Language Selection

English French German Italian Portuguese Spanish


Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Security Leftovers

  • Security updates for Thursday

    Security updates have been issued by CentOS (firefox, ipmitool, krb5-appl, and telnet), Debian (ceph and firefox-esr), Mageia (firefox), openSUSE (bluez and exiv2), Red Hat (firefox), SUSE (ceph, libssh, mgetty, permissions, python-PyYAML, rubygem-actionview-4_2, and vino), and Ubuntu (libiberty and libssh).

  • NASA CIO Agencywide Memo: Alert: Cyber Threats Significantly Increasing During Coronavirus Pandemic [iophk: Windows TCO]

    A new wave of cyber-attacks is targeting Federal Agency Personnel, required to telework from home, during the Novel Coronavirus (COVID-19) outbreak. During the past few weeks, NASA’s Security Operations Center (SOC) mitigation tools have prevented success of these attempts. Here are some examples of what’s been observed in the past few days: [...]

  • Apple Safari Flaws Enable One-Click Webcam Access

    A security researcher has disclosed vulnerabilities in Apple’s Safari browser that can be used to snoop on iPhones, iPads and Mac computers using their microphones and cameras. To exploit the flaws in a real-world attack, all an attacker would need to do is convince a victim to click one malicious link.

    Security researcher Ryan Pickren has revealed details on seven flaws in Safari, including three that could be used in a kill chain to access victims’ webcams. The vulnerabilities were previously submitted to Apple via its bug-bounty program and have been patched – however, technical details of the flaws, including a proof of concept (PoC) attack, were kept under wraps until Pickren’s recent disclosure.

  • OK Zoomer: avoiding a privacy disaster in the post-coronavirus world

    It would be an understatement to say that Covid-19 has affected practically every aspect of our lives, given the scale of the transformation. Its impact on privacy, too, is evident. Last week, this blog wrote about a rush by governments around the world to use smartphones to help enforce quarantines and carry out contact tracing. However, a problem can also be an opportunity. One technology company is not just coping with the coronavirus wave, but thriving. Almost overnight, the videoconferencing app Zoom, hitherto mainly used by companies, became an indispensable tool for life under lockdown, and its most representative social platform.

  • Security monitoring in Linux with Tripwire

    Every sysadmin loses sleep every once and a while over system intrusions. Nobody wants a server they're responsible for to be compromised. The problem is, even though you may review logs regularly, a truly effective system intrusion doesn't leave obvious logs lying around. This makes it difficult to know definitively whether your systems are secure. In addition to setting SELinux to Enforcing and implementing regular pentests, one of the best ways to monitor your system for security breaches is to — well, monitor your system for security breaches. If that seems easier said than done, then you need to try Tripwire. Tripwire is a file integrity monitoring tool that watches for changes to critical files on your system. This article shows you how to install, setup, and use Tripwire on your network. Tripwire is both a company and an open-source code base. You can purchase monitoring from Tripwire, or you can use the GPLv2 code they've made available on GitHub. The usual trade-offs apply. If you pay for it, Tripwire does most of the hard work for you, and all you have to do is pay attention to the reports. If you implement Tripwire yourself, then you get to set it up and configure it on your own.

  • sshd attack traffic

    I firmly believe that security through obscurity is a fail. However, I do believe that all things being equal, making it a bit more obscure is better as long as you aren’t introducing more failure points, like a port knocker that has it’s own security bugs. Thus I’ve always run my sshd service on an alternative port. It’s simple, and keeps my logs clean and shouldn’t cause any additional security risks. Of course I use a secure configuration and keep my software up to date. However, I found out that in the past few weeks that my port of choice has been discovered. After the sad realization that I would need to pick a more random port I decided to look at the attempts to brute force my sshd service and summarize what I found.

  • Remote Linux Desktops Made Easier & More Secure Than Ever
  • Why I Don’t Use A Static Site Generator

    Yeah, I hear you, WordPress is less secure than a static site. There’s no getting away from that fact – there’s no admin interface for a threat actor to compromise.

    For me, the potential risk of running WordPress vs a static site is what’s important here. By using strong passwords, multi-factor authentication and good InfoSec hygiene, the potential attack surface of WordPress is significantly reduced.

Software Freedom Podcast #5 about regulation with Professor Lawrence Lessig

This fifth episode of the Software Freedom Podcast covers the complicated topic of regulation. Our guest is Professor Lawrence Lessig from the Harvard Law School. Lessig is a former board member of the Free Software Foundation and the Electronic Frontier Foundation, as well as founder and present Board member of Creative Commons. Lessig has published several books, including the influential and often-quoted "Code and Other Laws of Cyberspace". In this episode we discuss with Professor Lessig the different types of regulation that affect society both, online and offline, such as laws, norms, the market, or architecture. In this respect we also touch upon code as a means of regulation. Enjoy learning about the positive and negative effects that some of these regulations can have on society, as well as the further development of ideas. Read more

Android Leftovers

OpenSUSE Leap + SUSE Linux Enterprise Planning To Move Closer In 2020

SUSE and the openSUSE community are working to move SUSE Linux Enterprise and openSUSE Leap closer together. A proposal sent out today with the interest of SUSE is for taking the openSUSE Leap and SUSE Linux Enterprise relationship to a new level. This new collaboration would more closely align the source trees of openSUSE Leap and SUSE Linux Enterprise Linux, including the use of SUSE Linux Enterprise binaries within Leap. The plan would involve merging of the code-bases for the intersection of openSUSE Leap 15.2 / SUSE Linux Enterprise 15 SP2 and moving forward to even create a a new openSUSE Leap 15.2 flavor leveraging SUSE Linux Enterprise binaries. Read more Direct: opensuse-announce Also: Bringing Leap and SUSE Linux Enterprise closer together - a proposal