What Linux storage benchmarking tools are best?

The Linux hdparm tool enables administrators to establish a basic, low-level measure of disk performance. Using hdparm with the -t option takes advantage of the Linux disk cache, while the -t option also accesses the disk through the cache, but doesn't pre-cache the results. Low-level Linux storage benchmarking tools such as hdparm are very sensitive to file systems and other higher level constructs, however, so results can vary dramatically. Admins often use the Linux dd -- data duplicator -- command for tasks such as backup and copy, but its interaction with storage can also enable sequential throughput for storage performance. Flexible I/O Tester (FIO) is perhaps the most versatile and popular tool for benchmarking hard disk drive and solid-state drive devices. It enables administrators to run sequential read/write tests with varied I/O block sizes and queue depths.

Ubuntu 17.04 EoL and Patches

• PSA: Ubuntu 17.04 Zesty Zapus support ends on Saturday

  Support for Ubuntu 17.04 Zesty Zapus will be coming to an end this Saturday, nine months after being pushed out. The end of life applies to all systems no matter whether you’re running it on a desktop or a server. Once the end of life date arrives, you should have a plan to move to Ubuntu 17.10 or downgrade to Ubuntu 16.04.

• Ubuntu systems also having boot-up issues due to Meltdown and Spectre patches

• Meltdown and Spectre patch stops Ubuntu computers from booting

• Meltdown and Spectre patches leave some Ubuntu systems unbootable

Security: Meltdown and Spectre, Apple and More

• Meltdown and Spectre Linux Kernel Status

  By now, everyone knows that something “big” just got announced regarding computer security. Heck, when the Daily Mail does a report on it , you know something is bad… Anyway, I’m not going to go into the details about the problems being reported, other than to point you at the wonderfully written Project Zero paper on the issues involved here. They should just give out the 2018 Pwnie award right now, it’s that amazingly good.

• Linux Kernels 4.14.13, 4.9.76, and 4.4.111 Bring More Security Fixes, Update Now

  As promised, Linux kernel maintainer Greg Kroah-Hartman released today new versions of the Linux 4.14, 4.9, and 4.4 kernel series to address some of the regressions from previous builds and fix more bugs. Linux kernels 4.14.13, 4.9.76 LTS, and 4.4.111 LTS are now available for download from kernel.org, and they include more fixes against the Spectre security vulnerability, as well as some regressions from the Linux 4.14.12, 4.9.75 LTS, and 4.4.110 LTS kernels released last week, as some reported minor issues.

• Red Hat Researchers: Spectre Chip Vulnerability Likely Worse For VMs Than Containers

• Watching the meltdown.

  I have been watching Meltdown and Spectre unfold from the sidelines. Other than applying available updates, I'm just watching and absorbing the process of the disclosure. This one appears mid way along a long road. I teach mostly administrators. I teach some developers. I teach those in, or desiring to be in, infosec. I like teaching security topics. I think securing systems requires more people thinking about security from the beginning of design and as an everyday, no big deal part of life. A question I ask with these newsworthy issues is what normal practices can mitigate even part of the problems?  There are two big basics - least privilege and patch management - to always keep in mind. Issues like ShellShock and Venom were mostly mitigated from the beginning with SElinux enabled (least privilege) and WannaCry had little impact on those systems patched long ago when the SMB bug was first found and fixed. However, in some cases, both exploits and accidents come from doing something that no one else thought of trying. This is why I like open source. There is the option (not always used) for more people trying different things and finding better uses as well as potential flaws. Any type of cooperation and collaboration can be the source of some of these findings including pull requests, conference talks, or corporations working with academic research projects.

• macOS High Sierra's App Store System Preferences Can Be Unlocked With Any Password

  A bug report submitted on Open Radar this week reveals a security vulnerability in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password.

• Open Source Security Podcast: Episode 77 - npm and the supply chain

  Josh and Kurt talk about the recent npm happenings. What it means for the supply chain, and we end with some thoughts on how maybe none of this matters.

Android Leftovers

• This Android Phone With a Built-In Projector Is Perfect For Movie Lovers

• Android might be to blame for the delayed launch of Samsung's foldable phone

• Hands on: Android Auto Wireless and Google Assistant double down on convenience [Video]

• JVC and Kenwood's new head units pack wireless Android Auto

• Android makers want to copy the iPhone X's Face ID, but it's not that easy

• Android 8.0 Oreo is once again rolling out to the OnePlus 5