Language Selection

English French German Italian Portuguese Spanish

Linuxinsight

Syndicate content
LinuxInsight - aggregated feeds
Updated: 6 weeks 3 days ago

TuxMachines: Red Hat and Fedora Leftovers

Friday 16th of March 2018 10:45:46 AM

read more

TuxMachines: Security: CPU Patches, PostgreSQL, Apple 'Back Door'

Friday 16th of March 2018 10:43:48 AM
  • Canonical Releases Spectre/Meltdown Patches for Ubuntu 17.10 for Raspberry Pi 2

    Canonical published two security advisories on Thursday to announce the availability of Spectre mitigations for the ARM64 (AArch64) hardware architecture on its Ubuntu 17.10 and Ubuntu 16.04.4 LTS systems.

    In January, Canonical released several kernel updates for Ubuntu 17.10 (Artful Aardvark) and other supported Ubuntu releases with software mitigations against the Spectre and Meltdown security vulnerabilities. These patches were first released for 64-bit (amd64) architectures, and then for 32-bit (i386), PPC64el, and s390x systems.

    Today, the company announced the availability of new kernel updates that address both the Meltdown and Spectre security vulnerabilities for the ARM64 (AArch64) hardware architecture, patching the Raspberry Pi 2 kernel for Ubuntu 17.10, as well as its derivatives.

  • Oracle Patches Spectre for Red Hat

    The Red Hat community has patiently awaited a retpoline kernel implementation that remediates CVE-2017-5715 (Spectre v2) and closes all Meltdown and Spectre vulnerabilities that have captured headlines this year.

    Red Hat's initial fixes rely upon microcode updates for v2 remediation, a decision that leaves the vast majority of AMD64-capable processors in an exploitable state. Intel's new microcode has proven especially problematic; it performs badly and the January 2018 versions were plagued with stability issues that crashed many systems. It is a poor solution to a pressing problem.

  • ​Meet the Scarlett Johansson PostgreSQL malware attack

    t's not the first time an image has been used to give a victim malware, but it may be the first time it's been used so narrowly. According to the security firm Imperva, their StickyDB database management system (DBMS) honeypot has uncovered an attack that places malware, which cryptomines Monero, on PostgreSQL DBMS servers. Its attack vector? An image of Hollywood star Scarlett Johansson.

    Now, you might ask, "How many PostgreSQL DBMS servers are out there on the internet to be attacked?" The answer: "More than you'd expect." A Shodan search revealed almost 710,000 PostgreSQL servers ready to be hacked. It appears there are so many of them because it's way too easy, especially on Amazon Web Services (AWS), to set up PostgreSQL servers without security.

  • This Black Box Can ‘Unlock Your iPhone’ For Cops; Images Leaked

    The debate whether law enforcement agencies should be given exclusive access to iOS-powered Apple devices started when the FBI was unable to unlock San Bernardino shooter’s iPhone. Eventually, FBI found other ways to get inside Apple’s secured digital fortress, through an Israel-based company called Cellebrite.

    In the latest news, we have come across about a new iPhone unlocking device called GrayKey that can be used by law enforcement guys to harvest passcode of an iPhone and other iOS-powered devices such as iPads and iPods.

read more

Phoronix: GCC 8 Compiler Offering More Helpful Debug Messages, Usability Improvements

Friday 16th of March 2018 10:39:39 AM
Red Hat's David Malcom has outlined some of the usability improvements coming with the imminent release of GCC 8...

TuxMachines: Ubuntu Has Made its Minimal Images Even More Minimal — Just 28MB!

Friday 16th of March 2018 10:27:17 AM

The Ubuntu minimal image has been reduced in size for the upcoming Ubuntu 18.04 LTS Bionic Beaver release. Ubuntu devs have reduced the images to just 28MB.

Also: TeX Live 2018 (pretest) hits Debian/experimental

read more

LXer: Meet the Scarlett Johansson PostgreSQL malware attack

Friday 16th of March 2018 09:33:33 AM
VIDEO: An image of the popular actress is being used as a malware attack vector on the open-source DBMS PostgreSQL.

TuxMachines: Linux Beats Windows To Become The Most Popular Development Platform: Stack Overflow Survey 2018

Friday 16th of March 2018 09:26:24 AM

Every year, Stack Overflow conducts its developer survey and shares its results with the public for analysis. Expanding its reach, this year over 100,000 developers took part in the 30-minute survey and told how they learn new technologies, which tools they use to get their work done, and what they look for while hunting some job.

Over the next few weeks, I’ll be sharing the different findings of the survey with you and telling you how it compares to the past years’ trends. Today, I’ll be telling you about the platforms that were most commonly used by the developers over the past year.

read more

LXer: Alexa development board runs Linux on Raspberry Pi Compute Module

Friday 16th of March 2018 08:19:13 AM
Gumstix has launched a version of its Linux-driven Chatterbox Alexa Voice Service development board designed for the RPi Compute Module, and updated its AeroCore 2 drone controller for the DragonBoard 410C. Gumstix has developed a variation on its recently announced Chatterbox for the Colibri iMX7 that is instead powered by a Raspberry Pi Compute Module. […]

LXer: How to Install AbanteCart on Ubuntu 16.04 LTS

Friday 16th of March 2018 07:04:53 AM
AbanteCart is a free, open-source e-commerce platform based on PHP language. It comes with powerful features including, support for digital and tangible products, support for a variety of payment gateways, SEO Friendly, Mobile support, Fast and secure.

Reddit: Mir 0.31.0 release

Friday 16th of March 2018 06:31:41 AM

LXer: Raspbian Remix Lets You Create Your Own Spin That You Can Install on PC or Mac

Friday 16th of March 2018 05:50:32 AM
Developer Arne Exton announced today the release of the third iteration of its Raspbian PIXEL remix rebased on the Debian GNU/Linux 9 "Stretch" operating system and synced with the upstream changes.

Reddit: What is future of Linux firewalling?

Friday 16th of March 2018 04:55:49 AM

Can we expect iptables to become (widely) considered obsolete anytime soon? Is it good moment to say that nftables is the way to go? Most of all: What's going on with this bpf ( https://lwn.net/Articles/747551/ ) thingy, will it evolve to standalone alternative to nftables or maybe it will become enhancement/part of nftables?

submitted by /u/cr_wdc_ntr_l
[link] [comments]

LXer: 3 best practices for securing Kubernetes environments

Friday 16th of March 2018 04:36:12 AM
The Kubernetes orchestration platform is such a gigantic open source project that its evolution is inherently rapid. The pace of change significantly increases the importance of adhering to security best practices when using the ever-changing Kubernetes platform to automate deployment, scaling, and management of containerized cloud-native applications.read more

LXer: Install LEMP Stack on CentOS 7

Friday 16th of March 2018 03:21:52 AM
In this series, we will show you how to install Nginx, generate a free Let’e Encrypt SSL certificate, install and secure MariaDB and install PHP 7.x. The term LEMP is an acronym of the names of its four open-source components.

Reddit: Anarchy-Linux

Friday 16th of March 2018 03:06:14 AM

LXer: Linus Bashes CTS Labs, GNOME 3.28 Released, Project ACRN and More

Friday 16th of March 2018 02:07:32 AM
Linus Torvalds bashes CTS Labs' AMD chip report, calling it "more like stock manipulation than a security advisory...

LinuxToday: Rollback an update on RHEL/CentOS - A simple guide

Friday 16th of March 2018 02:00:00 AM

We can install, remove or update packages using the yum command. But...

LXer: How to Play Rubik’s Cube in Linux Terminal with nrubik

Friday 16th of March 2018 12:53:12 AM
While there are many Inventive games that pushed the boundaries of what’s possible for puzzle games, there were no n-curses-based Rubik’s Cube for the Unix console, until now.

More in Tux Machines

Android Leftovers

Graphics: XWayland and Mesa

  • XWayland Gets Patches For Better EGLStreams Handling
    While the recently released X.Org Server 1.20 has initial support for XWayland with EGLStreams so X11 applications/games on Wayland can still benefit from hardware acceleration, in its current state it doesn't integrate too well with Wayland desktop compositors wishing to support it. That's changing with a new patch series.
  • Intel Mesa Driver Finally Supports Threaded OpenGL
    Based off the Gallium3D "mesa_glthread" work for threaded OpenGL that can provide a measurable win in some scenarios, the Intel i965 Mesa driver has implemented this support now too. Following the work squared away last year led in the RadeonSI driver, the Intel i965 OpenGL driver supports threaded OpenGL when the mesa_glthread=true environment variable is set.
  • Geometry & Tessellation Shaders For Mesa's OpenGL Compatibility Context
    With the recent Mesa 18.1 release there is OpenGL 3.1 support with the ARB_compatibility context for the key Gallium3D drivers, but Marek Olšák at AMD continues working on extending that functionality under the OpenGL compatibility context mode.
  • Mesa Begins Its Transition To Gitlab
    Following the news from earlier this month that FreeDesktop.org would move its infrastructure to Gitlab, the Mesa3D project has begun the process of adopting this Git-centered software.

Welcome to Ubuntu 18.04: Make yourself at GNOME. Cup of data-slurping dispute, anyone?

Comment Ubuntu 18.04, launched last month, included a new Welcome application that runs the first time you boot into your new install. The Welcome app does several things, including offering to opt you out of Canonical's new data collection tool. The tool also provides a quick overview of the new GNOME interface, and offers to set up Livepatch (for kernel patching without a reboot). In my review I called the opt-out a ham-fisted decision, but did note that if Canonical wanted to actually gather data, opt-out was probably the best choice. Read more

How CERN Is Using Linux and Open Source

CERN really needs no introduction. Among other things, the European Organization for Nuclear Research created the World Wide Web and the Large Hadron Collider (LHC), the world’s largest particle accelerator, which was used in discovery of the Higgs boson. Tim Bell, who is responsible for the organization’s IT Operating Systems and Infrastructure group, says the goal of his team is “to provide the compute facility for 13,000 physicists around the world to analyze those collisions, understand what the universe is made of and how it works.” Read more