Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
developer:

"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)

<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>

--
CrudeSausage
Catholic, paleoconservative, Christ is king

On 9/25/2024 8:21 PM, CrudeSausage wrote:

> an endless and hopeless mess of security holes waiting
> to be exploited." (kind of like Chris Ahlstrom's body)

LMAO!

On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
> Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
> developer:
>
> "From a generic security point of view, a whole Linux system as it is
> nowadays is just an endless and hopeless mess of security holes waiting
> to be exploited." (kind of like Chris Ahlstrom's body)
>
><https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>

Yet another "catastrophic" Linux security threat that will be fixed within
days. You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?

--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien

On 2024-09-26 12:03 a.m., RonB wrote:
> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>> Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
>> developer:
>>
>> "From a generic security point of view, a whole Linux system as it is
>> nowadays is just an endless and hopeless mess of security holes waiting
>> to be exploited." (kind of like Chris Ahlstrom's body)
>>
>> <https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
>
> Yet another "catastrophic" Linux security threat that will be fixed within
> days.

They're working on it and so far coming up with no way of fixing it. I
wouldn't be surprised if there is no solution by October 6th. If that is
the case, you just know that bad actors will be attacking Linux
relentlessly from October 7th on. This looks like the real deal. 9.9/10
is pretty serious when you consider that the aforementioned issues were
rated between 5 and 7 on 10.

> You realize that Cyber Security News makes their case for existence by
> hyperventilating about potential "catastrophic" security threats, right?

Perhaps, but the developers on GitHub have been freaking out as well to
a point that Lunduke felt it necessary to bring this problem to light.
Those developers are usually arrogant about their ability to fix such
issues, not this time.

--
CrudeSausage
Catholic, paleoconservative, Christ is king

On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
> On 2024-09-26 12:03 a.m., RonB wrote:
>> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>>> Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
>>> developer:
>>>
>>> "From a generic security point of view, a whole Linux system as it is
>>> nowadays is just an endless and hopeless mess of security holes waiting
>>> to be exploited." (kind of like Chris Ahlstrom's body)
>>>
>>> <https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
>>
>> Yet another "catastrophic" Linux security threat that will be fixed within
>> days.
>
> They're working on it and so far coming up with no way of fixing it. I
> wouldn't be surprised if there is no solution by October 6th. If that is
> the case, you just know that bad actors will be attacking Linux
> relentlessly from October 7th on. This looks like the real deal. 9.9/10
> is pretty serious when you consider that the aforementioned issues were
> rated between 5 and 7 on 10.

We'll see. I've seen these "horror stories" come and go in the past. Maybe
I'm wrong this time.

>> You realize that Cyber Security News makes their case for existence by
>> hyperventilating about potential "catastrophic" security threats, right?
>
> Perhaps, but the developers on GitHub have been freaking out as well to
> a point that Lunduke felt it necessary to bring this problem to light.
> Those developers are usually arrogant about their ability to fix such
> issues, not this time.

Okay, If I'm lulled into a false sense of security than I guess I'll be
wrong.

Still not particularly worried about it though.

--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien

On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
> On 2024-09-26 12:03 a.m., RonB wrote:
>> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>>> Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
>>> developer:
>>>
>>> "From a generic security point of view, a whole Linux system as it is
>>> nowadays is just an endless and hopeless mess of security holes waiting
>>> to be exploited." (kind of like Chris Ahlstrom's body)
>>>
>>> <https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
>>
>> Yet another "catastrophic" Linux security threat that will be fixed within
>> days.
>
> They're working on it and so far coming up with no way of fixing it. I
> wouldn't be surprised if there is no solution by October 6th. If that is
> the case, you just know that bad actors will be attacking Linux
> relentlessly from October 7th on. This looks like the real deal. 9.9/10
> is pretty serious when you consider that the aforementioned issues were
> rated between 5 and 7 on 10.
>
>> You realize that Cyber Security News makes their case for existence by
>> hyperventilating about potential "catastrophic" security threats, right?
>
> Perhaps, but the developers on GitHub have been freaking out as well to
> a point that Lunduke felt it necessary to bring this problem to light.
> Those developers are usually arrogant about their ability to fix such
> issues, not this time.

Interestingly enough, since this works through the CUPS system On Unix-based
machines, this also affects MacOS. Odd Cyber Security News didn't mention
that little factlet.

Summary

The first of a series of blog posts has been published detailing a
vulnerability in the Common Unix Printing System (CUPS), which
purportedly allows attackers to gain remote access to UNIX-based systems.
The vulnerability, which affects various UNIX-based operating systems,
can be exploited by sending a specially crafted HTTP request to the CUPS
service.

Threat Topography

Threat Type: Remote code execution vulnerability in CUPS service

Industries Impacted: UNIX-based systems across various industries,
including but not limited to, finance, healthcare, and government

Geolocation: Global, with potential impact on UNIX-based systems
worldwide

Environment Impact: High severity, allowing attackers to gain remote
access and execute arbitrary code on vulnerable systems

Overview

X-Force Incident Command is monitoring what claims to be the first in a
series of blog posts from security researcher, Simone Margaritelli,
detailing a vulnerability in the Common Unix Printing System (CUPS),
which purportedly can be exploited by sending a specially crafted HTTP
request to the CUPS service. The vulnerability affects various UNIX-based
operating systems, including but not limited to, Linux and macOS. The
vulnerability can be exploited to gain remote access to affected systems,
allowing attackers to execute arbitrary code and potentially gain
elevated privileges. X-Force is investigating the disclosure and
monitoring for exploitation. We will continue to monitor this situation
and provide updates as available.

Key Findings

The vulnerability affects various UNIX-based operating systems,
including but not limited to, Linux and macOS

All versions of Red Hat Enterprise Linux (RHEL) are affected, but are
not vulnerable in their default configurations.

The vulnerability can be exploited by sending a specially crafted HTTP
request to the CUPS service

The vulnerability allows attackers to gain remote access to affected
systems and execute arbitrary code

The vulnerability has been identified as high severity, with potential
for significant impact on affected organizations

Mitigations/Recommendations

Disable the CUPS service or restrict access to the CUPS web interface

In case your system can’t be updated and you rely on this service,
block all traffic to UDP port 631 and possibly all DNS-SD traffic
(does not apply to zeroconf)

Implement additional security measures, such as network segmentation
and access controls, to limit the spread of the vulnerability

Conduct thorough vulnerability assessments and penetration testing to
identify and remediate any other potential vulnerabilities

Implement robust incident response and disaster recovery plans to
mitigate the impact of a potential breach

https://securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-linux-systems/

And this...

That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking
of devices

No patches yet, can be mitigated, requires user interaction

Thu 26 Sep 2024 // 17:34 UTC

Final update After days of anticipation, what was billed as one or more
critical unauthenticated remote-code execution vulnerabilities in all
Linux systems was today finally revealed.

In short, if you're running the Unix printing system CUPS, with
cups-browsed present and enabled, you may be vulnerable to attacks that
could lead to your computer being commandeered over the network or
internet. The attacks require the victim to start a print job. Do not be
afraid.

The bugs were found and privately reported by software developer Simone
Margaritelli who has now openly disclosed the security weaknesses in
detail here. This write-up is said to be part one of two or maybe three,
so expect more info at some point.

He went public today at 2000 UTC after seemingly becoming frustrated with
the handling of his vulnerability reports by CUPS developers. No patches
are available yet. Public disclosure was previously expected to be no
later than September 30.

What you need to know for now, according to Margaritelli, is:

Disable and/or remove the cups-browsed service.

Update your CUPS installation to bring in security updates if or when
available.

Block access to UDP port 631 and consider blocking off DNS-SD, too.

It affects "most" Linux distros, "some" BSDs, possibly Google ChromeOS,
Oracle's Solaris, and potentially others, as CUPS is bundled with
various distributions to provide printing functionality.

To exploit this across the internet or LAN, a miscreant needs to reach
your CUPS service on UDP port 631. Hopefully none of you have that
facing the public internet. The miscreant also has to wait for you to
start a print job.

If port 631 isn't directly reachable, an attacker may be able to spoof
zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation.
Details of that path will be disclosed later, we're promised.

If you don't have cups-browsed on your system, you're good. If you don't
need CUPS, consider removing it all from your computer just to be safe. If
you never print anything, you're probably also good.

How would a vulnerable system be hijacked? "A remote unauthenticated
attacker can silently replace existing printers’ (or install new ones) IPP
URLs with a malicious one, resulting in arbitrary command execution (on
the computer) when a print job is started (from that computer)," says
Margaritelli.

https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/

Not only Macs, but possibly Chromebooks.

I disabled cups-browsed. Guess I'm good. Doomsday averted.

--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien

On 2024-09-27 12:17 a.m., RonB wrote:
> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>> On 2024-09-26 12:03 a.m., RonB wrote:
>>> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>>>> Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
>>>> developer:
>>>>
>>>> "From a generic security point of view, a whole Linux system as it is
>>>> nowadays is just an endless and hopeless mess of security holes waiting
>>>> to be exploited." (kind of like Chris Ahlstrom's body)
>>>>
>>>> <https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
>>>
>>> Yet another "catastrophic" Linux security threat that will be fixed within
>>> days.
>>
>> They're working on it and so far coming up with no way of fixing it. I
>> wouldn't be surprised if there is no solution by October 6th. If that is
>> the case, you just know that bad actors will be attacking Linux
>> relentlessly from October 7th on. This looks like the real deal. 9.9/10
>> is pretty serious when you consider that the aforementioned issues were
>> rated between 5 and 7 on 10.
>>
>>> You realize that Cyber Security News makes their case for existence by
>>> hyperventilating about potential "catastrophic" security threats, right?
>>
>> Perhaps, but the developers on GitHub have been freaking out as well to
>> a point that Lunduke felt it necessary to bring this problem to light.
>> Those developers are usually arrogant about their ability to fix such
>> issues, not this time.
>
> Interestingly enough, since this works through the CUPS system On Unix-based
> machines, this also affects MacOS. Odd Cyber Security News didn't mention
> that little factlet.
>
> Summary
>
> The first of a series of blog posts has been published detailing a
> vulnerability in the Common Unix Printing System (CUPS), which
> purportedly allows attackers to gain remote access to UNIX-based systems.
> The vulnerability, which affects various UNIX-based operating systems,
> can be exploited by sending a specially crafted HTTP request to the CUPS
> service.
>
> Threat Topography
>
> Threat Type: Remote code execution vulnerability in CUPS service
>
> Industries Impacted: UNIX-based systems across various industries,
> including but not limited to, finance, healthcare, and government
>
> Geolocation: Global, with potential impact on UNIX-based systems
> worldwide
>
> Environment Impact: High severity, allowing attackers to gain remote
> access and execute arbitrary code on vulnerable systems
>
> Overview
>
> X-Force Incident Command is monitoring what claims to be the first in a
> series of blog posts from security researcher, Simone Margaritelli,
> detailing a vulnerability in the Common Unix Printing System (CUPS),
> which purportedly can be exploited by sending a specially crafted HTTP
> request to the CUPS service. The vulnerability affects various UNIX-based
> operating systems, including but not limited to, Linux and macOS. The
> vulnerability can be exploited to gain remote access to affected systems,
> allowing attackers to execute arbitrary code and potentially gain
> elevated privileges. X-Force is investigating the disclosure and
> monitoring for exploitation. We will continue to monitor this situation
> and provide updates as available.
>
> Key Findings
>
> The vulnerability affects various UNIX-based operating systems,
> including but not limited to, Linux and macOS
>
> All versions of Red Hat Enterprise Linux (RHEL) are affected, but are
> not vulnerable in their default configurations.
>
> The vulnerability can be exploited by sending a specially crafted HTTP
> request to the CUPS service
>
> The vulnerability allows attackers to gain remote access to affected
> systems and execute arbitrary code
>
> The vulnerability has been identified as high severity, with potential
> for significant impact on affected organizations
>
> Mitigations/Recommendations
>
> Disable the CUPS service or restrict access to the CUPS web interface
>
> In case your system can’t be updated and you rely on this service,
> block all traffic to UDP port 631 and possibly all DNS-SD traffic
> (does not apply to zeroconf)
>
> Implement additional security measures, such as network segmentation
> and access controls, to limit the spread of the vulnerability
>
> Conduct thorough vulnerability assessments and penetration testing to
> identify and remediate any other potential vulnerabilities
>
> Implement robust incident response and disaster recovery plans to
> mitigate the impact of a potential breach
>
> https://securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-linux-systems/
>
> And this...
>
> That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking
> of devices
>
> No patches yet, can be mitigated, requires user interaction
>
> Thu 26 Sep 2024 // 17:34 UTC
>
> Final update After days of anticipation, what was billed as one or more
> critical unauthenticated remote-code execution vulnerabilities in all
> Linux systems was today finally revealed.
>
> In short, if you're running the Unix printing system CUPS, with
> cups-browsed present and enabled, you may be vulnerable to attacks that
> could lead to your computer being commandeered over the network or
> internet. The attacks require the victim to start a print job. Do not be
> afraid.
>
> The bugs were found and privately reported by software developer Simone
> Margaritelli who has now openly disclosed the security weaknesses in
> detail here. This write-up is said to be part one of two or maybe three,
> so expect more info at some point.
>
> He went public today at 2000 UTC after seemingly becoming frustrated with
> the handling of his vulnerability reports by CUPS developers. No patches
> are available yet. Public disclosure was previously expected to be no
> later than September 30.
>
> What you need to know for now, according to Margaritelli, is:
>
> Disable and/or remove the cups-browsed service.
>
> Update your CUPS installation to bring in security updates if or when
> available.
>
> Block access to UDP port 631 and consider blocking off DNS-SD, too.
>
> It affects "most" Linux distros, "some" BSDs, possibly Google ChromeOS,
> Oracle's Solaris, and potentially others, as CUPS is bundled with
> various distributions to provide printing functionality.
>
> To exploit this across the internet or LAN, a miscreant needs to reach
> your CUPS service on UDP port 631. Hopefully none of you have that
> facing the public internet. The miscreant also has to wait for you to
> start a print job.
>
> If port 631 isn't directly reachable, an attacker may be able to spoof
> zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation.
> Details of that path will be disclosed later, we're promised.
>
> If you don't have cups-browsed on your system, you're good. If you don't
> need CUPS, consider removing it all from your computer just to be safe. If
> you never print anything, you're probably also good.
>
> How would a vulnerable system be hijacked? "A remote unauthenticated
> attacker can silently replace existing printers’ (or install new ones) IPP
> URLs with a malicious one, resulting in arbitrary command execution (on
> the computer) when a print job is started (from that computer)," says
> Margaritelli.
>
> https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/
>
> Not only Macs, but possibly Chromebooks.
>
> I disabled cups-browsed. Guess I'm good. Doomsday averted.

MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
sure if it affected them. He did mention that ChromeOS was affected. As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration. I assume
that plugging the printer directly to the computer will not be
considered insecure, but any kind of automated network connectivity is
going to be a problem.

On 9/27/24 8:40 AM, CrudeSausage wrote:
> On 2024-09-27 12:17 a.m., RonB wrote:
>> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>>> On 2024-09-26 12:03 a.m., RonB wrote:
>>>> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>>>>> Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
>>>>> developer:
>>>>>
>>>>> "From a generic security point of view, a whole Linux system as it is
>>>>> nowadays is just an endless and hopeless mess of security holes
>>>>> waiting
>>>>> to be exploited." (kind of like Chris Ahlstrom's body)
>>>>>
>>>>> <https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
>>>>
>>>> Yet another "catastrophic" Linux security threat that will be fixed
>>>> within
>>>> days.
>>>
>>> They're working on it and so far coming up with no way of fixing it. I
>>> wouldn't be surprised if there is no solution by October 6th. If that is
>>> the case, you just know that bad actors will be attacking Linux
>>> relentlessly from October 7th on. This looks like the real deal. 9.9/10
>>> is pretty serious when you consider that the aforementioned issues were
>>> rated between 5 and 7 on 10.
>>>
>>>> You realize that Cyber Security News makes their case for existence by
>>>> hyperventilating about potential "catastrophic" security threats,
>>>> right?
>>>
>>> Perhaps, but the developers on GitHub have been freaking out as well to
>>> a point that Lunduke felt it necessary to bring this problem to light.
>>> Those developers are usually arrogant about their ability to fix such
>>> issues, not this time.
>>
>> Interestingly enough, since this works through the CUPS system On
>> Unix-based
>> machines, this also affects MacOS. Odd Cyber Security News didn't mention
>> that little factlet.
>>
>>     Summary
>>
>>     The first of a series of blog posts has been published detailing a
>>     vulnerability in the Common Unix Printing System (CUPS), which
>>     purportedly allows attackers to gain remote access to UNIX-based
>> systems.
>>     The vulnerability, which affects various UNIX-based operating
>> systems,
>>     can be exploited by sending a specially crafted HTTP request to
>> the CUPS
>>     service.
>>     Threat Topography
>>
>>        Threat Type: Remote code execution vulnerability in CUPS service
>>        Industries Impacted: UNIX-based systems across various industries,
>>        including but not limited to, finance, healthcare, and government
>>        Geolocation: Global, with potential impact on UNIX-based systems
>>        worldwide
>>        Environment Impact: High severity, allowing attackers to gain
>> remote
>>        access and execute arbitrary code on vulnerable systems
>>
>>     Overview
>>
>>     X-Force Incident Command is monitoring what claims to be the first
>> in a
>>     series of blog posts from security researcher, Simone Margaritelli,
>>     detailing a vulnerability in the Common Unix Printing System (CUPS),
>>     which purportedly can be exploited by sending a specially crafted
>> HTTP
>>     request to the CUPS service. The vulnerability affects various
>> UNIX-based
>>     operating systems, including but not limited to, Linux and macOS. The
>>     vulnerability can be exploited to gain remote access to affected
>> systems,
>>     allowing attackers to execute arbitrary code and potentially gain
>>     elevated privileges. X-Force is investigating the disclosure and
>>     monitoring for exploitation. We will continue to monitor this
>> situation
>>     and provide updates as available.
>>
>>     Key Findings
>>
>>        The vulnerability affects various UNIX-based operating systems,
>>        including but not limited to, Linux and macOS
>>        All versions of Red Hat Enterprise Linux (RHEL) are affected,
>> but are
>>        not vulnerable in their default configurations.
>>        The vulnerability can be exploited by sending a specially
>> crafted HTTP
>>        request to the CUPS service
>>        The vulnerability allows attackers to gain remote access to
>> affected
>>        systems and execute arbitrary code
>>        The vulnerability has been identified as high severity, with
>> potential
>>        for significant impact on affected organizations
>>
>>     Mitigations/Recommendations
>>
>>        Disable the CUPS service or restrict access to the CUPS web
>> interface
>>        In case your system can’t be updated and you rely on this service,
>>        block all traffic to UDP port 631 and possibly all DNS-SD traffic
>>        (does not apply to zeroconf)
>>        Implement additional security measures, such as network
>> segmentation
>>        and access controls, to limit the spread of the vulnerability
>>        Conduct thorough vulnerability assessments and penetration
>> testing to
>>        identify and remediate any other potential vulnerabilities
>>        Implement robust incident response and disaster recovery plans to
>>        mitigate the impact of a potential breach
>>
>> https://securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-
>> linux-systems/
>>
>> And this...
>>
>>     That doomsday critical Linux bug: It's CUPS. May lead to remote
>> hijacking
>>     of devices
>>
>>     No patches yet, can be mitigated, requires user interaction
>>     Thu 26 Sep 2024 // 17:34 UTC
>>     Final update After days of anticipation, what was billed as one or
>> more
>>     critical unauthenticated remote-code execution vulnerabilities in all
>>     Linux systems was today finally revealed.
>>
>>     In short, if you're running the Unix printing system CUPS, with
>>     cups-browsed present and enabled, you may be vulnerable to attacks
>> that
>>     could lead to your computer being commandeered over the network or
>>     internet. The attacks require the victim to start a print job. Do
>> not be
>>     afraid.
>>
>>     The bugs were found and privately reported by software developer
>> Simone
>>     Margaritelli who has now openly disclosed the security weaknesses in
>>     detail here. This write-up is said to be part one of two or maybe
>> three,
>>     so expect more info at some point.
>>
>>     He went public today at 2000 UTC after seemingly becoming
>> frustrated with
>>     the handling of his vulnerability reports by CUPS developers. No
>> patches
>>     are available yet. Public disclosure was previously expected to be no
>>     later than September 30.
>>
>>     What you need to know for now, according to Margaritelli, is:
>>       Disable and/or remove the cups-browsed service.
>>
>>       Update your CUPS installation to bring in security updates if or
>> when
>>       available.
>>
>>       Block access to UDP port 631 and consider blocking off DNS-SD, too.
>>
>>       It affects "most" Linux distros, "some" BSDs, possibly Google
>> ChromeOS,
>>       Oracle's Solaris, and potentially others, as CUPS is bundled with
>>       various distributions to provide printing functionality.
>>
>>       To exploit this across the internet or LAN, a miscreant needs to
>> reach
>>       your CUPS service on UDP port 631. Hopefully none of you have that
>>       facing the public internet. The miscreant also has to wait for
>> you to
>>       start a print job.
>>
>>       If port 631 isn't directly reachable, an attacker may be able to
>> spoof
>>       zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation.
>>       Details of that path will be disclosed later, we're promised.
>>
>>    If you don't have cups-browsed on your system, you're good. If you
>> don't
>>    need CUPS, consider removing it all from your computer just to be
>> safe. If
>>    you never print anything, you're probably also good.
>>
>>    How would a vulnerable system be hijacked? "A remote unauthenticated
>>    attacker can silently replace existing printers’ (or install new
>> ones) IPP
>>    URLs with a malicious one, resulting in arbitrary command execution
>> (on
>>    the computer) when a print job is started (from that computer)," says
>>    Margaritelli.
>>
>> https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/
>>
>> Not only Macs, but possibly Chromebooks.
>>
>> I disabled cups-browsed. Guess I'm good. Doomsday averted.
>
> MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
> sure if it affected them. He did mention that ChromeOS was affected.

On Fri, 27 Sep 2024 08:40:40 -0400, CrudeSausage wrote:

> As
> far as I can tell, fixing the problem will also require a user who needs
> to print to return to the Stone Age in terms of configuration.

People printing hardcopy already are in the Stone Age.

rbowman wrote this copyrighted missive and expects royalties:

> On Fri, 27 Sep 2024 08:40:40 -0400, CrudeSausage wrote:
>
>> As
>> far as I can tell, fixing the problem will also require a user who needs
>> to print to return to the Stone Age in terms of configuration.
>
> People printing hardcopy already are in the Stone Age.

C'mon, man, sometimes you need a few pages of printout that you can study
while ensconced upon "the throne". You might accidentally drop your tablet into
the crapper.

And sometimes you want to markup a diagram with a pen.

Stone age?

--
<Deek> That reminds me, we'll need to buy a chainsaw for the office. "In
case of emergency, break glass"

On Fri, 27 Sep 2024 15:02:39 -0400, Chris Ahlstrom wrote:

> C'mon, man, sometimes you need a few pages of printout that you can
> study while ensconced upon "the throne". You might accidentally drop
> your tablet into the crapper.

The last thing I remember printing was a conservation permit. That's
usually a base for a fishing or hunting license but theoretically you need
it to hike/camp on state lands. I used to get the tribal permit to hike on
the rez but after they raised it to $100 they can kiss my white butt.

Anyway, there is an app for that now...

I used to print stuff out. There was a comb binding machine and an
assortment of various sized combs to make a neat job plus a number of the
traditional three ring binders. I haven't done that in years.

When we shut down the division in January and moved to another part of the
building the PM had to work his way through 25 years of hardcopy
proposals, documentation, and so forth. We got a laugh from some of the
walk down memory lane. It was almost as good as looking through the stacks
of obsolete programming books. Many trees sacrificed their lives.

On 2024-09-27, CrudeSausage <crude@sausa.ge> wrote:
>
> MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
> sure if it affected them. He did mention that ChromeOS was affected. As
> far as I can tell, fixing the problem will also require a user who needs
> to print to return to the Stone Age in terms of configuration. I assume
> that plugging the printer directly to the computer will not be
> considered insecure, but any kind of automated network connectivity is
> going to be a problem.
>
> Either way, this is serious and Linux users shouldn't casually dismiss
> this. It should also be noted that this is just one of the many such
> problems that are going to arise in the future.

The fix is to disable or uninstall cups-browsed. I did so and my printer
works fine for printing and scanning on my network. You can also just
block the UDP Port 631, which on most home machines is not exposed to the
Internet anyhow.

This is not a serious problem for most home Linux users. Another overblown
"catastrophe" warning.

--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien

On 2024-09-27, rbowman <bowman@montana.com> wrote:
> On Fri, 27 Sep 2024 08:40:40 -0400, CrudeSausage wrote:
>
>> As
>> far as I can tell, fixing the problem will also require a user who needs
>> to print to return to the Stone Age in terms of configuration.
>
> People printing hardcopy already are in the Stone Age.

I print crossword puzzles because I like to use my mechanical pencils. But I
also print shipping labels, etc. My sons scan and print their art.

--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien

On 2024-09-27, rbowman <bowman@montana.com> wrote:
> On Fri, 27 Sep 2024 15:02:39 -0400, Chris Ahlstrom wrote:
>
>> C'mon, man, sometimes you need a few pages of printout that you can
>> study while ensconced upon "the throne". You might accidentally drop
>> your tablet into the crapper.
>
> The last thing I remember printing was a conservation permit. That's
> usually a base for a fishing or hunting license but theoretically you need
> it to hike/camp on state lands. I used to get the tribal permit to hike on
> the rez but after they raised it to $100 they can kiss my white butt.

I print my proof of insurance cards because I don't always carry a
smartphone with me when I drive.

I actually find quite a few uses for my printer.

--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien

rbowman wrote this copyrighted missive and expects royalties:

> On Fri, 27 Sep 2024 15:02:39 -0400, Chris Ahlstrom wrote:
>
>> C'mon, man, sometimes you need a few pages of printout that you can
>> study while ensconced upon "the throne". You might accidentally drop
>> your tablet into the crapper.
>
> The last thing I remember printing was a conservation permit. That's
> usually a base for a fishing or hunting license but theoretically you need
> it to hike/camp on state lands. I used to get the tribal permit to hike on
> the rez but after they raised it to $100 they can kiss my white butt.
>
> Anyway, there is an app for that now...
>
> I used to print stuff out. There was a comb binding machine and an
> assortment of various sized combs to make a neat job plus a number of the
> traditional three ring binders. I haven't done that in years.
>
> When we shut down the division in January and moved to another part of the
> building the PM had to work his way through 25 years of hardcopy
> proposals, documentation, and so forth. We got a laugh from some of the
> walk down memory lane. It was almost as good as looking through the stacks
> of obsolete programming books. Many trees sacrificed their lives.

I remember strolling through the stalls at Vanderbilt's library. My God,
there were so many interesting books.

On the basement floor I found an interesting traveloque book by Philip Wylie.

(His book "Gladiator" is interesting and free as an e-book.)

--
Technicality, n.:
In an English court a man named Home was tried for slander in having
accused a neighbor of murder. His exact words were: "Sir Thomas Holt
hath taken a cleaver and stricken his cook upon the head, so that one
side of his head fell on one shoulder and the other side upon the
other shoulder." The defendant was acquitted by instruction of the
court, the learned judges holding that the words did not charge murder,
for they did not affirm the death of the cook, that being only an
inference.
-- Ambrose Bierce, "The Devil's Dictionary"

On Fri, 27 Sep 2024 23:14:14 -0000 (UTC), RonB wrote:

> I print my proof of insurance cards because I don't always carry a
> smartphone with me when I drive.

State Farm provides 2 wallet sized cards. I put the one for the car in
with the registration and the other in my wallet with the other four.
(car, pickup, ans three bikes). One time I didn't have the current one in
my little deck and got a ticket for failure to show proof. No problem I
just had to take proof to the courthouse. That ticket was $250, the
speeding ticket was $35. After that I double checked.

On 2024-09-28, rbowman <bowman@montana.com> wrote:
> On Fri, 27 Sep 2024 23:14:14 -0000 (UTC), RonB wrote:
>
>> I print my proof of insurance cards because I don't always carry a
>> smartphone with me when I drive.
>
> State Farm provides 2 wallet sized cards. I put the one for the car in
> with the registration and the other in my wallet with the other four.
> (car, pickup, ans three bikes). One time I didn't have the current one in
> my little deck and got a ticket for failure to show proof. No problem I
> just had to take proof to the courthouse. That ticket was $250, the
> speeding ticket was $35. After that I double checked.

I just print the cards. That way I don't have to wait for them come in the
mail. I guess I'm not so "anti-printer" that I won't use my printer when I
need it.

--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien

On Fri, 27 Sep 2024 20:15:21 -0400, Chris Ahlstrom wrote:

> I remember strolling through the stalls at Vanderbilt's library. My God,
> there were so many interesting books.

I used to spend a lot of time in libraries. My wife was a librarian and,
strangely, the last thing she wanted to talk about was books.

I've been watching 'Wire in the Blood' and in the episode last night Hill
was researching church history and witchcraft in a library, snatching
books off the shelves and surrounding himself with piles on a worktable.
It was a bit of a nostalgic feeling. The program was from 2004; I wonder
if they would show a google search today.

The city build a new library that was to open just before covid. There is
a maker space, discovery area for kids, meeting rooms, an audiovisual
area, and even a cooking area. I don't know if there are any more books.
It's hard to tell with them spread out on more spacious shelves.

I still checkout a real book at times but most of what I get is digital,
delivered to the kindle via amazon. I did get on a C.J. Box kick after
watching 'Joe Pickett' and they do have more on the shelf rather than
available digitally so I'll have to stop in.

On Fri, 27 Sep 2024 23:10:11 -0000 (UTC), RonB wrote:

> On 2024-09-27, rbowman <bowman@montana.com> wrote:
>> On Fri, 27 Sep 2024 08:40:40 -0400, CrudeSausage wrote:
>>
>>> As
>>> far as I can tell, fixing the problem will also require a user who
>>> needs to print to return to the Stone Age in terms of configuration.
>>
>> People printing hardcopy already are in the Stone Age.
>
> I print crossword puzzles because I like to use my mechanical pencils.
> But I also print shipping labels, etc. My sons scan and print their art.

About the only crossword puzzle I do anymore is in the AARP magazine. I do
them in ink... My ex has a few problems and says she doesn't have a
problem with coming up with the correct word but can't always figure out
where to put it. The brain is a very strange thing.

On Sat, 28 Sep 2024 01:57:42 -0000 (UTC), RonB wrote:

> I just print the cards. That way I don't have to wait for them come in
> the mail. I guess I'm not so "anti-printer" that I won't use my printer
> when I need it.

Wait? State Farm may be too trusting. The send the cards along with the
bill for the next period which isn't due for a month. I've sometimes
wondered what would happen if I gave a cop a card that says 'Effective Jun
06 2024 to DEC 06 2024' on NAY 15 2024?

I think that's what happened the time I got stopped. When I shuffled the
deck and threw out the old ones I actually threw out the valid one. It's
always the same policy number.

I'm not anti-printer but I don't have much that needs to be printed. The
last thing I printed was my ham license and I did that at work and that
wasn't a show stopper. The last time I had to produce a license was when I
took the Advanced exam. That was a while ago since the FCC dropped the
class in 1999. I can still renew as Advanced and am stubborn enough to
keep a license they don't make anymore.

Back in the '80s I did sort of hate printers. The company I worked for
made lab apparatus and the data had to be printed. Printers weren't
exactly standardized so we would send a gopher down the street to Computer
World and buy a Okidata Buzzkill 3000. After we go that one figured out
we'd send him back with some cock and bull story to exchange it for
another brand. The crappy little thermal printers were the worst.

Le 26-09-2024, RonB <ronb02NOSPAM@gmail.com> a écrit :
> On 2024-09-26, CrudeSausage <crude@sausa.ge> wrote:
>> Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
>> developer:
>>
>> "From a generic security point of view, a whole Linux system as it is
>> nowadays is just an endless and hopeless mess of security holes waiting
>> to be exploited." (kind of like Chris Ahlstrom's body)
>>
>><https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
>
> Yet another "catastrophic" Linux security threat that will be fixed within
> days. You realize that Cyber Security News makes their case for existence by
> hyperventilating about potential "catastrophic" security threats, right?

It looks like it only affects the « ssh » access, so if you have no ssh
access on your computer, you don't have to worry. Now, as nobody knows
anything about it, it's difficult to guess how a « ssh » access can be
protected. We'll need to wait for a few days to know if it's easier to
exploit or to protect a « ssh » connexion.

--
Si vous avez du temps à perdre :
https://scarpet42.gitlab.io

rbowman wrote this copyrighted missive and expects royalties:

> On Fri, 27 Sep 2024 23:10:11 -0000 (UTC), RonB wrote:
>
>> On 2024-09-27, rbowman <bowman@montana.com> wrote:
>>> On Fri, 27 Sep 2024 08:40:40 -0400, CrudeSausage wrote:
>>>
>>>> As far as I can tell, fixing the problem will also require a user who
>>>> needs to print to return to the Stone Age in terms of configuration.
>>>
>>> People printing hardcopy already are in the Stone Age.
>>
>> I print crossword puzzles because I like to use my mechanical pencils.
>> But I also print shipping labels, etc. My sons scan and print their art.
>
> About the only crossword puzzle I do anymore is in the AARP magazine. I do
> them in ink... My ex has a few problems and says she doesn't have a
> problem with coming up with the correct word but can't always figure out
> where to put it. The brain is a very strange thing.

I was in the Y's locker room one day and there was an AARP magazine lying on
the bench. Some old(er) guy came in and asked if it was mine. Then he said, of
AARP, "I really think they want to destroy America".

I couldn't stop a laugh from coming out.

--
<tausq> if (cb) ((cb->obj)->*(cb->ui_func))();
<knghtbrd> tausq: who the HELL wrote that ?
<tausq> me :)
* knghtbrd flogs tausq

On 2024-09-27 7:08 p.m., RonB wrote:
> On 2024-09-27, CrudeSausage <crude@sausa.ge> wrote:
>>
>> MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
>> sure if it affected them. He did mention that ChromeOS was affected. As
>> far as I can tell, fixing the problem will also require a user who needs
>> to print to return to the Stone Age in terms of configuration. I assume
>> that plugging the printer directly to the computer will not be
>> considered insecure, but any kind of automated network connectivity is
>> going to be a problem.
>>
>> Either way, this is serious and Linux users shouldn't casually dismiss
>> this. It should also be noted that this is just one of the many such
>> problems that are going to arise in the future.
>
> The fix is to disable or uninstall cups-browsed. I did so and my printer
> works fine for printing and scanning on my network. You can also just
> block the UDP Port 631, which on most home machines is not exposed to the
> Internet anyhow.
>
> This is not a serious problem for most home Linux users. Another overblown
> "catastrophe" warning.

If this indeed solves the problem without compromising functionality,
all the better. Considering how it was presented, it truly seemed like
an issue whose solution involved crippling the operating system.

--
CrudeSausage
Catholic, paleoconservative, Christ is king

On Sat, 28 Sep 2024 07:52:11 -0400, CrudeSausage wrote:

> If this indeed solves the problem without compromising functionality,
> all the better. Considering how it was presented, it truly seemed like
> an issue whose solution involved crippling the operating system.

The sky is falling! The sky is falling! The tech world loves click
generating headlines just as much as the MSM. Certainly vulnerabilities
have been detected but most require quite a bit of conditions to be
exploited. Meanwhile Ukrainian hackers find the real open doors.

rbowman wrote this copyrighted missive and expects royalties:

> On Sat, 28 Sep 2024 07:52:11 -0400, CrudeSausage wrote:
>
>> If this indeed solves the problem without compromising functionality,
>> all the better. Considering how it was presented, it truly seemed like
>> an issue whose solution involved crippling the operating system.
>
> The sky is falling! The sky is falling! The tech world loves click
> generating headlines just as much as the MSM.

1. What outfits are part of the "MSM". Is Fox News part of the MSM, based on
its popularity?

2. All sites want "clicks". It helps pay the bills.

> Certainly vulnerabilities have been detected but most require quite a bit of
> conditions to be exploited. Meanwhile Ukrainian hackers find the real open
> doors.

Do they work for the NSA?

--
What no spouse of a writer can ever understand is that a writer is working
when he's staring out the window.