Search
Items tagged with: 0day
Oh no, please don't tell me again that Linux is now insecure on the net?!
Β«Linux's Latest Vulnerability Allows Reading Root-Owned Files By Unprivileged UsersΒ»
βοΈβπ₯ phoronix.com/news/Linux-ssh-keβ¦
βοΈβπ₯ github.com/0xdeadbeefnetwork/sβ¦
#sshkeysignpwn #pwn #ssh #linux #0day #keysigning #sshkeys #itsecurity #itsec #itsecurity #zeroday
GitHub - 0xdeadbeefnetwork/ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.
Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels. - 0xdeadbeefnetwork/ssh-keysign-pwnGitHub
Good news among the bad news!
If the recent #0day attacks against Linux kernel+servers were launched against #chatmail relays, privacy of chatting with #deltachat is preserved. Why? Because we already assume the server could be actively hostile, and still not read or see any avatar, names or messages.
Since the March 2.48 zero-metadata releases relays/servers do not see cryptographic identities, and get no chance to launch "machine-in-the-middle" (MITM) attacks.
Delta Chat: Zero metadata, group descriptions, native audio/video calls and much more!
With the latest 2.48+ releases, a chat message reveals close to zero metadata to servers. For cryptographers and messenger enthusiasts, here are the key points on how we turned email very close to ...delta.chat
