Tuesday, May 30, 2023
manilastandard.net
ADVERTISEMENT
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
manilastandard.net
No Result
View All Result
Home Business Columns Digital Life by Chin Wong

Dirty Cow

Chin WongbyChin Wong
October 31, 2016, 10:35 pm
in Digital Life by Chin Wong
Reading Time: 3 mins read
A A
Share on FacebookShare on TwitterShare on Email

IMAGINE there was an invisible hole in your wall through which strangers could come and go and gain access to your house and possessions. Imagine further that the hole had been there for nine years and that you found out about it only recently because someone had come upon it quite by accident.

If you use an Android phone or use a Linux computer, chances are you’ve got such a hole in your system.

It’s called “Dirty Cow” because it exploits the copy-on-write mechanism of Linux-based systems, and it’s a bug that’s been sitting there unnoticed for the last nine years.

Officially known as CVE-2016-5195, Dirty Cow is a flaw that allows any local user to gain write access to otherwise read-only memory mappings, giving that user total control of the system. The bug resides in the Linux kernel, the essential part of any Linux distrubition that is responsible for resource allocation, low-level hardware interfaces, security, simple communications, basic file system management and more.

Dirty Cow was uncovered by Philip Oester, a network administrator and security researcher while capturing HTTP traffic on a server that seemed to have been hacked.

The security issue has been around since 2007 and is now likely to become more widespread, Oester said, noting that the vulnerability is consistent, easy to exploit, and exists in practically all Linux distributions on millions of computers that go back many years.

“All Linux users need to take this bug very seriously, and patch their systems ASAP,” he said.

Dirty Cow is a serious flaw because Linux is widely used in webservers and is also at the core of Android, Google’s operating system, which is used in some 87 percent of all smart phones worldwide.

Exploitation of the bug does not leave any trace of anything abnormal happening, says an FAQ on the Dirty Cow bug (https://dirtycow.ninja/).

The good news is, most major Linux distributions including Ubuntu, Red Hat and Debian have already patched the vulnerability. That means that your Linux box should be fine, as long as you’ve applied the latest security updates.

To find out which version of the kernel is running on your Ubuntu system, type the following into a terminal window:
 

uname -a
 

If you’re running a version of Linux older than the ones listed here, you need to update your system and reboot your server:
 

4.8.0-26.28 for Ubuntu 16.10

4.4.0-45.66 for Ubuntu 16.04 LTS

3.13.0-100.147 for Ubuntu 14.04 LTS

3.2.0-113.155 for Ubuntu 12.04 LTS
 

To update Ubuntu, type this into the terminal:
 

sudo apt-get update && sudo apt-get dist-upgrade
 

Writing in the Security Metrics blog, security analyst Steven Snelgrove notes that the risk that Dirty Cow presents to ordinary users isn’t very high.

“[I]n order to exploit this bug, the attacker must first be able to deliver the code on the system. Before they can even get close to the kernel stack, the attacker has to first gain access to your system. From the outside, normal protections against code execution should prevent exploitation of this vulnerability,” he writes.

“In terms of web services and other network connected devices, delivering the code would be difficult to do. The real risk is when user-level access exists on a device, as well as the ability to execute programs on the device,” he adds.

The Dirty Cow bug seems to hae the greatest potential impact on Android phones.

“The situation is different because these phones have apps running as user-level programs. As a result, a malicious app could exceed their privileges to obtain information off the device,” Snelgrove notes.

Unfortunately, security patches for Android phones are unlikely to come very soon, because security updates are handled by different manufaturers rather than directly by Google, and depending on the vendor, OS updates may come regularly or not at all.

While you’re waiting to get a security patch for your Android phone, follow the commonsense rule that should be your default behavior, anyway—don’t install software from unknown sources. Chin Wong

Column archive and blog at: http://www.chinwong.com

Tags: DebianDirty CowLinuxPhilip OesterRed HatUbuntu
ADVERTISEMENT
Chin Wong

Chin Wong

Related Posts

Prepping a new Mac, 2016

byChin Wong
December 19, 2016, 6:20 pm
0
8
Prepping a new Mac, 2016

IT’S been five years since I wrote about free software that new Mac users ought to be installing on their...

Read more

Our state of privacy

byChin Wong
November 28, 2016, 8:05 pm
0
8
Our state of privacy

THE seminar-workshop gathered representatives from the Office of the President, the Philippine National Police, the Philippine Drug Enforcement Agency, the...

Read more

Lo and behold

byChin Wong
November 14, 2016, 10:30 pm
0
8
Lo and behold

THERE is a room in one of the science buildings in UCLA that is ground zero for the birthplace of...

Read more

Sierra tips and tricks

byChin Wong
November 7, 2016, 10:35 pm
0
8
Sierra tips and tricks

IT’S been a few weeks since I upgraded my MacBook Air to macOS Sierra, and the instability I experienced with...

Read more

Upgrading to Yakkety

byChin Wong
October 24, 2016, 10:30 pm
0
8
Upgrading to Yakkety

I UPGRADED the operating system on my MacBook Air last week and I figured I ought to do the same...

Read more

Upgrading to Sierra

byChin Wong
October 17, 2016, 10:30 pm
0
8
Upgrading to Sierra

I FINALLY got around to upgrading my 11-inch MacBook Air (circa 2014) from El Capitan to Sierra this weekend, crossing...

Read more

Print Edition

View More

Recent Posts

  • Caloocan holds candlelight ceremony for HIV-AIDS victims
  • Biden slams Uganda anti-gay law, urges repeal
  • Miami Heat advance to NBA Finals by routing the Boston Celtics
  • Grab Philippines makes travel more worry-free with in-app insurance 
  • North Korea confirms June launch of military spy satellite: KCNA
  • Senegal police clash with supporters of opposition leader
  • Over 30 peacekeepers injured in clashes in northern Kosovo
  • Russia fires missiles on Kyiv in rare daytime attack

Advertisement

Latest News

Senegal police clash with supporters of opposition leader

byAFP
May 30, 2023, 10:00 am
0
8
Southwoods nails Seniors’ Fil golf crown

Senegalese youths clashed with security forces in Dakar on Monday near the home of opposition leader Ousmane Sonko, who faces...

Read more

Over 30 peacekeepers injured in clashes in northern Kosovo

byAFP
May 30, 2023, 9:30 am
0
8
Southwoods nails Seniors’ Fil golf crown

Over 30 peacekeepers deployed in a NATO-led mission in Kosovo were injured Monday in clashes with Serb protesters who demanded...

Read more

Russia fires missiles on Kyiv in rare daytime attack

byAFP
May 30, 2023, 9:00 am
0
8
Russians snatch Ukraine mayors

Russia fired a barrage of missiles at Kyiv on Monday, sending panicked residents running for shelter in an unusual daytime...

Read more

China to send first civilian astronaut to space station

byAFP
May 30, 2023, 8:30 am
0
8
Southwoods nails Seniors’ Fil golf crown

China will send three astronauts to its Tiangong space station on Tuesday, putting a civilian scientist into space for the...

Read more

Moms prefer to splurge on care and healthy products over Mother’s Day feast — Packworks study

byManila Standard
May 30, 2023, 8:00 am
0
8
Moms prefer to splurge on care and healthy products over Mother’s Day feast — Packworks study

Filipino moms opted to buy care and healthy alternative products for themselves or their loved ones on Mother's Day this...

Read more

Advertisement

ADVERTISEMENT
Facebook Twitter Instagram Youtube

ABOUT US

Manila Standard

Manila Standard website (manilastandard.net), launched in August 2002, extends the newspaper’s reach beyond its traditional readers and makes its brand of Philippine news and opinion available to a much wider and geographically diverse readership here and overseas.

Digital Edition

In tone and content, the online edition mirrors the editorial thrust of the newspaper. While hewing to the traditional precepts of fairness and objectivity, MS believes the news of the day need not be staid, overly long or dry. Stories are succinct, readable and written in a lively style that has become a hallmark of the newspaper.

Download – Today’s Paper

Search

No Result
View All Result

6th Floor Universal Re Bldg., 106 Paseo De Roxas cor. Perea Street, Legaspi Village, 1226 Makati City Philippines

Trunklines: 832-5554, 832-5556, 832-5558

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Pop.Life
    • Newsmakers
    • Hangouts
    • A-Pop
    • Post Its
    • Performances
    • Malls & Bazaars
    • Hobbies & Collections
  • Technology
    • Gadgets
    • Computers
    • Business
    • Tech Plus
  • MS ON THE ROAD
    • Sedan
    • SUV
    • Truck
    • Bike
    • Accessories
    • Motoring Plus
    • Commuter’s Corner
  • Home & Design
    • Residential
    • Commercial
    • Construction
    • Interior
  • Spotlight
  • Gallery
    • Photos
    • Videos
  • Events
    • Seminars
    • Exhibits
    • Community
  • Biyahero
    • Travel Features
    • Travel Reels
    • Travel Logs
  • Pets
  • Advertise with Us

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Install Manila Standard Web App

Install App