Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • A Step Forward for Security [iophk: "end point compromise negates many theoretical advantages"]

    While we are all mesmerized by the presidential crises, a small, but quite significant change occurred in Congress: the Senate Sergeant at Arms approved the use of Signal by Senate staff. Signal, a product of Open Whisper Systems, provides end-to-end encryption for Apple and Android phones.

  • Why Europe’s dependency on Microsoft is a huge security risk

    On May 12, hackers hit more than a hundred countries, exploiting a stolen N.S.A. tool that targeted vulnerabilities of Microsoft software. The attacks infected only machines running on Windows operative system. Among the victims are public administrative bodies such as NHS hospitals in the UK. Investigate Europe spent months to investigate the dire dependency of European countries on Microsoft – and the security risks this entails

  • NSA told Microsoft about stolen exploits: officials

    Current and former NSA officials say the agency informed Microsoft about the theft of the exploit named EternalBlue after learning of it, making it possible for the Redmond software giant to issue a patch for it in March. The exploit was used in the WannaCry ransomware attacks over last weekend.

  • Shadow Brokers claims Microsoft hand-in-glove with NSA

    The group that released NSA exploits for Windows, which were used in massive ransomware attacks last weekend, has accused Microsoft of being hand-in-glove with The Equation Group, a group that is believed to be a front for the NSA.

  • NSA officials worried about the day its potent hacking tool would get loose. Then it did.

    But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials' worst fears have been realized. The malicious code at the heart of the WannaCry virus that hit computer systems globally late last week was apparently stolen from the NSA, repackaged by cybercriminals and unleashed on the world for a cyberattack that now ranks as among the most disruptive in history.

  • Shadow Brokers threaten to unleash more hacking tools

    The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft's Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

More in Tux Machines

More of today's howtos

GNOME News: Black Lab Drops GNOME and Further GNOME Experiments in Meson

  • Ubuntu-Based Black Lab Enterprise Linux 11.0.1 Drops GNOME 3 for MATE Desktop
    Coming about two weeks after the release of Black Lab Enterprise Linux 11, which is based on the Ubuntu 16.04.2 LTS (Xenial Xerus) operating system using the HWE (hardware enablement) kernel from Ubuntu 16.10 (Yakkety Yak), Black Lab Enterprise Linux 11.0.1 appears to be an unexpected maintenance update addressing a few important issues reported by users lately.
  • 3.26 Developments
    My approach to development can often differ from my peers. I prefer to spend the early phase of a cycle doing lots of prototypes of various features we plan to implement. That allows me to have the confidence necessary to know early in the cycle what I can finish and where to ask for help.
  • Further experiments in Meson
    Meson is definitely getting more traction in GNOME (and other projects), with many components adding support for it in parallel to autotools, or outright switching to it. There are still bugs, here and there, and we definitely need to improve build environments — like Continuous — to support Meson out of the box, but all in all I’m really happy about not having to deal with autotools any more, as well as being able to build the G* stack much more quickly when doing continuous integration.

Fedora and Red Hat

Debian and Derivatives

  • Reproducible Builds: week 108 in Stretch cycle
  • Debuerreotype
    The project is named “Debuerreotype” as an homage to the photography roots of the word “snapshot” and the daguerreotype process which was an early method of taking photographs. The essential goal is to create “photographs” of a minimal Debian rootfs, so the name seemed appropriate (even if it’s a bit on the “mouthful” side).
  • The end of Parsix GNU/Linux
    The Debian-based Parsix distribution has announced that it will be shutting down six months after the Debian "Stretch" release.
  • Privacy-focused Debian 9 'Stretch' Linux-based operating system Tails 3.0 reaches RC status
    If you want to keep the government and other people out of your business when surfing the web, Tails is an excellent choice. The Linux-based operating system exists solely for privacy purposes. It is designed to run from read-only media such as a DVD, so that there are limited possibilities of leaving a trail. Of course, even though it isn't ideal, you can run it from a USB flash drive too, as optical drives have largely fallen out of favor with consumers. Today, Tails achieves an important milestone. Version 3.0 reaches RC status -- meaning the first release candidate (RC1). In other words, it may soon be ready for a stable release -- if testing confirms as much. If you want to test it and provide feedback, you can download the ISO now.