Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Fedora (kernel, kernel-headers, and kernel-tools), openSUSE (glibc and qemu), Red Hat (chromium-browser, container-tools:1.0, container-tools:rhel8, firefox, ipmitool, kernel, kernel-rt, krb5-appl, ksh, nodejs:10, nss-softokn, python, qemu-kvm, qemu-kvm-ma, telnet, and virt:rhel), Scientific Linux (ipmitool and telnet), SUSE (ceph and firefox), and Ubuntu (haproxy, linux, linux-aws, linux-gcp, linux-gcp-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2, linux-raspi2-5.3, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, and linux, linux-hwe).

  • Josh Bressers: Who are the experts

    These are certainly strange times we are living in. None of us will ever forget what’s happening and we will all retell stories for the rest of our days. Many of us asked “tell me about the depression grandma”, similar questions will be asked of us someday.

    The whirlwind of confusion and chaos got me thinking about advice and who we listen to. Most of us know a staggering number of people who are apparently experts in immunology. I have no intention of talking about the politics of the current times, goodness knows nobody in their right mind should care what I think. What all this does have me pondering is what are experts and how can we decide who we should listen to?

    So I’ve been thinking a lot about “experts” lately. Especially in the context of security. There have been a ton of expert opinions on how to work from home, and how to avoid getting scammed, which video conferencing software is the best (or worst). There are experts everywhere, but which ones should we listen to? I’m not an expert in anything, but there are some topics I know enough about to question some of these “experts”.

  • seL4 Microkernel Optimized for Security Gets Support of Linux Foundation

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it will host the seL4 Foundation, the nonprofit organization established by Data61, the digital specialist arm for Australia’s national science agency CSIRO. The seL4 microkernel is the world’s first operating system (OS) kernel that is proved secure; it is designed to ensure the security, safety and reliability of real-world critical computer systems.

    The new Foundation aims to accelerate the development of seL4 and related technologies, and under the Linux Foundation will provide a global, independent and neutral organization for funding and steering the future evolution of seL4. Founding members include Cog Systems, DornerWorks, Ghost Locomotion, HENSOLD Cyber and UNSW Sydney.

    The trustworthiness of embedded computing systems is vital to improving the security of critical systems around the world to safeguard them from cyber threats. This is particularly paramount in industries including avionics, autonomous vehicles, medical devices, critical infrastructure and defense. The seL4 microkernel is the world’s first operating system with a proof of implementation correctness and presents an unparalleled combination of assurance, generality and performance, making it an ideal base for building security- and safety-critical systems. The seL4 Foundation provides a forum for developers to collaborate on growing and integrating the seL4 ecosystem.

  • The Linux Foundation Throws Weight Behind Secure Microkernel

    Gernot Heiser, who will serve as chair of the new foundation, said the seL4 is unique in that it is mathematically proven to be secure, which provides a robust foundation on which a new generation of embedded systems can be built to drive, for example, internet of things (IoT) applications.

    Founding members of the seL4 Foundation include Data61, University of New South Wales in Sydney, HENSOLDT Cyber GmbH, Ghost Locomotion Inc., Cog Systems Inc. and DornerWorks Ltd.

    The hosting of the seL4 Foundation is sure to add more fuel to an increasingly fierce debate over the future of operating systems. Advocates of microkernels contend operating systems in terms of functions and size should be kept to an absolute minimum to both ensure security and maximize flexibility.

Linux Foundation backs security-oriented seL4

  • Linux Foundation backs security-oriented seL4 microkernel operating system

    However, SeL4 can be used, in theory, as a foundation for Linux and other Unix related operating systems. For example, it was briefly considered for use in Richard M. Stallman's still-born Gnu Hurd operating system. Now, with its latest edition and broader support, seL4 may be more broadly deployed.

    This kernel is a member of the L4 microkernel family. SeL4 is a mathematically proven correct, bug-free operating system kernel. It's designed to enforce strong security properties. Data61 claims it's the world's first operating system with such proof. It's also, they say, the only proven operating system featuring fine-grained, capability-based security and high performance. In the real world, it supports mixed criticality real-time systems.

Linux Foundation To Support seL4 Foundation

  • Linux Foundation To Support seL4 Foundation

    The Linux Foundation will be hosting seL4 Foundation, the nonprofit organization established by Data61 (the digital specialist arm for Australia’s national science agency CSIRO). The seL4 microkernel is designed to ensure the security, safety and reliability of real-world critical computer systems.

The seL4 microkernel: Optimized for security and endorsed...

  • The seL4 microkernel: Optimized for security and endorsed by the Linux foundation

    The Linux Foundation is a fundamental organization for the promotion of open source software and has officially endorsed the seL4 microkernel. To further boost seL4, the Linux Foundation will host seL4 Foundation, which is a non-profit organization, established by Data61.

    In order to understand seL4, we must first know what a microkernel is. A microkernel is the bare minimum of components needed to form an operating system. Usually, microkernels are comprised of...

From Data Center Knowledge

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Python Programming

  • The PEPs of Python 3.9

    With the release of Python 3.9.0b1, the first of four planned betas for the development cycle, Python 3.9 is now feature-complete. There is still plenty to do in terms of testing and stabilization before the October final release. The release announcement lists a half-dozen Python Enhancement Proposals (PEPs) that were accepted for 3.9. We have looked at some of those PEPs along the way; there are some updates on those. It seems like a good time to fill in some of the gaps on what will be coming in Python 3.9

  • How to Write an Installable Django App

    In the Django framework, a project refers to the collection of configuration files and code for a particular website. Django groups business logic into what it calls apps, which are the modules of the Django framework. There’s plenty of documentation on how to structure your projects and the apps within them, but when it comes time to package an installable Django app, information is harder to find. In this tutorial, you’ll learn how to take an app out of a Django project and package it so that it’s installable. Once you’ve packaged your app, you can share it on PyPI so that others can fetch it through pip install.

  • Pros and Cons of Python: A Definitive Python Web Development Guide

    Python is a powerful programming language for mobile and web development projects. It is also the most popular programming language for AI in 2020. RedI Python development’s use cases in scientific computing, statistics, and education make it one of the highly preferred programming languages for Python programmers. The open-source programming language launched in 1992 is now on the verge of becoming the most popular and used programming language. Due to the rise in demand for AI and ML applications, Python web programming is now the first thing that comes to mind for coding such applications. But is Python for web development even worth it? It definitely is. Some of the top companies use Python web programming in their technology stack.

Fedora 32 Elections

mesa 20.1.0

Hi all,

I'd like to announce Mesa 20.1.0, the first release for the 20.1 branch.

Being the first release of this new branch, there can be issues that
will be discovered now that the new code will be widely used, so you may
want to stay on the 20.0.x releases until the 20.1.1 release, scheduled
for 14 days from now on 2020-06-10.

One already known issue that I want to point out is that Unreal Engine 4
has a bug in its usage of glDrawRangeElements() causing it to be
called with a number of vertices in place of the `end` parameter,
that was recently revealed. This is an annoying bug that we haven't
worked around yet. For more details:
https://gitlab.freedesktop.org/mesa/mesa/-/issues/2917

Eric

---

Andrii Simiklit (1):
      i965/vec4: Ignore swizzle of VGRF for use by var_range_end()

Bas Nieuwenhuizen (4):
      radv/winsys:  Remove extra sizeof multiply.
      radv: Handle failing to create .cache dir.
      radv: Do not close fd -1 when NULL-winsys creation fails.
      radv: Implement vkGetSwapchainGrallocUsage2ANDROID.

D Scott Phillips (1):
      anv/gen11+: Disable object level preemption

Danylo Piliaiev (3):
      meson: Disable GCC's dead store elimination for memory zeroing custom new
      mesa: Fix double-lock of Shared->FrameBuffers and usage of wrong mutex
      intel/fs: Work around dual-source blending hangs in combination with SIMD16

Dave Airlie (1):
      llvmpipe: compute shaders work better with all the threads.

Eric Engestrom (4):
      .pick_status.json: Update to a91306677c613ba7511b764b3decc9db42b24de1
      tree-wide: fix deprecated GitLab URLs
      docs: Add release notes for 20.1.0
      VERSION: bump to 20.1.0 release

Erik Faye-Lund (1):
      zink: use general-layout when blitting to/from same resource

Gert Wollny (1):
      r600: Fix duplicated subexpression in r600_asm.c

Hanno Böck (1):
      Properly check mmap return value

Icecream95 (1):
      panfrost: Fix background showing when using discard

Jason Ekstrand (3):
      nir/lower_double_ops: Rework the if (progress) tree
      nir/opt_deref: Report progress if we remove a deref
      nir/copy_prop_vars: Record progress in more places

Kristian Høgsberg (1):
      freedreno: Use the right amount of &'s

Nataraj Deshpande (1):
      dri_util: Update internal_format to GL_RGB8 for MESA_FORMAT_R8G8B8X8_UNORM

Pierre-Eric Pelloux-Prayer (1):
      amd/addrlib: fix forgotten char -> enum conversions

Rhys Perry (1):
      nir: fix lowering to scratch with boolean access

Rob Clark (1):
      freedreno: clear last_fence after resource tracking

Samuel Pitoiset (2):
      radv: handle different Vulkan API versions correctly
      radv: update the list of allowed Android extensions

Timothy Arceri (2):
      glsl: stop cascading errors if process_parameters() fails
      glsl: fix slow linking of uniforms in the nir linker

Vinson Lee (3):
      r600/sfn: Initialize VertexStageExportForGS m_num_clip_dist member variable.
      r600/sfn: Use correct setter method.
      freedreno: Add missing va_end.

git tag: mesa-20.1.0
Read more Also: Mesa 20.1 Released With Numerous Linux Graphics Driver Improvements

Android Mirroring App ‘Scrcpy’ Just Added a Bunch of New Features

If you read this blog regularly enough you’ll be familiar with scrcpy, an ace root-free way to mirror your Android smartphone on your Ubuntu desktop and interact with it. Scrcpy is free, it’s open source, it’s awesome. Oh yeah, and it’s updated regularly! Which is what this post is about: telling you what’s new and notable in the latest release, scrcpy 1.14 — so let’s get to it! Read more