Language Selection

English French German Italian Portuguese Spanish

Security: Remote Exfiltration and Microsoft Breaking Windows Again With Broken Patches

Filed under
Security
  • New Side-Channel Attack Is Hardware Agnostic, Targets Windows & Linux, Enables Remote Exfiltration

    Recent findings on Page Cache Attacks by a research team of experts from Graz University of Technology, Boston University, NetApp, CrowdStrike, and Intel detail a first-of-its-type, hardware-agnostic (unlike Spectre & Meltdown) side-channel attack that can remotely target operating systems such as Windows and Linux and effectively exfiltrate data, bypassing security precautions. An expert with Juniper Threat Labs offers perspective. 

  • Just updated Windows 7? Can't access network shares? It isn't just you

    Microsoft has doubled down on efforts to persuade users to migrate to Windows 10 by breaking Windows 7 networking for some.

    Windows Server 2008 R2 is also affected.

    While the last few monthly updates for the soon-to-be-obsolete OSes featured a known issue affecting an "unknown" number of "problematic configurations" that require manual reinstalls of network drivers, January's monthly update seems to have upped the ante somewhat.

    2019's treat has seen some users finding their shares are now inaccessible, with RDP and other connectivity also suffering.

    The issue, which affects both the bonzer monthly roll-up (KB4480970) and the more petite Security-only update (KB4480960, which has no known issues according to Microsoft at time of writing), leaves users receiving an INVALID_HANDLE when attempting to kick off a SMB2 connection.

More in Tux Machines

End of LibrePlanet 2019

  • Questioning and Finding Purpose
    This is copied over from my spiritual blog. I'm nervous doing that, especially at a point when I'm more vulnerable than usual in the Debian community. Still, this is who I am, and I want to be proud of that rather than hide it. And Debian and the free software community are about far more than just the programs we write. So hear goes: The Libreplanet opening keynote had me in tears. It was a talk by Dr. Tarek Loubani. He described his work as an emergency physician in Gaza and how 3d printers and open hardware are helping save lives. They didn't have enough stethoscopes; that was one of the critical needs. So, they imported a 3d printer, used that to print another 3d printer, and then began iterative designs of 3d-printable stethoscopes. By the time they were done, they had a device that performed as well or better than than a commercially available model. What was amazing is that the residents of Gaza could print their own; this didn't introduce dependencies on some external organization. Instead, open/free hardware was used to help give people a sense of dignity, control of some part of their lives, and the ability to better save those who depended on them. Even more basic supplies were unavailable. The lack of tourniquets caused the death of some significant fraction of casualties in the 2014 war. The same solution—3d-printed tourniquets had an even more dramatic result. Dr. Loubani talked about how he felt powerless to change the world around him. He talked about how he felt like an insignificant ant.
  • LibrePlanet Day 2: Welcoming everyone to the world of free software
    One of the most important questions that free software is facing in the year 2019 is: how do we make the world of free software accessible to broader audiences? Vast numbers of people are using software every day -- how do we relate our message to something that is important to them, and then welcome them into our community? In order to achieve our mission, we need to invite people and get them to use, create, and proliferate ethical software, until it replaces until all technology is free. Many of the best talks at LibrePlanet 2019 echoed a message for the free software community to focus on building a culture that's respectful and encouraging for new people, respecting a wide variety of personalities and values. The first way to get people invested in the culture of free software is to make it fun, and that was the focus of the morning keynote, "Freedom is fun!", delivered by free software veteran Bdale Garbee. A prominent name in the free software world for decades, Bdale talked about how he has a habit of turning all of his hobbies into free software projects, starting with model rockets.

Python Programming: PyPy 7.1 and More

  • PyPy v7.1 released; now uses utf-8 internally for unicode strings
    The interpreters are based on much the same codebase, thus the double release. This release, coming fast on the heels of 7.0 in February, finally merges the internal refactoring of unicode representation as UTF-8. Removing the conversions from strings to unicode internally lead to a nice speed bump. We merged the utf-8 changes to the py3.5 branch (Python3.5.3) but will concentrate on 3.6 going forward. We also improved the ability to use the buffer protocol with ctype structures and arrays.
  • PyPy 7.1 As The Well Known Alternative Python Implementation
    Last month brought the release of PyPy 7.0 as the JIT-ed performance-optimized Python implementation. PyPy 7.0 brought alpha Python 3.6 support, an updated CFFI module, and other enhancements. Out now is PyPy 7.1 as its successor.
  • Python’s “else” clause for loops
  • EuroPython 2019: Presenting our conference logo for Basel
    The logo is inspired by graphical elements from the Basel Jean Tinguely Museum and Basel Rhine Swimming. It was again created by our designer Jessica Peña Moro from Simétriko, who had already helped us in previous years with the conference design.

15 Useful And Best Media Server Software For Linux

There is no doubt that Linux is multi-purpose operating systems. It has gone far from being the operating systems for system administrators or for the programmers. You can use it for many purpose. In this post, We will talk about some of the best Media server software for Linux so that you can turn your Linux to media server instantly. Read more

Video/Audio: Manjaro 18.0.4 KDE, Linux Action News, Linux Gaming News Punch and GNU World Order

  • Manjaro 18.0.4 KDE Through
    In this video, we look at Manjaro 18.0.4. Enjoy!
  • Linux Action News 98
    Is Linux gaming really being saved by Google's Stadia platform? We discuss the details and possibilities. Plus good news for KDE Connect users, Intel begins work on next-generation open source video drivers, and much more.
  • Linux Gaming News Punch - Episode 5
    The Linux Gaming News Punch - Episode 5 is here once again! Another week, another ton of news and so here's your bite-sized take at a few interesting topics for those struggling to keep up. As usual, it has a video to give your eyes as well as your ears a feast or just the plain audio to listen to on the go.
  • gnuWorldOrder_13x13