Language Selection

English French German Italian Portuguese Spanish

Responses To The Linux Desktop Security Problem

Filed under

Just about 24 hours ago I spread the news about a major vulnerability in X.Org / XKB that makes it trivial for anyone with physical access to a Linux-based desktop system to easily bypass any screensaver lock whether you're using GNOME, KDE, or most other desktop environments. So what's changed in the past day?

Well, many people have confirmed this problem is widespread if running X.Org Server 1.11 or newer. This is affecting users right now of Gentoo Linux, Arch Linux, Debian Wheezy, Fedora 16, users of the Xorg-Precise testing stack for Ubuntu 12.04 LTS, and other distributions updating their X stack in the past few months. It doesn't matter if you're using GNOME or KDE or one of the lighter-weight alternatives like Xfce.

Rest here

More in Tux Machines

Subresource Integrity Support Ready For Firefox 43, Chrome 45

With the upcoming releases of the Mozilla Firefox and Google Chrome web-browsers is support for the W3C Subresource Integrity (SRI) specification. The Subresource Integrity feature allows web developers to ensure that externally-loaded scripts/assets from third-party sources (e.g. a CDN) haven't been altered. The SRI specification adds a new "integrity" HTML attribute when loading such assets where you can specify a hash of the file source expected -- the loaded resource must then match the hash for it to be loaded. Read more

today's leftovers

Linux Switches/Routers

today's howtos