Language Selection

English French German Italian Portuguese Spanish

Security: Intel, Cisco, Apple, FBI

Filed under
Security
  • How Much Slower Will My PC Become After Meltdown And Spectre Patches?
  • Intel's Microcode Update for Spectre Exploit Is Now Available in Ubuntu's Repos

    Canonical announced a few moments ago that Intel's latest microcode update for the Spectre security vulnerability is now available from the software repositories of all supported Ubuntu Linux releases.

    After releasing earlier this week new kernel updates to mitigate the Meltdown and Spectre security exploits that put billions of devices at risk of attacks by allowing a local, unprivileged attacker to obtain sensitive information from kernel memory, Canonical now released the updated microcode from Intel for supported Intel CPUs.

  • Cisco can now sniff out malware inside encrypted traffic

    Cisco has switched on latent features in its recent routers and switches, plus a cloud service, that together make it possible to detect the fingerprints of malware in encrypted traffic.

    Switchzilla has not made a dent in transport layer security (TLS) to make this possible. Instead, as we reported in July 2016, Cisco researchers found that malware leaves recognisable traces even in encrypted traffic. The company announced its intention to productise that research last year and this week exited trials to make the service – now known as Encrypted Traffic Analytics (ETA) - available to purchasers of its 4000 Series Integrated Service Routers, the 1000-series Aggregation Services Router and the model 1000V Cloud Services Router 1000V.

    Those devices can’t do the job alone: users need to sign up for Cisco’s StealthWatch service and let traffic from their kit flow to a cloud-based analytics service that inspects traffic and uses self-improving machine learning algorithms to spot dodgy traffic.

  • MacOS High Sierra security bug lets you unlock App Store System Preferences with any random password

    According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon. If it is unlocked, lock it and then try unlocking it using your username and any password.

  • Intel tells select customers not to use its bug fixes

    Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

  • Canonical reissues Meltdown and Spectre patches for Ubuntu after borkage
  • A Step in the Right Direction: House Passes the Cyber Vulnerability Disclosure Reporting Act

    The House of Representatives passed the “Cyber Vulnerability Disclosure Reporting Act” this week. While the bill is quite limited in scope, EFF applauds its goals and supports its passage in the Senate.

    H.R. 3202 is a short and simple bill, sponsored by Rep. Sheila Jackson Lee (D-TX), that would require the Department of Homeland Security to submit a report to Congress outlining how the government deals with disclosing vulnerabilities. Specifically, the mandated report would comprise two parts. First, a “description of the policies and procedures developed [by DHS] for coordinating cyber vulnerability disclosures,” or in other words, how the government reports flaws in computer hardware and software to the developers. And second, a possibly classified “annex” containing descriptions of specific instances where these policies were used to disclose vulnerabilities in the previous year, leading to mitigation of the vulnerabilities by private actors.

    Perhaps the best thing about this short bill is that it is intended to provide some evidence for the government’s long-standing claims that it discloses a large number of vulnerabilities. To date, such evidence has been exceedingly sparse; for instance, Apple received its first ever vulnerability report from the U.S. government in 2016. Assuming the report and annex work as intended, the public’s confidence in the government’s ability to “play defense” may actually increase.

  • FBI Says Device Encryption Is 'Evil' And A Threat To Public Safety

    The FBI continues its anti-encryption push. It's now expanded past Director Christopher Wray to include statements by other FBI personnel. Not that Chris Wray isn't taking every opportunity he can to portray personal security as a threat to the security of the American public. He still is. But he's no longer the only FBI employee willing to speak up on the issue.

    Wray expanded his anti-encryption rhetoric last week at a cybersecurity conference in New York. In short, encryption is inherently dangerous. And the FBI boss will apparently continue to complain about encryption without offering any solutions.

  • Canonical Says It'll Release New Ubuntu Kernels to Further Mitigate Spectre Bugs

    Canonical's Dean Henrichsmeyer published today an update on the Ubuntu patches for the Meltdown and Spectre security vulnerabilities and what they plan on doing next to mitigate these critical bugs.

    By now, most of you have probably updated your Ubuntu Linux computers to the new kernel versions Canonical released earlier this week, as well as the new Nvidia proprietary graphics driver and Firefox web browser, both including patches to mitigate the Meltdown and Spectre exploits affecting billions of devices powered by modern processors from Intel, AMD, and ARM.

More in Tux Machines

What’s New in Ubuntu Budgie 18.04 LTS

Ubuntu Budgie 18.04 LTS is the latest release of Ubuntu budgie. As part of Ubuntu 18.04 flavor this release ships with latest Budgie desktop 10.4 as default desktop environment. Powered by Linux 4.15 kernel and shipping with the same internals as Ubuntu 18.04 LTS (Bionic Beaver), the Ubuntu Budgie 18.04 LTS official flavor will be supported for 3 years, until April 2021. Prominent new features include support for adding OpenVNC connections through the NetworkManager applet, better font handling for Chinese and Korean languages, improved keyboard shortcuts, color emoji support for GNOME Characters and other GNOME apps, as well as window-shuffler capability. Ubuntu Budgie 18.04 LTS also ships with a new exciting GTK+ theme by default called Pocillo, support for dynamic workspaces, as well as a “minimal installation” option in the graphical installer that lets users install Ubuntu Budgie with only the Chromium web browser and a handful of basic system utilities. Read more

Red Hat: Boston, US Government, OpenShift Route, VirtualBox and More

  • BU Spark! teams up with Red Hat, hosts software design workshop
    Students traveled across Boston to its Fort Point neighborhood to attend a BU Spark! workshop about interaction design Friday. There they delved into interaction design and explored how to develop user-friendly software. BU Spark! and Red Hat Inc. hosted the Interaction Design Bootcamp jointly at Red Hat’s Boston office. BU students and Spark! Interaction design fellows attended. Red Hat is a software company that specializes in information technology and has a research relationship with Boston University that includes educational elements. The programs taught by Red Hat focus on user experience design, one of Red Hat’s specializations, according to their website.
  • Open source can spark innovative business transformation in government, Red Hat leaders say
    The federal government, largely hamstrung by legacy systems, is in need of a major digital transformation. Open source technology can be the spark that sets off that revolution, leaders from open-source software company Red Hat said Tuesday. “The types of technologies that you choose matter,” said Mike Walker, global director of Open Innovation Labs at Red Hat. “It will influence the way your business operates and open new doors to new business process, and ultimately allow you to become a software company that can achieve some of those innovations and reductions in cost and time.”
  • Kubernetes Ingress vs OpenShift Route
    Although pods and services have their own IP addresses on Kubernetes, these IP addresses are only reachable within the Kubernetes cluster and not accessible to the outside clients. The Ingress object in Kubernetes, although still in beta, is designed to signal the Kubernetes platform that a certain service needs to be accessible to the outside world and it contains the configuration needed such as an externally-reachable URL, SSL, and more. Creating an ingress object should not have any effects on its own and requires an ingress controller on the Kubernetes platform in order to fulfill the configurations defined by the ingress object. Here at Red Hat, we saw the need for enabling external access to services before the introduction of ingress objects in Kubernetes, and created a concept called Route for the same purpose (with additional capabilities such as splitting traffic between multiple backends, sticky sessions, etc). Red Hat is one of the top contributors to the Kubernetes community and contributed the design principles behind Routes to the community which heavily influenced the Ingress design.
  • VirtualBox DRM/KMS Driver Proceeding With Atomic Mode-Setting Support
    The "vboxvideo" DRM/KMS driver for use by VirtualBox guest virtual machines that has been part of the mainline Linux kernel the past several cycles will soon see atomic mode-setting support. Hans de Goede of Red Hat, who has been stewarding this driver into the Linux kernel after Oracle has failed to do so, is tackling the atomic mode-setting as his latest advancement to this driver important for a VirtualBox desktop VM experience. Published today were initial patches preparing the move to atomic mode-setting but not yet the full migration to this modern display API that offers numerous benefits.
  • A Roadblock Ahead? – Red Hat, Inc. (RHT), Ingersoll-Rand Plc (IR)
  • Red Hat Shares Have Even Upside-Downside Profile, JPMorgan Says In Downgrade
  • Earnings Preview: Red Hat poised to deliver earnings growth for Q2
  • J.P. Morgan Securities Slams Red Hat Stock With Downgrade Before Earnings
  • Red Hat Inc. (RHT) Moves Lower on Volume Spike for September 18

IBM Looking to Distract From Recent Reports That it Helped Police Racially Profile the Public (by Openwashing)

Linux, the Linux Foundation and Graphics

  • Linux Patches Surface For Supporting The Creative Sound BlasterX AE-5
    Last year Creative Labs introduced the Sound BlasterX AE-5 PCI Express gaming sound card while finally there are some patches pending for supporting this high-end sound card in Linux. Connor McAdams who most recently got the Creative Recon3D support into good shape on Linux has now been working on getting the Sound BlasterX AE-5 working well on Linux.
  • Blockchain Training Takes Off
    Meanwhile, job postings related to blockchain and Hyperledger are taking off, and knowledge in these areas is translating into opportunity. Careers website Glassdoor lists thousands of job posts related to blockchain.
  • AMD Picasso Support Comes To The RadeonSI OpenGL Driver
    Last week AMD sent out initial support for yet-to-be-released "Picasso" APUs with the Linux AMDGPU kernel graphics driver. Today on the user-space side the support was merged for the OpenGL RadeonSI Gallium3D driver. Picasso details are still fairly light but they are expected to be similar to Raven Ridge and for the AM4 processor socket as well as an edition for notebooks. On the same day as publishing the Picasso AMDGPU kernel patches, AMD also went ahead and published the Linux patches for the "Raven 2" APUs too.
  • The GeForce RTX 2080 Ti Arrives For Linux Benchmarking
    It looks like NVIDIA has their launch-day Linux support in order for the GeForce RTX 2080 "Turing" graphics cards slated to ship later this week as arriving today at Phoronix was the RTX 2080 Ti. The GeForce RTX 2080 Ti is NVIDIA's new flagship desktop GPU with the Turing GPU architecture, 4352 CUDA cores, a 1635MHz boost clock speed rating for this Founder's Edition model, 11GB of GDDR6 video memory yielding a 616 GB/s memory bandwidth rating, and designed to suit real-time ray-tracing workloads with their RTX technology. Pricing on the RTX 2080 Ti Founder's Edition is $1,199 USD. Last week NVIDIA published more details on the Turing architecture for those interested as well as on the new mesh shader capability.