Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • This Bluetooth Attack Can Steal a Tesla Model X in Minutes

    Lennert Wouters, a security researcher at Belgian university KU Leuven, today revealed a collection of security vulnerabilities he found in both Tesla Model X cars and their keyless entry fobs. He discovered that those combined vulnerabilities could be exploited by any car thief who manages to read a car's vehicle identification number—usually visible on a car's dashboard through the windshield—and also come within roughly 15 feet of the victim's key fob. The hardware kit necessary to pull off the heist cost Wouters around $300, fits inside a backpack, and is controlled from the thief's phone. In just 90 seconds, the hardware can extract a radio code that unlocks the owner's Model X. Once the car thief is inside, a second, distinct vulnerability Wouters found would allow the thief to pair their own key fob with the victim's vehicle after a minute's work and drive the car away.

  • Ransomware gangs likely to start monetising stolen data: researcher

    Ransomware gangs have shown themselves to be an innovative lot, incorporating more and more tactics as they look to extort money from their victims and this trend will continue into the new year, a veteran researcher of this brand of malware says.

  • Victory! Court Protects Anonymity of Security Researchers Who Reported Apparent Communications Between Russian Bank and Trump Organization

    Security researchers who reported observing Internet communications between the Russian financial firm Alfa Bank and the Trump Organization in 2016 can remain anonymous, an Indiana trial court ruled last week.

    The ruling protects the First Amendment anonymous speech rights of the researchers, whose analysis prompted significant media attention and debate in 2016 about the meaning of digital records that reportedly showed computer servers linked to the Moscow-based bank and the Trump Organization in communication.

    Imagine walking down the street, looking for a good cup of coffee. In the distance, a storefront glows in green through your smart glasses, indicating a well-reviewed cafe with a sterling public health score. You follow the holographic arrows to the crosswalk, as your wearables silently signal the self-driving cars...

    Despite widespread complaints about its effects on human rights, the Brazilian Senate has fast-tracked the approval of “PLS 2630/2020”, the so-called “Fake News” bill. The bill lacked the necessarily broad and intense social participation that characterized the development of the 2014 Brazilian Civil Rights...

  • Every system is a privileged system: Incorporating Unix/Linux in your privilege management strategy

    Despite their importance, Unix/Linux local and privileged accounts often don’t get sufficient oversight in a centralized PAM strategy.

    True, the Unix/Linux userbase is typically more technically savvy and has a greater understanding of security than your typical user. In some ways, Unix/Linux actually led the move toward PAM decades ago. The problem is, not much has changed in decades. They still heavily rely on their own methods for privileged management, such as Sudo controls, and are still using Sudo with few differences from when it was first introduced.

    No matter how savvy the user, Unix/Linux privileged accounts are time-consuming and tedious to manage, so they often don’t get sufficient oversight. In addition, when it comes time for an audit, it’s extremely difficult to piece together all of the privileged account activities and security controls. You might have one report for Windows and Mac and a separate one or many for Unix/Linux. You can’t get a consolidated view of risk to use for decision-making or show progress to your auditors.

  • Strange case of the art dealer, the tech billionaire, his email and Picasso’s lover

    The only problem, a judge said yesterday, is that Allen may not have written the email. In fact, Mr Justice Trower said, evidence pointed to the email having been fabricated “for the purpose of misleading the court”.

More in Tux Machines

Android Leftovers

Terminology 1.9 Terminal Emulator Works Better with Debian-Based Systems

If you’re a fan of terminal emulators, Terminology is one of the most appealing and functional out there. With version 1.9, the app received various under-the-hood improvements to work better with the Debian GNU/Linux operating system and any distribution based on it. Terminology 1.9 also introduces the `ability to search fonts in the fonts panel in case you’re not satisfied with the default one, as well as a bunch of new color schemes, including Belafonte Day, Belafonte Night, Cobalt2, Dracula, Fahrenheit, Material, One Dark, PaleNight, Soft Era, Tango Dark, Tango Light, and Tomorrow Night Burns. Read more

What is Login Shell in Linux?

The login shell is the first process that is executed with your user ID when you log into an interactive session. This may seem simple at the surface but if you dig deep, it could get confusing a bit. To understand, let's see revisit the login process in Linux systems. Linux is a multi-user system where multiple users can log in and use the system at the same time. The first process in a Linux system, be it init or systemd, starts a getty program. This getty, short for 'get tty' (tty denotes physical or virtual terminals), is responsible for protecting the system from unauthorized access. Read more

23 Best Open Source Text Editors (GUI + CLI) in 2021

Text editors can be used for writing code, editing text files such as configuration files, creating user instruction files, and many more. In Linux, text editors are of two kinds that is the graphical user interface (GUI) and command-line text editors (console or terminal). In this article, I am taking a look at some of the best 21 open-source commonly used text editors in Linux on both servers and desktops. Read more