Language Selection

English French German Italian Portuguese Spanish

Security: NotSoSecure, Security Keys, Reproducible Builds and Hyped Malware

Filed under
Security
  • Claranet Buys NotSoSecure

    Claranet, a managed service provider with services focused on western Europe and Brazil, has purchased NotSoSecure, a firm specializing in penetration testing and ethical hacker training.

    The purchase follows Claranet's 2017 acquisition of SEC-1, a security firm based in the United Kingdom. According to a Claranet statement announcing the purchase, the security acquisitions, together with the opening of a security operations center in Portugal, are part of the company's intention to increase their overall security services capabilities.

  • Firefox, Security Keys, U2F, and Google Advanced Protection

    Advanced Protection for Google Accounts uses a legacy web technology that is only partially supported in Firefox. Here is how you get started with physical security keys and extra protections for your Google Account in Firefox.

    [...]

    Before you can enroll in the Google Advanced Protection program, you must have at least two security keys at the ready. You can use the same keys for multiple Google Accounts, and even reuse the same keys with different U2F-enabled web services.

    You should keep a record of which of your keys are registered with which websites. If you loose a key or want to decommission one, you’ll need this record to know all the accounts you’ll need to update.

    You can use any FIDO U2F security keys as long as they’re compatible with your devices. Google recommend you get one regular key with USB as your backup token, and one mobile-capable with wireless Bluetooth and NFC as the primary key you carry around with you. Specifically, Google recommends the YubiKey U2F (USB) and either the Feitan Multipass (Bluetooth/NFC/USB) or YubiKey Neo (NFC/USB). Bluetooth is more compatible with a wider range of devices, but the Bluetooth capabilities requires you to charge the key. NFC is less compatible with cheaper smartphones and other devices. However, neither NFC nor USB modes require you to charge the keys for them to operate.

  • Reproducible Builds: Weekly report #167
  • WellMess: This Go-based Malware Attacks Both Linux And Windows Machines [Ed: If the user actually needs to install it, then the threat is the user, not the program]

More in Tux Machines

Security: Windows 'Fun' at Melbourne and Alleged Phishing by Venezuela’s Government

today's howtos

GCC 8.3 Released and GCC 9 Plans

  • GCC 8.3 Released
    The GNU Compiler Collection version 8.3 has been released. GCC 8.3 is a bug-fix release from the GCC 8 branch containing important fixes for regressions and serious bugs in GCC 8.2 with more than 153 bugs fixed since the previous release. This release is available from the FTP servers listed at: http://www.gnu.org/order/ftp.html Please do not contact me directly regarding questions or comments about this release. Instead, use the resources available from http://gcc.gnu.org. As always, a vast number of people contributed to this GCC release -- far too many to thank them individually!
  • GCC 8.3 Released With 153 Bug Fixes
    While the GCC 9 stable compiler release is a few weeks away in the form of GCC 9.1, the GNU Compiler Collection is up to version 8.3.0 today as their newest point release to last year's GCC 8 series.
  • GCC 9 Compiler Picks Up Official Support For The Arm Neoverse N1 + E1
    Earlier this week Arm announced their next-generation Neoverse N1 and E1 platforms with big performance potential and power efficiency improvements over current generation Cortex-A72 processor cores. The GNU Compiler Collection (GCC) ahead of the upcoming GCC9 release has picked up support for the Neoverse N1/E1. This newly-added Neoverse N1 and E1 CPU support for GCC9 isn't all that surprising even with the very short time since announcement and GCC9 being nearly out the door... Arm developers had already been working on (and landed) the Arm "Ares" CPU support, which is the codename for what is now the Neoverse platform.

Android Leftovers