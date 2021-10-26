Security Leftovers
Elastic (NYSE: ESTC) (“Elastic”), the company behind Elasticsearch and the Elastic Stack, announced new integrations and enhancements across the Elastic Security solution in its 7.16 release, enabling users to accelerate detection and response, increase real-time visibility into their data, protect endpoints against advanced attacks, and streamline workflows.
Security updates have been issued by Fedora (firefox, libopenmpt, matrix-synapse, vim, and xen), Mageia (gmp, heimdal, libsndfile, nginx/vsftpd, openjdk, sharpziplib/mono-tools, and vim), Red Hat (java-1.8.0-ibm), Scientific Linux (firefox), SUSE (kernel-rt), and Ubuntu (bluez).
Google took steps to shut down the Glupteba botnet, at least for now. (The botnet uses the bitcoin blockchain as a backup command-and-control mechanism, making it hard to get rid of it permanently.) So Google is also suing the botnet’s operators.
CISA has released Capacity Enhancement Guide (CEG): Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spread false or sensitive information to a wide audience. The measures described in the CEG aim to reduce the risk of unauthorized access on platforms such as Twitter, Facebook, and Instagram.
Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take control of an affected system.
In keeping with our commitment to the security and privacy of individuals on the internet, Mozilla is increasing our oversight and adding automation to our compliance-checking of publicly trusted intermediate CA certificates (“intermediate certificates”). This improvement in automation is important because intermediate certificates play a critical part in the web PKI (Public-Key Infrastructure). Intermediate CA keys directly sign server certificates, and we currently recognize nearly 3,000 intermediate certificates, which chain up to approximately 150 root CA certificates embedded as trust anchors in NSS and Firefox. More specifically, we are updating the Mozilla Root Store Policy (MRSP) and associated guidance, improving the public review of third-party intermediate certificates on the Mozilla dev-security-policy list, and enhancing automation in the Common CA Database (CCADB).
[...]
With the CCADB, Mozilla has provided a variety of tools to examine the status of intermediate certificates where none existed before. These include improvements that allow us to automatically process CA audit reports using Audit Letter Validation (ALV), advise CAs on the status of their intermediate certificates, and provide CAs and root store operators with lists of tasks relevant to intermediate certificates listed in the CCADB.
IBM/Red Hat/Fedora Leftovers
When firefighters arrive on the scene of a fire, they often have only seconds to decide where to focus their attention to save the most lives. Visibility may be low and they may not have enough information about who is in a building or where they are located. How could technology be applied to help these everyday heroes make better split-second decisions?
The Call for Code Honoring Everyday Heroes Challenge asked participants to develop new technology solutions to address challenges faced by first responders, delivery personnel, childcare workers, healthcare frontline workers, educators, and many more who have been invaluable to society during the COVID-19 pandemic. Technology solutions would need to run on a Samsung tablet, smartphone, and/or wearable device and use IBM open hybrid cloud technologies such as IBM Cloud and IBM Watson. Participants also had access to Samsung toolkits, as well as data from The Weather Company. Teams had four weeks to create promising, innovative new solutions that can be nurtured, improved, and put to work through the Call for Code incubation framework with IBM and Samsung Electronics.
Today, we are sharing that Werner Knoblich, Red Hat’s senior vice president and general manager for the Europe, Middle East, and Africa (EMEA) region has decided to retire from Red Hat at the end of 2021. IT industry leader and Red Hatter Hans Roth, who is currently senior vice president and general manager of Global Services and Technical Enablement, will succeed him in the role beginning in January.
Knoblich has been a strong and passionate advocate for our customers and Red Hatters throughout his tenure. His mantra, ‘know your culture first, then build your employee engagement into it,’ has consistently been at the heart of his leadership style in addition to a deep commitment to open source ways of working to create a highly engaged and results-driven team.
Red Hat Product Security is committed to providing tools and security data to help you better understand security threats. This data has been available on our Security Data page and is also available in a machine-consumable format with the Security Data API. By exposing a list of endpoints to query security data, this tool allows you to programmatically query the API for data that was previously exposed only through files on our Security Data page. To understand how we share our security data, take a look at this post.
This post will cover how the Security Data API can be used to address real-world security use cases and concerns programmatically.
These selected use cases are based on questions which were sent to the Red Hat Product Security team in recent months. Each of these examples can be easily modified to address your own needs.
From telecommunications networks to the manufacturing floor, through financial services to autonomous vehicles and beyond, computers are everywhere these days, generating a growing tsunami of data that needs to be captured, stored, processed and analyzed.
At Red Hat, we see edge computing as an opportunity to extend the open hybrid cloud all the way to data sources and end users. Where data has traditionally lived in the datacenter or cloud, there are benefits and innovations that can be realized by processing the data these devices generate closer to where it is produced.
This is where edge computing comes in.
Jyväskylä University of Applied Sciences (JAMK) offers its 8,500 students high-quality education, which is built to meet the needs of the labor market.
It is beneficial for both students and the job market in the region that student qualifications match the job requirements. JAMK has good relations with local companies and organizations, and 86% of JAMK computer science students are employed soon after studies. JAMK faculty and staff consider it important to listen with an attentive ear to the requirements set for experts in the future. Solutions based on open source are on the rise.
A seemingly straightforward question aimed at candidates for the in-progress Fedora elections led to a discussion on the Fedora devel mailing list that branched into a few different directions. The question was related to a struggle that the distribution has had before: whether using non-free Git forges is appropriate. One of the differences this time, though, is that the focus is on where source-git (or src-git) repositories will be hosted, which is a separate question from where the dist-git repository lives.
FOSS Force has learned that on Thursday the AlmaLinux Foundation, the nonprofit organization behind the eponymous freshman Linux distribution that’s positioning itself as a drop-in CentOS alternative, will announce that Codenotary has joined its governance board as its first top-tier Platinum member, and that AlmaLinux board member Jack Aboutboul has taken a job as VP of product at Codenotary.
In an email exchange with FOSS Force, Aboutboul verified Codenotary’s Platinum membership, his employment there, and that he will continue to hold his positions at AlmaLinux.
Houston-based startup Codenotary markets highly scalable open source software built around its immudb (for immutable database, a fast and cryptographically-verifiable ledger database) for helping companies protect their software supply chain, which has become increasingly important in the wake of the Solarwinds software supply chain attack that surfaced late last year. The company’s software is available for enterprises to run on their own equipment or in cloud instances, or through Codenotary’s Software as a Service offering called Codenotary Cloud.
today's howtos
If ever you've been curious about making music, you'll be pleased to know that the open source digital audio workstation Ardour makes it easy and fun, regardless of your level of experience. Ardour is one of those unique applications that manages to span beginner-level hobbyists all the way to production-critical professionals and serves both equally well. Part of what makes it great is its flexibility in how you can accomplish any given task and how most common tasks have multiple levels of possible depth. This article introduces you to Ardour for making your own music, assuming that you have no musical experience and no knowledge of music production software. If you have musical experience, it's easy to build on what this article covers. If you're used to other music production applications, then this quick introduction to how the Ardour interface is structured ought to be plenty for you to explore it in depth at your own pace.
This is the continuation of Kubernetes introduction guide. In this article, we are going to learn about important features of Kubernetes which will help you to understand the functional concepts of Kubernetes in deeper level.
Using S3 replication, you can setup automatic replication of S3 objects from one bucket to another. The source and destination bucket can be within the same AWS account or in different accounts. You can also replicate objects from one source bucket to multiple destination buckets.
Use LogMeIn Hamachi VPN service? Haguichi is a graphical app to make easy to join, create and manage Hamachi networks in Linux.
Haguichi is a free and open-source app that provides a stylish GTK UI for the official Hamachi for Linux. It has both dark and light window mode that shows a searchable and sortable network list in the left and details and actions in the right.
It’s well integrated with the Gnome desktop with notifications and system tray indicator applet, and make it easy to backup and restore configuration, as well as manage customize commands via Preferences dialog. And, it supports a list of keyboard shortcuts to make network and command actions more efficient.
Knowing how to transfer files securely between Linux hosts is a useful skill to have if you are regularly working with Linux servers. You may just need to transfer a handful of files, or you may want to look at backing up files from one Linux host to another. What ever the reason, there are a number of ways you can transfer files securely on Linux. Continue reading to find out about some of the more common or popular ways to transfer files.
Games: ARMA3, Humble Choice, and Lots More
Turns out that I have one of them, ARMA3, and I could test that it indeed works, by filtering for BattlEye only servers and trying to join such servers from Linux with Proton (note that you need to disable most of your mods if you intend on joining online competition). It seems like Steam downloads a specific BattlEye package before running ARMA3 after this update, so you don’t really have to do anything on your end.
A fresh month has arrived and so it brings with it a new Humble Choice, the curated monthly bundle along with a few other game bundles to go over. Here's a roundup of how they all work on Linux either natively or with Steam Play Proton.
First up is Humble Choice for December. Here you pay for whatever tier you feel is the best value to get access to the Humble Trove (a ton of DRM-free games), a discount at the Humble Store and the ability to claim Steam keys (sometimes GOG keys) for multiple titles - the amount of which depends on what tier you buy into.
Looks like publisher Devolver Digital was right to back this one, as Loop Hero from developer Four Quarters has managed to hit a million sales on Steam.
A game all about repetition. Loop Hero sees you constantly run through a procedurally generated map, where your character automatically walks around and engages in battle with various creatures. It's also a deck-builder, although you deck are map tiles so you build up the map from a blank slate with each loop. It's deliciously addictive to keep playing through while it reveals small bits of story.
Another developer is looking into native Linux builds for their game, this time it's Tomas Sala for The Falconeer in preparation for the upcoming Steam Deck handheld.
"Soar through the skies aboard a majestic warbird, explore a stunning oceanic world and engage in epic aerial dogfights, in this BAFTA nominated air combat game from solo developer, Tomas Sala.
An incredibly impressive double-episode total conversation for Doom 2, we have Ashes 2063 and Ashes: Afterglow. The first episode our own BTRE talked a bit about back in 2018, and since then it's been remastered and a second episode released only recently. Now, they're both available easily from Mod DB.
"Explore and scavenge through dozens of intricate maps, and use your scratched together arsenal to fight hordes of dangerous raiders and mutants in this expansive GZDoom TC. Ashes is part Duke Nukem 3D, part Doom, thrown into a blender with Mad Max, Fallout and Stalker for that refreshing post-apocalyptic twist."
SCS has upgraded both Euro Truck Simulator 2 & American Truck Simulator with some major improvements, and it seems they may work even better on the upcoming Steam Deck now.
We'll go over some of the extra content for each below, but first, some tech changes have come to each game. For starters, gamepad support on both has been greatly improved. A big change considering all the different controls needed, with the primary aim to allow navigating the entire UI without an addition device. They said they plan to keep making improvements on this too.
Another big change is the inclusion of SDF (Signed Distance Fields) fonts, which "allows texts and fonts to be displayed perfectly in any resolution, scale, or distance".
