Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • [JumpCloud] Recent Linux Releases: Desktop MFA & Security Commands

    Operating system diversity is a defining characteristic of today’s IT environments. Windows may have dominated historically, but enterprise Mac management has evolved in a meaningful way and Linux distributions have become a critical part of IT infrastructure. Cross-OS device management is here to stay, and presents a unique challenge for IT admins.

    Linux in particular can be a complex beast to manage because unlike MacOS and Windows, it is not a proprietary OS and can be found across multiple distros. There are many benefits to this openness however, including cost, interoperability, and flexibility. These factors, and more, have led to a strong Linux following among its community of users.

    With an increasing number of employee workstations running a wide variety of Linux distros, administrators need a way to increase visibility into their fleets, and improve the management of not only Linux systems, but Mac and Windows as well. IT admins can use the JumpCloud Directory Platform to comprehensively accomplish these tasks, thanks to the recent Linux releases detailed in this article.

  • Mozilla Security Blog: Making Client Certificates Available By Default in Firefox 90

    Starting with version 90, Firefox will automatically find and offer to use client authentication certificates provided by the operating system on macOS and Windows. This security and usability improvement has been available in Firefox since version 75, but previously end users had to manually enable it.

    When a web browser negotiates a secure connection with a website, the web server sends a certificate to the browser to prove its identity. Some websites (most commonly corporate authentication systems) request that the browser sends a certificate back to it as well, so that the website visitor can prove their identity to the website (similar to logging in with a username and password). This is sometimes called “mutual authentication”.

  • The Sequoia seq_file vulnerability

    A local root hole in the Linux kernel, called Sequoia, was disclosed by Qualys on July 20. A full system compromise is possible until the kernel is patched (or mitigations that may not be fully effective are applied). At its core, the vulnerability relies on a path through the kernel where 64-bit size_t values are "converted" to signed integers, which effectively results in an overflow. The flaw was reported to Red Hat on June 9, along with a local systemd denial-of-service vulnerability, leading to a kernel crash, found at the same time. Systems with untrusted local users need updates for both problems applied as soon as they are available—out of an abundance of caution, other systems likely should be updated as well.

    Down in the guts of the kernel's seq_file interface, which is used for handling virtual files in /proc and the like, buffers are needed to store each line of the file's "contents". To start, a page of memory is allocated for the buffer, but if that is not sufficient, a new buffer that is twice the size of the old one is allocated. This is all done using a size_t, which is an unsigned 64-bit quantity (on x86_64) that is large enough to hold the results, so "the system would run out of memory long before this multiplication overflows".

More in Tux Machines

Raspberry Pi Compute Module 4 Powers New PiCam Carrier Board

Users of Raspberry Pi Compute Module 4 boards who want to use the official Raspberry Pi Camera Module are left with a number of choices. Do they use the dedicated IO board or another carrier board? The latter is a popular option as the dedicated IO board is designed for development rather than daily use. We found Ledato's new PiCam module listed for $40 on Adafruit, and it looks like just the thing for CM4 camera projects. The PiCam module is the same size as the Compute Module (sold separately), and can be mounted directly on top of the board via four M2.5 screw points, with just a small offset to assemble a very small Raspberry Pi camera system, perfect for adding computer vision in small places. The Raspberry Pi 4, and the Compute Module 4 offer decent machine learning / computer vision using TensorFlow Lite, so a carrier board such as PiCam offers embedded machine learning projects a little more power over higher priced alternatives. Read more Also: RPi CM4 carrier with camera connector sells for $40

Android Leftovers

Top 5 Programming Languages for Developing Linux Desktop Applications

The IT industry is the quickest developing industry. It is befuddling to choose the one appropriate and useful choice as it has bunches of language choices. It could be a troublesome inquiry for an entrepreneur who needs to foster a work area application or somebody new to writing computer programs is which language ought to be your inclination. Linux on work area, Linux developers and programming engineers are investing more energy and difficult work in creating work area applications that will coordinate with applications on Windows and Mac OS X work areas. This is valid, particularly with an endless number of Linux dispersions that are centered on making it simple for new Linux clients to handily adjust to the working framework. Read more

Fedora 35 Cleared For Release Next Week

After dealing with blocker bugs the past two weeks, Fedora 35 is now confirmed for releasing next week. The latest Fedora 35 RC compose has been declared a "GO" at today's Fedora meeting for releasing next week. Fedora 35 will be shipping on 2 November after missing its original final target date of 19 October and follow-up of 26 October due to unresolved issues. It's not as bad like Fedora's notorious release delays from many years ago and at least they side with quality rather than timeliness. Confirmation of Fedora 35 being ready to ship next week was announced today. Read more