Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Linux
Security
  • How the Linux kernel balances the risks of public bug disclosure

    Last month a serious Linux Wi-Fi flaw (CVE-2019-17666) was uncovered that could have enabled an attacker to take over a Linux device using its Wi-Fi interface. At the time it was disclosed Naked Security decided to wait until a patch was available before writing about it.

    Well, it’s been patched, but the journey from discovery to patch provides some insights into how the Linux open-source project (the world’s largest collaborative software development effort) manages bug fixes and the risks of disclosure.

  • New NextCry Ransomware Encrypts Data on NextCloud Linux Servers
  • Using Nmap For Port Scanning + Other Tools to Use

    Nmap is a well-known utility that is bundled with many Linux distributions and that is also available for Windows and several other platforms. Essentially a scanning and mapping tool, there’s a lot that Nmap can do for you.

    Today, we’re having a look as using Nmap for port scanning which, incidentally, is the tool’s primary usage. Port scanning is an essential task of network management as it ensures that no backdoors are left unaddressed. It is one of the most basic forms of securing the network.

    Before we get into the how-to part of this post, we’ll sidetrack a little and first introduce Nmap and its GUI cousin Zenmap. We’ll then explain what ports are and how you need to be careful not to leave unused ports open on your devices. Then, we’ll get to the essence of this post and show you how to use Nmap for port scanning. And since there are quite a few other tools that can be viable alternatives to Nmap for port scanning—some of them much better or easier to use tools—we’ll finally review some of the very best Nmap alternatives for port scanning.

More in Tux Machines

Firefox Picture in Picture is Sweet, Here’s How to Use it on Linux

Picture in picture (PIP) is a novel feature that makes it a doddle to watch a video while you’re busy doing something else (like reading blog posts). How? It allows video content to “pop out” of a web page and play in a separate floating window (with mouse-over player controls, where possible). With PIP you no longer need to tear out a browser tab, resize it narrowly, and try and fit it in somewhere on your screen. And Firefox 72, which is currently in beta, supports this handy feature on the Linux desktop. Read more

Stable kernels 5.4.2, 5.3.15, 4.19.88, 4.14.158, 4.9.206, and 4.4.206

  • Linux 5.4.2
    I'm announcing the release of the 5.4.2 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
  • Linux 5.3.15
  • Linux 4.19.88
  • Linux 4.14.158
  • Linux 4.9.206
  • Linux 4.4.206

Graphics: Mir, X.Org, Gallium3D, GPUOpen, Mesa, Lima and Libinput

  • Mir 1.6 Released With New Wayland, DispmanX Platform Support

    Mir 1.6 is out today with the latest batch of features for this Ubuntu-focused display server that offers Wayland client compatibility. The two big additions to Mir 1.6 are on the graphics platform front. First, there is now a "Wayland platform" for running Mir as a nested compositor on top of a Wayland compositor. Secondly, the rpi-dispmanx platform is for Broadcom's DispmanX API.

  • Before Ending 2019, Vintage SiS X.Org Driver Sees A New Release

    xf86-video-sis 0.12.0 is available this week as a new version of the SiS display driver for X.Org systems in supporting Silicon Integrated Systems' display hardware. This X.Org user-space mode-setting driver has seen its first update in four months but prior to that it hadn't seen any update to the open-source code in three years.

  • RadeonSI Lands SDMA Copy Support For Vega/GFX9

    The RadeonSI Gallium3D driver has finally landed SDMA copy support for Vega/GFX9 graphics hardware, which should principally benefit compute shaders and other cases.

  • AMD's GPUOpen Releases Vulkan Memory Allocator 2.3

    AMD's GPUOpen team has released their first official update to the open-source Vulkan Memory Allocator project in nearly one year. Vulkan Memory Allocator is an easy-to-use Vulkan memory allocation library that in the two and a half years since being open-sourced has been picked up for use by multiple games/engineers, Vulkan code samples, and other projects.

  • Chromium's Ozone Wayland Back-End Is Now Considered Beta, Aiming To Ship Next Year

    For years there has been work on a Wayland back-end to Ozone, the Google component for abstracting user-interface elements and input/window handling among other tasks across platforms. It looks like in 2020 the Ozone Wayland support will be in good standing and promoted out of beta. We were tipped off to a recent presentation by Igalia's Alexander Dunaev on their work contributing to the Ozone Wayland code. From consulting firm Igalia's perspective, they have been focused on bringing up Ozone Wayland support in the embedded Linux context considering the number of consumer devices now shipping that use Wayland and Chromium or CEF. But all their embedded Linux work for Ozone Wayland also benefits the Linux desktop.

  • Mesa Developers Weigh Renaming Gallium "State Tracker" To "API"

    Gallium3D state tracker terminology has been around a decade now in referring to the portions of the architecture that are ultimately implementing various graphics / compute / video APIs. Marek proposed keeping the Mesa OpenGL state tracker term but in renaming the other state trackers to being "API implementations" as that terminology is technically more accurate for the likes of Clover OpenCL, VA-API, VDPAU, and the other state trackers / APIs implemented.

  • Lima Gets Tiling While Vulkan Turnip Lands SSBO + Compute Shaders

    The Lima Gallium3D driver that supports older Mali 400/450 hardware with an open-source OpenGL driver hasn't been seeing too many improvements these days compared to the likes of the Panfrost Gallium3D driver for the newer Arm Mali Bifrost/Midgard architectures. But hitting Mesa 20.0-devel yesterday was tiling support for Lima. This should improve the performance for this open-source Mali driver and also end up working around the driver's broken mipmapping support for linear textures.

  • Libinput 1.15 Is On Approach With Various Improvements/Fixes For Linux Input Handling

    Peter Hutterer has been preparing libinput 1.15 as the next update to this open-source input handling library used by Linux systems both on X.Org and Wayland. Compared to past releases that have seen exciting changes on supporting new input devices like the Dell Totem, scrolling enhancements, and other major additions, there isn't too much of that with libinput 1.15.

Debian GNU/Linux 11 "Bullseye" Installer Is Now Available for Public Testing

Unveiled earlier this year during the DebConf19 conference, Debian GNU/Linux 11 "Bullseye" will be the next major release of the acclaimed Linux-based operating system used by millions of computer users around the globe. It's development kicked off a few months ago, so now it's time to test drive the very first alpha build of the Debian Bullseye Installer. "It's high time we started doing this: many components were updated, replacing “CD”/“CD-ROM” with “installation media”. Such changes are not documented individually below. That also explains why many languages are not fully translated in this alpha release," said Cyril Brulebois on behalf of the Debian release team. Read more