The unholy zero-day concoction, reported to Microsoft in September and still unpatched, is a reliable way of p0wning Windows for attackers that have managed to pop user machines.
Breen released exploit code for his attack dubbed Hot Potato following his talk at the Shmoocon conference in Washington over the weekend. "Hot Potato takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay -\- specifically HTTP-SMB relay - and NBNS spoofing," Breen says.
"Using this technique, we can elevate our privilege on a Windows workstation from the lowest levels to NT Authority/System – the highest level of privilege available on a Windows machine. "This is important because many organisations unfortunately rely on Windows account privileges to protect their corporate network."
http://theregister.co.uk/2016/01/20/hot/
UnixThis!
Thursday, January 28, 2016
Wednesday, January 27, 2016
Tails 2 Is Out!
We are especially proud to present you Tails 2.0, the first version of Tails based on:
* GNOME Shell, with lots of changes in the desktop environment.
* Debian 8 (Jessie), which upgrades most included software and improves many things under the hood.
This release fixes [many security issues](https://tails.boum.org/security/Numerous_security_holes_in_1.8.2/index.en.html ) and users should upgrade as soon as possible.
# Changes
## New features
* Tails now uses the GNOME Shell desktop environment, in its Classic mode. GNOME Shell provides a modern, simple, and actively developed desktop environment. The Classic mode keeps the traditional Applications, Places menu, and windows list. Accessibility and non-Latin input sources are also better integrated.
To find your way around, [read our introduction to GNOME and the Tails desktop.](https://tails.boum.org/doc/first_steps/introduction_to_gnome_and_the_tails_desktop/index.en.html )
The desktop and Applications menu
The activities overview
## Upgrades and changes
* Debian 8 upgrades most included software, for example:
* Many core GNOME utilities from 3.4 to 3.14: Files, Disks, Videos, etc.
* LibreOffice from 3.5 to 4.3
* PiTiVi from 0.15 to 0.93
* Git from 1.7.10 to 2.1.4
* Poedit from 1.5.4 to 1.6.10
* Liferea from 1.8.6 to 1.10
* Update Tor Browser to 5.5 (based on Firefox 38.6.0 ESR):
* Add Japanese support.
* Remove the Windows camouflage which is currently broken in GNOME Shell. We started working on [adding it back](https://labs.riseup.net/code/issues/10830 ) but [your help is needed](https://tails.boum.org/news/windows_camouflage_jessie/index.en.html )!
* Change to `systemd` as init system and use it to:
* Sandbox many services using Linux namespaces and make them harder to exploit.
* Make the launching of Tor and the memory wipe on shutdown more robust.
* Sanitize our code base by replacing many custom scripts.
* Update most firmware packages which might improve hardware compatibility.
* Notify the user if Tails is running from a non-free virtualization software.
* Remove Claws Mail, replaced by [Icedove](https://tails.boum.org/doc/anonymous_internet/icedove/index.en.html ), a rebranded version of Mozilla Thunderbird.
## Fixed problems
* HiDPI displays are better supported. ([#8659](https://labs.riseup.net/code/issues/8659 ))
* Remove the option to open a download with an external application in Tor Browser as this is usually impossible due to the AppArmor confinement. ([#9285](https://labs.riseup.net/code/issues/9285 ))
* Close Vidalia before restarting Tor.
* Allow Videos to access the DVD drive. ([#10455](https://labs.riseup.net/code/issues/10455 ), [#9990](https://labs.riseup.net/code/issues/9990 ))
* Allow configuring printers without administration password. ([#8443](https://labs.riseup.net/code/issues/8443 ))
# Known issues
* Tor Browser 5.5 introduces [protection against fingerprinting](https://trac.torproject.org/projects/tor/ticket/13313 ) but due to an [oversight](https://labs.riseup.net/code/issues/11000 ) it is not enabled in Tails 2.0. However, this is not so bad for Tails users since each Tails system has the same fonts installed, and hence will look identical, so this only means that it's easy to distinguish whether a user of Tor Browser 5.5 uses Tails or not. That is already easy given that Tails has the AdBlock Plus extension enabled, unlike the normal Tor Browser.
See the current list of [known issues](https://tails.boum.org/support/known_issues/index.en.html ).
# Installing
We also redesigned completely our download and installation instructions to make it easier to get started with Tails.
For example, you can now verify the ISO image automatically from Firefox using a special add-on.
You can also install or upgrade Tails directly from Debian or Ubuntu using the `tails-installer` package.
[Try our new installation assistant.](https://tails.boum.org/install/index.en.html )
# Upgrading
Tails changed so much since version 1.8.2 that it is impossible to provide an automatic upgrade. We recommend you [follow our new manual upgrade instructions](https://tails.boum.org/upgrade/index.en.html ) instead.
# What's coming up?
The next Tails release is [scheduled](https://tails.boum.org/contribute/calendar/ ) for March 6.
Have a look at our [roadmap](https://labs.riseup.net/code/projects/tails/roadmap ) to see where we are heading to.
We need your help and there are many ways to [contribute to Tails](https://tails.boum.org/contribute/index.en.html ) ([donating](https://tails.boum.org/contribute/how/donate/index.en.html ) is only one of them). Come [talk to us](https://tails.boum.org/contribute/talk/ )!
URL: https://tails.boum.org/news/version_2.0/index.en.html
_______________________________________________
amnesia-news mailing list
amnesia-news@boum.org
https://mailman.boum.org/listinfo/amnesia-news
* GNOME Shell, with lots of changes in the desktop environment.
* Debian 8 (Jessie), which upgrades most included software and improves many things under the hood.
This release fixes [many security issues](https://tails.boum.
# Changes
## New features
* Tails now uses the GNOME Shell desktop environment, in its Classic mode. GNOME Shell provides a modern, simple, and actively developed desktop environment. The Classic mode keeps the traditional Applications, Places menu, and windows list. Accessibility and non-Latin input sources are also better integrated.
To find your way around, [read our introduction to GNOME and the Tails desktop.](https://tails.boum.
The desktop and Applications menu
:
* Add Japanese support.
* Remove the Windows camouflage which is currently broken in GNOME Shell. We started working on [adding it back](https://labs.riseup.net/
* Change to `systemd` as init system and use it to:
* Sandbox many services using Linux namespaces and make them harder to exploit.
* Make the launching of Tor and the memory wipe on shutdown more robust.
* Sanitize our code base by replacing many custom scripts.
* Update most firmware packages which might improve hardware compatibility.
* Notify the user if Tails is running from a non-free virtualization software.
* Remove Claws Mail, replaced by [Icedove](https://tails.boum.
## Fixed problems
* HiDPI displays are better supported. ([#8659](https://labs.riseup.
* Remove the option to open a download with an external application in Tor Browser as this is usually impossible due to the AppArmor confinement. ([#9285](https://labs.riseup.
* Close Vidalia before restarting Tor.
* Allow Videos to access the DVD drive. ([#10455](https://labs.riseup.
* Allow configuring printers without administration password. ([#8443](https://labs.riseup.
# Known issues
* Tor Browser 5.5 introduces [protection against fingerprinting](https://trac.
See the current list of [known issues](https://tails.boum.
# Installing
We also redesigned completely our download and installation instructions to make it easier to get started with Tails.
For example, you can now verify the ISO image automatically from Firefox using a special add-on.
You can also install or upgrade Tails directly from Debian or Ubuntu using the `tails-installer` package.
[Try our new installation assistant.](https://tails.
