Language Selection

English French German Italian Portuguese Spanish

Security: DHCP, System Updates, and Ubuntu Blobs Store

Filed under
Security
  • Protect your Fedora system against this DHCP flaw

    A critical security vulnerability was discovered and disclosed earlier today in dhcp-client. This DHCP flaw carries a high risk to your system and data, especially if you use untrusted networks such as a WiFi access point you don’t own. Read more here for how to protect your Fedora system.

    Dynamic Host Control Protocol (DHCP) allows your system to get configuration from a network it joins. Your system will make a request for DHCP data, and typically a server such as a router answers. The server provides the necessary data for your system to configure itself. This is how, for instance, your system configures itself properly for networking when it joins a wireless network.

    However, an attacker on the local network may be able to exploit this vulnerability. Using a flaw in a dhcp-client script that runs under NetworkManager, the attacker may be able to run arbitrary commands with root privileges on your system. This DHCP flaw puts your system and your data at high risk. The flaw has been assigned CVE-2018-1111 and has a Bugzilla tracking bug.

  • Security updates for Tuesday
  • Potentially Malicious Bytecoin Miner Removed from the Ubuntu Snap Store
  • Canonical on trust and security in the Snap Store

    Here's a posting from Canonical concerning the cryptocurrency-mining app that was discovered in its Snap Store.

  • Canonical finds hidden crypto-miners in the Linux Snap app store

    Last Friday, Canonical, the developer of the popular Ubuntu operating system and owner of the Snapcraft app store, spotted one application surreptitiously mining cryptocurrencies in the background.

More in Tux Machines

Solving the Year 2038 problem in the Linux kernel

Because of the way time is represented in Linux, a signed 32-bit number can't support times beyond January 19, 2038 after 3:14:07 UTC. This Year 2038 (Y2038 or Y2K38) problem is about the time data type representation. The solution is to use 64-bit timestamps. I started working on the problem while working as an Outreachy intern for kernel developer Arnd Bergmann. Outreachy is a benevolent program that helps new programmers get into kernel development. The mentors for the kernel projects are usually experienced kernel developers like Arnd. Read more

Booting Linux faster

Of all the computers I've ever owned or used, the one that booted the quickest was from the 1980s; by the time your hand moved from the power switch to the keyboard, the BASIC interpreter was ready for your commands. Modern computers take anywhere from 15 seconds for a laptop to minutes for a small home server to boot. Why is there such a difference in boot times? A microcomputer from the 1980s that booted straight to a BASIC prompt had a very simple CPU that started fetching and executing instructions from a memory address immediately upon getting power. Since these systems had BASIC in ROM, there was no loading time—you got to the BASIC prompt really quickly. More complex systems of that same era, such as the IBM PC or Macintosh, took a significant time to boot (~30 seconds), although this was mostly due to having to read the operating system (OS) off a floppy disk. Only a handful of seconds were spent in firmware before being able to load an OS. Read more

Akira: The Linux Design Tool we’ve always wanted?

Akira wants to create an awesome design tool for Linux that could compete with the likes of Figma, Sketch and Adobe XD. They need your help to achieve this goal. Read more

Complete Guide on How to Dual Boot Ubuntu and Windows

Installing Ubuntu and other Linux OS as dual boot is difficult in pre-installed Windows Laptops due to certain features and restrictions. Secure boot, fast boot, SATA AHCI modes – all these options makes it bit complicated to make a system dual boot with Windows 10 and Ubuntu, specially for the general users. This guide will help you to install Windows 10 and Ubuntu as a dualboot in a system. Read more