Language Selection

English French German Italian Portuguese Spanish

Security: EFAIL Hype, Kubernetes, 'Smart' Things and More

Filed under
Security
  • Serious vulnerabilities with OpenPGP and S/MIME

    The efail.de site describes a set of vulnerabilities in the implementation of PGP and MIME that can cause the disclosure of encrypted communications, including old messages. "In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs."

  • How the Kubernetes Security Response Team Works

    The open-source Kubernetes container orchestration is an increasingly deployed platform that is now supported across all three major public cloud providers (Google, AWS and Azure) as well as enterprise private clouds.

    Container security is a big issue these days, and keeping Kubernetes secure involves multiple aspects. One of those aspects is the security of the Kubernetes code itself, which has had its share of vulnerabilities that have been reported in the past year. Among those vulnerabilities is CVE-2017-1002101, which was patched in the Kubernetes 1.10 release that became generally available on March 26.

  • Ring doorbell flaw lets others watch after password changes (updated)

    The issue, as you might guess, is that the window exists in the first place. Someone with a still-valid login could not only spy on whatever's happening, but download videos. The same incident that prompted the change also included phantom rings in the middle of the night.

  • Security Innovation Supports Open Source Community with Free Security Tools to Identify and Mitigate Software Vulnerabilities

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Ubuntu: Infographic, New Releases, Ubuntu Podcast and Statistics

  • Infographic: Snaps in numbers
    Coinciding with the release of Ubuntu 18.10 today, we have celebrated the exceptional adoption of snaps by sharing the infographic below. From popular snaps to daily installs, this infographic demonstrates where, when and why users are installing and adopting the secure, Linux application format. For more commentary around these numbers, check out this recent blog. Alternatively, start installing your chosen snaps.
  • Ubuntu 18.10:Multi-cloud,new desktop theme & enhanced snap integration
    Canonical today announced the release of Ubuntu 18.10, focused on multi-cloud deployments, AI software development, a new community desktop theme and richer snap desktop integration. “Ubuntu is now the world’s reference platform for AI engineering and analytics” said Mark Shuttleworth, CEO of Canonical. “We accelerate developer productivity and help enterprises operate at speed and at scale, across multiple clouds and diverse edge appliances.” This year, the financial services industry has engaged significantly with Canonical and Ubuntu for infrastructure efficiency on-premise and to accelerate their move to the cloud. The push for machine learning analytics and of fintech efforts around blockchain, distributed ledger applications and cryptocurrencies are current drivers of Ubuntu investments and deployments.
  • Ubuntu Studio 18.10 Released
    The Ubuntu Studio team is pleased to announce the release of Ubuntu Studio 18.10 “Cosmic Cuttlefish”. As a regular release, this version of Ubuntu Studio will be supported for 9 months. Since it’s just out, you may experience some issues, so you might want to wait a bit before upgrading. Please see the release notes for a complete list of changes and known issues.
  • Ubuntu MATE: Ubuntu MATE 18.10 Final Release
    Ubuntu MATE 18.10 is a modest, yet strategic, upgrade over our 18.04 release. If you want bug fixes and improved hardware support then 18.10 is for you. For those who prefer staying on the LTS then everything in this 18.10 release is also important for the upcoming 18.04.2 release. Oh yeah, we've also made a bespoke Ubuntu MATE 18.10 image for the GPD Pocket and GPD Pocket 2.
  • Ubuntu Podcast from the UK LoCo: S11E32 – Thirty-Two Going on Spinster
    This week we interview Daniel Foré about the final release of elementary 5.0 (Juno), bring you some Android love and go over all your feedback. It’s Season 11 Episode 32 of the Ubuntu Podcast! Alan Pope and Martin Wimpress are connected and speaking to your brain.
  • Canonical have released some statistics from the Ubuntu installer survey
    When installing Ubuntu 18.04, Canonical's installer will offer to send some statistics to them. Canonical have now released some of this. One thing to note, is that this data does not include Ubuntu Server, Ubuntu Core, cloud images or and any other Ubuntu derivatives that don't include the report in their own installer. They've had some good results from it, with 66% of people sending them their data. It's a nice start, but I think they really need to do some separation of physical and virtual machines, since it seems they're merged together which will skew a bunch of the data I would imagine.

Linux-driven embedded PCs target autonomous cars

Kontron announced two Ubuntu-driven computers for autonomous vehicles. The S2000 is a lab dev platform with a Xeon 8160T and the EvoTRAC S1901 offers a choice of Kontron modules including a new Atom C3000 based, Type 7 COMe-bDV7R. Kontron has launched a Kontron’s S2000 Development Platform for developing autonomous in-vehicle computers and is prepping an EvoTRAC S1901 in-vehicle PC for use in advanced automotive applications, including autonomous vehicles. Both systems ship with Intel processors running a pre-installed Ubuntu 16.04 LTS Linux stack. The systems follow earlier Kontron automotive computers such as the EvoTrac G102 in-vehicle cellular gateway. Read more

OpenBSD 6.4 Released - Disables SMT/HT By Default, Updates Radeon DRM

Adding to the exciting release day is Theo de Raadt releasing OpenBSD 6.4 as the newest version of this BSD operating system known for its security mindfulness. Exciting us from a technical standpoint and for anyone using OpenBSD on the desktop is a newer Radeon DRM display driver, but it's still very dated compared to what is found in the mainline Linux kernel. Their Radeon DRM driver is now synced against the Linux 4.4.155 LTS upstream state that then provides mode-setting support for various GCN 1.0/1.1 graphics cards as a new feature to OpenBSD... But newer GPUs and the many other open-source AMD improvements past Linux 4.4 haven't made their way into the OpenBSD world yet. Even still, Radeon graphics remain among the best supported options for what is available to OpenBSD users. The Radeon DRM code is also now available for 64-bit ARM OpenBSD users. Read more Direct: OpenBSD 6.4 LWN: OpenBSD 6.4

Android Leftovers