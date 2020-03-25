Security: Free Software Patches, Microsoft and Apple Failures and FSCRYPT in Linux
Security updates for Friday
Security updates have been issued by Debian (bluez and php5), Fedora (chromium, kernel, and PyYAML), Gentoo (adobe-flash, libvpx, php, qtcore, and unzip), openSUSE (chromium, kernel, and mcpp), Oracle (ipmitool and libvncserver), Red Hat (ipmitool and rh-postgresql10-postgresql), Slackware (kernel), and SUSE (ldns and tomcat6).
Unpatched bug in iOS 13.3.1 and later stops VPNs from encrypting all connections
An ongoing security vulnerability in iPhones and iPads is keeping VPN applications from doing their job. For iOS versions 13.3.1 and later, this bug remains unpatched and has been rated with a 5.3 CVSS v3.1 base score. When a VPN connection is initiated on iOS, all existing internet connections by the operating system and other applications are supposed to be terminated and then restarted inside the VPN app’s encrypted tunnel as a proxy so no third parties are able to see your IP address. The VPN bypass bug in iOS 13.3.1 and later causes some internet connections to continue with their original, unencrypted connection – which is a security and privacy concern. This means that people on the same network could snoop on the unencrypted data stream and the endpoint of the unprotected connections are still able to see your device’s IP address.
Microsoft Issues Windows 10 Update Warning
Picked up by the always-excellent Bleeping Computer and Windows Latest, Microsoft has announced that both its big March 2020 update and a new patch issued to fix buggy antivirus scans within Windows 10 have severe side-effects which users need to know about.
FSCRYPT Inline Encryption Revised For Better Encryption Performance On Modern SoCs
It remains to be seen if it will make it for the upcoming Linux 5.7 kernel merge window, but the FSCRYPT inline encryption functionality has now made it up to its ninth revision for offering better file-system encryption performance on modern mobile SoCs.
FSCRYPT inline encryption came out at the end of last summer and compared to the existing FSCRYPT file-system encryption/decryption where the work is left to the file-system and Linux's crypto API, this inline encryption/description shifts the work off to the block layer as part of the bio.
Antitrust Regulators Turn Attention to Standards Organizations
It’s well recognized by courts and regulators in many countries that standard setting among competitors can be procompetitive and good for consumers. As noted by the 5th Circuit Court in 1988, “it has long been recognized that the establishment and monitoring of trade standards is a legitimate and beneficial function of trade associations . . . [and] a trade association is not by its nature a ‘walking conspiracy’, its every denial of some benefit amounting to an unreasonable restraint of trade.”(1) But regulatory sands can shift, and especially at a time when broad and dramatic changes (political and otherwise) seem to be the rule rather than the exception, it makes sense for collaborative organizations to keep vigilant, and to review their policies and procedures on a regular basis to help ensure antitrust compliance. In my recent blog regarding Antitrust Laws and Open Collaboration, I briefly mentioned recent U.S. Department of Justice (DOJ) investigations into standards organizations. There were two, in particular, both focusing on internal policies and the importance of avoiding rules that might potentially disadvantage consumers or competitors. In this blog entry, we’ll take a deeper look at the specific types of conduct that concerned the regulators, and how the standards organizations under examination were eventually able to address those concerns.
Tails Call for testing: 4.5~rc1
Tails 4.5, scheduled for April 7, will be the first version of Tails to support Secure Boot. You can help Tails by testing the release candidate for Tails 4.5 now.
Screencasts/Audiocasts/Shows: MATE Desktop, Linux Drivers, Aleix Pol and User Error
