Language Selection

English French German Italian Portuguese Spanish

Security: Updates, SELinux, Fobs, PoS, TimeHop, AUR

Filed under
Security
  • Security updates for Tuesday
  • Fun with DAC_OVERRIDE and SELinux
  • Why you might want to wrap your car key fob in foil

    Given that the best way to store your car keys at night is by putting them in a coffee can, what's an ex-FBI agent's advice to protect cars from theft during the day?

    Wrap car fobs in aluminum foil.

    [...]

    He held up his fob and said, “This should be something we don’t need to wrap with foil. It’s 2018. Car companies need to find a way so no one can replicate the messages and the communication between the key and the vehicle.”

    [...]

    While auto industry engineers know a lot about traditional safety, quality, compliance and reliability challenges, cyber is an “adaptive adversary,” said Faye Francy, executive director of the nonprofit Automotive Information Sharing and Analysis Center, which specializes in cybersecurity strategies. “Automakers are starting to implement security features in every stage of design and manufacturing. This includes the key fob.”

  • Crooks install skimmer on point-of-sale machine in 2 seconds
  • Facebook add-on TimeHop has been pwned by hackers [sic]

    The big problem doesn't affect UK users, but will be making our US cousins sweat - phone numbers were leaked. TimeHop recommends adding a PIN to your phone account because if abused, this could be used for identity theft - starting with, but not limited to, porting the number without permission.`

  • Arch Linux AUR Repository Found to Contain Malware

    The Arch Linux user-maintained software repository called AUR has been found to host malware. The discovery was made after a change in one of the package installation instructions was made. This is yet another incident that showcases that Linux users should not explicitly trust user-controlled repositories.

  • Malware found in the Arch Linux AUR repository

    Here's a report in Sensors Tech Forum on the discovery of a set of hostile packages in the Arch Linux AUR repository system. AUR contains user-contributed packages, of course; it's not a part of the Arch distribution itself.

More in Tux Machines

Security: Windows 'Fun' at Melbourne and Alleged Phishing by Venezuela’s Government

today's howtos

GCC 8.3 Released and GCC 9 Plans

  • GCC 8.3 Released
    The GNU Compiler Collection version 8.3 has been released. GCC 8.3 is a bug-fix release from the GCC 8 branch containing important fixes for regressions and serious bugs in GCC 8.2 with more than 153 bugs fixed since the previous release. This release is available from the FTP servers listed at: http://www.gnu.org/order/ftp.html Please do not contact me directly regarding questions or comments about this release. Instead, use the resources available from http://gcc.gnu.org. As always, a vast number of people contributed to this GCC release -- far too many to thank them individually!
  • GCC 8.3 Released With 153 Bug Fixes
    While the GCC 9 stable compiler release is a few weeks away in the form of GCC 9.1, the GNU Compiler Collection is up to version 8.3.0 today as their newest point release to last year's GCC 8 series.
  • GCC 9 Compiler Picks Up Official Support For The Arm Neoverse N1 + E1
    Earlier this week Arm announced their next-generation Neoverse N1 and E1 platforms with big performance potential and power efficiency improvements over current generation Cortex-A72 processor cores. The GNU Compiler Collection (GCC) ahead of the upcoming GCC9 release has picked up support for the Neoverse N1/E1. This newly-added Neoverse N1 and E1 CPU support for GCC9 isn't all that surprising even with the very short time since announcement and GCC9 being nearly out the door... Arm developers had already been working on (and landed) the Arm "Ares" CPU support, which is the codename for what is now the Neoverse platform.

Android Leftovers