Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • The cyber-mechanics who protect your car from hackers

    “Most manufacturers know there is a problem and they’re working on solutions, but no-one will go public with it,” explains Martin Hunt, who works in automotive penetration testing for UK telecommunications firm BT.

  • US to rethink hacker tool export rules after mass freakout in security land

    Proposed changes to the US government's export controls on hacking tools will likely be scaled back following widespread criticism from the infosec community, a government spokesman has said.

    "A second iteration of this regulation will be promulgated," a spokesman for the US Department of Commerce told Reuters, "and you can infer from that that the first one will be withdrawn."

    The proposed restrictions are required by the Wassenaar Arrangement, a 41-nation pact that first came into effect in 1996 and which calls for limits on trade of "dual-use goods," meaning items that have both civilian and military applications.

    In 2013, the list of goods governed under the Arrangement was amended to include technologies used for testing, penetrating, and exploiting vulnerabilities in computer systems and networks.

  • Remote denial of service vulnerability exposes BIND servers

    BIND operators released new versions of the DNS protocol software overnight to patch a critical vulnerability which can be exploited for use in denial-of-service cyberattacks.

    Lead investigator Michael McNally from the Internet Systems Consortium (ISC) said in a security advisory the bug, CVE-2015-5477, is a critical issue which can allow hijackers to send malicious packets to knock out email systems, websites and other online services.

  • Botnet takedowns: are they worth it?

    The number of botnets has grown rapidly over the last decade. From Gameover Zeus leveraging encrypted peer-to-peer command and control servers, to Conflicker, infecting millions of computers across the world – botnets are continuing to infiltrate many internet-based services and causing mass disruption, and it's getting worse.

More in Tux Machines

today's leftovers

Audiocasts/Shows: GNU World Order, Open Source Security, and LINUX Unplugged

  • GNU World Order 467

    **kdecoration** , **kded5** , **kdeedu-data,** **kdegraphics-mobipocket** , **kdegraphics-thumbnailer,** **kdelibs4support** , **kdenetwork-filesharing** , and **kdenlive** from Slackware set **kde**.

  • Episode 330 – The sliding scale of risk: seeing the forest for the trees – Open Source Security

    Josh and Kurt talk about the challenge of dealing with vulnerabilities at a large scale. We tend to treat every vulnerability equally when they are not equal at all. Some are trees we have to pay very close attention to, and some are part of a larger forest that can’t be treated as individual vulnerabilities. We often treat risk as a binary measurement instead of a sliding scale.

  • Too Nixy for My Shirt | LINUX Unplugged 465

    The one shared secret behind some of the world's most powerful open-source projects.

Programming Leftovers

  • Creating maps to share the coffee shops I have visited | James' Coffee Blog

    Maps were a dominant topic at yesterday's Homebrew Website Club London / Europe online meetup. I am not knowledgeable on maps so I sat back for a lot of the discussion and listened to others share their thoughts. In the meeting, we discussed everything from using maps on one's personal website to the inaccuracies of some country paths in the UK on open maps. On the Homebrew Website Club call, I learned about Leaflet. Leaflet is JavaScript tool that works with OpenStreetMap to let you create a map with custom plots. OpenStreetMap is an open source map to which anyone can contribute. It has an extensive set of data. For instance, OpenStreetMap documents the location of businesses. This is a key use for me because I wanted to be able to map coffee shops.

  • Replace NA with Zero in R | R-bloggers

    Replace NA with Zero in R, Using the dplyr package in R, you can use the following syntax to replace all NA values with zero in a data frame.

  • History of Version Control Systems: Part 3

    The third generation of VCS was distributed. It's best to describe it through the story of Git. Larry McVoy had worked on a VCS called Sun WorkShop TeamWare in the 90s. TeamWare mirrored many of the features of Subversion and Perforce but built on SCCS. In 1998, McVoy saw the issues with the growing development of the Linux Kernel, which was now seven years old and involved thousands of developers. In 2000, McVoy started a company called BitMover to solve these issues. BitMover published BitKeeper, a proprietary version control system, which offered a community version that was free for open-source developers. In 2002, the Linux kernel started using BitKeeper as its VCS.

  • Flexible I/O: Sink configuration | A Modicum of Fun

    To perform commutation with field oriented control, moteus needs to know the relationship between the rotor and stator in the magnetic domain. With the addition of the new flexible I/O system, some of the configurable values associated with this remain as they were, where there are some new ones. First, the number of poles for the motor is still at motor.poles, and whether or not to invert the ordering of the output phases is at motor.phase_invert. Similarly, the theta mapping table has the same semantics before and remains at motor.offset. Newly added is motor_position.commutation_source which controls which 0 indexed source is used to drive commutation. It is shown in the block diagram above, but not discussed here yet are the cogging compensation parameters. They’ll be covered soon, I promise!

today's howtos

  • How to Install Pip on Ubuntu

    In this tutorial, we’re going to show you how to install and use Pip (Python) on Ubuntu. This tutorial works for Ubuntu 22.04, Ubuntu 20.04, any other Ubuntu release, and even distros like Linux Mint. If you tried running a pip command and got a similar error to “Command ‘pip’ not found…”, you need to install pip on your Ubuntu. This tutorial will show you how to install Pip on Ubuntu 22.04, 20.04, 22.10, etc. with step-by-step instructions.

  • How to Install Xfce Desktop on AlmaLinux 9 - LinuxCapable

    Xfce is a lightweight free, open-source desktop environment for UNIX-like operating systems. It is designed to be fast and light on system resources while visually appealing to the default desktop environments that ship with most operating systems. Xfce is very popular with older systems, with hardware as a key feature in its design to conserve memory and CPU cycles. For example, the desktop panel will not hog resources by constantly polling for changes, and the file manager has been designed to use minimal memory and CPU cycles. In addition, Xfce includes several power management features that can help reduce your carbon footprint. Overall, Xfce is an excellent choice for users who want a fast and stable desktop environment without sacrificing visual appeal or functionality. In the following tutorial, you will learn how to install Xfce DE on AlmaLinux 9 desktop using the command line terminal, along with some basic tips on running an update and removing the Xfce desktop environment.

  • How to Install Opera Browser on Debian 11 Bullseye - LinuxCapable

    Opera is a freeware, cross-platform web browser developed by Opera Software and operates as a Chromium-based browser. Opera offers a clean, modern web browser that is an alternative to the other major players in the Browser race. Its famous Opera Turbo mode and its renowned battery-saving mode are the best amongst all known web browsers by quite a margin, with a built-in VPN and much more. In the following tutorial, you will learn how to install Opera Browser stable, beta, or development (nightly) on Debian 11 Bullseye, including installing, updating, and removing the browser using the command line terminal.

  • How to Install Nginx Mainline on Debian 11 Bullseye - LinuxCapable

    For those using Debian 11 Bullseye, you might have noticed that installing Nginx directly from its repository does not install the latest stable or mainline version. This is a common trend in most distributions that focus on the stability of packages and provide only urgent bug or security updates until the subsequent major distribution. For most, using the default Nginx that comes bundled with the repository will be preferred, but often many require and want the latest version of stable or mainline for updated features. The following tutorial will cover installing the last stable or mainline versions of Nginx on Debian 11 Bullseye desktop or server utilizing the APT package manager with the PPA model Ondřej Surý or by importing the official Nginx.org APT repository and installing the latest version directly from Nginx.