Language Selection

English French German Italian Portuguese Spanish

Security: DHCP, System Updates, and Ubuntu Blobs Store

Filed under
Security
  • Protect your Fedora system against this DHCP flaw

    A critical security vulnerability was discovered and disclosed earlier today in dhcp-client. This DHCP flaw carries a high risk to your system and data, especially if you use untrusted networks such as a WiFi access point you don’t own. Read more here for how to protect your Fedora system.

    Dynamic Host Control Protocol (DHCP) allows your system to get configuration from a network it joins. Your system will make a request for DHCP data, and typically a server such as a router answers. The server provides the necessary data for your system to configure itself. This is how, for instance, your system configures itself properly for networking when it joins a wireless network.

    However, an attacker on the local network may be able to exploit this vulnerability. Using a flaw in a dhcp-client script that runs under NetworkManager, the attacker may be able to run arbitrary commands with root privileges on your system. This DHCP flaw puts your system and your data at high risk. The flaw has been assigned CVE-2018-1111 and has a Bugzilla tracking bug.

  • Security updates for Tuesday
  • Potentially Malicious Bytecoin Miner Removed from the Ubuntu Snap Store
  • Canonical on trust and security in the Snap Store

    Here's a posting from Canonical concerning the cryptocurrency-mining app that was discovered in its Snap Store.

  • Canonical finds hidden crypto-miners in the Linux Snap app store

    Last Friday, Canonical, the developer of the popular Ubuntu operating system and owner of the Snapcraft app store, spotted one application surreptitiously mining cryptocurrencies in the background.

More in Tux Machines

NVIDIA GeForce GTX 680 To RTX 2080 Ti Graphics/Compute Performance

Yesterday were the initial NVIDIA GeForce RTX 2080 Ti Linux benchmarks based upon my early testing of this high-end Turing graphics card paired with their new 410 Linux graphics driver. For your viewing pleasure today is a look at how the RTX 2080 Ti compares to the top-end cards going back to Kepler... Or, simply put, it's the GeForce GTX 680 vs. GTX 780 Ti vs. 980 Ti vs. 1080 Ti vs. 2080 Ti comparison with OpenGL and Vulkan graphics tests as well as some initial OpenCL / CUDA tests but more Turing GPU compute tests are currently being conducted. For making this historical comparison more interesting are also power consumption and performance-per-Watt metrics. With the Linux support on the GeForce RTX 2080 Ti fairing well, one of the curiosity-driven tests was this comparison featuring the "[x]x80" series cards of Kepler, Maxwell, Pascal, and Turing for an interesting benchmarking look at the NVIDIA graphics/compute speed going back to the GTX 680 debut in 2012. The GTX 680, GTX 780 Ti, GTX 980 Ti, GTX 1080 Ti, and RTX 2080 Ti were all tested using this newest Linux driver release, 410.57 beta, while running on the Ubuntu 18.04 LTS box with the Linux 4.18 kernel. Read more

An Everyday Linux User Review Of Linux Mint 19

Well, there you have it. I have covered everything that I can think of in this review. Installation is as straight forward as downloading an ISO image, copying it to a USB and then navigating a few installation screens. The Cinnamon user interface is first class. It looks incredibly stylish and is very easy to use. The default software with Linux Mint is perfect for most purposes although I would always go with Chrome over Firefox and Evolution over Thunderbird but they are personal preferences. The software manager makes it easy to find new software and you can install either flatpak packages or debian format packages. Steam is available for playing games and you can now play Windows games without installing WINE but it isn’t yet 100% perfect. If you need Citrix then I have covered the fact that it works but there are a few pitfalls. These are not unique to Linux Mint and are generally the same on every distribution. I have shown that it is possible to run Windows 10 in a virtual machine meaning you can use Linux Mint for most tasks and swap into a virtual machine for everything else. No need to waste disk space dual booting. Timeshift is a great new tool for adding system restore points and there are various tools for keeping your system up to date, changing the look and feel of your system and for setting up hardware such as graphics cards and printers. It is easy to see why Linux Mint is so popular. It is straight forward, easy to use and consistent. Read more

FSFE Resignation and Parabola GNU/Linux-libre Needs Hardware

  • Daniel Pocock: Resigning as the FSFE Fellowship's representative
    I've recently sent the following email to fellows, I'm posting it here for the benefit of the wider community and also for any fellows who don't receive the email.
  • Parabola GNU/Linux-libre: Server loss
    However, that sponsorship has come to an end. We are alright for now; the server that 1984 Hosting is sponsoring us with is capable of covering our immediate needs. We are looking for a replacement server and are favoring a proprietor that is a "friend of freedom," if anyone in the community has a suggestion.

Red Hat: News and Financial Results