Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Six things you need to know about IoT security
  • OpenStack Cloud Security Moves Forward

    When it comes to understanding security in the cloud and specifically security in OpenStack clouds, there are many factors to consider. In a panel session moderated by eWEEK at the OpenStack Summit in Boston, leaders from across different elements of the OpenStack security spectrum provided insight and recommendations on cloud security.

    Security is a broad term in the OpenStack context and isn't just one single item. There is the OpenStack Security Project, which has a mission to help build tools and processes that help to secure OpenStack and its various projects. There is also the Vulnerability Management Team (VMT) that handles vulnerabilities for OpenStack project. Security in OpenStack is also reflected in various OpenStack projects, including notably Project Barbican for security key management. Finally there is just general security for cloud deployment by operators, which includes secure configuration and monitoring.

  • We Wuz Warned

    The tools that are infecting computers worldwide were indeed developed by, and then leaked from, the NSA. (Thanks for nothing, spooks.) The bitcoin.com article contains tips about how to protect yourself, and links to Windows patches, if you haven't yet been hit. Fortunately for us, the attacks seem to be focused on Windows systems; our Linux desktops are so far unscathed.

  • NSA-created cyber tool spawns global attacks — and victims include Russia

    Leaked alleged NSA hacking tools appear to be behind a massive cyberattack disrupting hospitals and companies across Europe, Asia, with Russia among the hardest-hit countries.

    But the Department of Homeland Security told POLITICO it had not confirmed any attacks in the U.S. on government targets or vital industries, such as hospitals and banks.

  • GCHQ tweeted about keeping Britain cyber-safe and it majorly backfired
  • Leaked NSA Hacking Tool On Global Ransomware Rampage [Ed: No, the problem isn't "patching" or "upgrade", the problem is Windows itself, irrespective of which version (back doors)]

    Thus, there's some debate online about whether the "problem" here is organizations who don't upgrade/patch or the NSA. Of course, these things are not mutually exclusive: you can reasonably blame both. Failing to update and patch your computers is a bad idea these days -- especially for large organizations with IT staff who should know better.

  • An NSA-derived ransomware worm is shutting down computers worldwide
  • WCry is so mean Microsoft issues patch for 3 unsupported Windows versions [Ed: Back doors in old versions of Windows belatedly closed because Microsoft risks losing millions of useds [sic] for good]

More in Tux Machines

today's howtos

KDE/Qt: Qt Contributor Summit 2018, Integrating Cloud Solutions with Qt, FreeBSD, and Konsole

  • Qt Contributor Summit 2018
    One bit especially interesting is the graphics stack. Back in Qt 5.0, Qt took the liberty of limiting the graphics stack to OpenGL, but the world has changed since: On Windows the only proper stack is Direct3D 12, Apple introduced Metal and recently deprecated OpenGL and Vulkan is coming rather strong. It looks like embracing these systems transparently will be one of the most exciting tasks to achieve. From a KDE & Plasma perspective I don’t think this is scary, OpenGL is here to stay on Linux. We will get a Framework based on a more flexible base and we can continue pushing Plasma, Wayland, Plasma Mobile with confidence that the world won’t be crumbling. And with a bit of luck, if we want some parts to use Vulkan, we’ll have it properly abstracted already.
  • Integrating Cloud Solutions with Qt
    These days, using the cloud for predictive maintenance, analytics or feature updates is a de facto standard in the automation space. Basically, any newly designed product has some server communication at its core. However, the majority of solutions in the field were designed and productized when communication technology was not at today’s level. Still, attempts are being made to attach connectivity to such solutions. The mission statement is to “cloudify” an existing solution, which uses some internal protocol or infrastructure.
  • KDE on FreeBSD – June 2018
    It’s been a while since I wrote about KDE on FreeBSD, what with Calamares and third-party software happening as well. We’re better at keeping the IRC topic up-to-date than a lot of other sources of information (e.g. the FreeBSD quarterly reports, or the f.k.o website, which I’ll just dash off and update after writing this).
  • Konsole’s search tool
    Following my konsole’s experiments from the past week I came here to show something that I’m working on with the VDG, This is the current Konsole’s Search Bar. [...] I started to fix all of those bugs and discovered that most of them happened because we had *one* search bar that was shared between every terminal view, and whenever a terminal was activated we would reposition, reparent, repaint, disconnect, reconnect the search bar. Easiest solution: Each Terminal has it’s own search bar. Setuped only once. The one bug I did not fix was the Opening / Closing one as the searchbar is inside of a layout and layouts would reposition things anyway. All of the above bugs got squashed by just moving it to TerminalDisplay, and the code got also much cleaner as there’s no need to manual intervention in many cases. On the review Kurt – the Konsole maintainer – asked me if I could try to make the Search prettier and as an overlay on top of the Terminal so it would not reposition things when being displayed.

LibreOffice 6.0 Is Now Ready for Mainstream Users and Enterprise Deployments

LibreOffice 6.0.5 is here one and a half months after the LibreOffice 6.0.4 point release to mark the open-source office suite as ready for mainstream users and enterprise deployments. The Document Foundation considers that LibreOffice 6.0 has been tested thoroughly and that it's now ready for use in production, enterprise environments. Until now, The Document Foundation only recommended the LibreOffice 6.0 office suite to bleeding-edge users while urging enterprises and mainstream users to use the well-tested LibreOffice LibreOffice 5.4 series, which reached end of life on June 11, 2018, with the last point release, LibreOffice 5.4.7. Read more

LibreOffice 6.0 Is Now Ready for Mainstream Users and Enterprise Deployments

The Document Foundation informed Softpedia today about the general availability of the fifth point release of the LibreOffice 6.0 open-source and cross-platform office suite for all supported operating systems. LibreOffice 6.0.5 is here one and a half months after the LibreOffice 6.0.4 point release to mark the open-source office suite as ready for mainstream users and enterprise deployments. The Document Foundation considers that LibreOffice 6.0 has been tested thoroughly and that it's now ready for use in production, enterprise environments. Read more Direct: The Document Foundation announces LibreOffice 6.0.5