Language Selection

English French German Italian Portuguese Spanish

Security: Windows Ransomware, Cortana Holes, Google Play Protect and More

Filed under
Security
  • The worst types of ransomware attacks
  • Patched Cortana Bug Let Hackers Change Your Password From the Lock Screen
  • What is Google Play Protect and How Does it Keep Android Secure?
  • ​Another day, another Intel CPU security hole: Lazy State

    Once upon a time, when we worried about security, we worried about our software. These days, it's our hardware, our CPUs, with problems like Meltdown and Spectre, which are out to get us. The latest Intel revelation, Lazy FP state restore, can theoretically pull data from your programs, including encryption software, from your computer regardless of your operating system.

    Like its forebears, this is a speculative execution vulnerability. In an interview, Red Hat Computer Architect Jon Masters explained: "It affects Intel designs similar to variant 3-a of the previous stuff, but it's NOT Meltdown." Still, "It allows the floating point registers to be leaked from another process, but alas that means the same registers as used for crypto, etc." Lazy State does not affect AMD processors.

  • Eric S. Raymond on Keeping the Bazaar Secure and Functional
  • Purple testing and chaos engineering in security experimentation

    The way we use technology to construct products and services is constantly evolving, at a rate that is difficult to comprehend. Regrettably, the predominant approach used to secure design methodology is preventative, which means we are designing stateful security in a stateless world. The way we design, implement, and instrument security has not kept pace with modern product engineering techniques such as continuous delivery and complex distributed systems. We typically design security controls for Day Zero of a production release, failing to evolve the state of our controls from Day 1 to Day (N).

    This problem is also rooted in the lack of feedback loops between modern software-based architectures and security controls. Iterative build practices constantly push product updates, creating immutable environments and applying complex blue-green deployments and dependencies on ever-changing third-party microservices. As a result, modern products and services are changing every day, even as security drifts into the unknown.

More in Tux Machines

Samsung Linux on DeX beta hands-on: do almost everything on your phone

Among the various Linux on Android implementations, Samsung’s Linux on DeX definitely looks the most polished ready to use solution, even if it’s still in beta form. Although it uses a two-year-old version of Ubuntu, there is already a lot that can be done from that. Plus, just like Android users, Linux users can be pretty creative and only time will tell if they’ll be able to use Linux on DeX to make almost any Linux distro work. Read more

Android Leftovers

A Look At The GCC 9 Performance On Intel Skylake Against GCC 8, LLVM Clang 7/8

With GCC 9 embarking upon its third stage of development where the focus ships to working on bug/regression fixes in preparation for releasing the GCC 9.1 stable compiler likely around the end of Q1'2019, here is a fresh look at the GCC 9 performance with its latest development code as of this week compared to GCC 8.2.0 stable while using an Intel Core i9 7980XE test system running Ubuntu Linux. For good measure are also fresh results from LLVM Clang 7.0 stable as well as LLVM Clang 8.0 SVN for the latest development state of that competing C/C++ open-source compiler. Read more

This under-$6 SBC runs Linux on RISC-V based C-SKY chip

Hangzhou C-SKY has launched a “C-SKY Linux Development Board” for $5.60 and up, featuring a RISC-V derived, 574MHz C-SKY GX6605S CK610M SoC, 64MB DDR2, an HDMI port, and 2x USB 2.0 ports. Last month, Hangzhou C-SKY Microsystems Co. announced Linux 4.20~5.0 kernel support for its new RISC-V based C-SKY CK810 SoC design. Now, Hangzhou C-SKY has launched a development board that runs Linux on a similar CK610M SoC. The C-SKY Linux Development Board sells for 39-40 Yuan ($5.60 to $7.05) on Taobao and $19.50 to $21.50 on AliExpress. Read more