Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks

    The encryption key length negotiation process in Bluetooth BR/EDR Core v5.1 and earlier is vulnerable to packet injection by an unauthenticated, adjacent attacker that could result in information disclosure and/or escalation of privileges. This can be achieved using an attack referred to as the Key Negotiation of Bluetooth (KNOB) attack, which is when a third party forces two or more victims to agree on an encryption key with as little as one byte of entropy. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications.

  • Security updates for Thursday

    Security updates have been issued by openSUSE (irssi, ledger, libheimdal, libmediainfo, libqb, and libsass) and Slackware (mozilla).

  • Inspect PyPI event logs to audit your account's and project's security

    To help you check for security problems, PyPI is adding an advanced audit log of user actions beyond the current (existing) journal. This will, for instance, allow publishers to track all actions taken by third party services on their behalf.

More in Tux Machines

Android Leftovers

Marek’s Take: Why open source communities are critical to operators

Open source locks down standards in code and makes sure it is interoperable, Rice said. “That’s why it’s symbiotic. Standards are options but they come together because they are built on one another.”

And, similar to standards bodies, where delegates work side-by-side with competitors to develop global specifications, the same occurs in open source groups.

Read more

The infrastructure is code: A story of COBOL and Go

But what about today? With the decline of mainframes and the rise of newer and more innovative languages designed for the web and cloud, where does COBOL sit? As last week's episode of Command Line Heroes mentioned, in the late 1990s, Perl (as well as JavaScript and C++) was outpacing COBOL. And, as Perl's creator, Larry Wall stated then: "COBOL is no big deal these days since demand for COBOL seems to be trailing off, for some strange reason." Read more

Video and Audio: Neptune OS 6.0, Test and Code, GNU World Order, Coder Radio and This Week in Linux

  • Neptune OS 6.0 Run Through

    In this video, we are looking at Neptune OS 6.0. Enjoy!

  • Test and Code: 84: CircuitPython - Scott Shawcroft

    The combination of Python's ease of use and Adafruit's super cool hardware and a focus on a successful beginner experience makes learning to write code that controls hardware super fun. In this episode, Scott Shawcroft, the project lead, talks about the past, present, and future of CircuitPython, and discusses the focus on the beginner. We also discuss contributing to the project, testing CircuitPython, and many of the cool projects and hardware boards that can use CircuitPython, and Blinka, a library to allow you to use "CircuitPython APIs for non-CircuitPython versions of Python such as CPython on Linux and MicroPython," including Raspberry Pi.

  • GNU World Order 13x34
  • Absurd Abstractions | Coder Radio 371

    It’s a Coder Radio special all about abstraction. What it is, why we need it, and what to do when it leaks. Plus your feedback, Mike’s next language challenge, and a functional ruby pick.

  • KDE Apps 19.08, KNOPPIX, System76, Slackware, Huawei, EndeavourOS, Dreamcast | This Week in Linux 79

    On this episode of This Week in Linux, KDE announced their latest big release of their Application Suite with dozens of new app updates. We got some Distro news to talk about with KNOPPIX, Slackware, EndeavourOS and Neptune Linux. System76 announced some really cool news with their new Graphical Firmware Manager tool.