Language Selection

English French German Italian Portuguese Spanish

Microsoft

Microsoft Dirty Tricks and Entryism

Filed under
Microsoft

Security: Brutal Kangaroo Targets Windows, Linux Updates Available, Reproducible Builds, and Patching Stack Clash

Filed under
Linux
Microsoft
Security
  • Brutal Kangaroo

    Today, June 22nd 2017, WikiLeaks publishes documents from the Brutal Kangaroo project of the CIA. Brutal Kangaroo is a tool suite for Microsoft Windows that targets closed networks by air gap jumping using thumbdrives. Brutal Kangaroo components create a custom covert network within the target closed network and providing functionality for executing surveys, directory listings, and arbitrary executables.

    The documents describe how a CIA operation can infiltrate a closed network (or a single air-gapped computer) within an organization or enterprise without direct access. It first infects a Internet-connected computer within the organization (referred to as "primary host") and installs the BrutalKangaroo malware on it. When a user is using the primary host and inserts a USB stick into it, the thumbdrive itself is infected with a separate malware. If this thumbdrive is used to copy data between the closed network and the LAN/WAN, the user will sooner or later plug the USB disk into a computer on the closed network. By browsing the USB drive with Windows Explorer on such a protected computer, it also gets infected with exfiltration/survey malware. If multiple computers on the closed network are under CIA control, they form a covert network to coordinate tasks and data exchange. Although not explicitly stated in the documents, this method of compromising closed networks is very similar to how Stuxnet worked.

    The Brutal Kangaroo project consists of the following components: Drifting Deadline is the thumbdrive infection tool, Shattered Assurance is a server tool that handles automated infection of thumbdrives (as the primary mode of propagation for the Brutal Kangaroo suite), Broken Promise is the Brutal Kangaroo postprocessor (to evaluate collected information) and Shadow is the primary persistence mechanism (a stage 2 tool that is distributed across a closed network and acts as a covert command-and-control network; once multiple Shadow instances are installed and share drives, tasking and payloads can be sent back-and-forth).

  • Security updates for Wednesday
  • Reproducible Builds: week 112 in Stretch cycle
  • 5 things you need to know about Stack Clash to secure your shared Linux environment

    The vulnerability is present in Unix-based systems on i386 and amd64 architectures. Affected Linux distributions include Red Hat, Debian, Ubuntu, SUSE, CentOS and Gentoo. Solaris is owned by Oracle. FreeBSD, OpenBSD and NetBSD are also impacted. Qualys has been working with distributions and vendors since May to get the vulnerabilities fixed, and the updates are just beginning to be released. Administrators need to act promptly to update affected machines with the security updates.

Linux vs. Windows Server OS Comparison

Filed under
OS
Linux
Microsoft

A comparison between Linux and Windows while selecting the server operating system is like being in stalemate while playing the chess game where the outcome is unpredictable. Various versions of the Microsoft—from Windows—and the Linux-based operating systems are available in plenty today. But deciding the best option is a tougher task, rather, finding the right solution that fits the organizational requirements is easier.

Read more

Microsoft Openwashing by the Linux Foundation, Lockin Model, and More Openwashing With the Linux Foundation

Filed under
Microsoft
OSS

Openwashing and Parasites

Filed under
Microsoft
OSS

You Can’t Open the Microsoft Surface Laptop Without Literally Destroying It

Filed under
Microsoft
  • You Can’t Open the Microsoft Surface Laptop Without Literally Destroying It

    The company, which provides repair tools and manuals for popular gadgets like the iPhone and PlayStation, has handed the Surface Laptop a score of 0 out of 10 in terms of user repairability, stating definitively that the laptop "is not meant to be opened or repaired; you can't get inside without inflicting a lot of damage."

  • 2017 Surface Pro least repairable ever; Surface Laptop is made of glue

    iFixit's pictures, as ever, give a great look at the insides of the two machines. The Laptop has no external screws at all; to get into the system, iFixit had to peel off the glued-down fabric keyboard surround, an operation that obviously can't be undone, producing a machine that offers essentially no serviceability whatsoever.

Microsoft in the Details

Filed under
Microsoft

Openwashing and Attacks on FOSS, OSS Leftovers

Filed under
Microsoft
OSS
  • Microsoft is Bringing Native Linux Container Support and Bash to Windows Server [Ed: Microsoft wants to swallow GNU/Linux in a platform with NSA back doors and keyloggers, not to mention patent tax]
  • ​Microsoft joins Java-oriented Cloud Foundry [Ed: for influence and steering from the inside]
  • FreeNAS 11.0 is Now Here
  • OW2 Consortium: Building Beyond Europe

    This year marks the 10th anniversary of OW2, and the organization is celebrating during its annual conference, on June 26-27, in Paris, France. OSI GM Patrick Masson sat down with Cedric Thomas, CEO of OW2 to learn more about the foundation, it’s accomplishments over the past 10 years, and what’s in store for the anniversary celebration.

    The Open Source Initiative (OSI) Affiliate Membership Program is an international who’s who of open source projects, advocates, and communities: Creative Commons, Drupal Association, Linux Foundation, Mozilla Foundation, Open Source Matters (the foundation supporting Joomla), Python Software Foundation, Wikimedia Foundation, Wordpress Foundation and many more. Open source enthusiasts outside Europe may not be as familiar with another OSI Affiliate Member, OW2, however its impact on open source development and adoption across the EU has been significant.

  • FSFE Newsletter - June 2017

FOSS FUD and Microsoft Entryism

Filed under
Microsoft
OSS

GNU/Linux Prevents Back Doors, Microsoft Patches Some

Filed under
GNU
Linux
Microsoft
Security
Syndicate content

More in Tux Machines

Red Hat: British Army Deal, Hyperconverged Infrastructure, OpenShift, Soaring Share Price, and Fedora

today's howtos

Servers: Infrakit & LinuxKit, CMTL, ServiceMaster, Synology, Ubuntu, and NeuVector

  • Why Infrakit & LinuxKit are better together for Building Immutable Infrastructure?
    Let us accept the fact – “Managing Docker on different Infrastructure is still difficult and not portable”. While working on Docker for Mac, AWS, GCP & Azure, Docker Team realized the need for a standard way to create and manage infrastructure state that was portable across any type of infrastructure, from different cloud providers to on-prem. One serious challenge is that each vendor has differentiated IP invested in how they handle certain aspects of their cloud infrastructure. It is not enough to just provision n-number of servers;what IT ops teams need is a simple and consistent way to declare the number of servers, what size they should be, and what sort of base software configuration is required. Also, in the case of server failures (especially unplanned), that sudden change needs to be reconciled against the desired state to ensure that any required servers are re-provisioned with the necessary configuration. Docker Team introduced and open sourced “InfraKit” last year to solve these problems and to provide the ability to create a self healing infrastructure for distributed systems.
  • CMTL Testing First Linux Based Intel® Server Board
    The board is designed for HPC workload environments requiring parallel computing processing performance. Up to 72 cores for optional support and 100Gb/s node interconnect. Six slots for DDR4, 2400Mhz registered ECC DIMMS to achieve a capacity of 384G.
  • [Older] DNS Infrastructure at GitHub
    At GitHub we recently revamped how we do DNS from the ground up. This included both how we interact with external DNS providers and how we serve records internally to our hosts. To do this, we had to design and build a new DNS infrastructure that could scale with GitHub’s growth and across many data centers.
  • ServiceMaster polishes DevOps process for Linux container security
    ServiceMaster Global Holdings Inc., which owns consumer brands such as Terminix, Merry Maids, Furniture Medic and ServiceMaster Clean and Restore, deploys 75,000 service trucks to residential driveways each day. Five years ago, the company was taken private by an equity firm, and new leadership, including a new CIO, was brought in to modernize its operations. When it returned to the public market in 2014, the company had completely overhauled its approach to IT.
  • My Love Affair with Synology
    In my "Hodge Podge" article in the October 2016 issue, I mentioned how much I love the Synology NAS I have in my server closet (Figure 1). I got quite a few email messages from people—some wanting more information, some scolding me for not rolling my own NAS, and some asking me what on earth I need with that much storage. Oddly, the Linux-running Synology NAS has become one of my main server machines, and it does far more than just store data. Because so many people wanted more information, I figured I'd share some of the cool things I do with my Synology.
  • Certified Ubuntu Cloud Guest – The best of Ubuntu on the best clouds
    Ubuntu has a long history in the cloud. It is the number one guest operating system on AWS, Azure and Google Cloud Platform. In fact there are more Ubuntu images running in the public cloud than all other operating systems combined. Ubuntu is a free operating system which means anyone can download an image, whenever they want. So why should cloud providers offer certified Ubuntu images to their customers?
  • Cloud Foundry and Kubernetes: Different Tools
    It’s difficult to compare programming languages and platforms, of course, but this was the analogy that most frequently came to mind last week. Cloud Foundry is unlikely to be as popular as it was shortly after it launched, when it was the only open source PaaS platform available. But this says little about Cloud Foundry, and more about the platform market which – like every other infrastructure market – is exploding with choice to the point of being problematic. It also ignores the ability for the Cloud Foundry foundation to actively embrace this choice via the addition of Kubo.
  • Ubuntu OpenStack Pike Milestone 2
    The Ubuntu OpenStack team is pleased to announce the general availability of the OpenStack Pike b2 milestone in Ubuntu 17.10 and for Ubuntu 16.04 LTS via the Ubuntu Cloud Archive.
  • NeuVector Releases Open Source Tools to Help Enterprises Evaluate Kubernetes 1.6 Deployments for CIS Benchmark Compliance

Chromebook Dual Boot How-to: Ubuntu 17.04 GNOME and Chrome OS

Last year when I got my Acer Chromebook 11 (C740), I wrote a tutorial to teach you guys how to remove Google Chrome OS and install a GNU/Linux distribution of your choice, but things got boring. Read more