Security: Windows Ransomware, Cortana Holes, Google Play Protect and More

-
The worst types of ransomware attacks
-
Patched Cortana Bug Let Hackers Change Your Password From the Lock Screen
-
What is Google Play Protect and How Does it Keep Android Secure?
-
Another day, another Intel CPU security hole: Lazy State
Once upon a time, when we worried about security, we worried about our software. These days, it's our hardware, our CPUs, with problems like Meltdown and Spectre, which are out to get us. The latest Intel revelation, Lazy FP state restore, can theoretically pull data from your programs, including encryption software, from your computer regardless of your operating system.
Like its forebears, this is a speculative execution vulnerability. In an interview, Red Hat Computer Architect Jon Masters explained: "It affects Intel designs similar to variant 3-a of the previous stuff, but it's NOT Meltdown." Still, "It allows the floating point registers to be leaked from another process, but alas that means the same registers as used for crypto, etc." Lazy State does not affect AMD processors.
-
Eric S. Raymond on Keeping the Bazaar Secure and Functional
-
Purple testing and chaos engineering in security experimentation
The way we use technology to construct products and services is constantly evolving, at a rate that is difficult to comprehend. Regrettably, the predominant approach used to secure design methodology is preventative, which means we are designing stateful security in a stateless world. The way we design, implement, and instrument security has not kept pace with modern product engineering techniques such as continuous delivery and complex distributed systems. We typically design security controls for Day Zero of a production release, failing to evolve the state of our controls from Day 1 to Day (N).
This problem is also rooted in the lack of feedback loops between modern software-based architectures and security controls. Iterative build practices constantly push product updates, creating immutable environments and applying complex blue-green deployments and dependencies on ever-changing third-party microservices. As a result, modern products and services are changing every day, even as security drifts into the unknown.
-
- Login or register to post comments
Printer-friendly version
- 3307 reads
PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Voters Choose Two New Board Members and One Incumbent to openSUSE Board
Out of 446 eligible voters, 46 more openSUSE Members than last elections, only 231 — 6 fewer than last elections — chose to cast their votes, leaving last spring’s elections holding the record both for most ballots cast and largest percentage of Members who took enough interest in openSUSE to take the time to cast their votes.
Incumbent Christian Boltz aka cboltz garnered the most votes with a total of 141 votes — more than half of those who voted — confirming the Community’s confidence in him. He was followed closely by Marina Latini aka deneb_alpha with 119 votes — also more than half of the active voters — and Dr. Axel Braun aka DocB with 104 votes, almost half.
As incumbent, Christian is already sitting on the Board and will continue his duties for his second two-year term. Marina and Axel are expected to join him and take their seats for their first two-year terms sometime within the next couple of weeks.
| Wayland's Weston 6.0 To Support XDG-Shell Stable, Helping Apps Like MPV Video Player
While the current Wayland/Weston release cycle is a bit behind schedule, it has allowed time for another addition to be made to the Weston 6.0 compositor.
Weston 6.0 now has support for the XDG-Shell stable protocol where as previously it only exposed the XDG-Shell v6 unstable protocol. The two versions of the XDG-Shell protocol are quite close so it wasn't much work involved, but newer Wayland-supported apps like the MPV video player are explicitly looking for the stable version of the protocol.
|
Latte bug fix release v0.8.6
Latte Dock v0.8.6 has been released containing important fixes and improvements!
| What’s New in Linux Mint 19.1 Xfce EditionLinux Mint 19.1 XFCE is the latest release of Linux Mint 19.1 that uses lightweight Xfce desktop environment 4.12. It comes with updated software and brings refinements and many new features to make your desktop experience more comfortable.
The Update Manager is able to list mainline kernels and to show their support status. The Software Sources tool was given a new look. Similar to the welcome screen, it’s now using an Xapp sidebar and a headerbar. The Language Settings and the Input Methods are now two separate applications and the user interface for the Input Methods tool was revamped. It uses an icon sidebar and now shows a dedicated page for each supported language.
Based on Ubuntu 18.04.1 LTS an powered by Linux Kernel 4.19, Linux Mint 19.1 Xfce edition also include pre-installed applications Thunar File Manager 1.6.15, Mozilla Firefox 65, Archive Manager 3.28, Gnome Disk 3.28, Hexchat 2.14, Thundebird 60, GIMP 2.8, Transmission Torrent Client 2.92, Rythmbox Music Manager 3.4.2, VLC Player 3.0.4, Xfce Dictionary 0.8, Libre Office Suite 6.0.6, Xfce Terminal 0.8, GNOME Fonts 3.28, Synaptic package Manager 0.84.
|
Recent comments
1 hour 35 min ago
1 hour 39 min ago
3 hours 41 min ago
3 hours 43 min ago
3 hours 54 min ago
4 hours 28 min ago
13 hours 56 min ago
22 hours 16 min ago
1 day 15 hours ago
1 day 15 hours ago