Security: Updates, Cmd, Supermicro, Reproducible Builds and Qualcomm Binary Blobs
-
Security updates for Tuesday
-
Linux security: Cmd provides visibility, control over user activity
-
Supermicro hardware weaknesses let researchers backdoor an IBM cloud server
In short, BMCs are motherboard-attached microcontrollers that give extraordinary control over servers inside datacenters. Using the Intelligent Platform Management Interface, admins can reinstall operating systems, install or modify apps, and make configuration changes to large numbers of servers, without physically being on premises and, in many cases, without the servers being turned on. In 2013, researchers warned that BMCs that came preinstalled in servers from Dell, HP, and other name-brand manufacturers were so poorly secured that they gave attackers a stealthy and convenient way to take over entire fleets of servers inside datacenters.
Researchers at security firm Eclypsium on Tuesday plan to publish a paper about how BMC vulnerabilities threaten a premium cloud service provided by IBM and possibly other providers. The premium service is known as bare-metal cloud computing, an option offered to customers who want to store especially sensitive data but don't want it to intermingle on the same servers other customers are using. The premium lets customers buy exclusive access to dedicated physical servers for as long as needed and, when the servers are no longer needed, return them to the cloud provider. The provider, in theory, wipes the servers clean so they can be safely used by another bare-metal customer.
-
Reproducible builds folks: Reproducible Builds: Weekly report #200
Holger Levsen submitted the Reproducible Builds project to the May/August 2019 round of Outreachy. Outreachy provides internships to work free software. Internships are open to applicants around the world, working remotely and are not required to move. Interns are paid a stipend of $5,500 for the three month internship and have an additional $500 travel stipend to attend conferences/events. So far, we received more than ten initial requests from candidates. The closing date for applicants is April 2nd. More information is available on the application page.
-
Ubuntu Touch OTA-8 Won't Move To Mir 1.1 + Unity 8 Due To Qualcomm Binary Blob Issues
The Ubuntu Touch community team has put out their latest questions/answers about this effort continuing to let the Ubuntu effort live on for mobile devices like the Nexus and other hardware as well as looking ahead to get this mobile operating system running on the likes of Librem 5 and Pine64 phones.
-
- Login or register to post comments
- Printer-friendly version
- 630 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Security: 4G and 5G, ETS (or eTLS) and the Latest FUD
Raspberry Pi and Webmin offer easy Unix administration
Server administrators looking for an easy way to update and access systems remotely using a web interface may be interested in a tutorial created by developer Mehedi Shakeel and currently published the Hackster.io website. Check out the video below to learn more about how you can create your very own Webmin powered administration system complete with web browser interface and all run using the Raspberry Pi mini PC. For those of you not familiar with Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more. Also: Webmin System Administration Web Interface for Raspberry Pi
mesa 19.0.0-rc6
Hi List, Sorry for the short summary, it took me longer to get the release ready than normal and I'm running a bit short on time. Mesa 19.0.0-rc6 is now available for your general consumption. Lots and lots in this release candidate, mostly Intel, AMD, and NIR changes, but with a few other things thrown in for good measure. The list of opened bugs blocking the 19.0 release is starting to get small, and several more bugs should be closed soon, so I'm hoping that this will be the last rc for 19.0 and the release can happen next week. Dylan Also: Mesa 19.0-RC6 Released With Many Intel & Radeon Fixes
Graphics: X.Org Server 1.20.4 and AMD Work
Recent comments
3 min 16 sec ago
35 min 10 sec ago
36 min 23 sec ago
38 min 33 sec ago
4 hours 48 min ago
5 hours 32 min ago
12 hours 58 min ago
13 hours 3 min ago
13 hours 7 min ago
14 hours 10 min ago