Short Topix: Removal Of Obsolete AMD Fix Speeds Up Kernel

by Paul Arnote (parnote)

Monthly Update: Assault On Your Privacy

MODERNLOADER HAS BEEN DISCOVERED TO BE DELIVERING SEVERAL MALWARE PAYLOADS, according to an article from The Hacker News. Thought to be propagated by Russian threat actors using off-the-shelf "tools," it is designed to provide attackers with remote control over the victim's machine, which enables the adversaries to deploy additional malware, steal sensitive information, or even ensnare the computer in a botnet.

ONE OF THE MORE POPULAR PDF READERS ON THE GOOGLE PLAY STORE HAS TURNED OUT TO BE NOTHING MORE THAN A VEHICLE TO DELIVER potentially harmful adware to its unsuspecting users, according to a blog post from Malwarebytes Lab. Creatively called "PDF reader - documents reader," it does nothing at first, lying in wait until a certain amount of time has elapsed. Then, it starts displaying full-screen ads that cannot be bypassed unless the user clicks on the ad. It continues displaying disruptive ads with increasing frequency, even when the app is not in use. The app has had over 1,000,000 downloads/installations.

GOOGLE RELEASED CHROME 105.0.5195.102 TO FIX THE SIXTH ZERO-DAY SECURITY ISSUE this year for Linux, MacOS and Windows users, according to multiple computer news outlets, including this article from BleepingComputer. The exploit is described as being readily available/exploitable in the wild. Labeled CVE-2022-307, details about the specific vulnerability were withheld to give time for sufficient Chrome users to update to the patched version of the beleaguered browser.

SHIKITEGA, A NEW STEALTHY MALWARE FOR LINUX has been discovered infecting computers and IoT devices, according to an article on BleepingComputer. This new malware uses a polymorphic encoder, and performs its "deeds" in a multi-stage manner. Downloading only about 350 bytes at a time, it is easily evading detection. The payloads install themselves as crontab entries, making it self-propagating. The new vulnerability was discovered by researchers at AT&T. They are uncertain of the initial delivery method.

RANSOMWARE GANGS ARE SWITCHING UP TACTICS, according to an article on BleepingComputer. Instead of encrypting entire files, they are switching to using an intermittent encryption method. By simply encrypting part of a file (instead of an entire file), the file is rendered unreadable until/unless the ransom is paid for the code to unencrypt the data. Plus, the data can be encrypted faster by just encrypting portions of the file, versus the entire file.

FISHPIG, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a SECURITY BREACH OF ITS DISTRIBUTION SERVER THAT ALLOWED CRIMINALS TO SURREPTITIOUSLY BACKDOOR CUSTOMER SYSTEMS, according to an article on ArsTechnica.

A novel phishing campaign is underway, targeting Greeks with PHISHING SITES THAT MIMIC THE STATE'S OFFICIAL TAX REFUND PLATFORM AND STEAL CREDENTIALS AS THEY TYPE THEM, according to an article on BleepingComputer.

LAZARUS, A NORTH KOREAN CYBERESPIONAGE GROUP, KEEPS HITTING ENERGY PROVIDERS IN THE U.S., CANADA AND JAPAN WITH A NEW MALWARE ARSENAL, according to an article from TechRepublic. The state-sponsored hackers are also known as Hidden Cobra or Zinc.

The otto-js Research Team published an article outlining how users using GOOGLE CHROME OR MICROSOFT EDGE'S ENHANCED SPELLING FEATURES MAY BE UNKNOWINGLY TRANSMITTING PASSWORDS AND PERSONALLY IDENTIFIABLE INFORMATION (PII) TO THIRD-PARTY CLOUD-BASED SERVERS.

Voyager 1's Mysterious Glitch Begets Another Mystery

For much of the past year, Voyager 1, from 14.7 billion miles away from Earth in interstellar space, has sent gobbledy-gook telemetry data back to Earth. As one of only two man-made objects to ever leave our solar system and continue on into interstellar space (the other one is its sister craft, Voyager 2), engineers at NASA's Jet Propulsion Laboratory (JPL) had to take some time to figure out what exactly was happening. Launched in 1977, the Voyager 1 mission has last far longer than anyone ever expected. You can view the Voyager mission page here.

According to a report from JPL, the probe's attitude articulation and control system (AACS), which keeps Voyager 1's antenna pointed at Earth, began sending garbled information about its health and activities to mission controllers, despite operating normally. The rest of the probe also appeared healthy as it continued to gather and return science data.

The JPL news release continued:

Removal Of Obsolete AMD Fix Speeds Up Kernel

Back in 1996, APM (Advanced Power Management) was replaced by ACPI (Advanced Configuration and Power Interface). Linux did not gain ACPI support until 2002. ACPI was originally developed by Intel, Microsoft and Toshiba, with HP, Huawei and Phoenix joining the development at a later date.

Back in 2002, to improve compatibility between Intel and certain AMD chips (remember the Athlon chips?), a special instruction set was added to the Linux kernel for AMD chips. It caused the processor to briefly stop/pause processing instructions, presumably to keep ACPI in "sync." However, the new AMD chips no longer require this intervention ... but it's still there. Or, at least it was.

According to an article on The Register, Intel's Dave Hansen issued a patch that limits the instruction set to Intel CPUs only, since they use a different method to pause the CPU than AMD CPUs use. The new patch should be available when the Linux 6.0 kernel is released on October 2, 2022.

EXCEPT ... PCLinuxOS users won't have to wait for the 6.0 kernel to appear. Texstar has applied the patch to the 5.19.12 kernel, and plans to also apply it to the LTS 5.15.71 kernel.

Don't expect to see huge speed increases on AMD processors. Many of the AMD processors currently in use are faster than their 20-year-old predecessors, so desktop computing speeds are expected to be minimally affected, with little to no noticeable difference in speeds. Early reports indicate that the most noticeable differences are in a quicker boot time, and large programs at least appear to be launching a tad quicker.

USB4 Standard To Be Published November 2022

Just as you were getting used to USB3 (specifically, the USB 3.2 2x2 standard), the USB-IF is planning on releasing the specs for the new USB4 in November, 2022, according to an article on ArsTechnica.

The new standard pretty much ditches the USB-B connector all together, and is keen on phasing out the much more common USB-A connector. The USB-IF hopes to replace them both with the smaller and faster USB-C connector.

USB4 will support minimum data rates of 20 Gbps, but can support 40Gbps data rates. The new standard will also dynamically allocate bandwidth. So, if your streaming video (connected, say, to a USB4 hub that is attached to your TV and an external hard drive), the bandwidth will be allocated to each dynamically, based on need. The older USB3.2 standard just split the bandwidth in half, and each device could only access that predetermined amount of bandwidth.

I wouldn't run out right away to get USB4 cables and peripherals. Even the USB-IF acknowledges that it typically takes 12 to 18 months to see any new devices sufficiently populate the computer peripheral market following the announcement of a new standard. And as for those USB-B and USB-A cables and peripherals? I think I'd hang on to them for the time being. Older equipment (which many Linux users tend to use, since they can acquire them cheaply) will not have the USB4 (and maybe not even the USB3.2) standard. All of those USB2 and USB1 devices aren't just going to "disappear," either. I suspect that there will be many of those latter two categories of USB devices around for quite some time to come. Scanners and printers that use the USB-B connector are still widely available on the used market, as well. So, there's still going to be plenty of uses for those older style cables for the foreseeable future.

PCLinuxOS Magazine Short Topix Roundup

THE JAMES A. WEBB SPACE TELESCOPE has just captured the first live image of a planet located outside of our own solar system, according to an article on CBS News.

In some jurisdictions (like the EU), users have to consent to tracking. This has resulted in many websites interrupting the flow of viewing a page by stopping to ask for permission for tracking cookies. Well, THE DEVELOPER OF THE "I DON'T CARE ABOUT COOKIES" BROWSER EXTENSION (which bypasses all of those "permission" popups), HAS SOLD HIS EXTENSION TO AVAST for an undisclosed amount of money, according to an article on ArsTechnica. Yes, the same company that puts out the (in)famous (depending on your point of view) antivirus software. Users are up in arms, since Avast has, as recently as 2019, been caught harvesting user data with another browser extension. Avast has attempted to put the fears to rest, publicly stating that those days are in the past, and that Avast currently does not collect any user data.

SUPER-EARTHS ARE BIGGER, MORE COMMON AND MORE HABITABLE THAN EARTH ITSELF -- AND ASTRONOMERS ARE DISCOVERING MORE OF THE BILLIONS THEY THINK ARE OUT THERE, according to an article on The Conversation website.

Do you have an old smartphone just laying around? Unsure what to do with it? Well, an article on The Atlantic has some GOOD WAYS TO REPURPOSE YOUR OLD SMARTPHONES. Some of the suggestions include repurposing the old phone as a webcam or as a dedicated music player.

Rolling Stone magazine has released its list of the TOP 100 GREATEST TV SHOWS OF ALL TIME. What's more interesting than what's on that list is what shows were NOT on the list. There isn't much information on the criteria used to select the shows that populate the list, so we're left to wonder if this is merely one person's opinion piece.