Language Selection

English French German Italian Portuguese Spanish

A Tale of Two Root Exploits, and Why We Shouldn't Panic

Filed under
Security

There's no denying Linux is more secure than perpetually-patching Windows, but the past month or so has not provided an ideal demonstration.

In August, we saw the arrival of a long-overdue fix for a kernel bug that was six years old; now, in the last week or so, it's been not one but two root exploits causing a fuss.

"Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this," was the introduction on Slashdot to CVE-2010-3081, the second such vulnerability to come to light in recent days.

Preceding it by just a few of those days, of course, was CVE-2010-3301, which had actually been discovered and fixed back in 2007 before the patch was inexplicably removed again the very next year, reintroducing the vulnerability.

Put it all together, and you'll see why more than a few Linux bloggers have been scratching their heads about security.

A Matter of Size?




More in Tux Machines

GTK+ Lands Experimental Backend For Mir Display Server

GTK+ apps now run not only on X11 and Wayland under Linux with native support but the mainline GTK+ Git code now also supports running Ubuntu's Mir Display Server. That's right, there's now mainline Mir support in GTK for the GNOME/GTK 3.16 release. Beyond many GTK+ 3.16 improvements that already landed, Canonical's Robert Ancell has been leading work on mainlining the GTK+ Mir support capabilities. As of yesterday in Git, that work is now in Git for GTK+ 3.16 and all of the GTK+ 3.15.x development releases ahead. Read more

FreeBSD 10.1-RC3 Now Available

The third RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures. The image checksums follow at the end of this email. Installer images and memory stick images are available here: ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/10.1/ Read more

Kubuntu 14.10 (Utopic Unicorn) Ships with KDE 4.14.1

The Kubuntu devs have released the ISO images for the 14.10 version of their distribution, but they are running a little late with the release notes. That's not really a problem, but it would have been nice to have them. We'll post the link anyway in the hope that by the time you're reading this they will be online. Just like its Ubuntu base, Kubuntu will only have nine months of support, but it has some attractive features that should make it very appealing, even for the users of the LTS release. It has numerous updated package, but most importantly it comes with a new KDE version. Read more

Best Chromebooks 2014

Whether it’s because of their very affordable prices or an aversion to Windows 8′s complexity, more and more shoppers are buying Chromebooks. There are some valid reasons to choose a Chromebook over a Windows machine, including a very intuitive interface (it’s largely browser based), a lack of upgrade headaches, and less worrying about malware. And while Chromebooks have limited offline capability, there’s a growing number of apps that work without a Wi-Fi connection. Read more