Friday, September 22, 2023
manilastandard.net
ADVERTISEMENT
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
    • Young Life
  • Special Pages
    • Pets
    • Tech
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • On the Road
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Cravings
    • Environment & Sustainability
    • Agriculture
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
    • Gallery
      • Photos
      • Videos
  • Advertise with Us
No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
    • Young Life
  • Special Pages
    • Pets
    • Tech
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • On the Road
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Cravings
    • Environment & Sustainability
    • Agriculture
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
    • Gallery
      • Photos
      • Videos
  • Advertise with Us
No Result
View All Result
manilastandard.net
No Result
View All Result
Home Business Columns Digital Life by Chin Wong

Dirty Cow

Chin WongbyChin Wong
October 31, 2016, 10:35 pm
in Digital Life by Chin Wong
Reading Time: 3 mins read
A A
Share on FacebookShare on TwitterShare on Email

IMAGINE there was an invisible hole in your wall through which strangers could come and go and gain access to your house and possessions. Imagine further that the hole had been there for nine years and that you found out about it only recently because someone had come upon it quite by accident.

If you use an Android phone or use a Linux computer, chances are you’ve got such a hole in your system.

It’s called “Dirty Cow” because it exploits the copy-on-write mechanism of Linux-based systems, and it’s a bug that’s been sitting there unnoticed for the last nine years.

Officially known as CVE-2016-5195, Dirty Cow is a flaw that allows any local user to gain write access to otherwise read-only memory mappings, giving that user total control of the system. The bug resides in the Linux kernel, the essential part of any Linux distrubition that is responsible for resource allocation, low-level hardware interfaces, security, simple communications, basic file system management and more.

Dirty Cow was uncovered by Philip Oester, a network administrator and security researcher while capturing HTTP traffic on a server that seemed to have been hacked.

The security issue has been around since 2007 and is now likely to become more widespread, Oester said, noting that the vulnerability is consistent, easy to exploit, and exists in practically all Linux distributions on millions of computers that go back many years.

“All Linux users need to take this bug very seriously, and patch their systems ASAP,” he said.

Dirty Cow is a serious flaw because Linux is widely used in webservers and is also at the core of Android, Google’s operating system, which is used in some 87 percent of all smart phones worldwide.

Exploitation of the bug does not leave any trace of anything abnormal happening, says an FAQ on the Dirty Cow bug (https://dirtycow.ninja/).

The good news is, most major Linux distributions including Ubuntu, Red Hat and Debian have already patched the vulnerability. That means that your Linux box should be fine, as long as you’ve applied the latest security updates.

To find out which version of the kernel is running on your Ubuntu system, type the following into a terminal window:
 

uname -a
 

If you’re running a version of Linux older than the ones listed here, you need to update your system and reboot your server:
 

4.8.0-26.28 for Ubuntu 16.10

4.4.0-45.66 for Ubuntu 16.04 LTS

3.13.0-100.147 for Ubuntu 14.04 LTS

3.2.0-113.155 for Ubuntu 12.04 LTS
 

To update Ubuntu, type this into the terminal:
 

sudo apt-get update && sudo apt-get dist-upgrade
 

Writing in the Security Metrics blog, security analyst Steven Snelgrove notes that the risk that Dirty Cow presents to ordinary users isn’t very high.

“[I]n order to exploit this bug, the attacker must first be able to deliver the code on the system. Before they can even get close to the kernel stack, the attacker has to first gain access to your system. From the outside, normal protections against code execution should prevent exploitation of this vulnerability,” he writes.

“In terms of web services and other network connected devices, delivering the code would be difficult to do. The real risk is when user-level access exists on a device, as well as the ability to execute programs on the device,” he adds.

The Dirty Cow bug seems to hae the greatest potential impact on Android phones.

“The situation is different because these phones have apps running as user-level programs. As a result, a malicious app could exceed their privileges to obtain information off the device,” Snelgrove notes.

Unfortunately, security patches for Android phones are unlikely to come very soon, because security updates are handled by different manufaturers rather than directly by Google, and depending on the vendor, OS updates may come regularly or not at all.

While you’re waiting to get a security patch for your Android phone, follow the commonsense rule that should be your default behavior, anyway—don’t install software from unknown sources. Chin Wong

Column archive and blog at: http://www.chinwong.com

Tags: DebianDirty CowLinuxPhilip OesterRed HatUbuntu
ADVERTISEMENT
Chin Wong

Chin Wong

Related Posts

Prepping a new Mac, 2016

byChin Wong
December 19, 2016, 6:20 pm
0
9
Prepping a new Mac, 2016

IT’S been five years since I wrote about free software that new Mac users ought to be installing on their...

Read more

Our state of privacy

byChin Wong
November 28, 2016, 8:05 pm
0
9
Our state of privacy

THE seminar-workshop gathered representatives from the Office of the President, the Philippine National Police, the Philippine Drug Enforcement Agency, the...

Read more

Lo and behold

byChin Wong
November 14, 2016, 10:30 pm
0
9
Lo and behold

THERE is a room in one of the science buildings in UCLA that is ground zero for the birthplace of...

Read more

Sierra tips and tricks

byChin Wong
November 7, 2016, 10:35 pm
0
9
Sierra tips and tricks

IT’S been a few weeks since I upgraded my MacBook Air to macOS Sierra, and the instability I experienced with...

Read more

Upgrading to Yakkety

byChin Wong
October 24, 2016, 10:30 pm
0
9
Upgrading to Yakkety

I UPGRADED the operating system on my MacBook Air last week and I figured I ought to do the same...

Read more

Upgrading to Sierra

byChin Wong
October 17, 2016, 10:30 pm
0
9
Upgrading to Sierra

I FINALLY got around to upgrading my 11-inch MacBook Air (circa 2014) from El Capitan to Sierra this weekend, crossing...

Read more

Print Edition

View More

Recent Posts

  • AFP to recruit 2m reservists once ROTC made mandatory again
  • Indigent families in Caloocan receive fish packs from Tingog party-list
  • Agency backs proposal to hire senior citizens
  • PetroSolar signs 3-year supply deal with Shell Energy
  • ACEN subscribes to shares of 5 floating solar proponents
  • From bean to bar
  • DA-BPI successfully conducted the 2023 National Research and Development Review
  • Expanded DA Young Farmers Challenge 2023 to launch soon

Advertisement

Latest News

From bean to bar

byPatricia Taculao
September 22, 2023, 7:55 pm
0
8
Expanded DA Young Farmers Challenge 2023 to launch soon

As the King City of the South, Davao is home to numerous natural resources that reward the province with high...

Read more

DA-BPI successfully conducted the 2023 National Research and Development Review

byManila Standard
September 22, 2023, 7:45 pm
0
8
Expanded DA Young Farmers Challenge 2023 to launch soon

The Department of Agriculture-Bureau of Plant Industry (DA-BPI), led by Assistant Director Herminigilda A. Gabertan, Ph.D., conducted the 2023 National...

Read more

Expanded DA Young Farmers Challenge 2023 to launch soon

byManila Standard
September 22, 2023, 7:40 pm
0
8
Expanded DA Young Farmers Challenge 2023 to launch soon

On September 28, 2023, the Department of Agriculture (DA), through the Agribusiness and Marketing Assistance Service (AMAS) in collaboration with...

Read more

POC chief hopes PH can surpass 4-gold Asiad haul

byManila Standard Sports
September 22, 2023, 7:35 pm
0
8
PETRONAS LTdL gets underway; 7-11-Cliqq eyes Asian podium

Hangzhou—Philippine Olympic Committee president Abraham “Bambol” Tolentino is sticking to his forecast that Filipino athletes in the 19th Asian Games...

Read more

Lady Blazers roll to finals; FEU belles stay alive

byManila Standard Sports
September 22, 2023, 7:30 pm
0
8
PETRONAS LTdL gets underway; 7-11-Cliqq eyes Asian podium

College of Saint Benilde marched to the V-League Women’s Collegiate Challenge finals, dispatching University of the East in straight-set fashion...

Read more

Advertisement

ADVERTISEMENT
Facebook Twitter Instagram Youtube

ABOUT US

Manila Standard

Manila Standard website (manilastandard.net), launched in August 2002, extends the newspaper’s reach beyond its traditional readers and makes its brand of Philippine news and opinion available to a much wider and geographically diverse readership here and overseas.

Digital Edition

In tone and content, the online edition mirrors the editorial thrust of the newspaper. While hewing to the traditional precepts of fairness and objectivity, MS believes the news of the day need not be staid, overly long or dry. Stories are succinct, readable and written in a lively style that has become a hallmark of the newspaper.

Download – Today’s Paper

Search

No Result
View All Result

6th Floor Universal Re Bldg., 106 Paseo De Roxas cor. Perea Street, Legaspi Village, 1226 Makati City Philippines

Trunklines: 832-5554, 832-5556, 832-5558

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
    • Young Life
  • Pets
  • Tech
    • Gadgets
    • Computers
    • Business
    • Tech Plus
  • ON THE ROAD
    • Sedan
    • SUV
    • Truck
    • Bike
    • Accessories
    • Motoring Plus
    • Commuter’s Corner
  • Home & Design
    • Residential
    • Commercial
    • Construction
    • Interior
  • Spotlight
  • Cravings
  • Environment & Sustainability
  • Agriculture
  • Pop.Life
    • Newsmakers
    • Hangouts
    • A-Pop
    • Post Its
    • Performances
    • Malls & Bazaars
    • Hobbies & Collections
  • Events
    • Seminars
    • Exhibits
    • Community
  • Biyahero
    • Travel Features
    • Travel Reels
    • Travel Logs
  • Gallery
    • Photos
    • Videos
  • Advertise with Us

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Install Manila Standard Web App

Install App