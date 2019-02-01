Security: Mozilla's Fear of Back Doors From 'Insider Threat', 'Binary Linux Trojan' and 'Addressing Security Issues on Linux Home Computers'
-
Mozilla Says Australia's Compelled Access Law Could Turn Staff There Into 'Insider Threats'
What's true for Mozilla, is true for every foreign software company: in order to protect the integrity of their code, they would be forced to regard every Australian coder as a security risk, and downgrade their access to the code accordingly. The difficulties of managing that kind of situation will probably force software companies to pull out of Australia completely. It will also have a big impact on the trustworthiness of any code produced in the country. In fact, that's already a problem, as another submission to the Parliamentary Joint Committee makes clear. It comes from one of the leading Australian software companies, FastMail, which provides hosted email services to 40,000 companies around the world. It says that "we have seen existing customers leave, and potential customers go elsewhere, citing this bill as the reason for their choice." Like Mozilla, FastMail is worried about the impossible position of employees (pdf), who may be coerced by the Australian authorities into weakening the company's code:
-
Binary Linux Trojan [Ed: The tricky part is tricking users to actually install this malicious binary blob on their system/s]
In order to demonstrate that client side attacks and trojans are not exclusive to the Windows world, we will package a Metasploit payload in with an Ubuntu deb package to give us a shell on Linux.
-
Addressing Security Issues on Linux Home Computers
Linux is known for being a safe and secure operating system, but it's not impervious to attacks. As Linux gains more market share and becomes an option that large companies choose for their systems, malware creators turn their attention to creating code that can compromise this operating system. People relying on Linux for their home computers should be aware of the best practices that can protect them from malicious applications and other security issues.
-
The policy is, once a first pacman -Syu becomes a major update, it is time for a new ISO so new users are not faced with a difficult first update. Major updates included a move to Python 3.7 (3.7.2), Readline 8.0.0, Glib2 2.58.3, Qt 5.12.1, PHP 7.2 besides the usual full Frameworks, Plasma & KDE Applications replacements, so most systems will see 70-80% of their install replaced by new packages so a new ISO is more than due. Plasma 5.15 is included in this ISO. Highlights of this version include changes to the configuration interfaces, including more options for complex network configurations, integration with third-party technologies like GTK, Wayland now supports virtual desktops, and Firefox 64 can now optionally use native KDE open/save dialogs.
