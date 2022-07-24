Security: Firmware Fake Security, FUD Campaign, VPS, and Buzzword Security
Firmware Security Realizations - Part 1 - Secure Boot and DBX - Eclypsium
One of the first findings brought to my attention was that Secure Boot was not enabled. After shaming myself, I remembered that in the past, installation instructions for most Linux distributions recommended disabling Secure Boot prior to installation. Not wanting to complicate installations any further I went into the BIOS/UEFI settings and disabled Secure Boot, then installed my Linux distribution of choice (sometimes that was POP_OS! And more recently Ubuntu). Once the installation was completed, I had not gone back and researched how to achieve better security using Secure Boot.
This brought forth one of my first questions: Why did most Linux distributions state that Secure Boot should be disabled? It turns out Linux distributions had not completed the process to get all of the required binaries signed that allow a computer to boot securely. With there being so many Linux distributions this proved to be quite the challenge. It was only in the past 2-3 years that many distributions have moved to enable Secure Boot by default. Understanding what needs to be done in order to support Secure Boot leads us pretty deep down a rabbit hole, which begins with first understanding how Secure Boot works.
A good starting point is to read some of the previous research on vulnerabilities related to Secure Boot. Eclypsium researchers have presented on Secure Boot dating as far back as 2013 at Black Hat USA in a talk titled “A Tale of One Software Bypass of Windows 8 Secure Boot” and again in 2014 at Defcon “Summary of Attacks Against BIOS and Secure Boot“.
Newly found Lightning Framework offers a plethora of Linux hacking capabilities [Ed: Microsoft propagandists still try to conflate malware with "backdoors", which is something Windows has by design; this is misleading, borderline defamatory. Unlike Windows, Linux does not have back doors and zero-days ignored by the vendor (Microsoft) for months, so for this malware to get to the system something dumb needs to happen. With Windows, there are back doors. With Linux, however, you need to first get in somehow. The media fails to mention this.]
New Very Powerful All in One Linux Malware [Ed: Anything to darken the brand "Linux", just because it is capable of running malicious programs too]
Should I Use Linux VPS Or Windows VPS | Technology
For corporate and commercial projects, it is better to choose Linux, which confidently leads by the parameter "security".
SaaS security in Kubernetes environments: A layered approach | Red Hat Developer
Security is especially critical for Software-as-a-Service (SaaS) environments, where the platform is used by many different people who need the confidence that their data is stored safely and kept private from unrelated users. This article focuses on security concerns for containers on your SaaS deployment running in Kubernetes environments such as Red Hat OpenShift. The article is the fifth in a series called the SaaS architecture checklist that covers the software and deployment considerations for SaaS applications.
Absolute64-20220724 released
Some fixes... cleaned up Vivaldi installer a little, fixed a bunch of my image manipulation scripts to work properly with switch from imagemagick to graphicsmagick. Heavily edited idesktool to manipulate desktop/icons. Stripped down the installer for the ISO. Just auto-install. No more Slckware tweaks/prompts -- Just takes over hard drive and goes... Will GPT the drive if bios is set to launch UHCI, (and you set USB stick to GPT. I used Rufus on a Windows box.) If you MBR the stick and computer bios is MBR, Absolute installer will partition drive MBR and use lilo. In either case, the drive is repartitioned and anything on it is wiped.
New Debian GNU/Linux 11 “Bullseye” Kernel Security Update Fixes 9 Vulnerabilities
The new Debian GNU/Linux 11 Linux kernel security update comes one and a half months after the previous kernel security update and it’s here to fix a total of nine security vulnerabilities in the Linux 5.10 LTS kernel, which is the default kernel for Debian Bullseye users. Patched in this new kernel update is CVE-2021-33655, a security issue that could allow a user with access to a framebuffer console driver to cause a memory out-of-bounds write through the FBIOPUT_VSCREENINFO ioctl, and CVE-2022-2318, a use-after-free vulnerability found in the Amateur Radio X.25 PLP (Rose) support that may result in a denial of service attack.
