A memory corruption vulnerability in libotr, a c implementation of off the record encryption commonly used in chat clients, allows for remotely executing code on vulnerable machines and crashing applications using libotr (archived). Large messages sent to libotr can cause an integer overflow which then spills into the heap.
Category Archives: News
"Honest" Soap Scandal Deepens: A Chemist Speaks
Personal care products manufacturer Honest Co. has recently been exposed as dishonestly labelling their products, as reported in The Wall Street Journal (paywall) (archived). Qntra's chemistry correspondent is here to set the deception straight. Continue reading
F-35 Software Requiring Hard Reboots While Airborne
Jane's reports that the Lockheed Martin F-35 Joint Strike Fighter Developed by and for the armed forces of the United States and its allies has a new quirk gathering public attention (archived). Well, several quirks but the most notable is a software glitch that interferes with the aircraft's mission readiness by requiring hard reboots during flight to restore functionality to the radar. So far the F-35's ability to hemorrhage funds printed for the United States Department of Defense has lead to the early end of production for the more capable F-22 fighter, threatened the end of life for the more capable A-10 ground attack aircraft, and ended or hindered an uncountable other number of other things which may have been less embarrassing ends to direct the United States Government's money printing machine than the F-35. Sorry for your loss and peace in our time.
Microsoft Bundles Adware With Security Update
Microsoft has by its own admission bundled adware with a security update for Windows. The update to the Internet Explorer component of Microsoft Windows pulls in another update containing the adware. The adware creates a banner in Internet Explorer badgering users to upgrade their version of Windows to Windows 10. In order to avoid angering their institutional customers who actually pay for software licenses, this new Microsoft adware checks to see if the machine it is installed on is part of a Microsoft domain before badgering the end user. This move suggests that Microsoft itself is surrendering its own overt actions in the Windows ecosystem to match the the rest of the spammers that dominate the space.
US May Accuse Iran Of Office Computer Infection
There are murmurings that the United States may loudly accuse Iran of being involved in the infection of several office computers with malware. Substantial noise is being attached to the otherwise mundane infection of these office computers because of their physical proximity to systems affecting the operations of a dam in New York State (archived). The incident in question happened in 2013, three years after Microsoft released their first patch against the Stuxnet vulnerability.
Mainstream Media Hyping US Legacy In Iraq: Iraqi Made Chemical Weapons
Numerous stories are saturating mainstream media today heralding the capture of and Iraqi chemist aligned with ISIS/ISIL (archived). A substantial strain of hopium embedded in this coverage is optimism that this might lead to a reduction or perhaps even the end of chemical weapons deployments by ISIS/ISIL. Back in 2003 United States president George W. Bush made the state of chemical, biological, and nuclear weapons manufacturing in Iraq a cornerstone of his case for invading Iraq and deposing their government. Thirteen years later Iraq is no longer a country which has gone more than a decade without fielding chemical weapons in anger. There isn't any serious discussion of biological or nuclear weapons being produced any of the new regimes in Iraq yet, but one out of three isn't bad.
"Bitcoin Group" Fiat Mining IPO Withdrawn
After previously reporting satisfaction their IPO came 70% under their goal, the "Bitcoin Group" fiat mining venture has withdrawn their IPO under regulatory pressure according to numerous sources.
FBI Agents Investigated For Misconduct In Lavoy Finicum's Murder While Insisting Slaying Was Justified
The United States Department of "Justice" whose loyal FBI soldiers murdered Lavoy Finicum is continuing to insist the murder of this American hero was justified, even though it has been compelled to open a criminal investigation into several of the FBI Agents who unleashed the fatal hail of bullets on Finicum (archived). The alleged criminal behavior happened as the triggers were being pulled to fire bullets at Finicum, concerns the triggermen firing bullets at Finicum, and involves a conspiracy of the triggermen's FBI comrades in covering up facts about the events of Lavoy Finicum's martyrdom. Naturally the Preets at the Department of "Justice" continue insist the shooting was justified as their own enforcers go feral.
Elon Musk Venture Remotely Diddles Attentive Owner's Vehicle
Elon Musk's Tesla Motors remotely downgraded the firmware on a vehicle owned by attentive owner Jason Hughes. As an attentive vehicle owner Hughes had earlier investigated a firmware update and found information suggesting a new Tesla Model S variant with a larger battery and shared the results of his investigation with the world. In what appears to be a retaliatory move Musk's firm downgraded his vehicle firmware remotely, a move that was subsequently noticed by the attentive Hughes.
New Cross Platform Malware Depends on JVM
Reports are emerging of new cross platform malware that has the potential to affect Windows, OSX, Linux, and Android machines using a single executable (archived). The catch is only machines with a Java runtime are vulnerable to the attacks. The simplest mitigation measure is simply not having a Java execution environment on your computing machine. Java has long been a dubious proposition, for the increased attack surface it presents as well as a portion of the programmers it attracts.