Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Microkernel Failure | BSD Now 289

    A kernel of failure, IPv6 fragmentation vulnerability in OpenBSD’s pf, a guide to the terminal, using a Yubikey for SSH public key authentication, FreeBSD desktop series, and more.

  • SMB Exploited

    Server Message Block (SMB) is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services. SMB operates over TCP ports 139 and 445. In April 2017, Shadow Brokers released an SMB vulnerability named “EternalBlue,” which was part of the Microsoft security bulletin MS17-010.

    The recent WannaCry ransomware takes advantage of this vulnerability to compromise Windows machines, load malware, and propagate to other machines in a network. The attack uses SMB version 1 and TCP port 445 to propagate.

  • Downtime costs Australian businesses dearly

     

    Application downtime costs Australian businesses an average of more than $762,000 per incident, according to new research.
     

    A survey of 1000 Australian IT professionals found that the average revenue loss during business-critical outages is $144,062.52 per hour for larger organisations.

More in Tux Machines

Android Leftovers

today's howtos

OpenJDK 8 and 11: Still in safe hands

In 2018, Oracle announced that it would only provide free public updates and auto-updates of Java SE 8 for commercial users until the end of January 2019. Java 8 is a very important platform, used by millions of programmers, so this was a big deal. The Java community needed to fill the gap. In February of this year, I was appointed as the new Lead of the OpenJDK 8 Update Releases Project. A couple of weeks later, I was appointed the new Lead of the OpenJDK 11 Updates Project. This is an important milestone in the history of OpenJDK and of Java SE because it’s the first time that a non-Oracle employee has led the current long-term OpenJDK release project. JDK 8 is still a much-used Java release in industry, and JDK 11 is the current long-term maintenance release. It’s now a couple of weeks after the first releases of JDK8u and JDK11u on my watch. I think the process went pretty well, although it was not entirely smooth sailing for the developers. Having said that, we got our releases out on the day, as planned, and so far we’ve seen no major problems. Read more

How to advance your career by contributing to open source projects

In 2017, I wrote my (so-far) most popular article of all time, "The Impact GitHub is Having on Your Software Career, Right Now…," on Medium. In that article, I cast the vision for how you can develop your career through open source contributions. It clearly struck a nerve—it got 382 points and 237 comments on Hacker News. Many of the comments hated on it so hard—they disagreed with my main premise—but I felt they had missed the point. At the time I was a recruiter with 10 years of engineering experience, working at Red Hat. There is nothing I love more than a challenge, so I went "deep cover." I quit my job as a recruiter and got a job as a software engineer in a pure closed-source company that uses BitBucket and has PCI-compliant security. Fourteen months later, I got hired by Camunda to work as the developer advocate for Zeebe, a workflow engine for orchestrating microservices, purely based on my open source contributions while working at that job. I just did everything I advised readers to do in the comments of my original Medium article. Read more