Saturday, February 4, 2023
manilastandard.net
ADVERTISEMENT
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
manilastandard.net
No Result
View All Result
Home Business Columns Digital Life by Chin Wong

Dirty Cow

Chin WongbyChin Wong
October 31, 2016, 10:35 pm
in Digital Life by Chin Wong
Reading Time: 3 mins read
A A
Share on FacebookShare on TwitterShare on Email

IMAGINE there was an invisible hole in your wall through which strangers could come and go and gain access to your house and possessions. Imagine further that the hole had been there for nine years and that you found out about it only recently because someone had come upon it quite by accident.

If you use an Android phone or use a Linux computer, chances are you’ve got such a hole in your system.

It’s called “Dirty Cow” because it exploits the copy-on-write mechanism of Linux-based systems, and it’s a bug that’s been sitting there unnoticed for the last nine years.

Officially known as CVE-2016-5195, Dirty Cow is a flaw that allows any local user to gain write access to otherwise read-only memory mappings, giving that user total control of the system. The bug resides in the Linux kernel, the essential part of any Linux distrubition that is responsible for resource allocation, low-level hardware interfaces, security, simple communications, basic file system management and more.

Dirty Cow was uncovered by Philip Oester, a network administrator and security researcher while capturing HTTP traffic on a server that seemed to have been hacked.

ADVERTISEMENT

The security issue has been around since 2007 and is now likely to become more widespread, Oester said, noting that the vulnerability is consistent, easy to exploit, and exists in practically all Linux distributions on millions of computers that go back many years.

“All Linux users need to take this bug very seriously, and patch their systems ASAP,” he said.

Dirty Cow is a serious flaw because Linux is widely used in webservers and is also at the core of Android, Google’s operating system, which is used in some 87 percent of all smart phones worldwide.

Exploitation of the bug does not leave any trace of anything abnormal happening, says an FAQ on the Dirty Cow bug (https://dirtycow.ninja/).

The good news is, most major Linux distributions including Ubuntu, Red Hat and Debian have already patched the vulnerability. That means that your Linux box should be fine, as long as you’ve applied the latest security updates.

To find out which version of the kernel is running on your Ubuntu system, type the following into a terminal window:
 

uname -a
 

If you’re running a version of Linux older than the ones listed here, you need to update your system and reboot your server:
 

4.8.0-26.28 for Ubuntu 16.10

4.4.0-45.66 for Ubuntu 16.04 LTS

3.13.0-100.147 for Ubuntu 14.04 LTS

3.2.0-113.155 for Ubuntu 12.04 LTS
 

To update Ubuntu, type this into the terminal:
 

sudo apt-get update && sudo apt-get dist-upgrade
 

Writing in the Security Metrics blog, security analyst Steven Snelgrove notes that the risk that Dirty Cow presents to ordinary users isn’t very high.

“[I]n order to exploit this bug, the attacker must first be able to deliver the code on the system. Before they can even get close to the kernel stack, the attacker has to first gain access to your system. From the outside, normal protections against code execution should prevent exploitation of this vulnerability,” he writes.

“In terms of web services and other network connected devices, delivering the code would be difficult to do. The real risk is when user-level access exists on a device, as well as the ability to execute programs on the device,” he adds.

The Dirty Cow bug seems to hae the greatest potential impact on Android phones.

“The situation is different because these phones have apps running as user-level programs. As a result, a malicious app could exceed their privileges to obtain information off the device,” Snelgrove notes.

Unfortunately, security patches for Android phones are unlikely to come very soon, because security updates are handled by different manufaturers rather than directly by Google, and depending on the vendor, OS updates may come regularly or not at all.

While you’re waiting to get a security patch for your Android phone, follow the commonsense rule that should be your default behavior, anyway—don’t install software from unknown sources. Chin Wong

Column archive and blog at: http://www.chinwong.com

Tags: DebianDirty CowLinuxPhilip OesterRed HatUbuntu
ADVERTISEMENT
Chin Wong

Chin Wong

Related Posts

Prepping a new Mac, 2016

byChin Wong
December 19, 2016, 6:20 pm
0
8
Prepping a new Mac, 2016

IT’S been five years since I wrote about free software that new Mac users ought to be installing on their...

Read more

Our state of privacy

byChin Wong
November 28, 2016, 8:05 pm
0
8
Our state of privacy

THE seminar-workshop gathered representatives from the Office of the President, the Philippine National Police, the Philippine Drug Enforcement Agency, the...

Read more

Lo and behold

byChin Wong
November 14, 2016, 10:30 pm
0
8
Lo and behold

THERE is a room in one of the science buildings in UCLA that is ground zero for the birthplace of...

Read more

Sierra tips and tricks

byChin Wong
November 7, 2016, 10:35 pm
0
8
Sierra tips and tricks

IT’S been a few weeks since I upgraded my MacBook Air to macOS Sierra, and the instability I experienced with...

Read more

Upgrading to Yakkety

byChin Wong
October 24, 2016, 10:30 pm
0
8
Upgrading to Yakkety

I UPGRADED the operating system on my MacBook Air last week and I figured I ought to do the same...

Read more

Upgrading to Sierra

byChin Wong
October 17, 2016, 10:30 pm
0
8
Upgrading to Sierra

I FINALLY got around to upgrading my 11-inch MacBook Air (circa 2014) from El Capitan to Sierra this weekend, crossing...

Read more

Print Edition

View More

Recent Posts

  • Albert Andrada Paris Fashion Week 2023 show moved to July
  • Cebu-based micro-enterprise continues to innovate, diversify
  • Pharma firm releases new Access to Medicines report
  • Sustainable packaging takes centerstage at Propak PH
  • LandBank engages Lake Sebu stakeholders on capacity building
  • E-commerce enabler gets 3-star award as Lazada partner
  • Garrett Bolden reflects on experience in Guam for ‘Miss Saigon’ 
  • Post-apocalyptic drama ‘The Last of Us’ renewed for second season

Advertisement

Latest News

E-commerce enabler gets 3-star award as Lazada partner

byManila Standard Business
February 4, 2023, 6:30 pm
0
8
E-commerce enabler gets 3-star award as Lazada partner

Leading e-commerce enabler for brands in the Philippines, etaily, was the recipient of the 3-star certification from the Lazada Partners...

Read more

Garrett Bolden reflects on experience in Guam for ‘Miss Saigon’ 

byPatricia Taculao
February 4, 2023, 6:20 pm
0
8
Best romcoms, favorite ‘hugot’ and ‘sawi’ movies stream this love month

Performing in any rendition of a critically-acclaimed stage musical is a unique opportunity for any singer’s career. While performers like...

Read more

Post-apocalyptic drama ‘The Last of Us’ renewed for second season

byManila Standard Showbiz
February 4, 2023, 6:10 pm
0
8
Best romcoms, favorite ‘hugot’ and ‘sawi’ movies stream this love month

HBO drama The Last of Us has been renewed for a second season. The series is co-created by Craig Mazin...

Read more

Best romcoms, favorite ‘hugot’ and ‘sawi’ movies stream this love month

byManila Standard Showbiz
February 4, 2023, 6:00 pm
0
8
Best romcoms, favorite ‘hugot’ and ‘sawi’ movies stream this love month

This Valentine season, iWantTFC streams a lineup of different stories of courtship, romance, and heartbreak featuring “Lahat May Love,” “The...

Read more

In the mood for NOVO-Love 

byManila Standard
February 4, 2023, 1:30 pm
0
8
In the mood for NOVO-Love 

This Valentine's Day, let the City of Firsts' very own Novotel Manila Araneta City be your love venue to create...

Read more

Advertisement

ADVERTISEMENT
Facebook Twitter Instagram Youtube

ABOUT US

Manila Standard

Manila Standard website (manilastandard.net), launched in August 2002, extends the newspaper’s reach beyond its traditional readers and makes its brand of Philippine news and opinion available to a much wider and geographically diverse readership here and overseas.

Digital Edition

In tone and content, the online edition mirrors the editorial thrust of the newspaper. While hewing to the traditional precepts of fairness and objectivity, MS believes the news of the day need not be staid, overly long or dry. Stories are succinct, readable and written in a lively style that has become a hallmark of the newspaper.

Download – Today’s Paper

Search

No Result
View All Result

6th Floor Universal Re Bldg., 106 Paseo De Roxas cor. Perea Street, Legaspi Village, 1226 Makati City Philippines

Trunklines: 832-5554, 832-5556, 832-5558

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Pop.Life
    • Newsmakers
    • Hangouts
    • A-Pop
    • Post Its
    • Performances
    • Malls & Bazaars
    • Hobbies & Collections
  • Technology
    • Gadgets
    • Computers
    • Business
    • Tech Plus
  • MS ON THE ROAD
    • Sedan
    • SUV
    • Truck
    • Bike
    • Accessories
    • Motoring Plus
    • Commuter’s Corner
  • Home & Design
    • Residential
    • Commercial
    • Construction
    • Interior
  • Spotlight
  • Gallery
    • Photos
    • Videos
  • Events
    • Seminars
    • Exhibits
    • Community
  • Biyahero
    • Travel Features
    • Travel Reels
    • Travel Logs
  • Pets
  • Advertise with Us

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Install Manila Standard Web App

Install App