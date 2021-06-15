Security: Reproducible Builds, SELinux, and More
Reproducible Builds: Reproducible Builds in June 2021
Welcome to latest report from the Reproducible Builds project for June 2021. In these reports we outline the most important things that have been happening in the world of reproducible builds in the past month. As ever, if you are interested in contributing to the project, please visit the Contribute page on our website.
[...]
The Google Security Blog introduced a new framework called “Supply chain Levels for Software Artifacts”, or SLSA (to be pronounced as ‘salsa’). In particular, SLSA level 4 (“currently the highest level”) not only requires a two-person review of all changes but also “a hermetic, reproducible build process” due to its “many auditability and reliability benefits”. Whilst a highly welcome inclusion in Google’s requirements, by equating reproducible builds with only the highest level of supply-chain security in their list, it might lead others to conclude that only the most secure systems can benefit from the benefits of reproducible builds, whilst it is a belief of the Reproducible Builds project that many more users, if not all, can do so.
[...]
The NixOS Linux distribution pulled off a technical and publicity coup this month by announcing that the ISO_minimal.x86_64-Linux image is 100% reproducible. The announcement was widely discussed on Hacker News, where the article has received in excess of 200 comments.
Josh Bressers: Episode 278 – Could SELinux have stopped SolarWinds?
Josh and Kurt talk about a listener provided question. Could SELinux have stopped the SolarWinds attack? Given what we know, the answer is technically yes, but practically no. SELinux is awesome, but it’s very difficult to sandbox something like a build system.
Common Linux vulnerabilities admins need to detect and fix
Companies continue to scramble to secure endpoints and data center systems from constant attack. Admins must know how to both prevent attacks, such as ransomware, and mitigate the ones that get past security measures. This means using encryption, firewalls, routine vulnerability scanning and recovery plans.
The threat landscape continues to change, with new attacks popping up all the time. Admin can't set up systems and hope they remain protected. Rather, they're in a continuous battle to keep adversaries out. Linux server admin David Clinton provides admins blueprints to tackle common Linux vulnerabilities, conduct risk assessments, configure backups and more in his book, Linux Security Fundamentals.
Best Free Alternatives to YouTube
Our recommended open source solution is PeerTube, This aims to be a decentralized and free/libre alternative to video broadcasting services. It’s powered by ActivityPub and WebTorrent. There’s no vendor lock-in. PeerTube allows you to upload your videos to a platform that you choose by yourself. And each community can help each other by caching one another’s videos. Each platform has its own terms of service, moderation and federation policies. The service offers video streaming including live streaming. Users can follow their favorite channels from PeerTube without having to create an account. There’s no mining your data! WebTorrent Desktop is a peer-to-peer (P2P) streaming torrent client for node.js and the web browser. The app never sends any personally identifying information, nor does it track which torrents you add. It bridges the two networks of WebRTC-based WebTorrent and TCP/UDP-based BitTorrent simultaneously. While WebTorrent isn’t limited only to video it’s the software’s main focus. It’s fast, offers the ability to download multiple torrents simultaneously, and exposes files as streams. This cross-platform streaming app is written in JavaScript.
Kernel 'Extended' to Rust, New Stuff in Linux 5.14, and Linux Foundation 'Dilutes' Linux Mark
CentOS Stream: Everything You Need to Know About it
What is CentOS Stream? In this article we shall discuss everything that you need to know about CentOS Stream. Let’s begin with a quick history refresher. As you know, CentOS, one of the most popular Linux distributions, will no longer be supported for CentOS 8, starting 31 of December 2021, while the support for CentOS 7 will end on 30 of June 2024. The CentOS team encourages the current CentOS 8 users to update to CentOS Stream, but this might not be accepted easily and many might migrate to another distro. So from now on, all the effort will be focused on CentOS Stream.
5 Popular Free and Open Source VPN’s
People spend most of their time online and send critical information over the internet. Being safe online involves using many technologies, and VPN is one of them. An open source VPN software can help protect your identity online by encrypting the data you send on the network to keep it safe from eavesdropping. And if you are working in a company, It may also help you go beyond the company’s network restrictions to assure you have the experience you need on the internet.
