Language Selection

English French German Italian Portuguese Spanish

Security: EFAIL Hype, Kubernetes, 'Smart' Things and More

Filed under
Security
  • Serious vulnerabilities with OpenPGP and S/MIME

    The efail.de site describes a set of vulnerabilities in the implementation of PGP and MIME that can cause the disclosure of encrypted communications, including old messages. "In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs."

  • How the Kubernetes Security Response Team Works

    The open-source Kubernetes container orchestration is an increasingly deployed platform that is now supported across all three major public cloud providers (Google, AWS and Azure) as well as enterprise private clouds.

    Container security is a big issue these days, and keeping Kubernetes secure involves multiple aspects. One of those aspects is the security of the Kubernetes code itself, which has had its share of vulnerabilities that have been reported in the past year. Among those vulnerabilities is CVE-2017-1002101, which was patched in the Kubernetes 1.10 release that became generally available on March 26.

  • Ring doorbell flaw lets others watch after password changes (updated)

    The issue, as you might guess, is that the window exists in the first place. Someone with a still-valid login could not only spy on whatever's happening, but download videos. The same incident that prompted the change also included phantom rings in the middle of the night.

  • Security Innovation Supports Open Source Community with Free Security Tools to Identify and Mitigate Software Vulnerabilities

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Audiocasts: Full Circle Weekly News, mintCast and GNU World Order

KDE: Usability & Productivity Report From Nate Graham

  • This week in Usability & Productivity, part 54
    This week in KDE’s Usability & Productivity initiative, something big landed: virtual desktop support on Wayland, accompanied by a shiny new user interface for the X11 version too. Eike Hein has been working on this literally for months and I think he deserves a round of applause! It was a truly enormous amount of work, but now we can benefit for years to come.
  • KDE Now Has Virtual Desktop Support On Wayland
    KDE landing virtual desktop support on Wayland this week is certainly quite exciting while also a new UI was added for the X11 virtual desktop support too. Some of the other KDE improvements that landed this week and relayed by Nate Graham include the digital clock widget now allowing adjustments to the date formatting, the KDE Information Center's USB devices section will now actually display all USB devices, wallpaper chooser view improvements, and various other improvements.

Screenshots/Screencasts: Robolinux 10.4 LXDE, deepin 15.9, and Parrot OS 4.5 KDE

Livepatching With Linux 5.1 To Support Atomic Replace & Cumulative Patches

With the Linux 5.1 kernel cycle that should get underway in just over one month's time, there will now be the long in development work (it's been through 15+ rounds of public code review!) for supporting atomic replace and cumulative patches. Read more