Language Selection

English French German Italian Portuguese Spanish

Security: Updates, GNU/Linux, Spectre and DRM

Filed under
Security
  • Security updates for Wednesday
  • Another Linux distro poisoned with malware

    Last time it was Gentoo, a hard-core, source-based Linux distribution that is popular with techies who like to spend hours tweaking their entire operating sytem and rebuilding all their software from scratch to wring a few percentage points of performance out of it.

  • Arch Linux AUR packages found to be laced with malware

    Three Arch Linux packages have been pulled from AUR (Arch User Repository) after they were discovered to contain malware. The PDF viewer acroread and two other packages that are yet to be named were taken over by a malicious user after they were abandoned by their original authors.

  • ​The return of Spectre

    The return of Spectre sounds like the next James Bond movie, but it's really the discovery of two new Spectre-style CPU attacks.

    Vladimir Kiriansky, a Ph.D. candidate at MIT, and independent researcher Carl Waldspurger found the latest two security holes. They have since published a MIT paper, Speculative Buffer Overflows: Attacks and Defenses, which go over these bugs in great detail. Together, these problems are called "speculative execution side-channel attacks."

    These discoveries can't really come as a surprise. Spectre and Meltdown are a new class of security holes. They're deeply embedded in the fundamental design of recent generations of processors. To go faster, modern chips use a combination of pipelining, out-of-order execution, branch prediction, and speculative execution to run the next branch of a program before it's called on. This way, no time is wasted if your application goes down that path. Unfortunately, Spectre and Meltdown has shown the chip makers' implementations used to maximize performance have fundamental security flaws.

  • Mercury Security Introduces New Linux Intelligent Controller Line

    Mercury Security, a leader in OEM access control hardware and part of HID Global, announces the launch of its next-generation LP intelligent controller platform built on the Linux operating system.

    The new controllers are said to offer advanced security and performance, plus extensive support for third-party applications and integrations. The controllers are based on an identical form factor that enables seamless upgrades for existing Mercury-based deployments, according to the company.

  • Latest Denuvo Version Cracked Again By One Solo Hacker On A Personal Mission

    Denuvo is... look, just go read this trove of backlinks, because I've written far too many of these intros to be able to come up with one that is even remotely original. Rather than plagiarize myself, let me just assume that most of you know that Denuvo is a DRM that was once thought to be invincible but has since been broken in every iteration developed, with cracking times often now down to days and hours rather than weeks or months. Key in this post is that much if not most of the work cracking Denuvo has been done by a single person going by the handle Voksi. Voksi is notable not only for their nearly singlehandedly torpedoing the once-daunting Denuvo DRM, but also for their devotion to the gaming industry and developers that do things the right way, even going so far as to help them succeed.

    Well, Voksi is back in the news again, having once again defeated the latest build of Denuvo DRM.

  • Latest Denuvo Anti-Piracy Protection Falls, Cracker ‘Voksi’ On Fire

    The latest variant of the infamous Denuvo anti-piracy system has fallen. Rising crack star Voksi is again the man behind the wheel, defeating protection on both Puyo Puyo Tetris and Injustice 2. The Bulgarian coder doesn't want to share too many of his secrets but informs TorrentFreak that he won't stop until Denuvo is a thing of the past, which he hopes will be sooner rather than later.

More in Tux Machines

Linux Kernel: EROFS, Heterogeneous Memory Management, Getting Involved, 4.20-rc3, and DRM ('Secure Output Protocol')

  • There Is Finally A User-Space Utility To Make EROFS Linux File-Systems
    Back when Huawei introduced the EROFS Linux file-system earlier this year, there wasn't any open-source user-space utility for actually making EROFS file-systems. Even when EROFS was merged into the mainline tree, the user-space utility was still non-existent but now that issue has been rectified.
  • The State Of Heterogeneous Memory Management At The End Of 2018
    Heterogeneous Memory Management is the effort going on for more than four years that was finally merged to the mainline Linux kernel last year but is still working on adding additional features and improvements. HMM is what allows for allowing the mirroring of process address spaces, system memory to be transparently used by any device process, and other functionality for GPU computing as well as other device/driver purposes. Jerome Glisse at Red Hat who has spearheaded Heterogeneous Memory Management from the start presented at last week's Linux Plumbers Conference on this unified memory solution.
  • An attempt to create a local Kernel community
    Now I am close to complete one year of Linux Kernel, and one question still bugs me: why does it have to be so hard for someone in a similar condition to become part of this world? I realized that I had great support from many people (especially from my sweet and calm wife) and I also pushed myself very hard. Now, I feel that it is time to start giving back something to society; as a result, I began to promote some small events about free software in the university and the city I live. However, my main project related to this started around two months ago with six undergraduate students at the University of Sao Paulo, IME [3]. My plan is simple: train all of these six students to contribute to the Linux Kernel with the intention to help them to create a local group of Kernel developers. I am excited about this project! I noticed that within a few weeks of mentoring the students they already learned lots of things, and in a few days, they will send out their contributions to the Kernel. I want to write a new post about that in December 2018, reporting the results of this new tiny project and the summary of this one year of Linux Kernel. See you soon :)
  • Feral Interactive Announces Total War: WARHAMMER II to Be Released for Linux Tomorrow, Uber Joined The Linux Foundation, Security Bug Discovered in Instagram, Fedora Taking Submissions for Supplemental Wallpapers and Kernel 4.20-rc3 Is Out
    Linux kernel 4.20-rc3 is out. Linus says the only unusual thing was his travel and that the changes "are pretty tiny".
  • Wayland Secure Output Protocol Proposed For Upstream - HDCP-Like Behavior
    Collabora developer Scott Anderson sent out a "request for comments" patch series that would add a Secure Output Protocol to the Wayland space. The Secure Output Protocol is for allowing a Wayland client to tell the compositor to only display if it's going to a "secure" output, such as for HDCP-like (High-bandwidth Digital Content Protection) configurations, but there is no mandate at the protocol level about what is the definition of secure -- if anything. This does not impose any DRM per se by Wayland but is mostly intended for set-top-boxes and other closed systems where a Wayland client can reasonably trust the compositor. The Wayland Secure Output Protocol is based upon the work done by Google on their Chromium Wayland code.

more of today's howtos

Best Linux Desktop Environments: Strong and Stable

A desktop environment is a collection of disparate components that integrate together. They bundle these components to provide a common graphical user interface with elements such as icons, toolbars, wallpapers, and desktop widgets. Additionally, most desktop environments include a set of integrated applications and utilities. Desktop environments (now abbreviated as DE) provide their own window manager, system software that controls the placement and appearance of windows within a windowing system. They also provide a file manager which organizes, lists, and locates files and directories. Other aspects include a background provider, a panel to provide a menu and display information, as well as a setting/configuration manager to customize the environment. Ultimately, a DE is a piece of software. While they are more complicated than most other types of software, they are installed in the same way. Read more

KDE neon upgrade - From 16.04 to 18.04

I am quite happy with the KDE neon upgrade, going from the 16.04 to the 18.04 base. I think it's good on several levels, including improved hardware support and even slightly better performance. Plus there were no crashes or regressions of any kind, always a bonus. This means that neon users now have a fresh span of time to enjoy their non-distro distro, even though it's not really committing to any hard dates, so the LTS is also only sort of LTS in that sense. It's quite metaphysical. On a slightly more serious note, this upgrade was a good, positive experience. I semi-accidentally tried to ruin it, but the system recovered remarkably, the post-upgrade results are all sweet, and you have a beautiful, fast Plasma desktop, replete with applications and dope looks and whatnot. I'm happy, and we shall bottle that emotion for when the need arises, and in the Linux world it does happen often, I shall have an elixir of rejuvenation to sip upon. KDE neon, a surprisingly refined non-distro distro. Read more