Language Selection

English French German Italian Portuguese Spanish

Security: Intel, Cisco, Apple, FBI

Filed under
Security
  • How Much Slower Will My PC Become After Meltdown And Spectre Patches?
  • Intel's Microcode Update for Spectre Exploit Is Now Available in Ubuntu's Repos

    Canonical announced a few moments ago that Intel's latest microcode update for the Spectre security vulnerability is now available from the software repositories of all supported Ubuntu Linux releases.

    After releasing earlier this week new kernel updates to mitigate the Meltdown and Spectre security exploits that put billions of devices at risk of attacks by allowing a local, unprivileged attacker to obtain sensitive information from kernel memory, Canonical now released the updated microcode from Intel for supported Intel CPUs.

  • Cisco can now sniff out malware inside encrypted traffic

    Cisco has switched on latent features in its recent routers and switches, plus a cloud service, that together make it possible to detect the fingerprints of malware in encrypted traffic.

    Switchzilla has not made a dent in transport layer security (TLS) to make this possible. Instead, as we reported in July 2016, Cisco researchers found that malware leaves recognisable traces even in encrypted traffic. The company announced its intention to productise that research last year and this week exited trials to make the service – now known as Encrypted Traffic Analytics (ETA) - available to purchasers of its 4000 Series Integrated Service Routers, the 1000-series Aggregation Services Router and the model 1000V Cloud Services Router 1000V.

    Those devices can’t do the job alone: users need to sign up for Cisco’s StealthWatch service and let traffic from their kit flow to a cloud-based analytics service that inspects traffic and uses self-improving machine learning algorithms to spot dodgy traffic.

  • MacOS High Sierra security bug lets you unlock App Store System Preferences with any random password

    According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon. If it is unlocked, lock it and then try unlocking it using your username and any password.

  • Intel tells select customers not to use its bug fixes

    Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

  • Canonical reissues Meltdown and Spectre patches for Ubuntu after borkage
  • A Step in the Right Direction: House Passes the Cyber Vulnerability Disclosure Reporting Act

    The House of Representatives passed the “Cyber Vulnerability Disclosure Reporting Act” this week. While the bill is quite limited in scope, EFF applauds its goals and supports its passage in the Senate.

    H.R. 3202 is a short and simple bill, sponsored by Rep. Sheila Jackson Lee (D-TX), that would require the Department of Homeland Security to submit a report to Congress outlining how the government deals with disclosing vulnerabilities. Specifically, the mandated report would comprise two parts. First, a “description of the policies and procedures developed [by DHS] for coordinating cyber vulnerability disclosures,” or in other words, how the government reports flaws in computer hardware and software to the developers. And second, a possibly classified “annex” containing descriptions of specific instances where these policies were used to disclose vulnerabilities in the previous year, leading to mitigation of the vulnerabilities by private actors.

    Perhaps the best thing about this short bill is that it is intended to provide some evidence for the government’s long-standing claims that it discloses a large number of vulnerabilities. To date, such evidence has been exceedingly sparse; for instance, Apple received its first ever vulnerability report from the U.S. government in 2016. Assuming the report and annex work as intended, the public’s confidence in the government’s ability to “play defense” may actually increase.

  • FBI Says Device Encryption Is 'Evil' And A Threat To Public Safety

    The FBI continues its anti-encryption push. It's now expanded past Director Christopher Wray to include statements by other FBI personnel. Not that Chris Wray isn't taking every opportunity he can to portray personal security as a threat to the security of the American public. He still is. But he's no longer the only FBI employee willing to speak up on the issue.

    Wray expanded his anti-encryption rhetoric last week at a cybersecurity conference in New York. In short, encryption is inherently dangerous. And the FBI boss will apparently continue to complain about encryption without offering any solutions.

  • Canonical Says It'll Release New Ubuntu Kernels to Further Mitigate Spectre Bugs

    Canonical's Dean Henrichsmeyer published today an update on the Ubuntu patches for the Meltdown and Spectre security vulnerabilities and what they plan on doing next to mitigate these critical bugs.

    By now, most of you have probably updated your Ubuntu Linux computers to the new kernel versions Canonical released earlier this week, as well as the new Nvidia proprietary graphics driver and Firefox web browser, both including patches to mitigate the Meltdown and Spectre exploits affecting billions of devices powered by modern processors from Intel, AMD, and ARM.

More in Tux Machines

Graphics: XWayland, Ozone-GBM, Freedreno, X.Org, RadeonSI

  • The Latest Batch Of XWayland / EGLStream Improvements Merged
    While the initial EGLStreams-based support for using the NVIDIA proprietary driver with XWayland was merged for the recent X.Org Server 1.20 release, the next xorg-server release will feature more improvements.
  • Making Use Of Chrome's Ozone-GBM Intel Graphics Support On The Linux Desktop
    Intel open-source developer Joone Hur has provided a guide about using the Chrome OS graphics stack on Intel-based Linux desktop systems. In particular, using the Chrome OS graphics stack on the Linux desktop is primarily about using the Ozone-GBM back-end to Ozone that allows for direct interaction with Intel DRM/KMS support and evdev for input.
  • Freedreno Reaches OpenGL ES 3.1 Support, Not Far From OpenGL 3.3
    The Freedreno Gallium3D driver now supports all extensions required by OpenGL ES 3.1 and is also quite close to supporting desktop OpenGL 3.3.
  • X.Org Is Looking For A North American Host For XDC2019
    If software development isn't your forte but are looking to help out a leading open-source project while logistics and hospitality are where you excel, the X.Org Foundation is soliciting bids for the XDC2019 conference. The X.Org Foundation is looking for proposals where in North America that the annual X.Org Developers' Conference should be hosted in 2019. This year it's being hosted in Spain and with the usual rotation it means that in 2019 they will jump back over the pond.
  • RadeonSI Compatibility Profile Is Close To OpenGL 4.4 Support
    It was just a few days ago that the OpenGL compatibility profile support in Mesa reached OpenGL 3.3 compliance for RadeonSI while now thanks to the latest batch of patches from one of the Valve Linux developers, it's soon going to hit OpenGL 4.4. Legendary open-source graphics driver contributor Timothy Arceri at Valve has posted 11 more patches for advancing RadeonSI's OpenGL compatibility profile support, the alternative context to the OpenGL core profile that allows mixing in deprecated OpenGL functionality. The GL compatibility profile mode is generally used by long-standing workstation software and also a small subset of Linux games.

Software, KDE and GNOME Leftovers

  • Drawing Feynman Diagrams for Fun and Profit with JaxoDraw
    When first developed, theoretical physics was mostly done either with pen and paper or on a chalkboard. Not much thought was given as to how you could render these drawings within a document being written on a computer. JaxoDraw is meant to help fill in that gap in document layout and provide the ability to render these drawings correctly and give output you can use in your own documents. JaxoDraw is written in Java, so it should run under almost any operating system. Unfortunately, it isn't likely to be in the package repository for most distributions, so you'll need to download it from the project's website. But, because it's packaged as a jar file, it's relatively easy to run.
  • Kodi v18 Leia - Alpha 2
    We have been relatively quiet for a while and several months have past since the first pre-release Alpha build. Today we present you the second official Alpha build in this pre-release trilogy. It is a continuation of the first one which was released beginning of March and contains our continous battle against the dark side that consist of bugs and usability problems.
  • Kodi 18 Alpha 2 Released With Stability & Usability Improvements + New Wayland Code
    It's been a few months since the Kodi 18 Alpha while available today is the second alpha release of this major update to the open-source, cross-platform HTPC software. Kodi developers have been spending the past few months working on a range of stability and usability enhancements to this software formerly known as XBMC. Kodi 18's latest additions include live TV viewing improvements, Windows support improvements, continued Android integration enhancements, re-introducing Wayland protocol support, video player enhancements, and more.
  • LibreOffice color selector as GTK widgets
    Here's what the native GTK widget mode for the color picker looks like at the moment under Wayland. A GtkMenuButton displaying a color preview of the currently selected color and a GtkPopover containing the color selection widgetry.
  • TenFourFox FPR8 available
    TenFourFox Feature Parity Release 8 final is now available (downloads, hashes, release notes). There are no changes from the beta except for outstanding security patches. As usual, it will go live Monday night, assuming no changes.
KDE:
  • Latte Dock, Beta 1 for v0.8 (v0.7.95)
    Hello everyone Latte Dock v0.7.95 which is the first beta of v0.8 is here. Latte v0.8 is a huge release and one of its main goals is to make the user feel with it very natural and comfortable. [...] Important for contributors: Beta1 will last 10 days, during these days translators will be able to report string improvements at bugs.kde.org. English isnt my native language, (proof reading / simpler expanations) might be necessary. When Beta2 is released around 3 to 5 July the string freeze will take place. Beta2 period will last 10 more days. So v0.8 is scheduled for 13 to 15 Jully. During all these days improvements and fixes can be landed through review process at kde phabricator.
  • Musing About Communities Size And Activity
    If you remember my previous installment I raised a couple more questions which I pointed out as tougher to address and I'd keep on the side for a while. Well, I decided to look at something simpler in the meantime... which unexpectedly took more time than expected. First I thought I'd try to reproduce the cohesion graph from Paul's Akademy 2014 talk... but it looks like we have a reproducibility issue on that one. However hard I try I don't manage to reproduce it. What I get is very different, so either there's a bug in my tentative script or there was a bug in Paul's script or somehow the input data is different. So one more mysteries to explore, I'm at a loss about what's going on with that one so far.
  • Second Post and First Weekly
    Because of the last one, I have been refactoring related code in the last month. The refactoring is generally completed, with KisDlgInternalColorSelector being the last dependency that haven’t been moved to enable KisPaletteView to be used everywhere needed.
GNOME:
  • Ubuntu Developers Working On Improvements To GNOME Software Store
    Canonical/Ubuntu developers are working on improvements to the GNOME Software "app store" and recently held an in-person design sprint along with one upstream GNOME developer for coming up with improvements. The Ubuntu developers working on improvements to GNOME Software were joined by prolific GNOME contributor Richard Hughes for brainstorming improvements to better GNOME Software over the months to come.
  • App Launching From GNOME Shell Now More Robust Under Memory Pressure & Faster
    Right now on systems with low amounts of available system memory, GNOME Shell can sometimes fail to launch applications due to an error over not being able to allocate memory in the fork process. With the latest rounds of Glib optimizations, this should no longer be the case.
  • GNOME Web Browser is Adding a Reader Mode
    An experimental reader mode will ship in the next version of GNOME Web, aka Epiphany. The feature is already available to try in the latest development builds of the GTK Webkit-based web browser, released this week as part of the GNOME 3.29.3 milestone.

today's howtos

Wine 3.11 Released and Turok Remastered Roars on to Linux

  • Wine Announcement
    The Wine development release 3.11 is now available.
  • Wine 3.11 Brings Debugging Support For WoW64 Processes, Better Reporting Of HT CPUs
    Wine 3.11 is now available as the newest bi-weekly development release of this software for running Windows programs/games/applications on Linux and other operating systems. With Wine 3.11 there is better debugger support for WoW64 (Windows 32-bit on Windows 64-bit) processes, support for SHA256/SHA384 hashes inside ECDSA signatures, better reporting of virtual CPU cores via Hyper Threading / SMT, improvements to the standard Task Dialog, and a total of 12 known bug fixes.
  • Turok Remastered Roars on to Linux
    A remastered version of ‘Turok: Dinosaur Hunter’ has arrived on Linux. The game first found fame on the Nintendo 64 back way back in 1997, where it helped define the fledgling first-person shooter genre for an entire generation of gamers. Now a high-definition, remastered port is available to play on Linux, having stomped its way on to the Xbox One in May,