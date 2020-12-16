Language Selection

Android Leftovers

Friday 18th of December 2020
Android
Security Leftovers

  • Cryptomining Worm Now Targets Web Apps, IoT Devices [Ed: Microsoft GitHub issue spun as something else entirely (sometimes blaming "Linux")]

    A previously documented cryptomining worm dubbed Gitpaste-12 has returned with a wide-ranging series of attacks targeting web applications and IoT devices that exploit at least 31 vulnerabilities, according to a Juniper Threat Labs.

  • Intel Key Locker Support For The Linux Kernel Being Prepared

    For the past several months we've seen Intel Key Locker support being worked on for Linux as a new feature coming to future processors for better securing AES keys. That initial Key Locker support was initially focused on the open-source compilers with the new instructions while now the Linux kernel patches have been published in preliminary form. Intel Key Locker is for Tiger Lake and beyond to allow encrypting/decrypting data without the raw AES key but instead relying on a key handle that is in place until revoked by the system. The key when loaded is effectively sealed and then accessed by new Intel Key Locker instructions (AESENC128KL, AESENCWIDE128KL, AESDEC128KL, AESDECWIDE128KL, AESENC256KL, AESENCWIDE256KL, AESDEC256KL, and AESDECWIDE256KL) to reference the handle to that key. Intel Key Locker aims to protect AES keys by keeping the raw keys exposed for a minimal amount of time to reduce the chances they are compromised by rogue attackers.

  • Josh Bressers: Episode 243 – Door 18: Don’t roll your own crypto or auth

    Josh and Kurt talk about why it’s a horrible idea to roll your own crypto or auth

Best Free Tools to Find and Delete Duplicate Files

Even though the cost of storage per GB continues to fall, it’s common for users to need to find and remove duplicates files. Duplicates can stem from any file stored on your computer, be it images, software, music, video or what not. The process of finding and removing duplicates is time-consuming. Considering the volume of duplicate files, this is easier said than done. Fortunately, there are a number of tools that are designed to remove the laborious nature of finding duplicates by scanning and detecting your system for duplicate files in every format. Duplicate files are a real annoyance. Aside from using disk space, these files do nothing but clutter up your drive, make your PC run slower, and increase the difficulty level significantly when it comes to finding the right version of a specific file: is it the one I just updated, or the other one? Good duplicate finding software compares more than just a filename – including the file size – so it doesn’t remove files which are different to each other. You need reliable software. But always make sure you are making regular backups. And test the backups actually work. Read more

Red Hat/Fedora: GNOME Boxes/Flatpak, New Fedora ISOs and More

  • Delivering osinfo-db updates automatically for Flatpak users – Felipe Borges

    If you are familiar with GNOME Boxes internals you are aware that our secret sauce is libosinfo. It does the OS image detection and provides us with a database of devices, preferences, and compatibility for the operating systems we support. In the world of traditional package management tools, osinfo-db is the package responsible for delivering updates about new operating system’s releases, fixes, and improvements that Boxes will consume. So whenever you wonder why the newest EndlessOS or the newest Debian release isn’t listed in the Boxes download section, it is likely that osinfo-db is outdated. [...] For this reason, Flatpak users of GNOME Boxes will now benefit from the OsinfoDb Flatpak extension. It allows us to deliver osinfo-db updates direclty to users without updating the entire Boxes Flatpak. If you are receiving automatic updates in GNOME Software, the osinfo-db update is seamlessly.

  • F33-20201215 updated isos Released | Jbwillia's Weblog

    The Fedora Respins SIG is pleased to announce the latest release of Updated F33-20201215-Live ISOs, carrying the 5.9.13-200 kernel. This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 800MB+ of updates)).

  • Fedora program update: 2020-51 – Fedora Community Blog

    Here’s your report of what has happened in Fedora this week. System-Wide Change proposals for Fedora 34 or Changes that require a mass rebuild are due by Tuesday 29 December. This is the last Fedora program update for 2020! There will be no FPgM office hours until Wednesday, 9 January 2021.

  • Implementing storage: Approaches for stateful financial services applications on Kubernetes configurations

    Financial institutions face technical and compliance challenges when implementing storage on Kubernetes platforms. We outlined some of the regulatory overlays affecting financial institutions and technology solutions that can help with compliance in a previous post. In this post, we describe the considerations possible from an architectural viewpoint.

  • Interview with Red Hat's Mike McGrath About CentOS Stream

Share this holiday fairy tale to teach your loved ones about free software

Computer programs can do all sorts of magical things with the tap of a finger: carry messages across the planet in seconds, bring thousands of people together at online events, or smooth flaws off of photographed faces. Software is an incredibly useful tool, and your computer or cell phone drop all of this magic right into your lap or the palm of your hand. But, like any powerful spell, you can easily become entangled by a dark side to software: the people who created that spell can use it as a means to control you. In this video, we see how the makers of a very useful tool cleverly ensnare Wendell the Elf by offering him a tool to make his life easier – but the ShoeTool is actually a trap, meant to force him to make only the shoes the tool's manufacturer approves. Read more

