Month: March 2022

Enlarge (credit: Getty Images)

Linux has yet another high-severity vulnerability that makes it easy for untrusted users to execute code capable of carrying out a host of malicious actions including installing backdoors, creating unauthorized user accounts, and modifying scripts or binaries used by privileged services or apps.

Dirty Pipe, as the vulnerability has been named, is among the most serious Linux threats to be disclosed since 2016. That's the year another high-severity and easy-to-exploit Linux flaw (named Dirty Cow) came to light as it was being used to hack a researcher's server. Researchers in 2016 demonstrated how to exploit Dirty Cow to root any Android phone regardless of the the mobile OS version. Eleven months later, researchers unearthed 1,200 Android apps in third-party markets that maliciously exploited the flaw to do just that.

When Nobody becomes all powerful

The name Dirty Pipe is meant to both signal similarities to Dirty Cow and provide clues about the new vulnerability's origins. "Pipe" refers to a pipeline, a Linux mechanism for one OS process to send data to another process. In essence, a pipeline is two or more processes that are chained together so that the output text of one process (stdout) is passed directly as input (stdin) to the next one.

Rosario Dawson stars as a woman hunting for her missing son in the dystopian ruins of Manhattan in DMZ. The new miniseries is based on the comic book series created by Brian Wood and illustrated by Riccardo Burchielli. Part of the show will premiere during SXSW this month before landing on HBO Max. The official trailer just dropped, and it seems to be equal parts Escape from New York and FX/Hulu's Y: The Last Man.

(Some mild spoilers for the comic books below.)

Published from November 2005 through February 2012, Wood and Burchielli's comic book series is set in a near future in which the US has been devastated by the Second American Civil War, and Manhattan has turned into the demilitarized zone of the title. Only about 400,000 people remain on the island, mostly people too poor to evacuate, snipers associated with various factions, and stubborn holdouts who just refuse to leave. (The comics are very New York-centric, inspired by Wood's experiences living in NYC in early 2003—i.e., the aftermath of 9/11 and US invasion of Iraq.)

Enlarge (credit: B4B earth tea llc)

The Department of Justice, the Food and Drug Administration, and the Federal Trade Commission together filed a civil lawsuit against a New York man for falsely and repeatedly claiming that a $60 16-ounce bottle of herbal tea can prevent and cure COVID-19.

The agencies accused Andrew Martin Sinclair, who solely owns and operates B4B Earth Tea LLC, of selling snake oil and preying on vulnerable patients during a pandemic that has, to date, claimed the lives of more than 6 million people worldwide.

According to the lawsuit filed Thursday in the Eastern District Court of New York, Sinclair was warned multiple times by the federal agencies that his health claims for "Earth Tea" were illegal. Yet the Brooklyn resident, who goes by “Busta Sinclair,” continued to claim online and on social media that his herbal tea—said to be made of unnamed vegetables, aloe vera, honey, and bottled spring water—"works within minutes" to cure COVID-19 and can get someone "out of quarantine within 24 hours."