Tuesday, August 9, 2022
manilastandard.net
ADVERTISEMENT
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
manilastandard.net
No Result
View All Result
Home Business Columns Digital Life by Chin Wong

Dirty Cow

Chin WongbyChin Wong
October 31, 2016, 10:35 pm
in Digital Life by Chin Wong
Reading Time: 3 mins read
A A
73
SHARES
Share on FacebookShare on TwitterShare on Email

IMAGINE there was an invisible hole in your wall through which strangers could come and go and gain access to your house and possessions. Imagine further that the hole had been there for nine years and that you found out about it only recently because someone had come upon it quite by accident.

If you use an Android phone or use a Linux computer, chances are you’ve got such a hole in your system.

It’s called “Dirty Cow” because it exploits the copy-on-write mechanism of Linux-based systems, and it’s a bug that’s been sitting there unnoticed for the last nine years.

Officially known as CVE-2016-5195, Dirty Cow is a flaw that allows any local user to gain write access to otherwise read-only memory mappings, giving that user total control of the system. The bug resides in the Linux kernel, the essential part of any Linux distrubition that is responsible for resource allocation, low-level hardware interfaces, security, simple communications, basic file system management and more.

Dirty Cow was uncovered by Philip Oester, a network administrator and security researcher while capturing HTTP traffic on a server that seemed to have been hacked.

ADVERTISEMENT

The security issue has been around since 2007 and is now likely to become more widespread, Oester said, noting that the vulnerability is consistent, easy to exploit, and exists in practically all Linux distributions on millions of computers that go back many years.

“All Linux users need to take this bug very seriously, and patch their systems ASAP,” he said.

Dirty Cow is a serious flaw because Linux is widely used in webservers and is also at the core of Android, Google’s operating system, which is used in some 87 percent of all smart phones worldwide.

Exploitation of the bug does not leave any trace of anything abnormal happening, says an FAQ on the Dirty Cow bug (https://dirtycow.ninja/).

The good news is, most major Linux distributions including Ubuntu, Red Hat and Debian have already patched the vulnerability. That means that your Linux box should be fine, as long as you’ve applied the latest security updates.

To find out which version of the kernel is running on your Ubuntu system, type the following into a terminal window:
 

uname -a
 

If you’re running a version of Linux older than the ones listed here, you need to update your system and reboot your server:
 

4.8.0-26.28 for Ubuntu 16.10

4.4.0-45.66 for Ubuntu 16.04 LTS

3.13.0-100.147 for Ubuntu 14.04 LTS

3.2.0-113.155 for Ubuntu 12.04 LTS
 

To update Ubuntu, type this into the terminal:
 

sudo apt-get update && sudo apt-get dist-upgrade
 

Writing in the Security Metrics blog, security analyst Steven Snelgrove notes that the risk that Dirty Cow presents to ordinary users isn’t very high.

“[I]n order to exploit this bug, the attacker must first be able to deliver the code on the system. Before they can even get close to the kernel stack, the attacker has to first gain access to your system. From the outside, normal protections against code execution should prevent exploitation of this vulnerability,” he writes.

“In terms of web services and other network connected devices, delivering the code would be difficult to do. The real risk is when user-level access exists on a device, as well as the ability to execute programs on the device,” he adds.

The Dirty Cow bug seems to hae the greatest potential impact on Android phones.

“The situation is different because these phones have apps running as user-level programs. As a result, a malicious app could exceed their privileges to obtain information off the device,” Snelgrove notes.

Unfortunately, security patches for Android phones are unlikely to come very soon, because security updates are handled by different manufaturers rather than directly by Google, and depending on the vendor, OS updates may come regularly or not at all.

While you’re waiting to get a security patch for your Android phone, follow the commonsense rule that should be your default behavior, anyway—don’t install software from unknown sources. Chin Wong

Column archive and blog at: http://www.chinwong.com

Tags: DebianDirty CowLinuxPhilip OesterRed HatUbuntu
ADVERTISEMENT
Chin Wong

Chin Wong

Related Posts

Prepping a new Mac, 2016

byChin Wong
December 19, 2016, 6:20 pm
0
136
Prepping a new Mac, 2016

IT’S been five years since I wrote about free software that new Mac users ought to be installing on their...

Read more

Our state of privacy

byChin Wong
November 28, 2016, 8:05 pm
0
134
Our state of privacy

THE seminar-workshop gathered representatives from the Office of the President, the Philippine National Police, the Philippine Drug Enforcement Agency, the...

Read more

Lo and behold

byChin Wong
November 14, 2016, 10:30 pm
0
131
Lo and behold

THERE is a room in one of the science buildings in UCLA that is ground zero for the birthplace of...

Read more

Sierra tips and tricks

byChin Wong
November 7, 2016, 10:35 pm
0
129
Sierra tips and tricks

IT’S been a few weeks since I upgraded my MacBook Air to macOS Sierra, and the instability I experienced with...

Read more

Upgrading to Yakkety

byChin Wong
October 24, 2016, 10:30 pm
0
129
Upgrading to Yakkety

I UPGRADED the operating system on my MacBook Air last week and I figured I ought to do the same...

Read more

Upgrading to Sierra

byChin Wong
October 17, 2016, 10:30 pm
0
128
Upgrading to Sierra

I FINALLY got around to upgrading my 11-inch MacBook Air (circa 2014) from El Capitan to Sierra this weekend, crossing...

Read more

Stories you may like

  • Zubiri new Senate President, vows to uphold chamber’s independence

    Marcos sees stronger PH-India relations

    5699 shares
    Share 2280 Tweet 1425
  • Showbiz icon Cherie Gil dies at 59

    2602 shares
    Share 1041 Tweet 651
  • Replevin and its common law origins

    1252 shares
    Share 501 Tweet 313
  • Fuel rollback next week, power rate cut in August

    1150 shares
    Share 460 Tweet 288
  • Getting into character: How the cast of ‘Maid in Malacañang’ prepared for their roles

    2696 shares
    Share 1078 Tweet 674

Print Edition

View More

Recent Posts

  • Torrential rain, flooding in Seoul kill seven
  • ‘Grease’ star Olivia Newton-John dies aged 73
  • Mike Tyson slams ‘slave master’ Hulu series for ‘stealing’ life story
  • P-pop girl group 4th Impact on working with Korean producer
  • Trump says Florida home ‘raided’ by FBI
  • US returns 30 stolen antique artworks to Cambodia
  • Sneakers for Makati : AB4.0
  • BBM warns of uncertain times

Advertisement

Latest News

US returns 30 stolen antique artworks to Cambodia

byAFP
August 9, 2022, 8:00 am
0
135
US returns 30 stolen antique artworks to Cambodia

The United States on Monday returned 30 stolen works of art and antiquities to Cambodia that had been looted from...

Read more

Sneakers for Makati : AB4.0

byManila Standard
August 9, 2022, 1:50 am
0
1.1k
Sneakers for Makati : AB4.0

Read more

BBM warns of uncertain times

byVince Lopezand1 others
August 9, 2022, 1:40 am
0
276
Omicron BA.5 ‘most predominant’ sub-variant of samples sequenced

Calls on AFP to secure peace amid unpredictable world situations President Ferdinand Marcos Jr. on Monday warned of a “constantly...

Read more

Nation bids farewell to former President Fidel V. Ramos

byManila Standard
August 9, 2022, 1:30 am
0
245
Omicron BA.5 ‘most predominant’ sub-variant of samples sequenced

Former President Fidel V. Ramos will be given a state funeral today (Tuesday) before he is laid to rest beside...

Read more

Taiwan holds anti-invasion drills as China restarts military exercises

byAFP
August 9, 2022, 1:20 am
0
176
Vax wastage, infection surge feared in Odette-hit areas

Taiwan will hold live-fire military drills this week, simulating a defense of the island against a Chinese invasion, officials said...

Read more

Advertisement

ADVERTISEMENT
Facebook Twitter Instagram Youtube

ABOUT US

Manila Standard

Manila Standard website (manilastandard.net), launched in August 2002, extends the newspaper’s reach beyond its traditional readers and makes its brand of Philippine news and opinion available to a much wider and geographically diverse readership here and overseas.

Digital Edition

In tone and content, the online edition mirrors the editorial thrust of the newspaper. While hewing to the traditional precepts of fairness and objectivity, MS believes the news of the day need not be staid, overly long or dry. Stories are succinct, readable and written in a lively style that has become a hallmark of the newspaper.

Download – Today’s Paper

Search

No Result
View All Result

6th Floor Universal Re Bldg., 106 Paseo De Roxas cor. Perea Street, Legaspi Village, 1226 Makati City Philippines

Trunklines: 832-5554, 832-5556, 832-5558

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Pop.Life
    • Newsmakers
    • Hangouts
    • A-Pop
    • Post Its
    • Performances
    • Malls & Bazaars
    • Hobbies & Collections
  • Technology
    • Gadgets
    • Computers
    • Business
    • Tech Plus
  • MS ON THE ROAD
    • Sedan
    • SUV
    • Truck
    • Bike
    • Accessories
    • Motoring Plus
    • Commuter’s Corner
  • Home & Design
    • Residential
    • Commercial
    • Construction
    • Interior
  • Spotlight
  • Gallery
    • Photos
    • Videos
  • Events
    • Seminars
    • Exhibits
    • Community
  • Biyahero
    • Travel Features
    • Travel Reels
    • Travel Logs
  • Pets
  • Advertise with Us

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Install Manila Standard Web App

Install App