Language Selection

English French German Italian Portuguese Spanish

Openwashing and FOSS Foes Leftovers

Filed under

More in Tux Machines

today's howtos

Kernel: Security in Linux 4.19 and 4.20 Work So Far

  • Kees Cook: security things in Linux v4.19
    While it seems like ages ago, the fixes for L1TF actually landed at the start of the v4.19 merge window. As with the other speculation flaw fixes, lots of people were involved, and the scope was pretty wide: bare metal machines, virtualized machines, etc. LWN has a great write-up on the L1TF flaw and the kernel’s documentation on L1TF defenses is equally detailed. I like how clean the solution is for bare-metal machines: when a page table entry should be marked invalid, instead of only changing the “Present” flag, it also inverts the address portion so even a speculative lookup ignoring the “Present” flag will land in an unmapped area.
  • Linux Kernel Interface To Finally Allow For Programmable LED Patterns
    It's not often we get to talk about the LED drivers for the Linux kernel... Yes, the class of Linux kernel drivers to support controlling the brightness of LEDs via supported drivers and exposing that to user-space. With Linux 4.20~5.0 comes finally the ability to program "patterns" for LEDs.
  • Linux 4.20~5.0 Bringing Better x86 32-Bit Hibernation Support
    Intel's Rafael Wysocki sent in the power management updates today for the Linux 4.20~5.0 kernel cycle. On the power management front for this next Linux kernel, there is better x86 32-bit hibernation support. Hibernation bug fixes were back-ported from the x86_64 kernel code to x86 32-bit for consolidating the x86 hibernation handling and allowing a lot more 32-bit systems to behave correctly should you still be running them and wish to correctly hibernate for power conservation.
  • IBM s390 Code For Linux 4.20 Bringing Several Features
    Should you be into Linux on z Systems, the IBM s390 code for the Linux 4.20~5.0 cycle is coming with several feature additions. The s390 code is bringing a few features that have been available on other platforms for a while including KASAN (Kernel Address Sanitizer) as well as support for virtually mapped kernel stacks.

Linux Foundation: Academy Software Foundation Grows, Zemlin Interviewed

  • Open Source: Sony Pictures, Warner Bros. Join Academy Software Foundation (EXCLUSIVE)
  • How the Linux Foundation is reckoning with its security and diversity issues
    Linus Torvalds is back in charge of Linux. With that elephant out of the room - what else might the Linux Foundation be keen to address? Speaking with Computerworld UK at the Open Source Summit in Edinburgh this week, executive director of the Foundation, Jim Zemlin, outlined three key areas of improvement: application security, diversity, and data sharing. [...] These are the most pressing issues outlined by Zemlin, but another area where the Foundation hopes to see improvement is bolstering collaboration, specifically around the rise of machine learning, artificial intelligence and predictive analytics. As these become more important to how people build technology products and services, Zemlin adds, the importance of code sharing also increases. "I think the concept of taking open source practices of code sharing and lending them to data sharing is something that we could assist on, and to that end we've created an open data licence - two of them actually, a copyleft one and a more permissive data licence, similar to how standardised open source licences made it easy to share code, make it easy to share data."

Windows Back Doors for NSA, Libssh (Not Related to OpenSSH) Patched

  • Windows servers still infected by DarkPulsar NSA exploit
    Researchers from security outfit Kaspersky Lab say they have found about 50 systems infected by the DarkPulsar malware, part of the NSA exploits which were dumped online by a group calling itself the Shadow Brokers in 2017. A research brief written by Andrey Dolgushev, Dmitry Tarakanov and Vasily Berdnikov said DarkPulsar was in the implants category of the dump which included two frameworks called DanderSpritz and FuzzBunch. DarkPulsar was not a backdoor in itself, but just the administrative part of a backdoor.
  • Kaspersky says it detected infections with DarkPulsar, alleged NSA malware
    The hacking tools were leaked by a group of hackers known as the Shadow Brokers, who claimed they stole them from the Equation Group, a codename given by the cyber-security industry to a group that's universally believed to be the NSA. DarkPulsar went mostly unnoticed for more than 18 months as the 2017 dump also included EternalBlue, the exploit that powered last year's three ransomware outbreaks --WannaCry, NotPetya, and Bad Rabbit. Almost all the infosec community's eyes have been focused on EternalBlue for the past year, and for a good reason, as the exploit has now become commodity malware. But in recent months, Kaspersky researchers have also started to dig deeper into the other hacking tools leaked by the Shadow Brokers last year. They looked at FuzzBunch, which is an exploit framework that the Equation Group has been using to deploy exploits and malware on victims' systems using a CLI interface similar to the Metasploit pen-testing framework.
  • Libssh CVE-2018-10933 Scanners & Exploits Released - Apply Updates Now