Security Leftovers
-
Security updates for Monday
Security updates have been issued by Fedora (seamonkey), Mageia (apache-mod_auth_openidc, binutils, chromium-browser-stable, dojo, firejail, gcc, glib2.0, glibc, http-parser, ilmbase, libarchive, libgd, libsolv, mbedtls, pcre, pdfresurrect, php, proftpd, pure-ftpd, python-bleach, ruby-rake, transfig, weechat, and xen), openSUSE (chromium, ovmf, python-bleach, and yast2-rmt), Oracle (curl, http-parser, kernel, sudo, and xerces-c), Red Hat (chromium-browser and kernel-alt), Scientific Linux (sudo), and SUSE (gimp, kernel, and librsvg).
-
Yahoo! and AOL: Where two-factor authentication makes your account less secure
If you are reading this, you probably know already that you are supposed to use two-factor authentication for your most important accounts. This way you make sure that nobody can take over your account merely by guessing or stealing your password, which makes an account takeover far less likely. And what could be more important than your email account that everything else ties into? So you probably know, when Yahoo! greets you like this on login – it’s only for your own safety:
-
Demystifying Containers – Part IV: Container Security
This series of blog posts and corresponding talks aims to provide you with a pragmatic view on containers from a historic perspective. Together we will discover modern cloud architectures layer by layer, which means we will start at the Linux Kernel level and end up at writing our own secure cloud native applications.
Simple examples paired with the historic background will guide you from the beginning with a minimal Linux environment up to crafting secure containers, which fit perfectly into todays’ and futures’ orchestration world. In the end it should be much easier to understand how features within the Linux kernel, container tools, runtimes, software defined networks and orchestration software like Kubernetes are designed and how they work under the hood.
-
Cyber Security Today – Huge database on American homeowners left exposed, don’t fall for this certificate scam, check your Android version and Linux warning
-
- Login or register to post comments
- Printer-friendly version
- 829 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
gThumb 3.9.1 Released with Various Changes, New App Icon
A new stable release of gThumb, the GTK-based photo manager and image viewer for Linux desktops, is now available to download. I wrote about how to install gThumb on Ubuntu a couple of months back and figured that the latest update may be of interest to those of you who use it! gThumb 3.9.1 isn’t a game-changing release, but it touts a number of notable enhancements, bug fixes, and feature tweaks. It even has a spiffy new app icon (right) designed according to the new GNOME icons style. Elsewhere, the photo management app now lets you customise keyboard shortcuts to suit your tastes, and adds a shortcuts “cheat sheet”. Users can press ctrl + f1 with the app in focus to reveal it. This is part of a wider GNOME initiative to make keyboard shortcuts more discoverable among GTK applications.
shellcheck: boosting the signal
I like code-validation tools, because I hate defects in my software and I know that there are lots of kinds of defects that are difficult for an unaided human brain to notice. On my projects, I throw every code validater I can find at my code. Standbys are cppcheck for C code, pylint for Python, and go lint for Go code. I run these frequently – usually they’re either part of the “make check” I use to run regression tests, or part of the hook script run when I push changes to the public repository. A few days ago I found another validator that I now really like: shellcheck Yes, it’s a lint/validator for shell scripts – and in retrospect shell, as spiky and irregular and suffused with multilevel quoting as it is, has needed something like this for a long time. I haven’t done a lot of shell scripting in the last couple of decades. It’s not a good language for programming at larger orders of magnitude than 10 lines or so – too many tool dependencies, too difficult to track what’s going on. These problems are why Perl and later scripting language became important; if shell had scaled up better the space they occupy would have been shell code as far as they eye can see. But sometimes you write a small script, and then it starts to grow, and you can end up in an awkward size range where it isn’t quite unmanageable enough to drive you to port it to (say) Python yet. I have some cases like this in the reposurgeon suite.
Programming: Python, Perl and Operators in OpenShift/Red Hat/CoreOS
FocusWriter - Text editor gone minimalistic
A few weeks ago, I was looking around for some nice Linux software, and I came across the home page of the person who had created the Whisker Menu for Xfce. Since I really like this one - I even included it as my favorite desktop menu in the 2018 best Linux apps compilation, I was intrigued by the other software in the repertoire, and decided to do some random testing. A program called FocusWriter drew my attention. Well, FocusWriter is meant to be a simple, straightforward, distraction-free advanced text editor, designed to provide those using it with maximum productivity. In other words, you don't waste time managing the software, you don't waste time getting your fleeting attention span diverted, you get stuff done. Well, that's the core idea on paper. As someone who writes books, I found the concept curious and inviting. Perhaps I could be doing something more effectively? Well, let's find out.
Mainframe Breaches: A Beginner’s Defensive Strategy
Mainframe Breaches: A Beginner’s Defensive Strategy