Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Microsoft, Google, and Telegram

Filed under
Security
  • Security updates for Wednesday
  • Winter Olympics was hit by cyber-attack, officials confirm [Ed: This is a Microsoft Windows issue, but Bill Fates is paying The Guardian, so...]
  • Google Patches Chromebooks Against Meltdown/Spectre, Adds New Chrome OS Features

    Earlier this month, Google updated its Chrome OS computer operating system to stable version 64.0.3282.134 and platform version 10176.65.0, an update that's now available for most Chromebook devices.

    Besides the usual security improvements and bug fixes, the latest Chrome OS 64 release includes several new features that are worth mentioning, such as the ability to take screenshots by simultaneously pressing the Power and Volume Down buttons on your Chromebook with a 360-degree hinge.

  • Skype can't fix a nasty security bug without a massive code rewrite
  • Perfect Computer Security Is a Myth. But It’s Still Important [Ed: The "everything is broken" defeatism overlooks the coordinated vandalism done to put back doors in most things]

    Maybe you’ve heard it before: “Security is a myth.” It’s become a common refrain after a never-ending string of high-profile security breaches. If Fortune 500 companies with million dollar security budgets can’t lock things down, how can you?

    And there’s truth to this: perfect security is a myth. No matter what you do, no matter how careful you are, you will never be 100 percent safe from hackers, malware, and cybercrime. That’s the reality we all live in, and it’s important to keep this in mind, if only so that we can all feel more sympathy for victims.

  • Microsoft Fixes 50 Vulnerabilities In February’s Patch Tuesday Update

    Microsoft has released February’s cumulative updates for Windows 10, better known as Patch Tuesday. The reason why the update is worth getting is it comes with fixes for 50 vulnerabilities in various versions of Windows 10.

    As per the release notes, the software addressed as a part of the Patch Tuesday update are Windows OS, Microsoft Edge, Internet Explorer, Microsoft Office, Microsoft Office Services and Web Apps, and the JavaScript engine ChakraCore. In addition to security fixes, Microsoft has also made improvements to address minor glitches in Windows 10.

  • Telegram Zero-Day Vulnerability Lets Hackers Pwn Your PC to Mine Cryptocurrency

    A zero-day vulnerability was discovered by Kaspersky Lab in the Telegram Desktop app that could let hackers pwn your computer to mine for cryptocurrencies like Zcash, Monero, Fantomcoin, and others.

    Kaspersky Lab's security researchers say the zero-day vulnerability can be used to deliver multi-purpose malware to computer users using the Telegram Desktop app, including backdoors and crypto-cash mining software.

    The security company also discovered that hackers had actively exploited the vulnerability in the Telegram Desktop app, which is based on the right-to-left override Unicode method, since March last year, but only to mine cryptocurrencies like Fantomcoin, Monero, and Zcash.

More in Tux Machines

Android Leftovers

Dell Precision 'Developer Edition' mobile workstations run Ubuntu Linux and are RHEL certified

While Dell is mostly known as a Windows PC manufacturer, the company is also a big proponent of Linux. Its "Developer Edition" models can be configured with Ubuntu, for instance. Of course, despite this branding, non-developers can buy them too. The XPS 13 "Developer Edition" in particular is a svelte machine that should make many home Linux users very happy. In addition to home users, Dell manufactures solid business-class mobile workstations, and the company recently announced four such Linux-powered models. These Precision "Developer Edition" laptops run Ubuntu and are RHEL certified. One of these notebooks, the Precision 3530, is available today, while the other three will be available soon. Read more

Librem 13: A few problems

I bought my old Lenovo Thinkpad X1 Carbon (1st gen.) when I entered grad school for my Master's program, in 2012. And after six years, the Thinkpad still ran well, but it was getting old, so I figured it was time for a change. I went back and forth about what kind of system should replace my laptop. I don't travel that much, so I figured a desktop would be better. And I could get a bigger screen. After going back and forth on the decision, I decided to get a laptop. I don't often travel with a laptop, but when I do, I prefer to use my primary system so I don't have to keep things synced. Of course, I wanted my system to run Linux. Purism is aimed at the Linux laptop market, and I wanted to support that. So I bought a Librem 13. I've had it now for about a week, and I love it now. But I'll be honest, I didn't love it right out of the box. I'd like to note two issues for folks who are thinking about getting a Librem laptop, so you aren't surprised like I was. Read more

Linux 4.17-rc7

So this week wasn't as calm as the previous weeks have been, but despite that I suspect this is the last rc. This week we had the whole "spectre v4" thing, and yes, the fallout from that shows up as part of the patch and commit log. But it's not actually dominant: the patch is pretty evenly one third arch updates, one third networking updates, and one third "rest". The arch updates are largely - although not exclusively - spectre v4. The networking stuff is mostly network drivers, but there's some core networking too. And "the rest" is just that - misc drivers (rdma, gpu, other), documentation, some vfs, vm, bpf, tooling.. The bulk of it is really pretty trivial one-liners, and nothing looks particularly scary. Let's see how next week looks, but if nothing really happens I suspect we can make do without an rc8. Shortlog appended as usual. Go out and test. Read more