Language Selection

English French German Italian Portuguese Spanish

Leftovers: Security

Filed under
Security
  • Security updates for Thursday
  • Microsoft puts a bullet in blundering D-Link's leaked key that made malware VIPs on PCs

    Microsoft has finally revoked D-Link's leaked code-signing key, which gave malware the red carpet treatment on millions of Windows PCs.

    Last week, it emerged that, for six months between February and September, D-Link exposed its private code-signing key to the world in a firmware download. Anyone who stumbled upon this key could use it to dress up malware as a legit-looking D-Link application, tricking Windows and users into trusting it.

    The key expired at the start of this month, meaning it cannot be used to digitally sign new malware. But any software nasties signed using the key earlier in the year would still be trusted and run by Windows PCs.

  • Filling in the holes in Linux boot chain measurement, and the TPM measurement log

    When I wrote about TPM attestation via 2FA, I mentioned that you needed a bootloader that actually performed measurement. I've now written some patches for Shim and Grub that do so.

    The Shim code does a couple of things. The obvious one is to measure the second-stage bootloader into PCR 9. The perhaps less expected one is to measure the contents of the MokList and MokSBState UEFI variables into PCR 14. This means that if you're happy simply running a system with your own set of signing keys and just want to ensure that your secure boot configuration hasn't been compromised, you can simply seal to PCR 7 (which will contain the UEFI Secure Boot state as defined by the UEFI spec) and PCR 14 (which will contain the additional state used by Shim) and ignore all the others.

  • Would you trust Intel, Vodafone, Siemens et al with Internet of Things security? You'll have to

    A new non-profit foundation dedicated to improving security in the "internet of things" launched on Wednesday.

    More than 30 companies including Intel, Vodafone, Siemens, and BT are the founding members of the foundation, whose mission is to "make the Internet of Things secure, to aid its adoption, and maximize its benefits."

    The IoTSF will focus on best practices and knowledge sharing. It will host a conference in London in December on IoT security.

  • Security wares like Kaspersky AV can make you more vulnerable to attacks

More in Tux Machines

Android Leftovers

Weston 10.0.1 - a bug-fix release

The latest release of Weston was made on February 1, 2022. Meanwhile, a few bugs were discovered and we decided to do a bug-fix release, which we haven't had in several years. Read more

Videos: Dwm, GTK5, and The Linux Experiment on Privacy

today's howtos

  • How to install IntelliJ IDEA Community on Pop!_OS 22.04 - Invidious

    In this video, we are looking at how to install IntelliJ IDEA Community on Pop!_OS 22.04.

  • How to install and configure Prometheus mysql exporter in linux

    The Prometheus Mysql exporter is a tool that periodically runs configured queries against a Mysql Server and exports the result as prometheus gauge metrics. It can be configured to collect MySQL metrics like queries per second (QPS) and InnoDB buffer pool size MySQL. Prometheus is an open-source software application used for event monitoring and alerting. It can be used along with a visualization tool like Grafana to easily create and edit dashboards, query, visualize, alert on, and understand your metrics. We will configure Prometheus to scrape MySQL Exporter metrics and optionally ship them.

  • How to install Friday Night Funkin' ONLINE VS on a Chromebook

    Today we are looking at how to install Friday Night Funkin' ONLINE VS on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • How to Annotate Screenshots in Linux With Pensela

    Capturing and annotating screenshots effectively requires the right software. Depending on your requirements, Linux has a wide selection of tools for this purpose. However, not all of them include the essential screenshot functions.

  • The role of name resolution in networking

    Name resolution is the process of associating names and IP addresses, and it's one of the most essential services on a network. People understand descriptive names, but network communications require difficult-to-remember addresses. While it's simple enough for network administrators to connect to webserver3, a computer needs the destination server's IP address to establish communications. This article explains network host identities and the DNS name resolution process. The next two articles in this series cover troubleshooting from the perspective of both clients and DNS servers.

  • Write with a little help from a stylish friend
  • How Can Containers Help You Use Microservices in DevOps? - Container Journal

    For many companies today, containers and microservices are both becoming a normal part of the industry landscape. According to a global survey put out by Statista in 2021, 19% of enterprise organizations today say they are already utilizing containers to achieve their business goals, while 92% of respondents claim microservices to be a success factor. That said, containers and microservices are not the same—and will ultimately affect the success of DevOps teams in different ways.

  • TrueNAS SCALE is a brilliant Network Attached Storage solution with a slight learning curve | TechRepublic

    Your business or family probably uses something akin to Google Drive to store files and folders. That makes perfect sense, given how everyone needs ready access to data at all times. But there are some pieces of data you don’t want to be housed by a third-party service, such as sensitive information you don’t want to risk becoming public. When you have such information, or simply want easy access to file storage within your LAN, you should turn to open-source solutions such as TrueNAS.

  • How to Split Large Text File into Smaller Files in Linux

    Linux has several utilities for breaking down large files into small files. Split and csplit are two of the popular commands which are used for this purpose. These utilities will help to break down big log files and even archive files to make it into a smaller size. This will make it convenient to split large files into smaller sizes so that it fits on smaller media storage devices like USB to meet our purpose. By this technique, we can even speed up network file transfers, because parallel transfers of small files are usually faster.