Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Mitigations, Myths, DNS/IPFire and Huawei

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by CentOS (spice-gtk), Debian (libemail-address-list-perl), openSUSE (chromium, libqt5-qtbase, nginx, systemd, and wicked), Oracle (spice-gtk), Slackware (firefox and thunderbird), and Ubuntu (libexif and Yubico PIV Tool).

  • Mitigations are attack surface, too

    This blog post discusses a bug leading to memory corruption in Samsung's Android kernel (specifically the kernel of the Galaxy A50, A505FN - I haven't looked at Samsung's kernels for other devices). I will describe the bug and how I wrote a (very unreliable) exploit for it. I will also describe how a second vulnerability, which had long been fixed in the upstream kernel, the upstream stable releases, and the Android common kernel, but not in Samsung's kernel, aided in its exploitation.

    If you want to look at the corresponding source code yourself, you can download Samsung's kernel sources for the A505FN from here. The versions seem to be sorted such that the newer ones are at the top of the list; A505FNXXS3ASK9 is the newest one at the time of writing, corresponding to the November 2019 security patch level.

  • What to know about open source security

    Many companies have a preference towards open source technology, so what should be kept in mind in regards to ensuring its security?

  • Enhancements to our DNS Resolver

    Today, we have taken some important changes on our DNS Resolver into production. Having released support for DNS-over-TLS in 2018, we have now added TCP Fast Open and TLSv1.3.

    Lightning Wire Labs is managing a DNS Resolver to provide an alternative to the large corporation who are trying to get the global DNS system under their control and use it for marketing purposes.

    To not fall behind the technical development, we have now enabled some new features on our resolver to make it ready for the new DNS changes that are going to land with IPFire 2.25 - Core Update 141 very soon.

  • U.S. Officials Say Huawei Can Covertly Access Telecom Networks

    Huawei can covertly access mobile networks through back doors meant for law enforcement, the U.S. has told allies in a bid to show that the firm poses a security threat. 

    U.S. officials say Huawei Technologies Co. can covertly access mobile-phone networks around the world through “back doors” designed for use by law enforcement, as Washington tries to persuade allies to exclude the Chinese company from their networks.

More in Tux Machines

How to Get Install Docker On Ubuntu 20.04 LTS

Docker is an Open source technology that allows you to install an run application on several containers (machine) without Interfering with the host or other containers technology is similar to Virtualization, but it is more portable and easy to use. What is the type of Docker are available? There is two types of Docker are available Docker CE (Community Edition) and Docker EE (Enterprise Edition). Read more

today's howtos

  • Simple router setup with nftables

    Router setup in linux is fun and important for situations when you have only server, computer. Forwarding, firewall rules and at least 2 network interface cards is the minimal requiremnt for setting up router. Our router setup will be on Rhel 8. The installation and configuration steps are: [...]

  • find mostly doesn't need xargs today on modern Unixes

    For usage with find, all of this is unnecessary on a modern Unix and has been for some time, because find folded this into itself. Modern versions of find don't have just the traditional '-exec', which runs one command per file, but also an augmented version of it which aggregates the arguments together like xargs does. This augmented version is used by ending the '-exec' with '+' instead of ';', like so: [...]

  • Linux fmt Command – Formatting Text on the Command Line

    The fmt command is a text utility included in the GNU Core Utilities. It was originally created to format email messages at the command line. However, it can be very useful for reading any text files in the terminal. Sure, modern terminals will wrap text to fit in the window. But they don’t wrap at a word, it could split a word right down the middle. This makes it hard to read and even harder to keep your place.

  • How To Install Observium on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install Observium on Ubuntu 20.04 LTS. For those of you who didn’t know, Observium is a Network Management and Monitoring System that collects data from multiple devices using SNMP and allows you to monitor all of the network’s devices via an easy-to-use interface. It is PHP-based and uses a MySQL database to store data. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of Observium on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian based distribution like Linux Mint.

  • How to Exclude Specific File Extension While Copying Files Recursively

    As you might already know, ‘cp’ is the command line program in Linux to copy files and directories.

Contributing to KDE is easier than you think – Bug triaging

Today, 2021-01-28, is the Plasma Beta Review Day for Plasma 5.21, that is to say, Plasma 5.20.90. Right now it’s a bit after 2 a.m., so after this I’m going to bed so I can be present later. This month I’ve mostly been enjoying my post-job vacation as last year I was bordering burnout. As such I didn’t help much. Before bed I’ll be providing a few things I’ve learned about triaging, though. While this blog post isn’t specifically about the Beta Review Day, this should make the general bug triaging process clearer for you, making it quite timely. Read more

Audiocasts/Shows: Coder Radio, TLLTS, and FLOSS Weekly

  • Testing the Test | Coder Radio 398

    The guys can't help but laugh when they hear the test tests one well-known online giant is testing. You might say they get a bit testy.

  • The Linux Link Tech Show Episode 891

    brave browser, gnome 40, lottalinuxlinks is back, tablets

  • FLOSS Weekly 614: Ethics and Open Source - Openbase, Elastic vs AWS

    Matt Asay believes we need a new way to think about open source. This comes on the heels of the Elastic vs AWS controversy. Shawn Powers and new co-host Katherine Druckman join Doc Searls in a lively discussion of ethics and open source on FLOSS Weekly. The panel takes a look at three efforts currently making news: the Ethical Source Movement; Matt Asay's Infoworld post titled A New Way To Think About Open Source; and Openbase, which Venturebeat says "wants to be the Yelp for open source software packages."