Language Selection

English French German Italian Portuguese Spanish

Security and FUD Leftovers

Filed under
Linux
Security
  • Fwupd 1.3.8 Brings More Improvements For Firmware Updating On Linux Systems

    Red Hat's Richard Hughes has released Fwupd 1.3.8 as the latest version of this Linux utility for performing firmware updates of various system components.

    With the meteoric rise of Fwupd and LVFS, more Fwupd releases are having to deal with quirks and other peculiarities of different hardware components seeing Fwupd support and v1.3.8 is no different. Fwupd 1.3.8 adds a plug-in to support updating the power delivery controllers by Fresco Logic, a fix for Synaptics multi-stream transport devices, various EFI fixes/improvements, more parent devices are detected for different Lenovo USB hubs, support for GNUEFI file locations, and other fixes.

  • Cyber-gangs using SSH identities to sell on the black market [Ed: How to associate secure shell, SSH, with "black market", skull and bones, just because of machines that are already cracked because of something totally unrelated]

    Malware campaigns equipped with the capability to exploit powerful, hidden backdoors are becoming commoditised, researchers from Venafi have warned.

    The research shows several high-profile hacker campaigns are integrating the misuse of SSH machine identities capabilities into their attacks.

    Now, any attacker with access to the dark web can gain access to the same techniques that took down the Ukrainian power grid against every business and government agency.

    Malware can target common SSH machine identities used to access and automate Windows, Linux and MacOS in the enterprise and out to the cloud.

  • SAMM v2 – OWASP releases revamped security assurance framework

    A revamped version of OWASP’s Software Assurance Maturity Model (SAMM) adds automation along with maturity measurements to the open source security-related framework.

    OWASP SAMM v2 – released on Tuesday after three years of refinement – is geared towards helping organizations that develop software to travel down the path towards becoming more secure.

    The approach is based on a community-led open source framework that “allows teams and developers to assess, formulate, and implement strategies for better security which can be easily integrated into an existing organizational software development lifecycle”.

    [...]

    The OWASP SAMM community includes security knowledgeable volunteers from both businesses and educational organizations. The global community works to create “freely-available articles, methodologies, documentation, tools, and technologies”.

  • Smack: Some more busy nights and 12 bytes of IV

    Anu brought up the fact that the OMEMO XEP is not totally clear on the length of initialization vectors used for message encryption. Historically most clients use 16 bytes length, while normally you would want to use 12. Apparently some AES-GCM libraries on iOS only support 12 bytes length, so using 12 bytes is definitely desirable. Most OMEMO implementations already support receiving 12 bytes as well as 16 bytes IV.

More in Tux Machines

Games: The Universim, Zoria: Age of Shattering, Quiplash 2 InterLASHional, Plastris, Something Ate My Alien, Gutwhale

  • City-builder god sim 'The Universim' has a massive update with bridges and pretty towerblocks

    The Universim from Crytivo continues pushing through Early Access updates, towards an eventual release later this year. A massive update is out now, which amongst other things adds in some fancy bridges to build. Crytivo's aim with The Universim is to create what they're calling a "a new breed of God Game", to bring in features from some classic with a modern physics engine and blending in a city-builder. So far, so good. You can build a big beautiful city across an entire planet, and guide your Nuggets a little with various god powers. It oozes charm and the narrator brings some nice comedic value to it. The latest update is another step forward in the overall content available. While bridges are a great (and needed) addition to the game, personally I'm more excited about the huge Residential overhaul. From the Stone Age to the Modern Age, there's a huge amount more variety in the buildings where your little Nuggets reside. It gives the game that bit more character to it.

  • Party-based RPG with base management 'Zoria: Age of Shattering' now has a Linux demo available

    Tiny Trinket Games emailed to mention their upcoming party-based RPG, Zoria: Age of Shattering, now has a Linux demo available for you to try out right now. A story-driven, party-based RPG that will have a focus on "strong" tactical elements with turn-based battles that have free movement rather than tiles, plus base and follower management. Taking place in the fantasy world of Zoria, a world filled with magic, ancient history, tumultuous politics, and countless mysteries. Tiny Trinket are promising something interesting too, with it being hand-crafted adventuring with multiple branching paths.

  • Jackbox Games goes global with Quiplash 2 InterLASHional out now, we have a few keys to give away

    Quiplash 2 InterLASHional is the first time Jackbox Games have attempted to go global, with this being their first fully localized party game. For English speakers, it's basically the same as Quiplash 2 found in The Jackbox Party Pack 3 but expanding the languages is vitally important for a game developer since it's one of the best ways to expand their reach. Obviously that's good for people want to play where English isn't their best language, a wonderful bit of "quality of life". Now it's available in English, French, Italian, German, and Spanish with a bunch of extra content for each language.

  • Plastris is a 'hyper casual' puzzle game with a wonderful style out now on Linux

    Plastris from developer Khud0 is a 'hyper casual' puzzle game, where all you need to do is fill all the tiles on the screen with simple clicks and it's so weirdly satisfying. Releasing in March 2020, with Linux support arriving a few days ago. I decided to picked up a personal copy, since it's only £1.69. I will admit, the term 'hyper casual' is a new one to me. Turns out, it's a thing, and a term that came into light a few years ago with a new breed of casual mobile games. All you're doing is clicking, and filling. However, you're given a very specific fill-shape, so you also need to use the mouse right-click to remove some you've filled, to be able to complete each level. That's it. Hyper casual? Yeah, sure is. The main thing is how super accessible they are and Plastris is certainly that.

  • Something Ate My Alien has a curious mixture of action, digging and puzzle platforming - demo up

    Something Ate My Alien is now confirmed to be launching in June, although there's no exact date they at least have a release window now for their intriguing gameplay mix of action, platforming, puzzles and digging. There's also now a demo. In Something Ate My Alien, you're tasked with digging through different worlds to find all the items required for the pirate who hijacked your mining ship. During the adventure on each planet you have to battle environmental dangers, fight off wildlife, solve secret puzzle chambers, and all this while surviving on a depleting oxygen supply and a threat far scarier than the local wildlife.

  • Gutwhale is a claustrophobic 'finite roguelite' action game taking place in a digestive system

    Taking place entirely in a digestive system, Gutwhale is a 'finite roguelite' action game about managing your limited ammo in a very cramped space. Stuffed Wombat, the developer, said the only reason the game actually exists is that they were fired from their job due to Coronavirus so they took it as the perfect opportunity to finally release a game with help from Franek and Britt Brady. [...] Currently, the Linux and macOS versions are only available on itch.io as they haven't had enough testing. I've played it for a good while today and it's a lot of fun and very challenging. Works perfectly with keyboard input, although one button prompt on the Logitech F310 gamepad was wrong as it says B to respawn when it's X. Apart from that, it does work great!

Today in Techrights

Android Leftovers

Android Leftovers