$ git clone git@github.com:sdushantha/tmpmail.git

$ brew install w3m jq

$ ./tmpmail

[ Inbox for lbdfeenrzfh@1secmail.net ]

No new mail

We are receiving questions from our clients about the latest security issues found in CPUs.

Please be asured we are constantly monitoring all security announcements issued by our OS vendor (i.e. https://www.debian.org/security/) and we receive all updates to our email and we apply the changes within 24 hours as part our service.

We can confirm that all our servers are now safe from both the bugs.

Our PCI compliant server customers can are also protected by extra security measures which includes:

1. It’s a dedicated host fully under our control. No one else can make changes to the operation system. The Meltdown and Spectre bugs are most dangerous in Cloud servers environment, where multiple OS are running on one physical hardware (host), which gives an opportunity to a client OS owner to read information from another OS. This is not possible on this server as there is only one OS, which is under our control.
2. Hosted websites don’t have FTP/SFTP service available to our customers. No one else can upload a server side executable code (e.g. PHP file), exploring the discovered processor vulnerabilities. 

All other customers are running in a Cloud environment and the OS was fixed by our supplier, see https://forum.bytemark.co.uk/t/meltdown-specture-vulnerabilities-what-were-doing-about-them/2784

One great security feature Onxshop has is the way how user uploaded files are saved. Onxshop is saving all files outside of web folder, which means that it is not possible to execute any files uploaded by users. 

Here is an example how effective the Onxshop way is agains this type of security hole.

On our demo site, which is open to public CMS users, somebody tried to upload this .htaccess file, which allows to interpret PNGs as PHP script files. 

var/files/.htaccess
AddType application/x-httpd-php .png

The attacker then uploaded a script similar to this:

var/files/png.png
<?php # Web Shell by oRb
$auth_pass = "63a9f0ea7bb98050796b649e85481845";
$color = "#df5";
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
preg_replace("/.*/e","********");

Of course, it was rendered as completely useless and the attacker didn't gain any access to the website.

For example in Wordpress, backdoors can be hidden in scripts similar to this: /wp-content/upgrade/wp-mails.php

It looks like a genuine Wordpress script, but it's actually a file uploaded under a CMS user. This type of files are then used for sending spams, or executing DDoS attack.