Language Selection

English French German Italian Portuguese Spanish

Security Leftovers: BlueTooth, Spectre/Meltdown and Huawei Disputes

Filed under
Security
  • BlueTooth Security Risks

    Security risks involving bluetooth vulnerabilities include techniques known as: bluebugging, bluesnarfing, bluejacking, denial of service and exploits for different holes.
    When a device is configured in discoverable an attacker may try to apply these techniques.

    Today mobile security was strongly increased and most attacks fail, yet sometimes security holes are discovered and new exploits emerge. As mobile devices prevent the user from installing unmonitored software freely most of attacks are difficult to carry out.

    This tutorial describes the most common Bluetooth attacks, the tools used to carry out these attacks and the security measures users can take to prevent them.

    [...]

    While bluetooth attacks aren’t widely used (when compared with other types of attacks like phishing or DDOS) almost every person carrying a mobile device is a potential victim, therefore in our countries most people are exposed, also through bluetooth, to sensitive data leak. On the other hand most manufacturers already patched devices to protect them from almost all attacks described above, but they only can issue a fix after the vulnerability was discovered and published (like with any vulnerability).

    While there is not defensive software the best solution is to keep the device turned off in public spaces, since most attacks require a short range you can use the device safely in private places. I hope you found this tutorial on Bluetooth Security Risks useful. Keep following LinuxHint for more tips and updates on Linux and networking.

  • Arm Has Many Changes On Tap For Linux 5.6 From Spectre/Meltdown Bits To New RNG

    While the Linux 5.5 kernel isn't even released yet, it's ideally coming out on Sunday should there not be a one week delay. But in any event Arm's Will Deacon has already sent in the pull request of the ARM architecture changes for Linux 5.6.

  • The Pentagon pushes back on Huawei ban in bid for ‘balance’

    Huawei may have just found itself an ally in the most unexpected of places. According to a new report out of The Wall Street Journal, both the Defense and Treasury Departments are pushing back on a Commerce Department-led ban on sales from the embattled Chinese hardware giant.

    That move, in turn, has reportedly led Commerce Department officials to withdraw a proposal set to make it even more difficult for U.S.-based companies to work with Huawei.

    Defense Secretary Mark Esper struck a fittingly pragmatic tone while speaking with the paper, noting, “We have to be conscious of sustaining those [technology] companies’ supply chains and those innovators. That’s the balance we have to strike.”

More in Tux Machines

Rules for product managers at open source companies

Product management is an interesting career. It's immensely rewarding to be the interface between users, business strategy, engineering, and product design. And it's also a highly lucrative career with increasing demand for ambitious and empathetic practitioners. It's also a role with no single path. You might see various certifications and courses emerging to help address the serious skills shortage. The good news is that these are starting to contribute to the talent pipeline, but they struggle to address the wider demands of the role. This is especially the case where roles require direct experience across the enormous range of what it takes to build and ship successful products. Read more

How we decide when to release Fedora

Open source projects can use a variety of different models for deciding when to put out a release. Some projects release on a set schedule. Others decide on what the next release should contain and release whenever that is ready. Some just wake up one day and decide it’s time to release. And other projects go for a rolling release model, avoiding the question entirely. For Fedora, we go with a schedule-based approach. Releasing twice a year means we can give our contributors time to implement large changes while still keeping on the leading edge. Targeting releases for the end of April and the end of October gives everyone predictability: contributors, users, upstreams, and downstreams. But it’s not enough to release whatever’s ready on the scheduled date. We want to make sure that we’re releasing quality software. Over the years, the Fedora community has developed a set of processes to help ensure we can meet both our time and and quality targets. Read more

Raspberry Pi 4: Chronicling the Desktop Experience – Firefox Upgrade – Week 18

This is a weekly blog about the Raspberry Pi 4 (“RPI4”), the latest product in the popular Raspberry Pi range of computers. I’ve previously looked at web browsing on the RPI4 in Week 4 of my blog, recommending Chromium and Vivaldi on this tiny machine. Chromium offers the virtue of official Raspbian support on the RPI4 and it’s published under an open source license. On the other hand, Vivaldi is no-charge proprietary software. Both web browsers earned my recommendation. At the time, I was unable to recommend Firefox because the Raspbian repositories hosted a prehistoric version; version 60.9.0 ESR to be specific. Running a version of a web browser that’s 2 years behind the latest version is totally unacceptable, even from a security standpoint alone. Read more

Zorin OS For Windows Users

Dear former Microsoft users, after Windows 7 (W7) officially discontinued early this year, how about looking at alternative operating system called Zorin OS? Zorin is computer operating system for everybody that is user-friendly and familiar. You can get Zorin gratis and free, you and your family can use without learning much, prepare to live peacefully without virus & antivirus, and you will be happy you can revive old computers with it. This article gives you sights on Zorin from perspective of a W7 user and see if you find it interesting. Enjoy Zorin! Read more