Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Some HTTPS inspection tools might weaken security [iophk: "the death of web-mail UI"]

    In a typical enterprise environment, an HTTPS connection can even be intercepted and re-encrypted multiple times: at the network perimeter by gateway security products or data leak prevention systems and on endpoint systems by antivirus programs that need to inspect such traffic for malware.

    The problem is that users' browsers no longer get to validate the real server certificates because that task falls to the interception proxy. And as it turns out, security products are pretty bad at validating server certificates.

  • Defence against the Dark Arts involves controlling your hardware

    In light of the Vault 7 documents leak (and the rise to power of Lord Voldemort this year), it might make sense to rethink just how paranoid we need to be.

  • This laptop-bricking USB stick just got even more dangerous

    Remember that USB stick that would destroy almost anything in its path, from laptops, photo booths, kiosks, to even cars?

    Now there's a new version, and it's even more dangerous than before.

    In case you missed it the first time around, a Hong Kong-based company built a weaponized pocket-sized USB stick, which when plugged into a device, will rapidly charge its capacitors from the USB power supply and then discharge, frying the affected device's circuits.

  • Docker Image Vulnerability Research

    Managing known vulnerabilities is the first step towards a strong security posture. If we’re not updating our systems, and keeping an eye on emerging vulnerabilities that are yet to be patched upstream, we’re basically leaving the front door wide open.

More in Tux Machines

Amazon Linux 2 - Who nicked my cheese?

So far, it's a relatively benign, easy introduction to a new operating system that blends the familiar and new in a timid package. Perhaps that's the goal, because a radical offering would right away scare everyone. Amazon Linux 2 is an appealing concept, as it gives users what Red Hat never quite did (yet) - A Fedora-like bleeding-edge tech with the stability and long-term support of the mainstay enterprise offering. But then, it also pulls a Debian/Ubuntu stunt by breaking ABI, so it will be cubicle to those who enjoying living la vida loco (in their cubicle or open-space prison). Having lived and breathed the large-scale HPC world for many years, I am quite piqued to see how this will evolve. Performance, stability and ease of use will be my primary concerns. Then, is it possible to hook up a remote virtual machine into the EC2 hive? That's another experiment, and I'd like to see if scaling and deployment works well over distributed networks. Either way, even if nothing comes out of it, Amazon Linux 2 is a nice start to a possibly great adventure. Or yet another offspring in the fragmented family we call Linux. Time will tell. Off you go. Cloud away. Read more

Updates From OpenIndiana and LibreOffice (Projects That Oracle Discarded)

  • Migration to GCC 6.4 as userland compiler
    Modulo some minor details, the transition of our userland to GCC 6 is complete.
  • OpenIndiana Has Upgraded To The GCC 6 Compiler
    The OpenSolaris/Illumos-based OpenIndiana operating system has finally moved past GCC 4.9 as its base user-land compiler and is now using GCC 6.4. This comes while GCC 8.1 should be officially released in the next few weeks and they are already targeting GCC 7.3.0 as their next illumos-gate compiler.
  • LibreOffice 6.0 Open-Source Office Suite Passes 1 Million Downloads Mark
    The Document Foundation announced recently that its LibreOffice 6.0 open-source and cross-platform office suite reached almost 1 million downloads since its release last month on January 31, 2018. That's terrific news for the Open Source and Free Software community and a major milestone for the acclaimed LibreOffice office suite, which tries to be a free alternative to proprietary solutions like Microsoft Office. The 1 million downloads mark was reached just two weeks after the release of LibreOffice 6.0, which is the biggest update ever of the open-source office suite adding numerous new features and enhancements over previous versions.

FreeBSD Finally Gets Mitigated For Spectre & Meltdown (and Hugs)

  • FreeBSD Finally Gets Mitigated For Spectre & Meltdown
    Landing in FreeBSD today was the mitigation work for the Meltdown and Spectre CPU vulnerabilities. It's taken a few more weeks longer than most of the Linux distributions to be re-worked for Spectre/Meltdown mitigation as well as DragonFlyBSD, but with FreeBSD Revision 329462 it appears their initial fixes are in place. There is Meltdown mitigation for Intel CPUs via a KPTI implementation similar to Linux, the Kernel Page Table Isolation. There is also a PCID (Process Context Identifier) optimization for Intel Westmere CPUs and newer, just as was also done on Linux.
  • FreeBSD outlaws virtual hugs
  • AsiaBSDCon 2018 Conference Programme

Linux: To recurse or not

Linux and recursion are on very good speaking terms. In fact, a number of Linux command recurse without ever being asked while others have to be coaxed with just the right option. When is recursion most helpful and how can you use it to make your tasks easier? Let’s run through some useful examples and see. Read more