Language Selection

English French German Italian Portuguese Spanish

Security: Intel, Cisco, Apple, FBI

Filed under
Security
  • How Much Slower Will My PC Become After Meltdown And Spectre Patches?
  • Intel's Microcode Update for Spectre Exploit Is Now Available in Ubuntu's Repos

    Canonical announced a few moments ago that Intel's latest microcode update for the Spectre security vulnerability is now available from the software repositories of all supported Ubuntu Linux releases.

    After releasing earlier this week new kernel updates to mitigate the Meltdown and Spectre security exploits that put billions of devices at risk of attacks by allowing a local, unprivileged attacker to obtain sensitive information from kernel memory, Canonical now released the updated microcode from Intel for supported Intel CPUs.

  • Cisco can now sniff out malware inside encrypted traffic

    Cisco has switched on latent features in its recent routers and switches, plus a cloud service, that together make it possible to detect the fingerprints of malware in encrypted traffic.

    Switchzilla has not made a dent in transport layer security (TLS) to make this possible. Instead, as we reported in July 2016, Cisco researchers found that malware leaves recognisable traces even in encrypted traffic. The company announced its intention to productise that research last year and this week exited trials to make the service – now known as Encrypted Traffic Analytics (ETA) - available to purchasers of its 4000 Series Integrated Service Routers, the 1000-series Aggregation Services Router and the model 1000V Cloud Services Router 1000V.

    Those devices can’t do the job alone: users need to sign up for Cisco’s StealthWatch service and let traffic from their kit flow to a cloud-based analytics service that inspects traffic and uses self-improving machine learning algorithms to spot dodgy traffic.

  • MacOS High Sierra security bug lets you unlock App Store System Preferences with any random password

    According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon. If it is unlocked, lock it and then try unlocking it using your username and any password.

  • Intel tells select customers not to use its bug fixes

    Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

  • Canonical reissues Meltdown and Spectre patches for Ubuntu after borkage
  • A Step in the Right Direction: House Passes the Cyber Vulnerability Disclosure Reporting Act

    The House of Representatives passed the “Cyber Vulnerability Disclosure Reporting Act” this week. While the bill is quite limited in scope, EFF applauds its goals and supports its passage in the Senate.

    H.R. 3202 is a short and simple bill, sponsored by Rep. Sheila Jackson Lee (D-TX), that would require the Department of Homeland Security to submit a report to Congress outlining how the government deals with disclosing vulnerabilities. Specifically, the mandated report would comprise two parts. First, a “description of the policies and procedures developed [by DHS] for coordinating cyber vulnerability disclosures,” or in other words, how the government reports flaws in computer hardware and software to the developers. And second, a possibly classified “annex” containing descriptions of specific instances where these policies were used to disclose vulnerabilities in the previous year, leading to mitigation of the vulnerabilities by private actors.

    Perhaps the best thing about this short bill is that it is intended to provide some evidence for the government’s long-standing claims that it discloses a large number of vulnerabilities. To date, such evidence has been exceedingly sparse; for instance, Apple received its first ever vulnerability report from the U.S. government in 2016. Assuming the report and annex work as intended, the public’s confidence in the government’s ability to “play defense” may actually increase.

  • FBI Says Device Encryption Is 'Evil' And A Threat To Public Safety

    The FBI continues its anti-encryption push. It's now expanded past Director Christopher Wray to include statements by other FBI personnel. Not that Chris Wray isn't taking every opportunity he can to portray personal security as a threat to the security of the American public. He still is. But he's no longer the only FBI employee willing to speak up on the issue.

    Wray expanded his anti-encryption rhetoric last week at a cybersecurity conference in New York. In short, encryption is inherently dangerous. And the FBI boss will apparently continue to complain about encryption without offering any solutions.

  • Canonical Says It'll Release New Ubuntu Kernels to Further Mitigate Spectre Bugs

    Canonical's Dean Henrichsmeyer published today an update on the Ubuntu patches for the Meltdown and Spectre security vulnerabilities and what they plan on doing next to mitigate these critical bugs.

    By now, most of you have probably updated your Ubuntu Linux computers to the new kernel versions Canonical released earlier this week, as well as the new Nvidia proprietary graphics driver and Firefox web browser, both including patches to mitigate the Meltdown and Spectre exploits affecting billions of devices powered by modern processors from Intel, AMD, and ARM.

More in Tux Machines

Android Leftovers

today's leftovers

Games: Atari VCS Console, Humble Store and TUNG (The Ultimate Nerd Game)

  • Atari VCS Console Runs a Custom Linux Distro Called “AtariOS”
    Following criticism of its mediocre internal makeup the Ataris VCS console will now ship with 8GB RAM by default, up from the 4GB proposed during the funding push. It’s a decent increase in memory that should help the system cope better with more intensive indie games (don’t expect AAA titles to play nicely on the machine with the middling AMD Bristol Ridge APU).
  • Humble Store is doing a 'Pixel Perfect Platformers Sale' and it has some top Linux games for cheap
    For those of you who love your platformers, regardless of them being 2D, 3D, puzzle or action adventures there's bound to be something for the bored Linux gamer in the Humble Store Pixel Perfect Platformers Sale.
  • TUNG (The Ultimate Nerd Game) made me realise how stupid I really am
    The Ultimate Nerd Game or TUNG for short, is a first-person sandbox game about building intricate machines and it made me feel so very dumb. If you loved Minecraft's Redstone circuits or anything remotely similar, this is probably a free game you're going to love. For me, it was an exercise in frying my brain like it's in a microwave.

OSS Leftovers

  • Pharmaceutical industry gets first open source platform for Level 4 serialization
    Pharmaceutical companies today for the first time have an open source alternative for level 4 serialization with the launch of QU4RTET, a platform that provides them with new flexibility, transparency and affordability as they comply with global drug anti-counterfeiting laws.
  • Kontron Uses Open Source to Move Beyond Bare Metal
    Kontron, a company known for its embedded computing technology, is leveraging virtualization and open source to become a direct supplier to large service providers, promising to integrate hardware and operating system software with best-of-breed virtual network functions. That new sales strategy has evolved to support containers, particularly as they fit at the edge of the network, which for Kontron AG is the cell tower. In May, Kontron announced that its integrated SYMKLOUD open source platform now supports the latest versions of OpenStack for virtual machines and bare metal, as well as Kubernetes v1.10 for Docker and containers, via its distribution partnership with Canonical.
  • Open Source Expands In Finance With The FINOS Platform
  • Global Open Source Services Market Forecast to 2025 Published by Marketresearchnest
  • Synopsys ARC HS4x Processors Now Supported By GCC
    The GCC 8 compiler brought the Synopsys ARC CPU target while for the GCC 9 release is going to be support for the company's HS4x processors. Merged today to mainline GCC is support for the HS4x CPUs within the ARC target. Adding this newer generation of ARC processors to the GNU Compiler Collection code-base was just a few hundred lines of code with building off the existing target code.
  • GPL Cooperation Commitment gets more support for open source licensing
    Red Hat has announced its open source license enforcement initiative is making new strides. As part of the GPL Cooperation Commitment, 14 new companies have joined the effort to promote greater predictability for GPLv2 and LGPLv2.x licenses. “Through this initiative, we hope ultimately to increase participation in the use and development of open source software by helping to ensure that enforcement, when it takes place, is fair and predictable,” according to the commitment’s website.
  • The Global IP Exchange: Human ingenuity and open source technology
    He said: “Customers do increasingly care about open source, and if you don’t comply you are at risk of upsetting authors, as well as litigation and injunctions.” “If you’re just distributing internally, then you’re fine, but as soon as it leaves your company, then you’ve triggered an obligation.” For those who don’t comply, he warned that either the licensor, or the Free Software Foundation will find out.
  • How to Setup Python Virtual Environment on Ubuntu 18.04
    Python is a versatile programming language that can be used for many different programming projects(Web - Mobile - Desktop). Easy to set up, and written in a relatively straightforward style with immediate feedback on errors, Python is a great choice for beginners and experienced developers alike. Python 3 is the most current version of the language and is considered to be the future of Python. This article will guide you through installing Python 3 on your local Linux machine and setting up a programming virtual environment via the command line. This article will explicitly cover the installation procedures for Ubuntu 18.04, but the general principles apply to any other distribution of Debian Linux.
  • How expensive is globbing for sources in large projects
    Since we have the measurement script, let's use it for something more interesting. Modules are an upcoming C++ feature to increase build times and a ton of other coolness depending on who you ask. The current specification works by having a kind of "module export declaration" at the beginning of source files. The idea is that you first compile those to generate a sort of a module declaration file and then you can start the actual compilation that uses said files. If you thought "waitaminute, that sounds exactly like how FORTRAN is compiled", you are correct. Because of this it has the same problem that you can't compile source files in an arbitrary order, but instead you must first somehow scan them to find out the interdependencies between source (not header) files. In practice what this means is that instead of single-phase compilation all files must be processed twice. All scan operations must be done before any compilation jobs can start because otherwise you might start to compile a file before its dependencies are fully processed. The scanning can be done in one of two ways. Either the build system scans the sources meaning it needs to understand the syntax of source files or the compiler can be invoked in a special preprocessing mode. Note that build systems such as Ninja do not do any such operations by themselves but instead always invoke external processes to do their work.
  • Security updates for Monday