Language Selection

English French German Italian Portuguese Spanish

Android Leftovers

More in Tux Machines

Security Leftovers

  • A mysterious threat actor is running hundreds of malicious Tor relays

    Since at least 2017, a mysterious threat actor has run thousands of malicious servers in entry, middle, and exit positions of the Tor network in what a security researcher has described as an attempt to deanonymize Tor users. Tracked as KAX17, the threat actor ran at its peak more than 900 malicious servers part of the Tor network, which typically tends to hover around a daily total of up to 9,000-10,000. Some of these servers work as entry points (guards), others as middle relays, and others as exit points from the Tor network. Their role is to encrypt and anonymize user traffic as it enters and leaves the Tor network, creating a giant mesh of proxy servers that bounce connections between each other and provide the much-needed privacy that Tor users come for. Servers added to the Tor network typically must have contact information included in their setup, such as an email address, so Tor network administrators and law enforcement can contact server operators in the case of a misconfiguration or file an abuse report.

  • Someone Is Running Lots of Tor Relays

    Since 2017, someone is running about a thousand — 10% of the total — Tor servers in an attempt to deanonymize the network...

  • Security updates for Tuesday [LWN.net]

    Security updates have been issued by CentOS (nss), Debian (roundcube and runc), openSUSE (aaa_base, brotli, clamav, glib-networking, gmp, go1.16, hiredis, kernel, mozilla-nss, nodejs12, nodejs14, openexr, openssh, php7, python-Babel, ruby2.5, speex, wireshark, and xen), Oracle (kernel and nss), Red Hat (kpatch-patch, nss, rpm, and thunderbird), SUSE (brotli, clamav, glib-networking, gmp, kernel, mariadb, mozilla-nss, nodejs12, nodejs14, openssh, php7, python-Babel, and wireshark), and Ubuntu (busybox, mariadb-10.3, mariadb-10.5, python-django, and samba).

  • Hitachi Energy RTU500 OpenLDAP | CISA

    All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

  • Hitachi Energy XMC20 and FOX61x | CISA

    All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

IBM/Red Hat/Fedora Leftovers

  • Single Node OKD (OpenShift)

    Everytime I get to use Red Hat’s Open Shift I think to myself: “I should use OpenShift more”. It is a really great tool not just for high availability clusters but for general software development also. Its Web interface is super intuitive and nice to use, and you can provision all sorts of stuff in minutes. And everything is open source. Its really great. So naturally I decided to run it locally, especially after the news that starting from version 4.8 you can use it on single node architecture also. I decided to run it virtualized in libvirt so I can destroy it if I no longer needed. Hooray!

  • Fedora on NVIDIA Jetson Xavier – nullr0ute's blog

    The last two years or so I’ve been working with NVIDIA on general distro support including UEFI and ACPI for their Jetson Xavier platforms. Their Xavier platform, except a few quirks, are mostly SystemReady-ES compliant, so having a SBBR compliant firmware goes quite some way to having a widely available, relatively affordable, platform that “just works” for the arm ecosystem. I was very excited to finally have NVIDIA finally release the first version in March this year. This firmware is a standard UEFI firmware based on the open source TianoCore/EDK2 reference firmware, it allows booting in either ACPI or Device-Tree mode and supports all the basic things needed. The ACPI mode is not as fully featured as the Device-Tree mode as yet. In ACPI you get compute (cpu/memory/virt etc), PCIe, USB, network, which is just fine if you’re just looking for standard server or for testing a SystemReady system but there’s no display or accelerator support as yet. The Device-Tree mode is more feature full but both work pretty well with upstream kernels and NVIDIA are improving and upstreaming more things regularly. For flashing with the latest Fedora releases you’ll want the Linux for Tegra (L4T) R32.6.1 release and the latest UEFI firmware (1.1.2 ATM). The R32.6.1 release fixes issues with python3.9 and later so you’ll need that for Fedora. The following will extract everything into a directory called Linux_for_Tegra. Note the release for Xavier is different to the L4T for the TX1/TX2 series of devices such as the nano.

  • An introduction to Red Hat Insights for Red Hat Ansible Automation Platform

    Red Hat Ansible Automation Platform is a framework for building and operating IT automation at scale. The platform includes many of the tools you’ll need to implement automation across your organization, allowing you to simplify and centralize control of your infrastructure. Ansible Automation Platform includes a visual dashboard, role-based access control (RBAC) and automation tools, including Red Hat Insights for Red Hat Ansible Automation Platform.

  • 20 years of Red Hat Product Security: The rise of branded exploits (Part 2)

    In part 1 of this story we traced the history of Red Hat Product Security from its inception in 2001 through to its shift into the Customer Experience and Engagement (CEE) team in 2013. But that was just the beginning...security was always important, of course, but it was about to become front-page news.

  • CentOS Community Newsletter: December 2021

    As we approach the end of 2021, I wanted to thank all of you who have worked so hard this year towards the betterment of the project. This year we've made governance more transparent, welcomed several new SIGs, made big strides in consolidating infrastructure with Fedora where it made sense, and begun to return to in-person events. We could not have done this without the passion and hard work of the project community. Thank you.

5 Honest Reasons To Avoid Switching To Linux

Linux has been a wonderful operating system for many people. It’s free, it’s open source, it’s customizable, secure and much more. We, like many other open source enthusiasts around the world as well, have been trying to convince people to switch to Linux from Windows for many reasons. These reasons should be all known for you by now. But we have to be honest and admit that Linux is not for everybody. There are some specific cases where staying as an avid Windows user could be better for you than switching to Linux, and we’ll be seeing some of these in today’s article. Read more

Audiocasts/Shows/Videos: AlmaLinux OS 8.5, Proxmox Backup Server, Late Night Linux, and More