Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Linux Concerns: Convenience vs. Security

    Once upon a recent time, Linux was more secure than it is today. Only the root user could mount external device, and in many distributions new users were automatically assigned a few groups that limited the hardware they could access. Distributions followed the principle of least privilege (aka least access), under which users, applications, and devices receive only the access to the system that they absolutely require.

  • Security updates for Thursday
  • One Definition Of Lock-in: Running “2003” So Many Years Later

    Why do they do it? Run “2003” in 2015! It’s not cost, because Debian GNU/Linux would cost $0. It’s lock-in whether by habit or by application. Lots of folks have invested heavily in applications that still work so they are willing to risk everything, perhaps by adding other layers of security. Why?

  • Imploding Barrels and Other Highlights From Hackfest DefCon

    Visiting Las Vegas can feel a bit like being a metal sphere in a pinball machine—you’re tossed from bright lights to blaring shows and back again until you eventually (hopefully) emerge out a hole at your home airport. When you visit Vegas with a swarm of hackers and security researchers, the dizziness gets amped up tenfold and can be laced with a dose of dark mischief.

  • Cisco networking gear can be hijacked, warns company

    An attacker can swap out the device's firmware with altered, malicious software.

  • Video Shows a Terrifying Drug Infusion Pump Hack in Action

    It’s one thing to talk about security vulnerabilities in a product, but another to provide a proof-of-concept demonstration showing the device being hacked.

    That’s what occurred last month when BlackBerry Chief Security Officer David Kleidermacher and security professional Graham Murphy showed how easy it is for hackers to take control of a hospital drug infusion pump by overwriting the device’s firmware with malicious software.

  • August ’15 security fixes for Adobe Flash

    ...Adobe released updated Flash player plugins which adddress many new vulnerabilities (as usual).

More in Tux Machines

today's leftovers

  1. How to install Hugin panoramic image editor on Linux

    Hugin is an open-source image editing tool for Linux, Mac OS, Windows, and BSD. It allows users to stitch photographs together and create panoramas digitally. In this guide, we’ll show you how to install Hugin on Linux.

  2. How to play Total War: WARHAMMER II on Linux

    Total War: WARHAMMER II is the sequel to Total War: WARHAMMER. It is a turn-based real-time tactics video game developed by Creative Assembly and published by Sega. Here’s how you can play the game on your Linux system.

  3. How to Use the Linux Screen Command

    In Linux, you often need to run lengthy processes to execute in the background and independently (such as ping commands to a server for an extended period of time) .

  4. How to install VRoid Studio 1.0 on a Chromebook

    Today we are looking at how to install VRoid Studio 1.0 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  5. How to Run Multiple Commands in Linux at Once

    The Linux terminal is a powerful tool that allows you to perform a wide range of operations using commands. These commands enable you to accomplish a variety of computing tasks, including file manipulation, program management, and service automation. Ideally, when you need to run a bunch of terminal commands, you do it one-by-one. However, it turns out that there's a better way to do this, and it involves running multiple commands at once. Follow along as we demonstrate the different ways to run multiple terminal commands in Linux.

  6. Easily Install and Setup PowerDNS on Debian 11/Debian 10 - kifarunix.com

    This tutorial is about how to easily install and setup PowerDNS on Debian 11/Debian 10. PowerDNS “is a premier supplier of open source DNS software, services and support“. It provides both the Authoritative Server and the Recursor DNS products.

KDE/Ken Vermette: New Icons, Iconoclast Pipeline

As was the method for Blue Ocean on the desktop widgets and design, the icons will be a gradual rollout over a few releases. We do have a strategy in place to ensure that this won’t be too jarring or inconsistent during the transition. The current plan is to update both all mimetypes and all places in time for the 5.24 release. Like our current icons the new icons have adaptive capabilities. Beyond that some additional select icons such as the new desktop icon are also adaptive, and there are plans for other icons to also take advantage of this feature where it would not be obnoxious. Compared to existing icons the refreshed content will be softer, more detailed, and less flat. These icons are also prepared with future capabilities in mind, and as enhancements are made to KDE Frameworks these icons may expose new and interesting features. Finally, we’re expanding the number of sizes the icons come in, so they look ideal at more zoom levels in your file browser. Currently colour places icons are offered in 32, 48, 64, and 96 pixel sizes, and mimetypes are offered in 32 and 64 pixel sizes. Refreshed icons in both places and mimetypes will be offered in 32, 48, 64, 96, 128, and 256 pixel sizes with no missing graphics. We already have all folders in all of the above sizes, and in under a month while also writing our software we have over doubled the number of folder icons in Breeze. We’re estimating we will more than triple in the number of mimetype icons. To get this work done we’ve built new tools for the express purpose of making mass iconography far easier for even individual artists, so I’m very pleased to state that a new icon and SVG pipeline is underway and despite being unfinished is producing results. This Python-written pipeline is capable of adding guides, rulers, and setting up grids for existing icons, standardizing existing icon colours, assembling entirely new icons from templates and components, and aggressively optimizing icons. With this authors will be able to have a “golden copy” of their icon sets where they can focus purely on design, letting the software take care of cleaning up the documents and assembling the individual pieces. The folders in the above image were assembled by the pipeline, with no hand-tuning. Read more

Seaberry Turns A Raspberry Pi 4 Into A Linux Powered ITX System

Since it’s inception the Raspberry Pi has evolved from it’s start as a nifty sounding hobby board to a rather powerful multi-core small form factor computer which is capable of quite a lot. The enhancement to it’s capabilities has continued to expand at a pace roughly equal to it’s growing popularity, to the point where there is an effective compute module which can be added to the your Pi to give it more versatility. Thanks to the compatibility improvements for that computer module we will see in 5.16 release of the Linux kernel, the Raspberry Pi will be capable of yet another impressive feat with the help of a product from a Canadian company called ALFTEL. Their Seaberry Compute Module 4 carrier board will give your Raspberry Pi 4 PCIe support. Once attached, your Pi will have access to a variety of PCIe interfaces including a 16x slot with a single PCIe lane, four PCIe 1x Mini slots, four M.2 Key E with two lanes each and one single lane PCIe M.2 Key M port. Read more

GhostBSD 21.11.24 ISO is now available

This new ISO contains kernel, OS, and software updates. In addition, I added a new command-line software called ghostbsd-version that gives you the GhostBSD version, FreeBSD version, kernel version, and OS version. At the date of this release, if you run ghostbsd-version or ghostbsd-version -v, it should output 21.11.24. This version number will be increment by the date of new packages built on packages every update performed. The ISO version is now following the last package's build version instead of an ISO's build date in the hope of removing confusion about the ISO version. Read more