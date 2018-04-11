Security Leftovers
Security updates for Friday
A new approach to security instrumentation
Quantum Mechanics Could Solve Cryptography’s Random Number Problem
Peter Bierhorst’s machine is no pinnacle of design. Nestled in the Rocky Mountains inside a facility for the National Institute of Standards and Technology, the photon-generating behemoth spans an entire building. Its lasers, mirrors, and lenses are split among three laboratories, two of them at opposite ends of the L-shaped building. The whole thing is strung together with almost 900 feet of optical fiber. “It’s a prototype system,” the mathematician explains. “Something might drift out of alignment, and the whole thing stops working. It might take a few days to figure out what went wrong.”
Fake “Have I Been Pwned” Wants Bitcoin For Not Leaking Your Passwords
Much to the concern of many users, a fake website similar to HIBP has popped up on the internet. The site claims to contain a database of over 1.4 billion compromised user accounts and associated passwords.
The Top 10 Sessions to Catch at RSA Conference 2018
RSA Conference 2018 boasts a dizzying array of security vendors in exhibit halls and industry luminaries in sessions spread out across the multiple San Francisco venues where the event will be held next week.
How to Scale Security with a Hardware Chain of Trust
CISOs are notoriously risk-averse and compliance-focused, providing policies for IT and development teams to enforce. By contrast, in the name of serving business outcomes, App Dev leaders want to eliminate DevOps friction wherever possible. What approach satisfies those conflicting demands while accomplishing the end goal: at-scale security?
How safe are apps built on Open Source? Is security traded for efficiency? [Ed: This is the anti-FOSS lobby pretending that proprietary software lacks bugs (not to mention back doors) and disguises marketing as "research"]
More Red Hat and Fedora Leftovers
Oracle's Kernel (Linux)
System 76 in Development and in Local News
DRM Drivers Get Fixes Ahead Of Linux 4.17-rc1
Following the big DRM pull request that was honored last week, David Airlie decided to send in a pre-RC1 pull request of various outstanding bug fixes against these Direct Rendering Manager drivers. While normally it's after RC1 when the bug fixes for DRM begin flowing in, a lot had already been accumulated and so their first "fixes" pull of the DRM drivers for 4.17 has now been sent over to Linus Torvalds. A lot of the fixes affect the AMDGPU DRM driver. The AMDGPU fixes include addressing the new Vega 12 support, an HDMI audio regression, DC display code fixes now that it's enabled on all supported GPUs, and various other fixes. Also: TRIM Support Is Closer To Being Merged For ZFS On Linux
