The average successful hack gains attackers less than $US15,000 ($A20,600), a recent Ponemon Institute study has found. Yet that may still be enough to lure attackers who are proving adept at navigating “confusing” industry messages on endpoint security, believes one security specialist who argues that the result is hampering companies' ability to shore up privileged-account security.
An attack by a hacker has just revealed the sensitive information of about 20,000 FBI employees. Besides this personal contact information of the FBI employees, the hacker also claims to have more sensitive data like credit card number and some military emails.
The Internet of Things is amazingly powerful and useful — but not always safe to use, and most organizations with IoT implementations need to do a better job of keeping them secure. That's a message that Jerry Irvine, CIO of the Chicago IT services company, Prescient Solutions, would like his fellow CIOs to take to heart. In an interview with The Enterprisers Project, he explains why.
Many of the protections being discussed for the kernel are coming out of the grsecurity patches. These patches have been around for a very long time and provide a set of modern security features. The question always comes up "but why aren't they in the mainline kernel if they are so useful?". The simplest answer is that the authors and the kernel maintainers never came to an agreement about the patches so they were never merged. (The full history is available in various mailing lists for those who are interested. Google will find you plenty of interesting reading.) The patch authors have been doing the hard work of rebasing and reworking the patches to work with newer kernel versions ever since.
New Ubuntu Phone Patch Is Coming Soon to Fix the Infamous Mir Bug, Says Canonical
Just a few moments ago, Łukasz Zemczak of Canonical sent in his daily report email to inform us about the latest work done by the Ubuntu Touch developers in preparation for the upcoming OTA releases.
Docker's recent acquisition of Unikernel Systems has sent pulses racing in the microservice world. At the same time, many people have no clue what to make of it, so here's a quick explanation of why this move is a good thing.
Although you may not be involved in building or maintaining microservice-based software, you certainly use it. Many popular Web sites and services are powered by microservices, such as Netflix, eBay and PayPal. Microservice architectures lend themselves to cloud computing and "scale on demand", so you're sure to see more of it in the future.
The Linux Foundation’s Core Infrastructure Initiative Working with White House on Cybersecurity National Action Plan
The White House today announced its Cybersecurity National Action Plan (CNAP), which includes a series of steps and programs to enhance cybersecurity capabilities within the Federal Government and across the country. In the proposal, the White House announced collaboration with The Linux Foundation’s Core Infrastructure Initiative(CII) to better secure Internet "utilities" such as open-source software, protocols and standards.
Mentor Embedded Linux adds SMACK security and IoT support
Mentor Graphics has updated Mentor Embedded Linux (MEL) with Yocto Project 2.0 code, SMACK security, and support for CANopen, BACNet, and 6LoWPAN.
Mentor Graphics has spun a more secure and industrial IoT-ready version of its commercial Mentor Embedded Linux (MEL) distribution and development platform that moves up to a modern Linux codebase built around Yocto Project 2.0 (“Jethro”). Yocto Project 2.0, which advances to GCC 5.2 and adds Toaster support, among other enhancements, was recently adopted by rival embedded distro Wind River Linux 8.
Johannes Bechberger, while working on his Bachelor’s thesis supervised by my colleague Andreas Zwinkau, has developed a performance benchmark runner and results visualizer called “temci”, and used GHC as a guinea pig. You can read his elaborate analysis on his blog.
UK publishing house Usborne is giving out its iconic 1980s programming books as free downloads.
The books, which are available for free as PDF files, include Usborne's introductions to programming series, adventure games, computer games listings and first computer series. The series was particularly popular in the UK, where they helped school a generation of developers and IT professionals.
Patches published by Google developers today for LLVM/Clang confirm that the company has at least one in-house processor of its own.
Jacques Pienaar, a software engineer at Google since 2014, posted patches today seeking to mainline a "Lanai" back-end inside LLVM. He explained they want to contribute their Lanai processor to the LLVM code-base as they continue developing this back-end with a focus on compiling C99 code. He mentions Lanai is a simple in-order 32-bit processor with 32 x 32-bit registers, two registers with fixed values, four used for program state tracking, and two reserved for explicit usage by user, and no floating point support.