Security Leftovers Microsoft urges PowerShell users to upgrade to protect against critical vulnerability Microsoft has issued a warning to users of PowerShell 7.0 and 7.1 to update their software to protect against a .NET Core remote code execution vulnerability. Tracked as CVE-2021-26701, the vulnerability is described as critical and could affect Windows, macOS and Linux. The security issue has been known about for a little while, but Microsoft is only now urging users to install updates to ensure that they are protected.

Enter invisible passwords using this Python module | Opensource.com Passwords are particularly problematic for programmers. You're not supposed to store them without encrypting them, and you're not supposed to reveal what's been typed when your user enters one. This became particularly important to me when I decided I wanted to boost security on my laptop. I encrypt my home directory—but once I log in, any password stored as plain text in a configuration file is potentially exposed to prying eyes. Specifically, I use an application called Mutt as my email client. It lets me read and compose emails in my Linux terminal, but normally it expects a password in its configuration file. I restricted permissions on my Mutt config file so that only I can see it, but I'm the only user of my laptop, so I'm not really concerned about authenticated users inadvertently looking at my configs. Instead, I wanted to protect myself from absent-mindedly posting my config online, either for bragging rights or version control, with my password exposed. In addition, although I have no expectations of unwelcome guests on my system, I did want to ensure that an intruder couldn't obtain my password just by running cat on my config.

Russell Coker: Servers and Lockdown OS security features and server class systems are things that surely belong together. If a program is important enough to buy expensive servers to run it then it’s important enough that you want to have all the OS security features enabled. For such an important program you will also want to have all possible monitoring systems running so you can predict hardware failures etc. Therefore you would expect that you could buy a server, setup the vendor’s management software, configure your Linux kernel with security features such as “lockdown” (a LSM that restricts access to /dev/mem, the iopl() system call, and other dangerous things [1]), and have it run nicely! You will be disappointed if you try doing that on a HP or Dell server though.

Security updates for Monday Security updates have been issued by Arch Linux (electron11, electron12, istio, jenkins, libtpms, mediawiki, mruby, opera, puppet, and python-fastapi), Debian (djvulibre and openexr), Fedora (dovecot, libtpms, nginx, and php-league-flysystem), Gentoo (corosync, freeimage, graphviz, and libqb), Mageia (busybox, file-roller, live, networkmanager, and php), openSUSE (clamav-database, lua53, and roundcubemail), Oracle (389-ds:1.4, kernel, libxml2, python38:3.8 and python38-devel:3.8, and ruby:2.5), and SUSE (crmsh, djvulibre, python-py, and python-rsa).

Community Member Monday: Tim Brennan Jr. I am a son and grandson of American missionaries who moved to Brazil in 1952. Since my mother was born here (my father was a seven month old baby), I was born automatically a Brazilian citizen – even though I was born in the USA. Being brought up in Brazil, I learned both American English in the home, and learned Brazilian Portuguese in parallel. I am fluent in both languages. Computers came into my life as my dad saw the importance and value of them in the eighties. Watching him hack an Apple IIe and a daisy wheel printer to get the tilde accent over the letter “y” was an adventure in and of itself. Since I was homeschooled, the value and importance of open source software became very clear to me as soon as I heard about it around 1999. As soon as I heard of Linux, I got hooked. Then, I heard of StarOffice which later became OpenOffice, which forked into LibreOffice and saw the birth of The Document Foundation. I have been on a learning journey for most of my life. Everything I have learned is self-taught, including LibreOffice. My main activity in life is teaching in general. Teaching software to newbies such as the elderly, the underprivileged and young people is a passion I have. LibreOffice is an excellent starting point as it has virtually all the basic areas: text, images, markup languages, programming logic on a very simple scale with macros, databases etc., and much, much, more.