autonomic-cooperative
/
autonomic.zone
Archived
5
0
Fork 0
Code Issues 15 Pull Requests 2 Releases Activity

Git tag: 7331e9af7d 

generated from commit 7331e9af7d
This commit is contained in:
autonomicgitlabci 2018-01-14 22:51:52 +00:00
parent a02ad504d2
commit a63fdb8466
4 changed files with 7 additions and 288 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
blog/index.html
View File

@ -48,26 +48,14 @@
<section class="spotlight">
<div class="image"><img src="/assets/images/spectre.jpg" alt="" /></div>
<div class="content">
<h2>
<a href="/blog/spectre-and-meltdown/" class="link">
Spectre and Meltdown
</a>
</h2>
<p>A Spectre Is Haunting Our Processors...</p>
</div>
</section>
<section class="spotlight">
<div class="image"><img src="/assets/images/thinkpad.jpg" alt="" /></div>
<div class="image"><img src="/assets/images/pic01.jpg" alt="" /></div>
<div class="content">
<h2>
<a href="/blog/our-founding-principles/" class="link">
Our Founding Principles
</a>
</h2>
<p>Autonomic Co-operative And Our Core Values</p>
<p>Autonomic Co-operative And Our Core Values.</p>
</div>
</section>

4
blog/our-founding-principles/index.html
View File

@ -48,10 +48,10 @@
<div
class="header-image"
style="background-image: url('/assets/images/thinkpad.jpg');"></div>
style="background-image: url('/assets/images/pic01.jpg');"></div>
<h2>Our Founding Principles</h2>
<p>Autonomic Co-operative And Our Core Values</p>
<p>Autonomic Co-operative And Our Core Values.</p>
<p><em>October 03, 2017</em></p>
</header>
<section class="wrapper style5">

260
blog/spectre-and-meltdown/index.html
View File

@ -1,260 +0,0 @@
<!DOCTYPE HTML>
<!--
Spectral by HTML5 UP
html5up.net | @ajlkn
Free for personal and commercial use under the CCA 3.0 license (html5up.net/license)
-->
<html>
<head>
<title>Autonomic Co-operative</title>
<meta charset="utf-8" />
<link rel="shortcut icon" href="/assets/images/favicon.ico" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<!--[if lte IE 8]><script src="/assets/js/ie/html5shiv.js"></script><![endif]-->
<link rel="stylesheet" href="/assets/styles/main.css" />
<!--[if lte IE 8]><link rel="stylesheet" href="/assets/css/ie8.css" /><![endif]-->
<!--[if lte IE 9]><link rel="stylesheet" href="/assets/css/ie9.css" /><![endif]-->
</head>
<body>
<div id="page-wrapper">
<header id="header" >
<h1><a href="/">Autonomic</a></h1>
<nav id="nav">
<ul>
<li class="special">
<a href="#menu" class="menuToggle"><span>Menu</span></a>
<div id="menu">
<ul>
<li><a href="/">Home</a></li>
<li><a href="/#core-values">Our Core Values</a></li>
<li><a href="/blog">Blog</a></li>
<li><a href="/#services">Services We Offer</a></li>
<li><a href="/#contact">Get In Touch</a></li>
</ul>
</div>
</li>
</ul>
</nav>
</header>
<!-- Main -->
<article id="main">
<header>
<div
class="header-image"
style="background-image: url('/assets/images/spectre.jpg');"></div>
<h2>Spectre and Meltdown</h2>
<p>A Spectre Is Haunting Our Processors...</p>
<p><em>January 11, 2018</em></p>
</header>
<section class="wrapper style5">
<div class="inner">
<p>Autonomic have now completed the process of applying patches to to all
of our servers in response to the so called Spectre and Meltdown
vulnerabilities. Our upstream providers have also confirmed that they have
patched their infrastructure. We will monitor the situation as it develops.</p>
<p>We are currently super busy with clients so we decided to repost the
excellent security bulletin from our friends over at <a href="https://riseup.net/">Rise Up</a>
which goes into detail oh how to update various operating systems. All credit
to them for the rest of this blog post.</p>
<h2 id="the-facts">The Facts</h2>
<p>As you have probably read, there are three related security problems in
contemporary CPUs. These vulnerabilities open the potential for a
nefarious program to steal passwords, secrets, and personal information
from you computer, even if the program is just Javascript loaded from a
web site you visit. These vulnerabilities are as serious as they sound,
and you should take action to upgrade your software.</p>
<ul>
<li>
<p>The first flaw, called “Meltdown,” affects nearly all Intel CPUs and
has been fixed with updates to most operating systems.</p>
</li>
<li>
<p>The two other flaws, called “Spectre,” apply to nearly all CPUs built
in the last 20 years, not just Intel, although they are more difficult
to exploit. There are no permanent fixes for Spectre available at this
time, although if you update your software you will make these attacks
much less likely.</p>
</li>
</ul>
<p>You should take <em>both</em> these steps now, for all your devices:</p>
<ul>
<li>
<p>Upgrade your web browser (see below). These fixes make the new
attacks against CPUs more much difficult.</p>
</li>
<li>
<p>Upgrade your operating system. There are updates available for
Windows, macOS, and GNU/Linux that fix the Meltdown vulnerability for
Intel CPUs and provide some mitigations for Spectre. Additionally, new
releases of iOS and Android have mitigations for Spectre.</p>
</li>
</ul>
<p>Better fixes will continue to arrive in the next weeks/months for your
operating system and software. Please keep your system up to date!</p>
<h2 id="browsers">Browsers</h2>
<p>By updating your browser, you can make it significantly harder for an
attacker to steal secrets off your computer using Javascript loaded from
a web site you visit.</p>
<p>Firefox version 57.0.4 and later <a href="https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/">includes mitigation measures</a>
against Spectre attack.</p>
<p>Edge has been updated to include Spectre migitations. When you apply the
latest Windows update, you will get the new version of Edge.</p>
<p>Safari will be updated very soon, according to Apple. Check the App
Store updates.</p>
<p>Chrome will include Spectre mitigations starting with version 64, to be
released Jan 23. In the mean time, you can change your configuration to
greatly mitigate <a href="https://support.google.com/chrome/answer/7623121?hl=en">against the Spectre vulnerability by enabling</a>
“site isolation.”</p>
<p>Additionally, please see <a href="https://riseup.net/en/better-web-browsing">Rise Ups better browsing guide</a> for
instructions on best practices for securing your web experience (which
will also help mitigate against these new attacks).</p>
<h2 id="windows">Windows</h2>
<p>For Windows 10, you must first upgrade any anti-virus software before
upgrading Windows. <a href="http://www.theregister.co.uk/2018/01/04/microsoft_windows_patch_meltdown/">Failure to do so may make your computer stop working</a>.</p>
<p>To upgrade Windows 10:</p>
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Select the Start button, and then go to Settings &gt; Update &amp; security &gt; Windows Update, and select Check for updates.
</code></pre></div></div>
<p>Now is a good time to enable automatic updates:</p>
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Select the "Start" button, then select "Settings" &gt; "Update &amp; security" &gt; "Windows Update" &gt; "Advanced options"
and then under "Choose how updates are installed", select "Automatic (recommended)".
</code></pre></div></div>
<p>If you are running Windows 7 or 8, an update is also available.</p>
<h2 id="macos">macOS</h2>
<p>If you already have macOS version 10.13.2 then you are <a href="https://support.apple.com/en-us/HT208394">protected against Meltdown</a>.
Otherwise, to upgrade macOS:</p>
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Open the App Store app on your Mac. Click "Updates" in the App Store toolbar, then use the "Update" buttons
to download and install any updates listed.
</code></pre></div></div>
<p>Now is a good time to check enable automatic updates:</p>
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Select the Apple menu, then select "System Preferences" &gt; "App Store" &gt; "Automatically check for updates".
</code></pre></div></div>
<p>Apple plans to soon release an update to Safari browser to provide some
mitigation against Spectre.</p>
<h2 id="ios">iOS</h2>
<p>Apple has said that iOS is affected by Spectre, and an update to
mitigate against most of the new attacks has been released. If you have
iOS version 11.2 or later, <a href="https://support.apple.com/en-us/HT208394">then you are good</a>.</p>
<p>To check for new updates, go to <code class="highlighter-rouge">Settings &gt; General &gt; Software Update.</code></p>
<h2 id="android">Android</h2>
<p>The bad news is that Android is vulnerable to Spectre and unless you
have a Google-branded phone or run a custom firmware you might not get
an update for months, if ever. However, the consensus among security
researchers at the moment is that the Spectre attack is difficult enough
that there are probably easier ways to compromise an Android device.
Yeah?</p>
<p>There is one thing you can do now to make your Android device more safe
against these new CPU attacks:</p>
<ul>
<li>Turn on <a href="https://support.google.com/chrome/answer/7623121?hl=en">“site isolation” in Chrome</a></li>
<li>Upgrade Chrome Browser after Jan 23.</li>
<li>Alternately, use Firefox for Android.</li>
</ul>
<h2 id="debianubuntu-gnulinux">Debian/Ubuntu GNU/Linux</h2>
<p>Run “Software Center” or “Software Updater.”</p>
<p>Alternately, open a terminal and type:</p>
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt update
sudo apt upgrade
sudo reboot
</code></pre></div></div>
<h2 id="fedora-gnulinux">Fedora GNU/Linux</h2>
<p>Open a terminal and type:</p>
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo dnf --refresh update kernel
sudo reboot
</code></pre></div></div>
</div>
</section>
</article>
<!-- Footer -->
<footer id="footer">
<ul class="icons">
<li><a href="https://twitter.com/autonomiccoop" class="icon fa-twitter" target="_blank"><span class="label">Twitter</span></a></li>
<li><a href="https://gitlab.com/autonomic-cooperative" class="icon fa-gitlab" target="_blank"><span class="label">GitLab</span></a></li>
</ul>
<ul class="copyright">
<li class="icon fa-creative-commons">&nbsp;Autonomic Co-operative</li>
</ul>
</footer>
</div>
<!-- Scripts -->
<script src="/assets/js/jquery.min.js"></script>
<script src="/assets/js/jquery.scrollex.min.js"></script>
<script src="/assets/js/jquery.scrolly.min.js"></script>
<script src="/assets/js/skel.min.js"></script>
<script src="/assets/js/util.js"></script>
<script src="//cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js"></script>
<!--[if lte IE 8]><script src="/assets/js/ie/respond.min.js"></script><![endif]-->
<script src="/assets/js/main.js"></script>
</body>
</html>
<!-- Piwik -->
<script type="text/javascript">
var _paq = _paq || [];
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
_paq.push(['setTrackerUrl', 'https://api-183ae21d2fb4215fa8fb3bbf13fbda21.autonomic.sandcats.io']);
_paq.push(['setSiteId', 1]);
_paq.push(['setApiToken', '6X45HLvJ0KWNiLTlhbZ-uuhZcXfg9n3bDauHalRZMSh']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src='https://6aurs6uetbyvpubfuh5y.autonomic.sandcats.io/embed.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<!-- End Piwik Code -->
</body>
</html>

15
index.html
View File

@ -76,19 +76,10 @@
<section class="spotlight">
<div class="image"><img src="/assets/images/spectre.jpg" alt="" /></div>
<div class="content">
<h2><a href="/blog/spectre-and-meltdown/" class="link">Spectre and Meltdown</a></h2>
<p>A Spectre Is Haunting Our Processors...</p>
</div>
</section>
<section class="spotlight">
<div class="image"><img src="/assets/images/thinkpad.jpg" alt="" /></div>
<div class="image"><img src="/assets/images/pic01.jpg" alt="" /></div>
<div class="content">
<h2><a href="/blog/our-founding-principles/" class="link">Our Founding Principles</a></h2>
<p>Autonomic Co-operative And Our Core Values</p>
<p>Autonomic Co-operative And Our Core Values.</p>
</div>
</section>
@ -168,7 +159,7 @@
<p>
A grounded and principled understanding of the cybersecurity domain can ensure
your organisation is not liable to any unwanted security threats. We provide
structured training taliored to your threat model.
structured training.
</p>
</li>
</ul>