Three years ago a legal nightmare began for Eckart Seith. He had uncovered information about the CumEx tax fraud and informed German and Swiss authorities about the illegal activities. The Swiss, however, did not accuse the real criminals, but him instead. Last December, his time finally came: The Swiss judiciary found once only at his appeal that the prosecution of Seith’s courageous actions and the arrest warrants against Eckart Seith’s informants were wrong from the outset. The verdict is not yet final, but Eckart Seith is relieved. “Gerhard Schick, the Finanzwende and 18,000 supporters have created public support for us, which forced the Zurich judiciary to reverse after six futile attempts.”
xchroot v2.7 starts an own dbus session for the target user by default as many applications expect and as desktop environments like Xfce, Gnome or KDE require. Desktop file creation has been improved and is also used for exporting X-sessions like KDE or Gnome out of a chroot. Chroot escapes now do also work if an intermediately run program has closed the file descriptors so that you can also use it for desktop sessions. Another new feature is that xchroot can now also be used for merely switching the user with maintained X-access where no chroot is performed. This may be useful if you want to run your favourite browser cleanly separated with two different bookmark/history/other settings at the same time. The documentation about audio and user support as well as the intro has also been updated. /tmp mirroring has been made more secure by only exporting /tmp/.X11-unix by default. The old, possibly more compatible behaviour can be achieved with --on mirrtmp or permanently by adding mirrtmp to the MNTON variable definition at the beginning of the xchroot script. If multiple chroots to the same root and user occur, then the XAUTH-cookies for all chroots will now be merged into one file.
Bisphenol A was now finally classified by the European Chemicals Agency (ECHA) as a “particularly worrying substance” and the European Food Safety Authority (EFSA) recommends to reduce the DTA (daily tolerable reception) by the factor of 100,000 (message Global2000). This does not come long after the German BUND for environment and nature protection wrote: “A year ago it were yoga mats and skipping ropes, last summer food packaging, now gardening items. Whenever we test everyday products for dangerous substances, we will find them in so terrifyingly high concentrations that we are forced to turn to the authorities.” They have been referring to softening agents, fluorinated compounds in outdoor jackets and brominated flame retardants, not only to BPA. Now we hope that bisphenol A will not just be replaced by other harmful substances such as bisphenol F or S, but that producers will take on a real redesign of their products using harmless substances.
As a side effect of a routine control we have discovered a manipulated pdf file in /uni/ quasi by coincidence. The file did not equal the file from the directory of the seminary though it had initially been copied from there. The content of that directory has not changed since, neither should have the files in the web mirror directories. Both the online version and the versions in the upload and offline mirrors did show the same manipulated file. We have re-uploaded the fresh and unchanged file, we have uploaded it at hybrid-analysis.com and sent it the lead developer of Cuckoosandbox. Both parties have both versions of the file, our email and a description about the origins of the files in order to check it for viruses. Up to now we did not receive a notification whether the file in deed contains malware or not. It would also be possible that the file had merely been changed to prevent indexing by Google since the text of the original file can be read with ps2ascii, but not the supposedly manipulated version. The fact that our Openoffice version as used at that time produced pdfs readable by ps2ascii is also an indication that something has in deed been manipulated about that file. We have printed both files and compared them sentence by sentence but the printouts were exactly the same.
As we care about the security of our visitors we do now provide checksums in the SHA512SUMS.signed file also for our pdfs. We have double checked the integrity of all our other pdfs we offer for download. Additionally we want to encourage you to vote for 'make https the default protocol' in order to make the web a safer place. It is known from the Snowden Revelations that site administrators are an especially targeted group by western secret services and providers of content distribution networks seem to pose an especially worthwhile target. We would recommend every responsible administrator who cares about security to do web browsing and emailing either on a physically separated machine than the ssh logins or in a virtual machine. Unfortunately not even a virtual machine is a 100% protection as scarcely but in deed sandbox escapes from virtualization software become known.