Language Selection

English French German Italian Portuguese Spanish

Security: Meltdown and Spectre, Apple and More

Filed under
Security
  • Meltdown and Spectre Linux Kernel Status

    By now, everyone knows that something “big” just got announced regarding computer security. Heck, when the Daily Mail does a report on it , you know something is bad…

    Anyway, I’m not going to go into the details about the problems being reported, other than to point you at the wonderfully written Project Zero paper on the issues involved here. They should just give out the 2018 Pwnie award right now, it’s that amazingly good.

  • Linux Kernels 4.14.13, 4.9.76, and 4.4.111 Bring More Security Fixes, Update Now

    As promised, Linux kernel maintainer Greg Kroah-Hartman released today new versions of the Linux 4.14, 4.9, and 4.4 kernel series to address some of the regressions from previous builds and fix more bugs.

    Linux kernels 4.14.13, 4.9.76 LTS, and 4.4.111 LTS are now available for download from kernel.org, and they include more fixes against the Spectre security vulnerability, as well as some regressions from the Linux 4.14.12, 4.9.75 LTS, and 4.4.110 LTS kernels released last week, as some reported minor issues.

  • Red Hat Researchers: Spectre Chip Vulnerability Likely Worse For VMs Than Containers
  • Watching the meltdown.

    I have been watching Meltdown and Spectre unfold from the sidelines. Other than applying available updates, I'm just watching and absorbing the process of the disclosure. This one appears mid way along a long road.

    I teach mostly administrators. I teach some developers. I teach those in, or desiring to be in, infosec. I like teaching security topics. I think securing systems requires more people thinking about security from the beginning of design and as an everyday, no big deal part of life. A question I ask with these newsworthy issues is what normal practices can mitigate even part of the problems?  There are two big basics - least privilege and patch management - to always keep in mind. Issues like ShellShock and Venom were mostly mitigated from the beginning with SElinux enabled (least privilege) and WannaCry had little impact on those systems patched long ago when the SMB bug was first found and fixed.

    However, in some cases, both exploits and accidents come from doing something that no one else thought of trying. This is why I like open source. There is the option (not always used) for more people trying different things and finding better uses as well as potential flaws. Any type of cooperation and collaboration can be the source of some of these findings including pull requests, conference talks, or corporations working with academic research projects.

  • macOS High Sierra's App Store System Preferences Can Be Unlocked With Any Password

    A bug report submitted on Open Radar this week reveals a security vulnerability in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password.

  • Open Source Security Podcast: Episode 77 - npm and the supply chain

    Josh and Kurt talk about the recent npm happenings. What it means for the supply chain, and we end with some thoughts on how maybe none of this matters.

More in Tux Machines

Purism's Librem 5 Linux Phone Will Support Ubuntu Touch, Thanks to UBports

Lead by talented Linux developer Marius Gripsgard, the UBports Foundation keeps the Ubuntu Touch mobile OS developed by Canonical, the company behind the widely-used Ubuntu Linux operating system, alive for various popular smartphones, including Fairphone 2, Nexus 5, OnePlus One, as well as the BQ Aquaris M10 FHD tablet that was designed to run Ubuntu Touch in the first place. Now, Purism and UBports are partnering to offer the Ubuntu Touch mobile operating system on the upcoming Librem 5 Linux phone, which raised more than $2 million last fall​, promising to be the privacy and security-focused smartphone you've been expecting for a long time. While not the default OS, users will be able to easily run Ubuntu Touch on the Librem 5 phone. Read more also: UBPorts Ubuntu Touch To Be Supported By The Purism Librem 5

Ubuntu-Based ExTiX Distro, the Ultimate Linux System, Updates Its Deepin Edition

Based on the Ubuntu 18.04 LTS (Bionic Beaver) operating system, the ExTiX 18.4 Deepin Edition is now available and it ships updated components, including the latest Deepin 15.5 Desktop, the Calamares 3.1.12 universal installer framework, and a custom Linux 4.16.2 kernel with extra hardware support. "I’ve made a new extra version of ExTiX with Deepin 15.5 Desktop (made in China!)," said Arne Exton in the release announcement. "Only a minimum of packages is installed in ExTiX Deepin. You can, of course, install all the packages you want, even while running ExTiX Deepin live, i.e. from a DVD or USB stick." Read more

Stable kernels 4.16.4, 4.14.36, 4.9.96, 4.4.129 and 3.18.106

Things You Should Know About Ubuntu 18.04

This article answers frequently asked questions about Ubuntu 18.04 and thus informing you of the important things you should know about Ubuntu 18.04. Read more