Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Reproducible Builds and Windows 'Fun'

Filed under
Security
  • Security updates for Tuesday
  • Reproducible Builds: Weekly report #164
  • PyRoMineIoT cryptojacker uses NSA exploit to spread

    Larry Trowell, principal consultant with Synopsys Software Integrity Group, said the government shares some of the blame for the NSA exploit.

    "It's in every country's interest to develop systems enabling offensive and defensive strategies to protect individuals and national services," Trowell wrote via email. "There is no fault in that. If the NSA does have some blame to share in this situation, it is for allowing secrets to be exfiltrated -- not in developing them."

    Jett said although the NSA exploit was stolen, "they didn't create the vulnerabilities that allow for the malware to exploit devices."

    "As such, you can't hold them responsible for the malware that has emerged from the EternalRomance exploit. Vendors whose products are vulnerable to EternalRomance are responsible for resolving the exploit problem," Jett wrote. "Additionally, it has been more than a year since the NSA exploits were released, and vendors have created patches. It becomes incumbent on the users to make sure they are properly patching their software and reducing the threat surface for these exploits."

  • Can Hackers Crack the Ivory Towers?

    While both researchers agreed that their colleagues would gain from incorporating hackers' discoveries into their own work, they diverged when diagnosing the source of the gulf between the two camps and, to a degree, even on the extent of the rift.

  • 6-Year-Old Malware Injects Ads, Takes Screenshots On Windows 10

    A sneaky and persistent malware has surfaced which spams Windows 10 PCs with ads and takes screenshots to eventually send it to the attackers.

    Security researchers at Bitdefender found this malware named Zacinlo which first appeared in 2012. About 90% of Zacinlo’s victims are from the US running Microsoft Windows 10. There are other victims too from Western Europe, China, and India with a small fraction running Windows 7 or 8.

More in Tux Machines

Android Leftovers

Radeon ROCm 1.9.1 vs. NVIDIA OpenCL Linux Plus RTX 2080 TensorFlow Benchmarks

Following the GeForce RTX 2080 Linux gaming benchmarks last week with now having that non-Ti variant, I carried out some fresh GPU compute benchmarks of the higher-end NVIDIA GeForce and AMD Radeon graphics cards. Here's a look at the OpenCL performance between the competing vendors plus some fresh CUDA benchmarks as well as NVIDIA GPU Cloud TensorFlow Docker benchmarks. This article provides a fresh look at the Linux GPU compute performance for NVIDIA and AMD. On the AMD side was the Linux 4.19 kernel paired with the ROCm 1.9.1 binary packages for Ubuntu 18.04 LTS. ROCm continues happily running well on the mainline kernel with the latest releases, compared to previously relying upon the out-of-tree/DKMS kernel modules for compute support on the discrete Radeon GPUS. ROCm 2.0 is still supposed to be released before year's end so there will be some fresh benchmarks coming up with that OpenCL 2.0+ implementation when the time comes. The Radeon CPUs tested were the RX Vega 56 and RX Vega 64 as well as tossing in the R9 Fury for some historical context. Read more

KDE Applications 18.12 Are Waiting for You

It's that time of the year again. Everyone is in a festive mood and excited about all the new things they're going to get. It's only natural, since it's the season of the last KDE Applications release for this year! With more than 140 issues resolved and dozens of feature improvements, KDE Applications 18.12 are now on its way to your operating system of choice. We've highlighted some changes you can look forward to. Read more Also: KDE Applications 18.12 Released With File Manager Improvements, Konsole Emoji

Nvidia unveils cheaper 4GB version of its Jetson TX2 and begins shipping its next-gen Xavier module

Nvidia announced a lower-cost 4GB version of its Linux-driven Jetson TX2 module with half the RAM and eMMC and has begun shipping its next-gen Jetson AGX Xavier. Nvidia will soon have three variants of its hexa-core Arm Jetson TX2 module: the original Jetson TX2, the more embedded, industrial temperature Jetson TX2i , and now a new Jetson TX2 4GB model. The chip designer also announced availability of its next-gen, robotics focused Jetson AGX Xavier module (see farther below). Read more