Language Selection

English French German Italian Portuguese Spanish

Security: Firewalld, NSA, WPA, Supply-chain Attacks and Facebook

Filed under
Security
  • Firewalld: The Future is nftables

    Firewalld, the default firewall management tool in Red Hat Enterprise Linux and Fedora, has gained long sought support for nftables. This was announced in detail on firewalld’s project blog. The feature landed in the firewalld 0.6.0 release as the new default firewall backend.

  • How SELinux helps mitigate risk while facilitating compliance

    Many of our customers are required to meet a variety of regulatory requirements. Red Hat Enterprise Linux includes security technologies that help meet these requirements. Improving Linux security also benefits our layered products, such as Red Hat OpenShift Container Platform and Red Hat OpenStack Platform.

  • WPA3: How and why the Wi-Fi standard matters

    WPA2 has given us 14 years of secure wireless networking. WPA3 will fix a number of big problems in WPA2 and make strong security the default condition.

  • How one man could have hacked every Mac developer (73% of them, anyway)

    OK, in some ways that’s only very loosely true, when you think of all the non-Unixy stuff on top of the Darwin base layer, and we welcome your comments below to explain just how carelessly loose we have been…

    [...]

    The potential impact of a well-thought-out hack into one of the many package management ecosystems out there is a pet concern of security researcher Eric Holmes.

    Hacks against the very repositories that many of us rely upon for software updates are known in the jargon as supply-chain attacks – after all, the modern supply chain often doesn’t involve any factories, ships, trains, inventories, trucks, pallets or forklifts.

    So, Holmes decided to take a look at the supply chain for Homebrew, or Brew for short – we’re guessing he picked Brew not only because he knew it was the most popular amongst the Mac community, but also because he uses it himself.

    The results were, in a word, salutary.

  • SD Times Open-Source Project of the Week: Fizz

    In order to implement the new generation of Transport Layer Security, TLS 1.3, at Facebook, the company built a TLS library in C++ 14 called Fizz. Earlier this week, Facebook announced it was open sourcing that library.

    TLS 1.3 added several new features to make Internet traffic more secure, such as encrypting handshake methods, redesigning how secret keys are derived, and a zero round-trip connection setup.

    “We are excited to be open-sourcing Fizz to help speed up deployment of TLS 1.3 across the internet and help others make their apps and services faster and more secure,” Facebook wrote in a post.

More in Tux Machines

A Quick Look At The Windows Server vs. Linux Performance On The Threadripper 2990WX

One of the frequent requests/comments stemming from the launch-day Windows 10 vs. Linux benchmarks on the new AMD Threadripper 2990WX were questions about whether this 32-core / 64-thread processor would do better with Windows Server given Microsoft's obvious tuning of that Windows flavor to high core/thread counts... Well, here are some initial figures with Windows Server 2016 and a Windows Server 2019 preview. Given the immense interest and speculation about the Windows Server performance on the AMD Threadripper 2990WX, to see if it would give Linux better competition relative to Windows 10, I ran some initial benchmarks so far. I am still doing some more Windows vs. Linux exploration and benchmarking (a lot of other interesting tests from this new hardware) while for today are the Windows Server 2016/2019 results alongside the other operating system tests on this 2990WX system. Read more

Major Zorin OS Linux Release Is Coming This Fall Based on Ubuntu 18.04.1 LTS

Shipping with the updated HWE (Hardware Enablement) stack from the recently announced Ubuntu 16.04.5 LTS point release, which is powered by the Linux 4.15 kernel from Ubuntu 18.04 LTS (Bionic Beaver), as well as an updated X graphics stack, Zorin OS 12.4 brings all the latest software and security updates from the Ubuntu repositories, along with performance enhancements and bug fixes. "Zorin OS 12.4 introduces an updated hardware enablement stack. The newly-included Linux kernel 4.15, as well as an updated X server graphics stack," reads the release announcement. "In addition, new patches for system vulnerabilities are included in this release, so you can have the peace of mind knowing that you’re using the most secure version of Zorin OS ever." Read more

Linux Kernel 4.18 Gets First Point Release, It's Now Ready for Mass Deployments

Linux kernel 4.18 was released on Sunday, August 12, 2018, by Linus Torvalds, and it's currently the most advanced kernel series available for Linux-based operating systems. The first point release, Linux 4.18.1, is now available, which marks the Linux 4.18 kernel series as stable and ready for mass deployments. All Linux OS vendors are now urged to adopt the latest Linux 4.18 kernel series for their operating systems on supported architectures as it brings various new features, improvements, and updated drivers for better hardware support. Linux kernel 4.18.1 is now available for download from kernel.org or our software portal. Read more

Stable kernels 4.18.1, 4.17.15, 4.14.63, 4.9.120 and 4.4.148