Heute vor drei Jahren begann für Eckart Seith ein juristischer Alptraum. Er hatte Informationen über den CumEx-Steuerraub aufgedeckt und neben deutschen auch schweizer Behörden über die illegalen Machenschaften informiert. Die Schweizer aber klagten nicht etwa die wahren Verbrecher, sondern ihn an. Letzten Dezember war es dann endlich soweit: Die Schweizer Justiz stellte erst in zweiter Instanz fest, daß die Verfolgung von Seiths mutigem Handeln und die Haftbefehle gegen Eckart Seiths Informanten von Anfang an Unrecht gewesen sind. Noch ist das Urteil nicht rechtskräftig, aber Eckart Seith ist erleichtert. „Gerhard Schick, die Finanzwende und 18.000 Unterstützer haben für uns den öffentlichen Rückhalt geschaffen, der nach sechs vergeblichen Anläufen die Züricher Justiz zur Umkehr genötigt hat.”
xchroot v2.7 starts an own dbus session for the target user by default as many applications expect and as desktop environments like Xfce, Gnome or KDE require. Desktop file creation has been improved and is also used for exporting X-sessions like KDE or Gnome out of a chroot. Chroot escapes now do also work if an intermediately run program has closed the file descriptors so that you can also use it for desktop sessions. Another new feature is that xchroot can now also be used for merely switching the user with maintained X-access where no chroot is performed. This may be useful if you want to run your favourite browser cleanly separated with two different bookmark/history/other settings at the same time. The documentation about audio and user support as well as the intro has also been updated. /tmp mirroring has been made more secure by only exporting /tmp/.X11-unix by default. The old, possibly more compatible behaviour can be achieved with --on mirrtmp or permanently by adding mirrtmp to the MNTON variable definition at the beginning of the xchroot script. If multiple chroots to the same root and user occur, then the XAUTH-cookies for all chroots will now be merged into one file.
Jetzt wurde Bisphenol A endlich von der europäischen Chemikalienagentur (ECHA) als “besonders besorgniserregender Stoff” eingestuft und die Europäische Behörde für Lebensmittelsicherheit (EFSA) empfiehlt, die DTA (duldbare tägliche Aufnahme) um den Faktor 100.000 zu reduzieren (Nachricht Global2000). Das kommt nicht lange nachdem uns der deutsche BUND für Umwelt und Naturschutz geschrieben hat: „Vor einem Jahr waren es Yogamatten und Springseile, im letzten Sommer Lebensmittelverpackungen, jetzt Gartenartikel. Wann immer wir Alltagsprodukte auf gefährliche Schadstoffe untersuchen, werden wir fündig. Und zwar in so erschreckend hohem Maße, daß wir uns gezwungen sehen, die Behörden einzuschalten.” Das hat sich auf Weichmacher, auch auf fluorierte Verbindungen für Outdoorjacken und bromierte Verbindungen zum Flammschutz bezogen, nicht nur auf BPA. Bleibt jetzt zu hoffen übrig, daß Bisphenol A nicht bloß durch andere schädliche Stoffe wie Bisphenol F oder S ersetzt wird, sondern daß es zu einem wirklichen Redesign der Produkte mit unschädlichen Stoffen kommt.
As a side effect of a routine control we have discovered a manipulated pdf file in /uni/ quasi by coincidence. The file did not equal the file from the directory of the seminary though it had initially been copied from there. The content of that directory has not changed since, neither should have the files in the web mirror directories. Both the online version and the versions in the upload and offline mirrors did show the same manipulated file. We have re-uploaded the fresh and unchanged file, we have uploaded it at hybrid-analysis.com and sent it the lead developer of Cuckoosandbox. Both parties have both versions of the file, our email and a description about the origins of the files in order to check it for viruses. Up to now we did not receive a notification whether the file in deed contains malware or not. It would also be possible that the file had merely been changed to prevent indexing by Google since the text of the original file can be read with ps2ascii, but not the supposedly manipulated version. The fact that our Openoffice version as used at that time produced pdfs readable by ps2ascii is also an indication that something has in deed been manipulated about that file. We have printed both files and compared them sentence by sentence but the printouts were exactly the same.
As we care about the security of our visitors we do now provide checksums in the SHA512SUMS.signed file also for our pdfs. We have double checked the integrity of all our other pdfs we offer for download. Additionally we want to encourage you to vote for 'make https the default protocol' in order to make the web a safer place. It is known from the Snowden Revelations that site administrators are an especially targeted group by western secret services and providers of content distribution networks seem to pose an especially worthwhile target. We would recommend every responsible administrator who cares about security to do web browsing and emailing either on a physically separated machine than the ssh logins or in a virtual machine. Unfortunately not even a virtual machine is a 100% protection as scarcely but in deed sandbox escapes from virtualization software become known.
