Shell Shock: Bash bug labelled largest ever to hit the internet (http://www.theage.com.au/it-pro/security-it/shell-shock-bash-bug-labelled-largest-ever-to-hit-the-internet-20140925-10ltx1.html)

A new security vulnerability found in everything from iPhones and laptops to light bulbs and web cameras has been dubbed by security experts as worse than Heartbleed, the bug found earlier this year that affected almost every device.

The new bug, dubbed "Shell Shock", enables hackers to exploit a vulnerability in "Bash", the Unix shell used by millions of web servers, computers, phones and internet-connected devices such as light bulbs, thermostats and industrial control systems.

A Unix shell enables computer users to issue commands to an operating system. Typical users have no need for access to the shell but system administrators and others do.

Using the exploit, a hacker could take control of a device — such as a web camera or web server — and steal information from it, like live imagery or credit card information.

"This is likely the largest ever attack vector surface for any bug, ever," Australian security consultant Nik Cubrilovic said.

Chucky, could you repost that in English please? :confused::p

The only way for me to keep Ron away of my posts it is by copy and paste :D

That bug does not affect my vintage mobile phone, but those with with the modern ones have to be very careful.

Light bulbs? :o

Light bulbs? :o

On NCIS the other night the super virus from the super hacker spread via the computer power cables. Your light bulbs are not safe unless they are Macs.

Light bulbs? :o

Yep.. One can buy wifi controlled light bulbs. See http://au.lifx.co/

On NCIS the other night the super virus from the super hacker spread via the computer power cables. Your light bulbs are not safe unless they are Macs.

Mac? Safe? lol.
They are one of the most easily hacked things going now. Intel and BSD. Open systems with all code available for download free.
And as for this new virus, it's a Linux thing, gee, but the Linux people say that is safe and unhackable.

Only safe way to be sure your PC isn't vulnerable, is to pull the power plug and go live under a rock some place.

Here you go Arthur, Bob


BBC News - Shellshock: 'Deadly serious' new vulnerability found (http://www.bbc.com/news/technology-29361794)

It appears that this time it is a serious matter!

As many as 500 million computers may be at risk from a new software bug dubbed Shellshock that could give hackers a doorway to your desktop.

Shellshock: Bash software bug leaves up to 500 million computers at risk of hacking (http://www.abc.net.au/news/2014-09-26/shellshock-bug-leaves-up-to-500-million-computers-at-risk/5770952)

media beatup

Yep.. One can buy wifi controlled light bulbs. See LIFX (Australia) - the smart wifi light bulb (http://au.lifx.co/)
OMG! A hacker can turn my light bulb on and off at will!
Life will never be the same again.

Just doing a little reading on it suggests that the problem is not likely to affect desktop computers, laptops or phones, but is only going to affect servers. It may also affect server type devices such as routers.

To be vulnerable it seems to need not only a system that uses bash (most unix type operating systems including some android, most OS-X, Linux, BSD) but that also allows bash to be used to remotely control operations - which, while it includes most servers and many devices from modems to routers to perhaps even light bulbs, is not allowed by most end user computing devices such as desktops, laptops, phones, tablets etc.

John

Just received and implemented a security update to bash on my desktop!

John

Another alert here this morning.

Shellshock: How to protect your Unix, Linux and Mac servers | ZDNet (http://www.zdnet.com/shellshock-how-to-protect-your-unix-linux-and-mac-servers-7000034072/'s_cid=e539&ttag=e539&ftag=TRE17cfd61)

Us poor old left out Win users miss out again, sigh.
We don't have bash, that's a specialty of the "more secure" systems.:angel:

PS, I'm also one of the early Registered Linux Users, so don't go getting all bent on me please, and Unix, AIX, BSD, Solaris, QNX, and a cold chisel and half a brick just for good measure.