Language Selection

English French German Italian Portuguese Spanish

Security: Wireshark 3.0, Yubikey, Android TV Bug, Debian ELTS, Open Source Security Podcast and More

Filed under
Security
  • Wireshark 3.0 Released as World’s Most Popular Network Protocol Analyzer

    The Wireshark Foundation released a new major version of their widely-used network protocol analyzer software, Wireshark 3.0, for GNU/Linux, macOS, and Windows platforms.
    As its version number suggests, Wireshark 3.0 is a massive update to the world's most popular network protocol analyzer designed for network troubleshooting and analysis, software and communications protocol development, as well as education purposes, which introduces numerous new features and improvements.

    Highlights of Wireshark 3.0 include re-enablement and modernization of the IP map feature, support for the long-term supported Qt 5.12 application framework for macOS and Windows systems, initial support for using PKCS #11 tokens for RSA decryption in TLS, support for reproducible builds, and support for Swedish, Ukrainian, and Russian languages.

  • Using a Yubikey as smartcard for SSH public key authentication

    I did not like that very much. GnuPG's user interface is a disaster, and reading its documentation is a pain. Working with OpenBSD has taught me that good documentation is a must, because without that, how can you use the software safely? The documentation also shows how much the developers care. So gpg is out, at least for SSH authentication.

    However, ssh(1) has another method to talk to smartcards. It can load a PKCS#11 library that contains the functions to access the SmartCard. On OpenBSD, this library is provided by the opensc package. In turn, it needs the pcsc-lite package, that actually talks to a smartcard reader.

  • Android TV Bug May Expose Your Personal Google Photos to Other Users

    A Twitter user from India has discovered a new bug in the Android TV OS that could potentially expose personal photos of users to others that own the same Android TV device. When @wothadei tried to access his Vu Android TV through the Google Home app, he could see the linked accounts of several other individuals who owned the same television. Unfortunately, however, this is not the only bug that he has discovered.

    The Twitter user found that he could view personal photos linked to the accounts of other owners of the Android TV device on Google Photos through the Ambient Mode screensaver settings. Another Twitter user has pointed out that the problem may be solved by performing a reset and linking your Google account to the Android TV device. Quite clearly, the bug puts the privacy of several Android TV users at risk.

  • Mike Gabriel: My Work on Debian LTS/ELTS (February 2019)

    In February 2019, I have worked on the Debian LTS project for 6 hours (of originally planned 10 hours) and on the Debian ELTS project for another 6 hours as a paid contributor. The non-worked 4 LTS hours I will carry over into March 2019

  • Open Source Security Podcast: Episode 136 - How people feel is more important than being right

    Josh and Kurt talk about github blocking the Deepfakes repository. There's a far bigger discussion about how people feel, and sometimes security fails to understand that making people feel happy or safer is more important than being right.

  • March Intro | Roadmap to Securing Your Infrastructure

    March is upon us as we continue with our roadmap to securing your infrastructure. Hopefully, February’s posts reignited your passion for security. This month, we’ll discuss some topics that are typically overlooked or taken for granted. We often wear many hats in our jobs and tend to get busy, but we must stay vigilant in our efforts.

    In the information security industry, one thing we cannot do is become stagnant. The minute we let our guard down or say, “Someone else will take care of that” is the moment we relinquish control to those we have so diligently defended against.

More on Wireshark 3.0.0

  • Wireshark 3.0.0 Release Notes

    Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.

  • Wireshark 3.0.0 Open-source Network Analyzer Released: Download It Here

    If analyzing data traffic and network protocols are something you are interested in, Wireshark is the go-to tool. It’s the world’s leading cross-platform network analyzer tool that’s loved by ethical hackers and security researchers.

    Last week, the Wireshark team quietly released the all-updated Wireshark 3.0.0 with numerous user interface improvements. Additionally, to make the software lightweight, tons of legacy features and libraries have been removed.

  • Wireshark 3.0 Released With New Protocol Support, User Interface Improvements

    Quietly released last week was Wireshark 3.0, the open-source packet analyzer software formerly known as Ethereal and previously as a GTK user-interface but now exclusively Qt.

    Wireshark 3.0 features various improvements to its Qt5 user-interface while the GTK support has been removed completely, new translations/language support, a plethora of updated protocols, many new protocols supported, and various usability improvements.

Android TV Bug Exposes Private Google Photos Of Users

  • Android TV Bug Exposes Private Google Photos Of Users

    One of the perks of having an Android TV is that users can display their Google Photos albums as a screensaver when the TV is idle.

    However, a Twitter user found himself in a predicament when his Android TV started showing private photo libraries of many other users.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.