FOXTROT/ALFA: A New iOS Jailbreak, Linus Goes Ryzen, End-to-End Encrypted Texts in Android?
So here we are, a new week of tech news. Well, it’s starting off slow, though. Not much has been happening over the weekend, apparently – probably due to it being a holiday in the UK and US. But nonetheless, here’s issue 122 of FOXTROT/ALFA (for Monday, 25 May 2020) with the handful stories I found interesting.
Cisco has fixed a critical vulnerability (CVSS Base Score: 9.8) in its call-centre software.
A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user on an affected device.
Also, Cisco’s Talos unit is warning of a new Android trojan called WolfRAT (RAT is short for “remote access trojan”).
WolfRAT is based on a previously leaked malware named DenDroid. The new malware appears to be linked to the infamous Wolf Research organization and targets Android devices located in Thailand. The malware mimics legit services such as Google service, GooglePlay or Flash update.
The end-to-end encrypted open source messenger Signal has received an update to address an issue where attackers could obtain a user’s approximate location via the WebRTC protocol.
This month, when I disclosed a way to leak a user’s DNS server simply by ringing their Signal number (CVE-2020–5753), I was happy to see how fast they patched it. Revealing a Signal user’s DNS server can potentially reveal coarse location, but in instances such as Google Public DNS (188.8.131.52/184.108.40.206) and others, this attack can narrow the location down to the Signal user’s city due to usage of EDNS Client Subnet. From our investigation, the affected Android versions are Signal v4.59.0 and up, while for iOS the affected WebRTC update was introduced in 220.127.116.11.
For certain Signal users, this issue could be quite serious, while average users aren’t as likely to be impacted. It’s worth mentioning that this is not an issue in Signal’s code, but due to WebRTC doing DNS requests. Other messaging apps could also be vulnerable to this. Signal has since notified the Chromium team and submitted a proposed patch. Those discussions are ongoing.
End-to-End Encryption Might be Coming to Androids Texts App
Speaking of E2E, Google might be preparing end-to-end encryption for text messages in Android. At least that’s what people are saying who’ve looked at an early test build of Google Messages.
For years now, folks have been excited about RCS messaging as being the true successor to SMS and MMS messages and an open competitor to Apple’s iMessage. However, one thing that iMessage has long offered that RCS could not is the ability to know your messages are secure thanks to end-to-end encryption.
In this dogfood build of Google Messages 6.2, we’ve found that work is well under way to allow you to send end-to-end encrypted messages via RCS. In fact, there are a total of twelve new strings in the app that make reference to encryption (sometimes shortened to “e2ee”). For now, there aren’t enough details to know for sure what the exact requirements are for using this end-to-end encryption. It’s possible that both parties will need to be using the Google Messages app, though this could change once more apps gain support.
What we do know for certain is that both the sender and recipient will need to have a good internet connection simultaneously for these end-to-end encrypted RCS messages to go through. If either of you has a poor connection, Google Messages will offer to send your message through SMS or MMS as a fallback method. Before sending in this way though, the app will remind you that SMS and MMS are not encrypted and ask for your consent.
Well, that’s certainly a bit more shit than iMessage, which isn’t sending unencrypted messages at all – which is the only good way to implement this kind of thing, really.
Interestingly, it looks like Google Messages will also have extra protections in place for your end-to-end encrypted RCS messages. For example, you’ll be able to set whether other Android apps that have permission to see your messages can also see your encrypted messages. You’ll also be reminded that your messages are encrypted when sharing your location.
New Jailbreak for All Recent iOS Versions
The newest Unc0ver jailbreak works with the latest iOS release 13.5:
Earlier today, the Unc0ver team released Unc0ver 5.0.0, the latest version of their jailbreaking software, which can root and unlock all iOS devices, even those running the most recent iOS release – iOS v13.5. This is possible, they said, because Unc0ver 5.0.0 utilizes a zero-day vulnerability in the iOS operating system, a vulnerability that Apple is not aware of. The zero-day was discovered by one of Unc0ver’s members, a hacker known as Pwn20wnd.
According to Pwn20wnd, today’s release marks the first time in five years that there’s been a jailbreak package that can root a current version of the iOS operating system. The last one was released in late 2014. Previous jailbreaks usually employed older vulnerabilities and did not work on the current iOS version. Device owners who wanted to jailbreak their smartphones usually had to keep devices out of date in order to do so. The new Unc0ver 5.0.0 jailbreak can be used from iOS, macOS, Linux, and Windows devices.
Linus Goes Ryzen
There’s so little tech news today, that Linus Torvalds changing his processor brand is actually making it into the newsletter. It is what it is, folks.
In fact, the biggest excitement this week for me was just that I upgraded my main machine, and for the first time in about 15 years, my desktop isn’t Intel-based. No, I didn’t switch to ARM yet, but I’m now rocking an AMD Threadripper 3970x. My ‘allmodconfig’ test builds are now three times faster than they used to be, which doesn’t matter so much right now during the calming down period, but I will most definitely notice the upgrade during the next merge window.
IBM: Not Working at Cloud Things? You’re Fired!
It looks like the Red Hat virus has taken root within IBM’s DNA for good. They’re going all-in on the cloud-cloud-cloudy-cloud.
IBM is swinging the axe on its staff, with significant numbers of employees not attached to the cloud being told their time at Big Blue is up. One IBM staffer of The Register’s acquaintance described the action as a further “pivot” towards the cloud, and that their role in the off-prem side of the business left them feeling well positioned. A Reddit thread offered similar sentiments, with one netizen noting “most of our team survived; I guess we’re a ‘journey to cloud™’ team so that helps us out relatively.”
“Most of our team survived”… Awesome… Isn’t working for tech companies grand? Not everyone was so lucky, apparently.
Whole departments of the Global Technology Services (GTS) wing were let go on a single day, and the Global Business Services (GBS) team has also been hit hard.
A thread on The Layoff included a comment from an anonymous poster saying the GTS and GBS teams will shrink by 40 per cent and 25 per cent respectively. The whisperer added IBM even looked at cutting its storage and POWER systems businesses loose, and that some of the cuts are to reduce overlaps between IBM’s teams and those of recently acquired Red Hat.
Looks like not everyone in tech is doing fine during the ‘Rona madness.
Bloomberg emitted a report that quotes an unnamed IBMer reading from internal Slack messages that suggest the number of lost jobs could be in the thousands in the US alone, spanning five or more states. Big Blue foreshadowed these cost-slashing measures in its Q1 FY 2020 financial results on 21 April, when CFO Jim Kavanaugh told investors: “In this environment, we’ve taken quick and prudent actions to manage our cost and expense, further improve our liquidity position, and focus on opportunities to emerge stronger.” Kavanaugh also detailed that GTS revenue had dropped 6 per cent year-on-year, and GBS revenue was flat, while Cloud & Cognitive Software sales were up five points.
An additional story I’ve read:
This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.