Language Selection

English French German Italian Portuguese Spanish

Researcher behind Linux Kernel flaw explains motives

Filed under
Linux
Interviews

When a vulnerability researcher discloses a flaw in a widely-used operating system or application, some IT professionals question the motive. Such has been the case with a Linux Kernel flaw that was disclosed last week. Wojciech Purczynski, a researcher with Singapore-based security firm COSEINC, discovered the flaw, and a researcher using the online name "Qaaz" followed it up with attack code. Qaaz declined an interview request, but Purczynski did answer some questions in an email exchange. In this Q&A, he explains how he reported the security hole and why Linux users should take his findings seriously.

Describe the sequence of events.

Purczynski: I was quite busy doing some other tasks here at COSEINC so I had to postpone publication of the vulnerability. But on Feb. 1 I made initial contact with The Red Hat Security Response Team, then we contacted with kernel developers so they could provide a quick fix for this vulnerability.

Explain the severity of the vulnerability and why, since it involves the kernel, IT administrators in Linux-based environments should be concerned.

More Here




More in Tux Machines

Using Open Source to Empower Students in Tanzania

Powering Potential Inc. (PPI) aims to enhance education opportunities for students in Tanzania with the help of the Raspberry Pi and open source technology. “I believe technology is a vital part of the modern human experience. It enlightens. It ties us together. It broadens our horizons and teaches us what we can be. I believe everyone deserves access to these resources,” says Janice Lathen, Founding Director and President of PPI. Read more

IoT gateway runs mainline Linux on i.MX7

Compulab’s “IOT-GATE-iMX7” gateway runs mainline Linux on its CL-SOM-iMX7 COM, and offers optional GbE, 3G, WiFi, BT, and ZigBee. Compulab has launched a Linux-driven Internet of Things gateway built around its CL-SOM-iMX7 COM, featuring NXP’s power-sipping i.MX7 SoC. The embedded world is awash in i.MX6-based IoT gateways, but this is the first i.MX7 based model we’ve seen. Read more

IP camera design offers triple 4K encoding, runs Android on hexa-core SoC

Intrinsyc’s Android-ready Open-Q 650 IP Camera Reference Design is built on a Snapdragon 650, and supports up to three 4K H.264/H.265 30fps streams. Intrinsyc Technologies has followed up on last year’s Open-Q 410 Wearable Camera Reference Design with a more powerful Open-Q 650 IP Camera Reference Design. Like the 410 model, the 650 IP version runs Android on a Qualcomm Snapdragon SoC. However, it features a faster, hexa-core Snapdragon 650 SoC in place of the quad-core, Cortex-A53 Snapdragon 410. Read more

today's leftovers

  • Manjaro ARM to shut down
    While the project is dying, the team has offered help to anyone who is willing to continue this project. The team will guide through all the process and even teach if needed. If anyone is interested in continuing this project, now is the time. Otherwise we all have to say goodbye to Manjaro-ARM.
  • Manjaro ARM Linux Distro Is Shutting Down, Lack Of Contributors Is The Reason
  • That Was The Week That Was (TWTWTW): Edition 2
    This is the second edition of TWTWTW, a weekly blog proclaiming noteworthy news in the open source world. It provides a concise distilled commentary of notable open source related news from a different perspective. For the second edition, we present a succinct catchup covering software, hardware, book releases, ending with a real Barry Bargain!