Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • 'Benign' worm seeks out vulnerable smart devices

    A "benign" worm is scouring the net seeking out poorly protected smart gadgets.

    CCTV systems, routers, digital video recorders and other internet-of-things (IoT) devices are now believed to be harbouring the Hajime worm.

  • How to manage the computer-security threat

    COMPUTER security is a contradiction in terms. Consider the past year alone: cyberthieves stole $81m from the central bank of Bangladesh; the $4.8bn takeover of Yahoo, an internet firm, by Verizon, a telecoms firm, was nearly derailed by two enormous data breaches; and Russian hackers interfered in the American presidential election.

    Away from the headlines, a black market in computerised extortion, hacking-for-hire and stolen digital goods is booming. The problem is about to get worse. Computers increasingly deal not just with abstract data like credit-card details and databases, but also with the real world of physical objects and vulnerable human bodies. A modern car is a computer on wheels; an aeroplane is a computer with wings. The arrival of the “Internet of Things” will see computers baked into everything from road signs and MRI scanners to prosthetics and insulin pumps. There is little evidence that these gadgets will be any more trustworthy than their desktop counterparts. Hackers have already proved that they can take remote control of connected cars and pacemakers.

  • Security updates for Thursday
  • Open Source Remote Access Trojan Targets Telegram Users

    Remote access Trojans are mainly used to steal consumer data, either for consumers themselves or the conglomerate keeping this information safe from prying eyes. However, it appears criminals are looking at a different approach for these tools right now. A new open source remote access Trojan can now be used to extract data from the Telegram communication platform.

More in Tux Machines

Programming: GNU Parallel, Rust, Go

OSS Leftovers

  • Openlab: what it is and why it matters
    Six months on from its announcement at Openstack Summit Sydney in late 2017, community testing project OpenLab is in full swing. OpenLab was initially formed by Intel, Huawei and the OpenStack foundation as a community-led project for improving SDK support and also introducing other platforms like Kubernetes and Cloud Foundry to the Openstack environment. Ultimately the idea is to improve usability in hybrid and multi-cloud environments. Melvin Hillsman sits on the governance board along with Dr Yih Leong Sun of Intel and Chris Hoge from the Foundation. Hillsman moved from Rackspace to Huawei to work specifically on the project. "The reason we think Openlab is important is, basically, Openstack for some time has been very specific about testing and integration for Openstack services, focusing only on the projects started at Openstack," Hillsman tellsComputerworld UK at the Openstack Vancouver Summit. "It's been working very well, it's a robust system. But for me as a person in the user community - my getting involved in Openstack was more on the operator-user side.
  • Open source innovation tips for the customer-driven economy
    New technologies, ranging from big data and blockchain to 3D printing, are giving rise to new opportunities and challenges for companies today. To stay competitive, organizations need to become more intelligent, customer-centric, and increasingly agile to cope with changing business demands. The worry for many companies which are trying to innovate is that while the speed and scope of applications are expanding rapidly, the variety and complexity of technology is increasing simultaneously, putting pressure on their IT infrastructure. Speaking at the SUSE Expert Days 2018 held in Singapore recently, Dr Gerald Pfeifer, VP of Products and Technology Program, SUSE, told attendees that these prevailing trends have come together to make Open Source the primary engine for business innovation.
  • Qualcomm is able to release the Snapdragon 845 source code in 6 weeks
    Qualcomm‘s latest high-end system-on-chip, the Qualcomm Snapdragon 845, was announced at the Snapdragon Tech Summit back in December. The chipset offers 4 Kryo 385 (A75 “performance”) and 4 Kryo 385 (A55 “efficiency”) CPU cores, the latest Adreno 630 GPU, the Spectra 280 ISP, the Hexagon 685 DSP, the Snapdragon X20 LTE modem, and a new Secure Processing Unit (SPU). The Snapdragon 845 SoC is a powerhouse in benchmarks and it is already available in devices like the Samsung Galaxy S9/S9+, Xiaomi Mi Mix 2S, and the OnePlus 6. Developers on our forums have been itching to get their hands on a device with Qualcomm’s latest and greatest, but there’s just one thing that has made some developers worry about the future of development on the platform: The lack of publicly available source code for the kernel, HALs, framework branches, and more on the CodeAurora Forums.
  • Kata Containers 1.0 Released, Formerly Intel Clear Containers
    Back in December was the announcement of Intel's Clear Containers being spun into a new project called Kata Containers in collaboration with other organizations. Kata Containers has now reached their version 1.0 milestone. Kata Containers 1.0 is now available for this container technology designed for offering a secure and scalable container experience built atop Intel VT technology.
  • What's new in OpenStack?
    As OpenStack Foundation Chief Operating Officer Mark Collier referenced in his opening keynote, the uses which OpenStack is seeing today expand far beyond what most who were involved in the early days of the project could have ever imagined. While OpenStack started out primarily in the traditional data center and found many large-scale users, particularly in the telecommunications industry, who were using it to manage huge installations of traditional x86 server hardware, the flexibility of OpenStack has today allowed it to thrive in many other environments and use cases. Today, we see OpenStack powering everything from academic and research projects to media and gaming services, from online retail and e-commerce to manufacturing and industrial applications, and from finance to healthcare. OpenStack is found in all of these different places not just because it is cheaper than using the public cloud, not just because it makes compliance with various regulations easier, but because its open source code makes it flexible to all sort of different situations.
  • Should Red Hat Buy or Build a Database?
    For a decade, at least, observers of the company have speculated about whether Red Hat would or should enter the database market. The primary argument, one made in this space eight years ago, has historically been that Red Hat is de facto leaving potential dollars on the table by limiting itself to operating platform and immediately adjacent markets. In a more recent piece, analyst Krishnan Subramanian adds that Red Hat is at risk because databases represent a control point, one that the company is effectively ceding to competitors such as AWS or Microsoft.
  • Tidelift Raises $15M Series A From General Catalyst, Foundry, & Others
    This morning Tidelift, a startup focused on helping developers work with open source technology, announced that it has closed a $15 million Series A round of funding co-led by General Catalyst, Foundry, and Matthew Szulik, the former CEO of Red Hat, a public open source-centered technology company. The subscription-powered startup has an interesting business model which we’ll dive into shortly, but it’s worth noting that the open source space as a whole is quite active. It’s something that Crunchbase News covered last year, describing how startups working with open source software have enjoyed a dramatic rise in investor interest. That puts Tidelift in the midst of a trend.
  • Tidelift lands $15M to deliver professional open-source support
    Tidelift Inc. is raising $15 million as it looks to boost its unique open-source software model that sees companies pay for professional support of their favorite projects, allowing those that maintain them to get compensated too. The Series A round was led by the investment firms General Catalyst and Foundry Group, as well as former Red Hat Inc. Chairman and Chief Executive Matthew Szulik. The company was able to attract the investment after coming up with a novel idea for maintaining the most popular open-source software projects in a way that benefits both the users and those who help to create them. It works like this: Companies pay a subscription fee that entitles them to professional-grade support, similar to the kind of commercial subscriptions offered by firms such as Red Hat, Cloudera Inc. and Docker Inc. A part of these fees are then used to pay the developers who maintain the software. The net result, at least in theory, is that everyone is happy, as companies enjoy the benefits of professional support at lower rates than they might expect from an established firm, and the developers of the software are finally rewarded for their efforts.

today's howtos

Ubuntu: Ubuntu 18.04 Install and First Look, Canonical and Trilio Deal, Ubuntu Server Development and Shuttleworth's Controversy

  • Ubuntu 18.04 Install and First Look
    The long anticipated Ubuntu 18.04 “Bionic Beaver” Long Term Support (LTS) release has arrived… Let’s install it and take a look around.
  • Canonical Managed Cloud adds data protection and recovery with Trilio
    Canonical and Trilio announced today a partnership agreement to deliver TrilioVault backup and recovery solutions as part of BootStack, Canonical’s fully managed OpenStack private cloud solution. TrilioVault will also be made available as an option to Ubuntu Advantage support customers. As a result, users already taking advantage of the Ubuntu platform for their OpenStack deployment now have seamless access to the only OpenStack-native data protection solution on the market. Together, the two companies are pushing the boundaries of enterprise OpenStack clouds to become increasingly easier to build, simpler to manage, and more reliable in the event of a disaster.
  • Ubuntu Server development summary – 22 May 2018
  • Ubuntu's Shuttleworth Creates Controversy with OpenStack Summit Vancouver Keynote
    The OpenStack Foundation is facing a bit of drama and controversy as it deals with issues related to a keynote delivered by Ubuntu Linux founder, Mark Shuttleworth at the OpenStack Summit here on May 21. Typically the OpenStack Foundation posts videos of all its session online within 24 hours, but with the Shuttleworth keynote, the video was apparently posted and then promptly removed. During his keynote, Shuttleworth took direct aim at his OpenStack competitor Red Hat, which apparently made some people in the OpenStack Summit community uncomfortable.