication and an app that appears more than happy to upload all your contact details without telling you first, has failed to update this app to keep up with upstream security updates, and is violating the upstream license.

Comments (28 posted)

The More You Know, The More You Know You Don’t Know (Project Zero)

The Google Project Zero blog is carrying a report on zero-day vulnerabilities found to be exploited during 2021.

5 of the 7 [Android] 0-days from 2021 targeted GPU drivers. This is actually not that surprising when we consider the evolution of the Android ecosystem as well as recent public security research into Android. The Android ecosystem is quite fragmented: many different kernel versions, different manufacturer customizations, etc. If an attacker wants a capability against "Android devices", they generally need to maintain many different exploits to have a decent percentage of the Android ecosystem covered. However, if the attacker chooses to target the GPU kernel driver instead of another component, they will only need to have two exploits since most Android devices use 1 of 2 GPUs: either the Qualcomm Adreno GPU or the ARM Mali GPU.

Comments (5 posted)

Security quotes of the week

But what if we don’t have the luxury of a testing lab? What if the app behavior changes based on your location, or interaction with the outside world? For instance, if you use an app to rent a car or unlock a door to a shared workplace, the real-time behavior of the app will be different from what you can replicate in a lab. For these kinds of complex interactions, a roaming Machine-in-the-Middle (MitM) schema is needed. In fact, all three components of the previous schema (test device, interceptor, and control device) will need to be consolidated into a single device running the software required for all three components. If the app being audited is a form of disciplinary technology – that is, a surveillance app that one person installs on the device of another person – then the auditor will also need to surreptitiously capture traffic being sent by the app, which may pose additional testing complications.

— Bill Budington describes how to audit Android apps on a rooted phone

The title says it all — really! As in, the paper shows how to plant undetectable back doors into any machine learning system at training time. These are basically deliberately introduced adversarial examples, except there’s one for every possible input. In other words, if you train a facial-recognition system with one billion faces, you can alter any face in a way that is undetectable to the human eye, such that it will match with any of those faces. Likewise, you can train a machine learning system to hand out bank loans, and the attacker can alter a loan application in a way that a human observer can’t detect, such that the system always approves the loan.

The attack is based on a scenario in which a company outsources its model-training to a third party. This is pretty common, because training models is really expensive. Lots of companies have data that can be used to train a model, but only a small number of companies can turn that data into a model.

— Cory Doctorow on a paper titled “Planting Undetectable Backdoors in Machine Learning Models”

Comments (none posted)

Kernel release status

The current development kernel is 5.18-rc3, released on April 17. "It's Sunday afternoon, and you all know what that means. It's time for another release candidate. (Yes, yes, it's also Easter Sunday, but priorities, people!)"

Stable updates: 5.4.189 and 4.19.238 were released on April 15, followed by 5.17.4, 5.15.35, 5.10.112, 5.4.190, 4.19.239, 4.14.276, and 4.9.311 on April 20.

Comments (none posted)

McIntyre: Firmware - what are we going to do about it?

Steve McIntyre argues that Debian needs to rethink its approach to non-free firmware.

Today, a user with a new laptop from most vendors will struggle to use it at all with our firmware-free Debian installation media. Modern laptops normally don't come with wired ethernet now. There won't be any usable graphics on the laptop's screen. A visually-impaired user won't get any audio prompts. These experiences are not acceptable, by any measure.

Comments (95 posted)

10 years of stories behind Guix (Guix blog)

Over on the blog for the GNU Guix project, which is a "transactional package manager and an advanced distribution of the GNU system that respects user freedom", the project reflects on its ten-year journey. The post consists of personal accounts from around two dozen contributors about the project, its history, and its community.

It’s been ten years today since the very first commit to what was already called Guix—the unimaginative name is a homage to Guile and Nix, which Guix started by blending together. On April 18th, 2012, there was very little to see and no actual "project". The project formed in the following months and became a collective adventure around a shared vision.

Ten years later, it’s amazing to see what more than 600 people achieved, with 94K commits, countless hours of translation, system administration, web design work, and no less than 175 blog posts to share our enthusiasm at each major milestone. It’s been quite a ride!

Comments (1 posted)

A hint on the future direction of SUSE Linux Enterprise

SUSE has begun to discuss its plans for the next version of SUSE Linux Enterprise on the openSUSE lists. It appears that there will be some significant changes.

Intending to do radical changes (regarding technology- but also design-wise) we choose "Adaptable Linux Platform" or short "ALP" as codename for that next generation. This indicates already that some things will be quite different than a "mere "SLE 15++ would be ;) [...]

Another important point is that we intend to split what was a more generic, everything is closely intertwined into two parts: One smaller hardware enabling piece, a kind of "host OS", and the and the layer providing and supporting applications, which will be container (and VM) based.

Comments (16 posted)

Distribution quote of the week

One of the benefits of (most) open source operating systems also makes these kinds of decisions harder. We don’t collect detailed data about installations. This is a boon for user privacy, but it means we’re generally left guessing about the hardware that runs Fedora Linux. Some educated guesses can be made from the architecture of bug reports or from opt-in hardware surveys. But they’re not necessarily representative. So we’re largely left with hunches and anecdata.

— Ben Cotton

Comments (none posted)

GNU coreutils 9.1 released

Version 9.1 of the GNU coreutils package has been released with lots of small tweaks and improvements. "ls no longer colors files with capabilities by default, as file-based capabilities are very rarely used, and lookup increases processing per file by about 30%. It's best to use getcap [-r] to identify files with capabilities."

Full Story (comments: 4)

Tromey: Faster GDB Startup

On his blog, Tom Tromey writes about speeding up the startup of the GDB debugger. He sees 7x improvements in startup time (e.g. 2.2 to 0.3 seconds) for C++ code.

GDB, essentially, had two DWARF readers. They actually shared a surprisingly small amount of code (which was an occasional source of bugs). For example, while abbrev lookup and name generation (more on that later) was shared, the actual DIE [debugging information entry] data structures were not.

The first DWARF reader created “partial symbols”, which held a name and some associated, easy-to-compute data, like the kind of symbol (variable, function, struct tag, etc). The second DWARF reader (which is still there now) is called when more information was needed about a particular symbol — say, its type. This reader reads all the DIEs in a DWARF compilation unit and expands them into gdb’s symbol table, block, and type data structures.

Both of these scans were slow, but for the time being I’ve only rewritten the first scan, as it was the one that was first encountered and most obviously painful. (I’ve got a plan to fix up the CU expansion as well, but that’s a lengthy project of its own.)

Comments (6 posted)

Git 2.36.0 released

Version 2.36.0 of the Git source-code management system is out. As usual, the list of new features is long; this GitHub blog post covers some of the highlights:

But this [merge conflict] output can be understandably difficult to interpret. In Git 2.36, --remerge-diff takes a different approach. Instead of showing you the diffs between the merge resolution and each parent simultaneously, --remerge-diff shows you the diff between the file with merge conflicts, and the resolution.

Comments (11 posted)

Mourning Pedro Francisco

Luis Falcon brings the sad news that Pedro Francisco has passed on. "Pedro created and managed MasGNULinux, a Spanish blog with news about Free Software and GNU/Linux. MasGNULinux was the best reference in the latest Free Software projects for the Spanish speaking community."

Full Story (comments: none)