Easy Contact
253 Main Ave, Passaic NJ 07055Call 973-777-5656
info@advantagecomputers.com
Fax 973-777-5821
© 2024 ~ All Rights Reserved
Advantage Computer Solutions
Company
Services
Testimonials
Amazing!
Zack is amazing! I have gone to him with computer issues for the past few years now and he always finds a way to fix… Read more “Amazing!”
Professional, smart & sensitive
Cannot say enough good things about Zack Rahhal and his team. Professional, smart, sensitive to small biz budgets and a helluva good guy. Could not… Read more “Professional, smart & sensitive”
AMAZINGLY WONDERFUL STAFF
stars indeed. So reliable and helpful and kind and smart. We call Al and he is “on it” immediately and such a FABULOUS teacher, patient… Read more “AMAZINGLY WONDERFUL STAFF”
Whatever my need, unfailingly helpful
I’ve been a customer of the staff at Advantage for many years now. They have never let me down! Whatever my need, however big or… Read more “Whatever my need, unfailingly helpful”
Best Kept Secret
I’ve known the Advantage Team for years. They are the absolute best techs in the field, bar none. I couldn’t tell you how many tens… Read more “Best Kept Secret”
Excellent Experience
I had an excellent experience with Advantage. Aside from being extremely professional and pleasant generally, Zack was incredibly responsive and helpful, even before and after… Read more “Excellent Experience”
Simply The Best!
Simply The Best! Our company has been working with Advantage Computer Solutions for a few years, Zack and his Team are AWESOME! They are super… Read more “Simply The Best!”
Awesome
The engineering team at Advantage Computers is the best in the business. They are nothing short of technical… Read more “Awesome”
It’s like having a cousin in the business.
Al, Nasser and Zack have been keeping our operations going for over a decade, taking care of our regular upgrades and our emergency system problems.… Read more “It’s like having a cousin in the business.”
Exceptional People
In many cases, exceptional people do not receive recognition for their hard work and superior customer service. We do not want this to be one of those… Read more “Exceptional People”
Highly Recommended
I became a customer about 6-7 months and I can say nothing but great things about this business. Zack takes care of me. I am… Read more “Highly Recommended”
Life Savers
THANK GOD for this local computer repair business who saved me hundreds, my hard drive was messed up, i called the company with warranty they… Read more “Life Savers”
I don’t have enough words to express my appreciation
I don’t have enough words to express my appreciation for Nassar and Paul, and the other members of Advantage Computer Solutions. I live in Bergen… Read more “I don’t have enough words to express my appreciation”
Minuteman Press Newark
Advantage Computer Solutions is absolutely great. They show up, do what they say they are going to, complete the job without issues (my other computer… Read more “Minuteman Press Newark”
Knowledgeable, Reliable, Reasonable
Knowledgeable, Reliable, Reasonable Working with Advantage Computers since 1997 for both personal and business tech support has been a rewarding and enjoyable experience. Rewarding, in… Read more “Knowledgeable, Reliable, Reasonable”
Excellent service!
Excellent service! I am the administrator for a busy medical office which relies heavily on our computer system. We have used Advantage Computer Solutions for… Read more “Excellent service!”
Great Advice and Service
Advantage offers great advice and service I bought parts for my gaming pc online and they put it together in a day for a great… Read more “Great Advice and Service”
Great Service, Support and Sales
Our company has been using the services of Advantage Computers since 2006. It was important to find a reliable company to provide us with the technical… Read more “Great Service, Support and Sales”
Extremely Professional and Passionate
Our company has been working with Advantage since the 1990’s and have been a loyal client ever since. Advantage does not make it very difficult… Read more “Extremely Professional and Passionate”
Handles all our Office IT
Advantage Computer Solutions has handled all of our computer and IT needs for the past 2 years. The staff is always professional and the service… Read more “Handles all our Office IT”
Passaic Housing Authority
Since 1996 the Housing Authority of the City of Passaic has been a client of Advantage Computer Solutions. Our Agency has utilized their outstanding services… Read more “Passaic Housing Authority”
They made sure EVERYTHING was working
“When the computer I use to run my photography business started acting erratically and kept shutting down, I was in a panic. I depend on… Read more “They made sure EVERYTHING was working”
HermeticWiper: New data‑wiping malware hits Ukraine
Hundreds of computers in Ukraine compromised just hours after a wave of DDoS attacks brings down a number of Ukrainian websites
The post HermeticWiper: New data‑wiping malware hits Ukraine appeared first on WeLiveSecurity
Mitigating kernel risks on 32-bit ARM
Posted by Ard Biesheuvel, Google Open Source Security Team
Linux kernel support for the 32-bit ARM architecture was contributed in the late 90s, when there was little corporate involvement in Linux development, and most contributors were students or hobbyists, tinkering with development boards, often without much in the way of documentation.
Now 20+ years later, 32-bit ARM’s maintainer has downgraded its support level to ‘odd fixes,’ while remaining active as a kernel contributor. This is a common pattern for aging and obsolete architectures: corporate funding for Linux kernel development has tremendously increased the pace of development, but only for architectures with a high return on investment. As a result, the 32-bit ARM port of Linux is essentially in maintenance-only mode, and lacks core Linux advancements such as THREAD_INFO_IN_TASK or VMAP_STACK, which protect against stack overflow attacks.
The lack of developer attention does not imply that the 32-bit ARM port has ceased to make economic sense, though. Instead, it has evolved from being one of the spearheads of Linux innovation to a stable and mature platform, and while funding its upstream development may not make sense in the long term, deploying 32-bit ARM into the field today most certainly still makes economic sense when margins are razor thin and BOM costs need to be kept to an absolute minimum. This is why 32-bit ARM is still widely used in embedded systems like set-top boxes and wireless routers.
Ironically, at these low price points, the DRAM is actually the dominant component in terms of BOM cost, and many of these 32-bit ARM systems incorporate a cheap ARMv8 SoC that happens to be capable of running in 64-bit mode as well. The reason for running 32-bit applications nonetheless is that these generally use less of the expensive DRAM, and can be deployed directly without the need to recompile the binaries. As 32-bit applications don’t need a 64-bit kernel (which itself uses more memory due to its internal use of 64-bit pointers), the product ships with a 32-bit kernel instead.
If you’re choosing to use a 32-bit kernel for its smaller memory footprint, it’s not without risks. You’ll likely experience performance issues, unpatched vulnerabilities, and unexpected misbehaviors such as:
Keeping the 32-bit ARM kernel secure
There are cases, though, where using the 32-bit kernel is the only option, e.g., if the CPUs are in fact 32-bit only (which is the case even for some ARMv8 cores such as Cortex-A32), or when relying on an existing 32-bit only codebase running in the kernel (drivers for legacy peripherals). Note that in such cases, it still makes sense to use the most recent kernel version compatible with the hardware, since we are in fact making an effort to enable some of the existing hardening features on 32-bit ARM as well.
Support for IRQ stacks
Coming up with a bounded worst case on which to base the size of the kernel stack is rather hard, especially given the fact that it is shared between the program itself and any exception handling routines that may be called on its behalf, including interrupt handlers. To mitigate the risk of a pathological worst case occurring, where an interrupt fires that needs a lot of stack space right at a time when most of the stack is already being used by the program, we are also enabling IRQ_STACKS for 32-bit ARM, which will run handlers of both hard and soft interrupts from a dedicated stack, one for each CPU. By decoupling the task and interrupt contexts like this, the likelihood that a well-behaved program needs to be terminated due to stack overflow should be all but eliminated.
With these changes in place, kernel stack overflow protection will be available for all ARM systems supported by Linux, including ancient ones like the Risc PC or Netwinder, provided that it runs a Linux distribution that is keeping up with the times.
However, relying on legacy hardware and software comes with a risk, and even though we try to help keep users of the 32-bit kernel as safe as we reasonably can, it is not the right choice for new designs that incorporate 64-bit capable hardware.
Technology, Progress, and Climate
The climate solutions we need to transform every sector are here. The question is: what role will you play in this transformation? You, your community, your business, your government?
The post Technology, Progress, and Climate appeared first on WeLiveSecurity
Teenage cybercrime: How to stop kids from taking the wrong path
It’s never too late to prevent children from being dragged to the dark side and to ensure their skills are a force for good
The post Teenage cybercrime: How to stop kids from taking the wrong path appeared first on WeLiveSecurity
Integer overflow: How does it occur and how can it be prevented?
Make no mistake, counting on a computer is not as easy as it may seem. Here’s what happens when a number gets “too big”.
The post Integer overflow: How does it occur and how can it be prevented? appeared first on WeLiveSecurity
Week in security with Tony Anscombe
What does progress in technology mean? – IRS makes a U-turn on facial recognition but questions remain – What retailers need to know about cyberthreats
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Week in security with Tony Anscombe
What does progress in technology mean? – IRS makes a U-turn on facial recognition but questions remain – What retailers need to know about cyberthreats
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Folding the impossible into the reality of normal life
Progress is a driving force of humanity, but what does that word “progress” really mean and what part do we have to play?
The post Folding the impossible into the reality of normal life appeared first on WeLiveSecurity
Questions linger after IRS’s about‑face on facial recognition
Why would a tax agency contractor’s privacy policy mention collecting information about my Facebook friends?
The post Questions linger after IRS’s about‑face on facial recognition appeared first on WeLiveSecurity
🌹 Roses are red, Violets are blue 💙 Giving leets 🧑💻 more sweets 🍭 All of 2022!
Posted by Eduardo Vela, Vulnerability Matchmaker
Until December 31 2022 we will pay 20,000 to 91,337 USD for exploits of vulnerabilities in the Linux Kernel, Kubernetes, GKE or kCTF that are exploitable on our test lab.
We launched an expansion of kCTF VRP on November 1, 2021 in which we paid 31,337 to 50,337 USD to those that are able to compromise our kCTF cluster and obtain a flag. We increased our rewards because we recognized that in order to attract the attention of the community we needed to match our rewards to their expectations. We consider the expansion to have been a success, and because of that we would like to extend it even further to at least until the end of the year (2022).
During the last three months, we received 9 submissions and paid over 175,000 USD so far. The submissions included five 0days and two 1days. Three of these are already fixed and are public: CVE-2021-4154, CVE-2021-22600 (patch) and CVE-2022-0185 (writeup). These three bugs were first found by Syzkaller, and two of them had already been fixed on the mainline and stable versions of the Linux Kernel at the time they were reported to us.
Based on our experience these last 3 months, we made a few improvements to the submission process:
We are also changing the reward structure slightly. Going forward the rewards will be:
Bonuses
These changes increase some 1day exploits to 71,337 USD (up from 31,337 USD), and makes it so that the maximum reward for a single exploit is 91,337 USD (up from 50,337 USD). We also are going to pay even for duplicates at least 20,000 USD if they demonstrate novel exploit techniques (up from 0 USD). However, we will also limit the number of rewards for 1days to only one per version/build. There are 12-18 GKE releases per year on each channel, and we have two clusters on different channels, so we will pay the 31,337 USD base rewards up to 36 times (no limit for the bonuses). While we don’t expect every upgrade to have a valid 1day submission, we would love to learn otherwise. You can find the flag submission status for our clusters (and their versions) here.
We look forward to hearing from you, and continue to strengthen our shared ecosystem. If you are interested to participate but don’t know where to start, Arizona State University has a free public Kernel Exploitation workshop at https://dojo.pwn.college/challenges/kernel as part of an overall memory corruption course and you can find a community-maintained list of past Linux Kernel vulnerabilities, exploits and writeups curated by Andrey Konovalov at https://github.com/xairy/linux-kernel-exploitation.
This is part of our Vulnerability Reward Program, which we’ve been running for over 10 years, and the rules include some more information. Same as with our other rewards, we will double them if they are donated to charity, and submitters will be included on our site at bughunters.google.com. If you are ready to submit something, please read the instructions on our site here and if you have any other questions please contact us on Discord.