Story 2014-08-01

XBMC is being renamed to Kodi

by
in code on (#3S6)
story imageVersion 14 of XBMC, the popular HTPC software, is changing its name to "Kodi" to further distance itself from its Xbox origins.

The renaming announcement further explains their reasons:
Six years have passed since the Xbox Media Center became XBMC, and simply put, "XBMC" fits less now than it did even in 2008. The software only barely runs on the original Xbox, and then only because some clever developers are still hacking on that platform. It has never run on the Xbox 360 or Xbox One.

Beyond the nonsensical nature of the software's name, there is a secondary issue. Because "XBMC" was originally based on the name Xbox, the developers of the software (that's us) have never had any sort of legal control over the use of its name, which has resulted in a whole slew of problems.

USB vector for computer viruses

by
in security on (#3S5)
story imageAn interesting discussion appeared on MacRumors today pointing to the work of security researcher Karsten Nohl of Berlin's SR Labs. He has discovered an attack vector exploiting the firmware of generic USB devices. It appears that with the vector involves reprogramming the USB controller software for arbitrary devices which can than emulate other devices to cause a large variety of undesired outcomes (such as emulating a keyboard to type on behalf of a user or spoofing a network card and redirecting web traffic). At present, this attack vector appears to be impossible to prevent or detect with existing software-only security measures. A more detailed discussion of Nohl's work and the associated risk are available from Wired or the SR Labs website itself.

A notable quote from the Wired article:
"Blaze speculates that the USB attack may in fact already be common practice for the NSA. He points to a spying device known as Cottonmouth, revealed earlier this year in the leaks of Edward Snowden. The device, which hid in a USB peripheral plug, was advertised in a collection of NSA internal documents as surreptitiously installing malware on a target's machine. The exact mechanism for that USB attack wasn't described. I wouldn't be surprised if some of the things [Nohl and Lell] discovered are what we heard about in the NSA catalogue....The alternative is to treat USB devices like hypodermic needles."

Friday distro: Securepoint Security Solutions

by
in linux on (#3S4)
story imageThis Friday's distro is
Securepoint Security Solutions, a firewall and VPN distro that offers a full-featured suite of firewall tools designed for enterprisewide deployment
. Not only can it protect an internal network from outside attacks, it also helps segregate parts of your internal network and define custom protection rules for each. Securepoint lets you create and manage VPN tunnels for remote users and define traffic filters, reports, and alerts for your entire network. Securepoint Freeware is a very secure and free firewall solution for protecting your Internet gateway. Securepoint can as well be used with existing firewalls and to protect interconnected locations or divisions.

These days a lot of distros are built off of Debian or Ubuntu. This isn't one of them. In fact it appears the distro is simply the software side of a hardware solution they sell at http://www.securepoint.cc/ along with VPN clients, email archiving storage, and other products aimed for the modern corporation or enterprise.

I've tried building a system like this myself though and realized it's not easy. If they are making it easier to build and manage segregated networks they are probably going to find a ready market interested in this software.