Language Selection

English French German Italian Portuguese Spanish

Security: DHCP, System Updates, and Ubuntu Blobs Store

Filed under
Security
  • Protect your Fedora system against this DHCP flaw

    A critical security vulnerability was discovered and disclosed earlier today in dhcp-client. This DHCP flaw carries a high risk to your system and data, especially if you use untrusted networks such as a WiFi access point you don’t own. Read more here for how to protect your Fedora system.

    Dynamic Host Control Protocol (DHCP) allows your system to get configuration from a network it joins. Your system will make a request for DHCP data, and typically a server such as a router answers. The server provides the necessary data for your system to configure itself. This is how, for instance, your system configures itself properly for networking when it joins a wireless network.

    However, an attacker on the local network may be able to exploit this vulnerability. Using a flaw in a dhcp-client script that runs under NetworkManager, the attacker may be able to run arbitrary commands with root privileges on your system. This DHCP flaw puts your system and your data at high risk. The flaw has been assigned CVE-2018-1111 and has a Bugzilla tracking bug.

  • Security updates for Tuesday
  • Potentially Malicious Bytecoin Miner Removed from the Ubuntu Snap Store
  • Canonical on trust and security in the Snap Store

    Here's a posting from Canonical concerning the cryptocurrency-mining app that was discovered in its Snap Store.

  • Canonical finds hidden crypto-miners in the Linux Snap app store

    Last Friday, Canonical, the developer of the popular Ubuntu operating system and owner of the Snapcraft app store, spotted one application surreptitiously mining cryptocurrencies in the background.

More in Tux Machines

Software: DICOM Viewers, gotop and Cockpit

  • Top 11 Free Linux DICOM Viewers for Doctors
    DICOM stands for Digital Imaging and Communications in Medicine and it is the international open image format for handling, storing, printing, and transmitting information in medical images. Medical images are used in the identification and examination of physical injuries and diseases via procedures like Xrays, CT scans, etc. This article lists the best free Linux applications used for processing images generated by DICOM devices.
  • gotop: Graphical System Monitor For The Command Line
    gotop is a terminal-based (TUI) system monitor for Linux and macOS. The software is inspired by gtop and vtop, but while these 2 utilities use Node.js, gotop is written in Go. The command line tool supports mouse clicking and scrolling, comes with vi-keys, and it displays the CPU, memory and network usage history using colored graphs, while also displaying their current values. gotop also shows the disk usage, temperatures and a top process list, which includes CPU and memory usage.
  • Cockpit 186
    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 186.

Netrunner's Unique Blackbird Soars to New Heights

Blackbird, Netrunner's version 19.01 release, hit the download servers on Jan. 14, and this distro deserves to be considered bleeding-edge. Netrunner is a step ahead of other KDE distros, thanks to its solid integration of classic KDE desktop performance with Web-based applications and cloud services. That said, if you aren't fondness of the K Desktop, Netrunner may leave you wanting more desktop simplicity. For that you must look elsewhere. KDE is the only desktop available from the Germany-based Blue Systems development team. Blackbird is based on Debian's "Testing" branch. Its developer brings some aggressive updates to the distro that propel it ahead of other distros' regular development cycles. The main updates include KDE Plasma 5.14.3, KDE Frameworks 5.51, KDE Applications 18.08 and Qt 5.11.3 for its essential security updates. Linux Kernel 4.19, Firefox Quantum 64.0 and Thunderbird 60.3 push the envelope as well. One of the more noticeable new features in Blackbird is its new Netrunner Black theme. This theme is based on a dark-toned contrasting visual. It uses the Kvantum theme engine, plus the Alpha-Black Plasma theme, to produce a more 3D-looking design. Read more

Mozilla Masking 'Content', ffsend and New Accountant or Chief Financial Officer (CFO)

  • Mozilla Open Policy & Advocacy Blog: Brussels Mozilla Mornings – Disinformation and online advertising: an unhealthy relationship?
    On the morning of 19 February, Mozilla will host the second of our Mozilla Mornings series – regular breakfast meetings where we bring together policy experts, policymakers and practitioners for insight and discussion on the latest EU digital policy developments. This session will be devoted to disinformation and online advertising. Our expert panel will seek to unpack the relation between the two and explore policy solutions to ensure a healthy online advertising ecosystem.
  • ffsend – Easily And Securely Share Files From Linux Command Line Using Firefox Send Client
    Linux users were preferred to go with scp or rsync for files or folders copy. However, so many new options are coming to Linux because it’s a opensource. Anyone can develop a secure software for Linux. We had written multiple articles in our site in the past about this topic. Even, today we are going to discuss the same kind of topic called ffsend.
  • Welcome Roxi Wen, our incoming Chief Financial Officer
    I am excited to announce that Roxi Wen is joining Mozilla Corporation as our Chief Financial Officer (CFO) next month. As a wholly-owned subsidiary of the non-profit Mozilla Foundation, the Mozilla Corporation, with over 1,000 full-time employees worldwide, creates products, advances public policy and explores new technology that give people more control over their lives online, and shapes the future of the global internet platform for the public good. As our CFO Roxi will become a key member of our senior executive team with responsibility for leading financial operations and strategy as we scale our mission impact with new and existing products, technology and business models to better serve our users and advance our agenda for a healthier internet.

Security: apt/apt-get, Blockchains and More