Security

Download a copy of your Facebook data

Recently we have all have been reading about Facebook’s breach of trust. Even Mark Zuckerberg, admitted that Facebook has made mistakes.

The issue: Cambridge Analytica, a U.K.-based political data-analytics firm hired by the 2016 Trump campaign, got its hands on data for 50 million Facebook users — without the users’ knowledge or consent. At this point, it’s unclear whether the uproar over Cambridge Analytica will lead to new legislation or government regulations but in my circles, I have noticed a significant exodus of companies and users.

Before you make the jump to delete your account.  Download a copy of your Facebook data.

The following steps should help:

  • Go to Facebook.com > Settings > General Account Settings
  • Click “Download a copy of your Facebook data.”
  • Click “Download Archive.”
  • It takes a short period of time for Facebook to generate an archive of your data.
    You will be alerted when the archive is ready.
  • Once notified of its completion, click “Download Archive”, and a zip file will download to your computer.
  • Browse through that archive by opening each file inside the folder.

In the archive, you’ll find your entire history on facebook including messages. In doing so, it’s clear how much Facebook knows about you.

 

Examples of what you will find

  • The index also contains information about every Event invite you got, every Poke and Message you’ve sent or received (even if you are not Facebook friends with the person, or if they are no longer on Facebook), any Facebook applications you installed (even if you don’t use them anymore), and any Facebook “Places” (locations) you may have created.
  • Profile section, you will find some basic information about your profile including any profile names you have had in the past, all your contact info, any pages and interests you liked, groups you joined, and any Facebook pages you are a page administrator for.
  • The Contact Info section contains all the contacts on your mobile phone.
  • The Timeline section contains all your status updates and posts from friends on your timeline. The Photos and Videos sections contain photos and videos you posted; the former also contains code about your Facial Recognition info.
  • The Friends section contains a list of all your Facebook friends along with the date you become friends. It also contains a list of friends you unfriended and when, friend requests you declined, a list of friend requests you sent that are pending being accepted, a list of people who “Follow” you by clicking the follow button on your profile, and anyone you are following.
  • There’s also a Security section tracking IP addresses, devices and browsers you logged in from with dates and timestamps.
  • The Ads section contains a list of Ad Topics you are being targeted for based on interests gleaned from Facebook pages you liked. There’s also a list of the recent ads you clicked on and any advertisers that have your contact information. You can find (and remove) additional ads and ad topics you are being targeted for by visiting: https://www.facebook.com/ads/preferences/.

 

Important: Update Your Mozilla Web Browser to Firefox 58.0.1

Mozilla has released an important update for its Firefox web browser to patch a critical vulnerability that could allow remote attackers to execute malicious code on computers running an affected version of the browser.

Affected web browser versions include Firefox 56 (.0, .0.1, .0.2), 57 (.0, .0.1, .0.2, .0.3, .0.4), and 58 (.0). The vulnerability has been addressed in Firefox 58.0.1

Security fix

When using certain non-default security policies on Windows (for example with Windows Defender Exploit Protection or Webroot security products), Firefox 58.0 would fail to load pages (bug 1433065).

Reference link to 58.0 release notes

Known Issues of Security fix

  • Users running Firefox for Windows over a Remote Desktop Connection (RDP) may find that audio playback is disabled due to increased security restrictions.
  • Users running certain screen readers may experience performance issues and are advised to use Firefox ESR until performance issues are resolved in an upcoming future release.

 

According to a security advisory published by Cisco, Firefox 58.0.1 addresses an ‘arbitrary code execution’ flaw that originates due to ‘insufficient sanitization’ of HTML fragments in chrome-privileged documents (browser UI).

 

Hack Details:

Hackers could exploit this vulnerability (CVE-2018-5124) to run arbitrary code on the victim’s computer just by tricking them into accessing a link or ‘opening a file that submits malicious input to the affected software.’

The advisory states.

“A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely,”

This could allow an attacker to install programs, create new accounts with full user rights, and view, change or delete data. However, if the application has been configured to have limited rights the impact is less on the system itself and should only impact the current session logged in.

 

ISP Redundancy Link Interface Cannot Be Created

While setting up ISP Redundancy on a Check Point cluster I ran into an issue preventing me from proceeding with my configuration.  I was eventually able to resolve this and felt that I would share with you and my future self the steps taken.

 

What is ISP Redundancy

ISP Redundancy enables reliable Internet connectivity by allowing a single or clustered Check Point Security Gateway to connect to the Internet via redundant Internet service provider (ISP) connections. If both links are active, connections pass through one link, or both links, depending on the operating mode. If one of the link fails, new connections are handled by the second link.

 

Configuration Steps

  1. Open the network object properties of the Security Gateway or cluster.
  2. Click Other > ISP Redundancy.
  3. Select Support ISP Redundancy.
  4. Select Load Sharing or Primary/Backup.
  5. Configure Links – Primary and Backup Connections
  6. Set tacking mode for Link failure and recovery
  7. Click OK — This is when I encounter my error

 

Error: Check Point SmartDashboard

At least one of your ISP Links lack a next hop IP Address configuration.
Note: next hop IP Address is also used to automatically monitor the ISP Link^s availability.

Error: Check Point SmartDashboard

ISP Redundancy configuration on clusters requires that the interfaces which lead to your ISPs, have the same names as the corresponding physical interfaces on the cluster^s members.

 

Resolution Steps Taken:

Discovered that the the interfaces in the topology tab did not have the same name on the vip (Virtual IP), so I changed to name so that all interfaces were matching.

After introducing the changes to the interface name of the vip, I retried the setup for ISP Redundancy and the issue resolved.

 

News: Canonical Releases Ubuntu Kernel Updates for Meltdown / Spectre

No need to go into the back story on this.  If you are reading this, there is a chance you’ve already read other reports on what Meltdown / Spectre and the perceived risks.

Cononical made a public statement last week to provide a patch for supported Ubuntu releases against Meltdown and Spectre security vulnerabilities, and the first set of patches are now available in the stable software repositories of Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS.

ref: https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/

For Ubuntu 17.10 (Artful Aardvark), the updated kernel also patches four other security issues related to the Berkeley Packet Filter (BPF) implementation in the Linux kernel, which could allow a local attacker to execute arbitrary code or crash the system by causing a denial of service (CVE-2017-17863, CVE-2017-16995, CVE-2017-17862, and CVE-2017-17864).

 

Meltdown & Spectre: Windows Security Update KB4056892

If you are reading this, chances are that you already know about the current security flaw discovered in what has been coined “modern processor chips” that could allow hackers to access data such as passwords, encryption keys and other information you want kept private.

Microsoft has released an out-of-band emergency patch for Windows 10 which should be installed as soon as possible. If you have yet to receive the patch via Windows Update, you can manually install it by going to this Windows Update Catalog page.   You can also check for updates

*note* check with your IT department when in doubt.

Ref URL: https://www.catalog.update.microsoft.com/Search.aspx?q=kb4056892

 

Included in this update:

his update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses issue where event logs stop receiving events when a maximum file size policy is applied to the channel.
  • Addresses issue where printing an Office Online document in Microsoft Edge fails.
  • Addresses issue where the touch keyboard doesn’t support the standard layout for 109 keyboards.
  • Addresses video playback issues in applications such as Microsoft Edge that affect some devices when playing back video on a monitor and a secondary, duplicated display.
  • Addresses issue where Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.
  • Addresses issue where only 4 TB of memory is shown as available in Task Manager in Windows Server version 1709 when more memory is actually installed, configured, and available.
  • Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.

Source: https://support.microsoft.com/en-us/help/4056892