[ Main ] [ Home ] [ Work ] [ Code ] [ Rants ] [ Readings ] [ Links ]
[2024]
[2023]
[2022]
[2021]
[2020]
[2019]
December
November
October
September
August
July
June
May
April
March
February
January
[2018]
[2017]
[2016]
[2015]
[2014]
[2013]
[2012]
[2011]
[2010]
[2009]
[2008]
[2007]
[2006]
[2005]
[2004]
[2003]

[Tue Apr 30 11:03:51 CDT 2019]

Although one seriously doubt it was ever different, reading the news is becoming more and more tiresome these days due to the high level of bias (of a political nature, most of the times). Today, for example, I received a notification on my phone that hidden backdoors were found on some Huawei network equipment, according to Bloomberg. However, when reading the body of the article, it seems as if what the journalist calls "hidden backdoors" truly amounts to shipping with the telnet port open. According to the article itself:

Along with issues affecting its networking equipment, Vodafone Italy also identified issues with Huawei’s home internet routers, which Vodafone believed would give Huawei backdoor access to both local machines and wide-area networks. Huawei was reportedly reluctant to disable the Telnet feature that was creating the vulnerability, claiming it relied on it to configure the devices remotely.

Huawei characterized the vulnerabilities as “mistakes” rather than deliberate inclusions in the equipment. “These were technical mistakes in our equipment, which were identified and corrected,” the company told ZDNet, “The accepted definition of ‘backdoors’ is deliberately built-in vulnerabilities that can be exploited — these were not such. They were mistakes which were put right.”

A computer security professor quoted in the report, Stefano Zanero, said that there’s no obvious way to know if a vulnerability is an accidental bug or an intentional backdoor. However, he added that “the vulnerabilities described in the Vodafone reports from 2009 and 2011 have all the characteristics of backdoors: deniability, access and a tendency to be placed again in subsequent versions of the code.”

Let us be clear. In this day and age, sure allowing access to the telnet port should be considered a vulnerability. However, that doesn't amount to a "hiddem backdoor" by any stretch of the mind. Yet, since Huawei is a Chinese company and it happens to be in the middle of a trade dispute involving the US, all of a sudden we have been seeing news reports like this showing up here and there. Mind you, it's not as if American products have not shipped with similar "hidden backdoors" in the past. {link to this entry}

[Wed Apr 3 11:47:12 CDT 2019]

After spending a while struggling to get the simple terminal to work (for whatever reason, it didn't appear to refresh the terminal screen correctly when running the mutt email client, at least when compiled with the solarized patch), I decided to give good old xterm a try. The objective here was using a no frills terminal emulator (sorry, not a fancy guy here) that still provided the features I need to do my daily work. Prety quickly I ran into an issue when attempting to copy and paste from xterm using the keyboard, just as I had been doing on the GNOME Terminal for a long time. It didn't take long to find the solution online. Simply add the following to your ~/.Xresources file, and run xrdb -merge ~/.Xresources for the new options to take effect: 

XTerm*vt100.translations: #override \
    Shift Ctrl  C: copy-selection(CLIPBOARD) \n\
    Shift Ctrl  V: insert-selection(CLIPBOARD)

Be aware that, at least in my case, I had already added the following option to the same file: 

xterm*selectToClipboard: true
{link to this entry}