Language Selection

English French German Italian Portuguese Spanish

Security: Patches, Josh Bressers, FUD and NIST 800-53 Revision 4 Mappings for Wind River Linux

Filed under
Security
  • Security updates for Monday

    Security updates have been issued by Debian (libtasn1-6, libtirpc, mcabber, picocom, pngquant, trafficserver, and zziplib), Fedora (curl and xen), openSUSE (bluez, ceph, chromium, curl, grafana, grafana-piechart-panel,, graphviz, mariadb, and mercurial), Oracle (nghttp2), Red Hat (microcode_ctl), SUSE (mutt, python3-requests, and tomcat), and Ubuntu (glib-networking and mailman).

  • Josh Bressers: Episode 203 – Humans, conferences, and security: let me think and get back to you in a bit

    Josh and Kurt talk about human behavior. The conversation makes its way to conferences and the perpetual question of if a conference is useful or not. We come to the agreement the big shows aren’t what they used to be, but things like BSides are great experiences.

  • New Chinese malware targeting Windows, Linux machines [Ed: So.... do not install it?]
  • Chinese malware ''Golang'' targeting Windows, Linux machines

    Cyber-security researchers have identified a new variant of cryptominer malware from China-based hackers that is targeting both Windows and Linux machines.

    Called Golang, the new malware variant is aiming at mining Monero, an open-source cryptocurrency created in 2014, according to US-based cyber security firm Barracuda Networks.

  • This Chinese malware is affecting Windows, Linux devices: Here's how
  • New Republican bill latest in long line to force encryption backdoors

    In what seems like Groundhog Day when it comes to encrypted communications, a group of Republican senators last week introduced the Lawful Access to Encrypted Data Act, which aims to end the use of so-called “warrant-proof” encrypted technology by terrorists and criminals. Senate Judiciary Committee Chairman Lindsey Graham (R-SC), Tom Cotton (R-AR) and Marsha Blackburn (R-TN) introduced this latest measure to find a way for law enforcement to gain access to devices and data that are protected by unbreakable encryption methods.

    [...]

    The efforts by lawmakers and federal law enforcement agencies to force Silicon Valley and the tech industry to build backdoors into encrypted devices and communications go back to 1993 when the Clinton Administration’s proposed to create a “Clipper Chip” so the NSA could intercept encrypted voice communications. Since then, a number of proposals to bypass or otherwise negate encryption have been introduced and failed.

    The best known of these anti-encryption efforts is the legal fight waged by former FBI Director James Comey with Apple to force the Cupertino giant into helping the Bureau break into the iPhone of a mass shooter in San Bernardino. Most recently, a bipartisan bill, the EARN-IT Act, which is also backed by Senator Graham, has been widely condemned as a sneak attack on end-to-end encryption.

    The Lawful Access to Encrypted Data Act comes after Attorney General William Barr coined a new euphemistic phrase for encryption backdoors, “lawful access,” and began promoting the idea of court-authorized access to the content of encrypted communications. It’s no surprise, then, that Barr is an enthusiastic backer of the bill.

  • Ramping up security options with new NIST 800-53 Mappings

    “More than ever, organizations must balance a rapidly evolving cyber threat landscape against the need to fulfill business requirements.” To that extent, Wind River has NIST 800-53 Revision 4 mappings for VxWorks, Wind River Linux, and Wind River + Star Lab Titanium showing 100% coverage of the applicable controls

    These mappings are in a database format, so that they can be directly consumable by our customers’ requirements management tool for their efforts in showing compliance to the allocation of the controls to their system. Our mappings are expanding on our on-going Security Technical Implementation Guide (STIG) work for both VxWorks and Wind River Linux. This ensures maximum value to our customers and minimizes disruption to the configuration of their platforms.

More in Tux Machines

today's leftovers

  • Schedule for Wednesday's FESCo Meeting (2020-07-08)

    F33 System-Wide Change: Make nano the default editor https://pagure.io/fesco/issue/2426 APPROVED (+8, 0, -0)

  • Fedora Approves Of Making Nano The Default Terminal Text Editor, Other Features Accepted

    At this week's Fedora Engineering and Steering Committee (FESCo) meeting, more features were approved for the Fedora 33 release due out this fall. Most notable is the change of the default terminal text editor with Fedora 33 but other changes were also accepted. Highlights of this week's FESCo decisions include: - The change to make nano the default text editor was approved. Nano will be the new default over Vi.

  • Ingenic X2000 IoT Application Processor Combines 32-bit MIPS Xburst 2 Cores with Xburst 0 Real-time Core

    The company can provide a complete software and hardware development kit with a Linux 4.4 BSP and Halley5 development board with an X2000 SoM with a wireless module fitted to a largish carrier board with Ethernet, USB, microphone, MicroSD card slot, I/O header, buttons and so on. The other side of the board is equipped with a dual-camera board and a Full HD AMOLED display.

  •        
  • Linux 5.9 Will Finally Offer Proper Support For The ThinkPad 10 Ultrabook Keyboard

    While Lenovo recently committed to certifying more systems for Linux use and upstreaming drivers / hardware support for Linux moving forward, there remains a backlog of existing Lenovo devices that still have less than desire Linux support. But thanks to Red Hat and others, the hardware support does continue advancing.  The Lenovo ThinkPad 10 Ultrabook initially debuted in 2014 and now with Linux 5.9 debuting in late 2020 there is proper keyboard support, thanks to Red Hat's Hans de Goede who has frequently provided similar driver improvements for a range of hardware over the years. 

  • Full Circle Magazine: Full Circle Weekly News #177

    Ubuntu 20.04 Released https://www.omgubuntu.co.uk/2020/04/download-ubuntu-20-04 Ubuntu Survey Results https://ubuntu.com/blog/ubuntu-20-04-survey-results Fedora 32 Released https://fedoramagazine.org/announcing-fedora-32/ Lenovo Now Shipping Fedora on Thinkpads https://fedoramagazine.org/coming-soon-fedora-on-lenovo-laptops/ Manjaro 20 Released https://forum.manjaro.org/t/manjaro-20-0-lysia-released/138633 Bug In Git May Leak Credentials https://www.phoronix.com/scan.php?page=news_item&px=Git-Newline-Leak-Vulnerability Linux Kernel 5.7 rc4 Out https://lkml.org/lkml/2020/5/3/306 Linux Kernel 5.5 Is Now End of Life http://lkml.iu.edu/hypermail/linux/kernel/2004.2/07196.html Red Hat Enterprise Linux 8.2 Out https://www.redhat.com/archives/rhelv6-list/2020-April/msg00000.html Parrot 4.9 Out https://parrotsec.org/blog/parrot-4.9-release-notes/ IPFire 2.25 Core Update 143 Out https://blog.ipfire.org/post/ipfire-2-25-core-update-143-released Oracle Virtualbox 6.1.6 Out https://www.virtualbox.org/wiki/Changelog-6.1 LibreOffice 6.4.3 Out https://blog.documentfoundation.org/blog/2020/04/16/libreoffice-6-4-3/ Proton 5.0-6 Out https://www.gamingonlinux.com/articles/steam-play-proton-50-6-is-out-to-help-doom-eternal-rockstar-launcher-and-more-on-linux.16442 VLC 3.0.10 Out https://www.videolan.org/vlc/releases/3.0.10.html Darktable 3.0.2 Out https://www.darktable.org/2020/04/darktable-302-released/ OpenSUSE Tumbleweed for AWS Marketplace Out https://9to5linux.com/opensuse-tumbleweed-is-now-available-on-aws-marketplace KDE 20.04 Applications Out https://9to5linux.com/kde-applications-20-04-officially-released-this-is-whats-new Credits: Ubuntu “Complete” sound: Canonical Theme Music: From The Dust – Stardust

GNUnet 0.13.1 released

This is a bugfix release for gnunet and gnunet-gtk specifically. For gnunet, no changes to the source have been made. However, the default configuration had to be modified to support the changes made in 0.13.0. For gnunet-gtk, this fixes a more serious issue where the 0.13.0 tarball failed to build. Read more

Intel DG1 Graphics Card Bring-Up On Linux Continues - Latest Bits For Local Memory

Recently there have been a lot of open-source Linux patches flowing concerning Intel's bring-up of their DG1 discrete graphics card for developers. That work continued this week with the latest patches in wiring up LMEM support. Among the recent Intel DG1 patches for Linux recently have been on the media driver front, compute runtime with OpenCL and Level Zero and as part of that the IGC support, and then most importantly the necessary Linux kernel changes building off the existing Gen12/Xe graphics support. Read more Also: Intel AMX Support Lands In The GNU Assembler

Programming: GStreamer, Drat, RasPi, Python