Language Selection

English French German Italian Portuguese Spanish

Security: Curl, OpenSUSE, Equifax and Kubernetes

Filed under
Security
  • Report from the curl bounty program

    We announced our glorious return to the “bug bounty club” (projects that run bug bounties) a month ago, and with the curl 7.65.0 release today on May 22nd of 2019 we also ship fixes to security vulnerabilities that were reported within this bug bounty program.

  • OpenSUSE Adds Option To Installer For Toggling Performance-Hitting CPU Mitigations

    With the newly released openSUSE Leap 15.1 they have added an option to their installer for toggling the CPU mitigations around Spectre / Meltdown / Foreshadow / Zombieload to make it very convenient should you choose to retain maximum performance while foregoing the security measures. But it also allows disabling SMT/HT from the installer should you prefer maximum security.

    When installing openSUSE Leap 15.1 today, I was a bit surprised to see a "CPU mitigations" option that allows toggling the value similar to the mitigations= kernel command line option.

  • Equifax just became the first company to have its outlook downgraded for a cyber attack
  • Equifax just became the first company to have its outlook downgraded for a cyber attack

    Moody’s has just slashed its rating outlook on Equifax, the first time cybersecurity issues have been cited as the reason for a downgrade.

    Moody’s lowered Equifax’s outlook from stable to negative on Wednesday, as the credit monitoring company continues to suffer from the massive 2017 breach of consumer data.

    “We are treating this with more significance because it is the first time that cyber has been a named factor in an outlook change,” Joe Mielenhausen, a spokesperson for Moody’s, told CNBC. “This is the first time the fallout from a breach has moved the needle enough to contribute to the change.”

    Equifax could not immediately be reached for comment.

  • Kubernetes security: 4 strategic tips

    As with all things security-related, “fingers crossed!” isn’t exactly a confident posture. Kubernetes offers a lot of powerful security-oriented features, and the community has shown a strong commitment toward the security of the project. But it’s always best to be proactive, especially if you or your teams are still relatively new to containers and orchestration.

    The fundamentals of security hygiene still largely apply, as we noted in our recent article, Kubernetes security: 5 mistakes to avoid. There’s also some new learning to be done to ensure you’re proactively managing the risks inherent in any new system, especially once it’s running in production.

More in Tux Machines

Plasma 5.17 for Kubuntu 19.10 available in Backports PPA

We are pleased to announce that Plasma 5.17.1, is now available in our backports PPA for Kubuntu 19.10. The release announcement detailing the new features and improvements in Plasma 5.17 can be found here Read more

Android Leftovers

Raspberry Pi 4: Chronicling the Desktop Experience – Week 1

This is a weekly blog about the Raspberry Pi 4 (“RPI4”), the latest product in the popular Raspberry Pi range of computers. The purpose of the blog is two-fold. Primarily, it’s to share my experiences using the RPI4 purely as a desktop replacement machine, to see what works well, and what doesn’t. It’s also to act as an aide-mémoire for myself. Along the way, I’ll be exploring what I’m looking for from a desktop machine. Smooth running multimedia, office based software, email, networking, and productivity apps are all high on my list of priorities. Rest assured, even though I am a huge advocate of the Pi range of computers, I’ll be brutally honest in my critique of RPI4. For example, the RPI4 is marketed as an energy efficient computer. In a way that’s very true. The Pi consumes a mere 2.8 watts when idle and about 5w when maxing out all 4 cores. But the firmware doesn’t automatically switch off the monitors’ backlight. Instead, it only blanks the screen. While there are plans to fix this issue (part fix with a working vcgencmd), it’s a startling omission. With inadequate power management of the monitors, it’s hard to consider the Pi 4 as an energy efficient desktop solution. Read more

Open Source CMS Ghost 3.0 Released with New features for Publishers

Ghost is a free and open source content management system (CMS). If you are not aware of the term, a CMS is a software that allows you to build a website that is primarily focused on creating content without knowledge of HTML and other web-related technologies. Ghost is in fact one of the best open source CMS out there. It’s main focus is on creating lightweight, fast loading and good looking blogs. It has a modern intuitive editor with built-in SEO features. You also have native desktop (Linux including) and mobile apps. If you like terminal, you can also use the CLI tools it provides. Read more