Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Drama and FUD

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Debian (dino-im, python2.7, python3.4, and wpa), Fedora (kmplayer), openSUSE (podman and samba), Oracle (thunderbird), Red Hat (thunderbird), Slackware (expat), SUSE (curl), and Ubuntu (apache2).

  • This New Linux Malware Mines Crypto By Creating Malign Linux Modules

    As per the research, the new Linux malware mines crypto by creating malicious loadable kernel modules (LKM) to stay under the wraps. As the malware utilizes Linux kernel module rootkits, it becomes difficult to detect and patch it. This is because of its overwriting and modification of kernel parts capabilities.

  • A Critical Exim Vulnerability, Lilocked Ransomware on the Rise, but Linux Not to Blame

    In the context of these recent vulnerabilities and exploits, it is easy to label Linux and Open Source as “vulnerable” or “insecure”. However, doing so is unfair as well as incorrect. Unlike Windows and MacOS, Linux is a multi-user environment (a characteristic that the OS inherited from Unix) where users are granted specific privileges. This design prevents the compromise of one user account from impacting an entire system. In order to gain control over a Linux system, malware would have to gain root access to the system.

    Vulnerabilities exist in every system, and in terms of security vulnerabilities, Linux has a relatively clean record when compared to other popular operating systems. In the words of Linux creator Linus Torvalds, “Given enough eyeballs, all bugs are shallow”. Because of the intense review that Linux is continuously undergoing from security experts in the Open Source community, vulnerabilities are quickly identified and fixed. Because of this, as well as the way in which Linux manages privileges, relatively few viruses and worms are written to attack Linux systems. In comparison, proprietary operating systems like Microsoft Windows are easy targets for malicious coders, making them frequent victims of malware and viruses. This year, a total of 700 vulnerabilities in Microsoft Windows were disclosed, 189 of which were classified as critical.

    Exim, however, is a notoriously insecure mail server. In spite of this, it has a market share of over 57 percent, due to the fact that the MTA has been bundled with many Linux distros, including Debian and Red Hat. Thus, the frequent security bugs and exploits involving Exim affect a large number of Linux users, but are not a reflection of the inherent security of the Linux OS.

More in Tux Machines

starship – elegant cross-shell prompt at your fingertips

The Command Line Interface (CLI) is a way of interacting with your computer. And if you ever want to harness all the power of Linux, it’s highly recommended to master it. It’s true the CLI is often perceived as a barrier for users migrating to Linux, particularly if they’re grown up using GUI software exclusively. While Linux rarely forces anyone to use the CLI, some tasks are better suited to this method of interaction, offering inducements like superior scripting opportunities, remote access, and being far more frugal with a computer’s resources. For anyone spending time at the CLI, they’ll rely on the shell prompt. I always seem to gravitate back to Bash even though I’ve used more than a dozen shells over the years. By default, the configuration for Bash on popular distributions identifies the user name, hostname, and the current working directory. I recently reviewed Liquid Prompt, an intelligent and non-intrusive prompt for Bash and zsh. starship is an alternative to Liquid Prompt. The software aims to show information you need while you’re working, yet being unobtrusive as possible. Read more

Tired of Windows and Mac OS? Switch to Elementary OS!

Elementary OS is one of the most beautiful and clean-looking operating systems available for use in computers. It is fast, open and privacy-oriented. Elementary has its characteristic design philosophy and made aesthetic use of colours. Over the years, this free-to-use operating system has collected heavy praise by reviewers around the world – making it a strong replacement option for both Windows and Mac users. The initial development of ElementaryOS started with building themes and applications for Ubuntu, which later inspired the developers to transform it into a full-fledged Linux distribution. The first release of the operating system was on 31 March 2011, and so far, it has been through continuous bugfix and major feature updates. The Elementary OS took shape with the concept of making Linux easier for non-technical users. Instead of terminal-based codes, elementary provides a graphical user interface and settings menus to allow users to perform almost all day-to-day tasks without writing any code. Read more

Django 3.0 beta 1 released

Django 3.0 beta 1 is now available. It represents the second stage in the 3.0 release cycle and is an opportunity for you to try out the changes coming in Django 3.0. Django 3.0 has a raft of new features which you can read about in the in-development 3.0 release notes. Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 3.0 final (also, translations will be updated following the "string freeze" when the release candidate is issued). The current release schedule calls for a release candidate in a month from now with the final release to follow about two weeks after that around December 2. Early and often testing from the community will help minimize the number of bugs in the release. Updates on the release schedule schedule are available on the django-developers mailing list. Read more

Android Leftovers