Language Selection

English French German Italian Portuguese Spanish

Security: Updates, SELinux, Fobs, PoS, TimeHop, AUR

Filed under
Security
  • Security updates for Tuesday
  • Fun with DAC_OVERRIDE and SELinux
  • Why you might want to wrap your car key fob in foil

    Given that the best way to store your car keys at night is by putting them in a coffee can, what's an ex-FBI agent's advice to protect cars from theft during the day?

    Wrap car fobs in aluminum foil.

    [...]

    He held up his fob and said, “This should be something we don’t need to wrap with foil. It’s 2018. Car companies need to find a way so no one can replicate the messages and the communication between the key and the vehicle.”

    [...]

    While auto industry engineers know a lot about traditional safety, quality, compliance and reliability challenges, cyber is an “adaptive adversary,” said Faye Francy, executive director of the nonprofit Automotive Information Sharing and Analysis Center, which specializes in cybersecurity strategies. “Automakers are starting to implement security features in every stage of design and manufacturing. This includes the key fob.”

  • Crooks install skimmer on point-of-sale machine in 2 seconds
  • Facebook add-on TimeHop has been pwned by hackers [sic]

    The big problem doesn't affect UK users, but will be making our US cousins sweat - phone numbers were leaked. TimeHop recommends adding a PIN to your phone account because if abused, this could be used for identity theft - starting with, but not limited to, porting the number without permission.`

  • Arch Linux AUR Repository Found to Contain Malware

    The Arch Linux user-maintained software repository called AUR has been found to host malware. The discovery was made after a change in one of the package installation instructions was made. This is yet another incident that showcases that Linux users should not explicitly trust user-controlled repositories.

  • Malware found in the Arch Linux AUR repository

    Here's a report in Sensors Tech Forum on the discovery of a set of hostile packages in the Arch Linux AUR repository system. AUR contains user-contributed packages, of course; it's not a part of the Arch distribution itself.

More in Tux Machines

Samsung Linux on DeX beta hands-on: do almost everything on your phone

Among the various Linux on Android implementations, Samsung’s Linux on DeX definitely looks the most polished ready to use solution, even if it’s still in beta form. Although it uses a two-year-old version of Ubuntu, there is already a lot that can be done from that. Plus, just like Android users, Linux users can be pretty creative and only time will tell if they’ll be able to use Linux on DeX to make almost any Linux distro work. Read more

Android Leftovers

A Look At The GCC 9 Performance On Intel Skylake Against GCC 8, LLVM Clang 7/8

With GCC 9 embarking upon its third stage of development where the focus ships to working on bug/regression fixes in preparation for releasing the GCC 9.1 stable compiler likely around the end of Q1'2019, here is a fresh look at the GCC 9 performance with its latest development code as of this week compared to GCC 8.2.0 stable while using an Intel Core i9 7980XE test system running Ubuntu Linux. For good measure are also fresh results from LLVM Clang 7.0 stable as well as LLVM Clang 8.0 SVN for the latest development state of that competing C/C++ open-source compiler. Read more

This under-$6 SBC runs Linux on RISC-V based C-SKY chip

Hangzhou C-SKY has launched a “C-SKY Linux Development Board” for $5.60 and up, featuring a RISC-V derived, 574MHz C-SKY GX6605S CK610M SoC, 64MB DDR2, an HDMI port, and 2x USB 2.0 ports. Last month, Hangzhou C-SKY Microsystems Co. announced Linux 4.20~5.0 kernel support for its new RISC-V based C-SKY CK810 SoC design. Now, Hangzhou C-SKY has launched a development board that runs Linux on a similar CK610M SoC. The C-SKY Linux Development Board sells for 39-40 Yuan ($5.60 to $7.05) on Taobao and $19.50 to $21.50 on AliExpress. Read more