Language Selection

English French German Italian Portuguese Spanish

Security: WhatsApp, Flatpak and DNS

Filed under
Security
  • Hackers Can Take Control Of Your WhatsApp Just With A Video Call: Update Now

    Natalie Silvanovich, a Google Project Zero security researcher, has uncovered a critical security flaw in WhatsApp. The flaw could allow a notorious actor to make a video call and take complete control of your messaging application.

  • Just Answering A Video Call Could Compromise Your WhatsApp Account
  • New Website Claims Flatpak is a “Security Nightmare”

    A newly launched website is warning users about Flatpak, branding the tech a “security nightmare”.

    The ‘Flatkills.org’ web page takes aim at a number of security claims routinely associated with the fledgling Flatpak app packaging and distribution format.

  • DNS Security Still an Issue

    DNS security is a decades-old issue that shows no signs of being fully resolved. Here's a quick overview of some of the problems with proposed solutions and the best way to move forward.

    ...After many years of availability, DNSSEC has yet to attain significant adoption, even though any security expert you might ask recognizes its value. As with any public key infrastructure, DNSSEC is complicated. You must follow a lot of rules carefully, although some network services providers are trying to make things easier.

    But DNSSEC does not encrypt the communications between the DNS client and server. Using the information in your DNS requests, an attacker between you and your DNS server could determine which sites you are attempting to communicate with just by reading packets on the network.

    So despite best efforts of various Internet groups, DNS remains insecure. Too many roadblocks exist that prevent the Internet-wide adoption of a DNS security solution. But it is time to revisit the concerns.

More in Tux Machines

Red Hat News and Developments

  • The GNOME Infrastructure is moving to Openshift
    The cluster consists of 3 master nodes (controllers, api, etcd), 4 compute nodes and 2 infrastructure nodes (internal docker registry, cluster console, haproxy-based routers, SSL edge termination). For the persistent storage we’re currently making good use of the Red Hat Gluster Storage (RHGS) product that Red Hat is kindly sponsoring together with the Openshift subscriptions. For any app that might require a database we have an external (as not managed as part of Openshift) fully redundant, synchronous, multi-master MariaDB cluster based on Galera (2 data nodes, 1 arbiter). The release we’re currently running is the recently released 3.11, which comes with the so-called “Cluster Console”, a web UI that allows you to manage a wide set of the underlying objects that previously were only available to the oc cli client and with a set of Monitoring and Metrics toolings (Prometheus, Grafana) that can be accessed as part of the Cluster Console (Grafana dashboards that show how the cluster is behaving) or externally via their own route.
  • OpenShift Commons Gathering Seattle Announces Speakers from Intel, GE, Progressive, HealthPartners, TicketMaster, USAA and more!
    The OpenShift Commons Gathering brings together experts from all over the world to discuss the container technologies, best practices for cloud-native application developers and the open source software projects that underpin the OpenShift ecosystem to help take us all to the next level in cloud-native computing. This final Gathering of 2018 will feature 400+ developers, project leads, cloud architects, DevOps professionals, sysadmins, and cloud-native practitioners coming together to explore the next steps in making container technologies successful and secure at scale.
  • Modernize your application deployment with Lift and Shift
    For many software modernization projects, it’s all about learning to love, lift, and shift. No, wait. It’s all about learning to love lift and shift. The basic idea behind lift and shift is to modernize how an existing application is packaged and deployed. Because it’s not about rewriting the application itself, lift and shift is typically quick to implement. Modern development environments rely on containers for packaging and deployment. A modern environment also uses a continuous integration / continuous deployment (CI/CD) system that automatically builds, tests, and deploys an application whenever its source code changes.
  • Istio on OpenShift: Technology Preview 2 of Service Mesh Now Available
    It’s been a few weeks since the release of the first tech preview of Istio on OpenShift. Since then a lot has happened, and we are happy to announce the availability of our second tech preview release. In this release we are adding a whole new user interface from the upstream Kiali project. The Kiali user interface can help Istio users understand what’s happening in their service mesh, canl show how the various components are connected, and can help to detect issues (HTTP 500, pod not started, misconfigurations) to better fix those.
  • Insider Selling: Red Hat Inc (RHT) EVP Sells 960 Shares of Stock
  • Featured Stock: Red Hat, Inc. (NYSE:RHT)
  • Scout Investments Inc. Acquires 3,034 Shares of Red Hat Inc (RHT)
  • Get "The Art of Modern Application Development" the Red Hat way - eBook, free [Ed: Apparently a paid-for ad]

today's howtos

Games: Steam Play Games, Puzlogic, and Rocket League ‘RocketID’ Delays

MidnightBSD Hits 1.0! Checkout What’s New

A couple days ago, Lucas Holt announced the release of MidnightBSD 1.0. Let’s take a quick look at what is included in this new release. Read more