Language Selection

English French German Italian Portuguese Spanish

Security: Permissions, Misconfigured ADB, and Microsoft Neglect

Filed under
Security
  • Work a command-line interface in Linux with these permissions and prompts

    The command-line interface is an integral part of the Linux management environment. With sudo permissions and remote connectivity, working with a command line is easy.

  • Android Devices With Misconfigured ADB, a Ripe Target for Cryptojacking Malware

    Poorly configured Android devices, where the Android Debug Bridge is left enabled, have become an attractive target for hackers. According to researchers, adversaries are using the common misconfiguration to install cryptojacking malware on a wide selection of Android-based IoT devices ranging from maritime computer systems, TVs, DVRs and some mobile phone models.

    Android Debug Bridge (ADB) is an Android OS developer function that, when enabled, allows remote users to access a Unix shell to conduct command line device maintenance. According to researcher Kevin Beaumont, thousands of Android type devices ship with ADB enabled, allowing hackers to remotely access them.

  • Microsoft reveals which Windows bugs it might decide not to fix

    The Register sometimes hears from security researchers who feel that Microsoft has not responded to bug reports with appropriate haste. This document and its eventual finalised successor should help to explain such incidents to researchers. It’s also of interest to end-users because by explaining bugs that Microsoft won’t rush to fix it offers some more detail about the risks that come with running Windows.

More in Tux Machines

Total War: WARHAMMER

Red Hat changes its open-source licensing rules

From outside programming circles, software licensing may not seem important. In open-source, though, licensing is all important. So, when leading Linux company Red Hat announces that -- from here on out -- all new Red Hat-initiated open-source projects that use the GNU General Public License(GPLv2) or GNU Lesser General Public License (LGPL)v2.1 licenses will be expected to supplement the license with GPL version 3 (GPLv3)'s cure commitment language, it's a big deal. Read more

Android Leftovers

Gentoo-Based Porteus Kiosk 4.7 Brings More Mitigations Against Spectre Flaws

Powered by the long-term supported Linux 4.14.50 kernel, Porteus Kiosk 4.7.0 is the second release of the operating system in 2018 and comes five months after version 4.6 to introduce more mitigations against the Spectre security vulnerabilities, though the next-gen Spectre flaws require microcode firmware updates for Intel CPUs. "Newly discovered "Spectre Next Generation" vulnerabilities require updated microcode from Intel which is not available yet. Please consider enabling automatic updates service for your kiosks to receive latest fixes and patches as soon as they become available," reads today's announcement. Read more