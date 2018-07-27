Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Bitwarden, Remote Spectre Exploits, Ascendance of nftables

Submitted by Roy Schestowitz on Friday 27th of July 2018 09:41:41 PM Filed under
Security
  • Security updates for Friday
  • Update: 3 months with Bitwarden

    Three months ago, I wanted to move away from LastPass — who’ve lately have been reducing support for Firefox and other platforms — to an open source password manager instead. I chose to migrate to Bitwarden and I’ve been overall happy with the decision ever since. Here are my thoughts and impressions three months on with Bitwarden.

  • Remote Spectre exploits demonstrated

    This paper from four Graz University of Technology researchers [PDF] describes a mechanism they have developed to exploit the Spectre V1 vulnerability over the net, with no local code execution required. "We show that memory access latency, in general, can be reflected in the latency of network requests. Hence, we demonstrate that it is possible for an attacker to distinguish cache hits and misses on specific cache lines remotely, by measuring and averaging over a larger number of measurements. Based on this, we implemented the first access-driven remote cache attack, a remote variant of Evict+ Reload called Thrash+Reload. Our remote Thrash+Reload attack is a significant leap forward from previous remote cache timing attacks on cryptographic algorithms. We facilitate this technique to retrofit existing Spectre attacks to our network-based scenario. This NetSpectre variant is able to leak 15 bits per hour from a vulnerable target system." Other attacks described in the paper are able to achieve higher rates.

  • The Ascendance of nftables

    iptables is the default Linux firewall and packet manipulation tool. If you’ve ever been responsible for a Linux machine (aside from an Android phone perhaps) then you’ve had to touch iptables. It works, but that’s about the best thing anyone can say about it.

    At Red Hat we’ve been working hard to replace iptables with its successor: nftables. Which has actually been around for years but for various reasons was unable to completely replace iptables. Until now.

»

More in Tux Machines

DebCamp/DebCamp18 (National Chiao Tung University)

The Microsoft Tax and Tax Authorities

GNOME's Nautilus 3.30 and GUADEC 2018 Report by Bin Li:

  • Nautilus 3.30
    It’s this time of the year again, a new Nautilus release is on its way to be delivered. This release has been increasing contributions and work done in a steady pace as it has been for the last years, which makes me happy as one of the maintainers of Nautilus. This release had around 140 major contributions (merge requests) including whole features, fixes and improvements. Against our willing, we have included more code than deleted by 3000 lines...
  • 5 Major Improvements Coming in Nautilus 3.30
    A number of major improvements are headed to Nautilus, aka Files, aka the file manager at the heart of the GNOME desktop environment. Nautilus 3.30 will feature a redesigned path bar, new toolbar options, and improve support when running on low resolution screens.
  • Bin Li: GUADEC 2018
    Backed from the fantastic GUADEC, now it’s summary time. When I flight to Malaga from Paris, an old guy with Ubuntu bag sit beside me, after a while I knew he’s Michael Hill, which I couldn’t find his photo for local news in BJGUG. It’s the GUADEC magic!! In core days I attended a lot of great talks in this year, I particularly enjoyed Benjamin Otte’s talk on “GTK4 Lightning talks”, Jonas Ådahl and Carlos Garnacho’s talk on “The infamous GNOME Shell performance”, Philip Withnall’s talk on “GLib: What’s new and what’s next?”. And after the core days, I took part in two workshops, “GitLab Workshop” by Ralf and “Flatpak Workshop” by Alexander Larsson. It’s a good chance to know the inside of flatpak, and learned how to use Gitlab CI in details. After that I attended the Video BoF, helped the video editing, and at that day I found the flowblade was removed in Debian 9 cause of dependency, and it crashed with source code, so I tried flatpak package, found it just show white blank image when I import images. I couldn’t find the fix (issue 508) at that time. So I forward to openshot, it could work at least, although it was very dis-fluency when review the video.

today's howtos

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6