Navigation

Language Selection

Search

Security Leftovers

Submitted by Roy Schestowitz on Thursday 12th of November 2015 10:57:48 AM Filed under

Security

Security advisories for Wednesday
Your Unhashable Fingerprints Secure Nothing

Passwords are crap. Nobody picks good ones, when they do they re-use them across sites, and if you use even a trustworthy password manager, they’ll get hacked too. But you know what’s worse than a password? A fingerprint. Fingerprints have enough problems with them that they should never be used anywhere a password would be.

Passwords are supposed to be secret, like the name of your childhood pet. In contrast, you carry your fingers around with you out in the open nearly everywhere you go. Passwords also need to be revocable. In the case that your password does get revealed, it’s great to be able to simply pick another one. You don’t want to have to revoke your fingers. Finally, and this is the kicker, you want your password to be hashable, in order to protect the password database itself from theft.
Linux Ransomware Debut Fails on Predictable Encryption Key
Israel’s Cymmetria, Which Deceives Hackers, Raises $9 Million

Cymmetria Inc., an Israeli start-up whose software lures hackers into cyber traps within organizations’ networks has raised around $9 million, the latest sign that investors are flocking to one of cyber-security’s hottest trends: deceiving hackers and catching them red handed.

The Tel Aviv-based cyber-security firm makes decoy servers which simulate an organization’s real networks without jeopardizing operations or giving away real data.
Growing Scope of Ransomware
Ransomware takes evolutionary step and targets websites
Ransomware meets Linux - on the command line!
Linux web servers targeted in new ransomware scam
sNew ransomware targets Linux administrators
Decryption Tool Foils Linux Server Ransomware Attacks
Six WordPress Plugins Vulnerable
evolution of seccomp

So, yes, Linux “could match this API on seccomp”. It’d just take some extensions to libseccomp to implement pledge(), as I described at the top. With OpenBSD doing a bunch of analysis work on common programs, it’d be excellent to see this usable on Linux too. So far on Linux, only a few programs (e.g. Chrome, vsftpd) have bothered to do this using seccomp, and it could be argued that this is ultimately due to how fine grained it is.

Login or register to post comments
Printer-friendly version
2245 reads
PDF version

More in Tux Machines

today's howtos

Steinar H. Gunderson - Speeding up Samba AD

One Weird Trick(TM) for speeding up a slow Samba Active Directory domain controller is seemingly to leave and rejoin the domain. (If you don't have another domain controller, you'll need to join one in temporarily.) Seemingly, not only can you switch to LMDB (which has two fsyncs instead of eight on commit—which matters a lot, especially on non-SSDs, as the Kerberos authentication path has a blocking write to update account statistics), but you also get to regenerate the database, giving you the advantage of any new indexes since last upgrade.
How to Change File Extensions on Linux

File extensions help both operating systems and users distinguish between different file formats and understand the contents stored inside them. When you see a file with the ".txt" extension, you instantly know it contains text data. Similarly, ".exe" file is a Windows executable and ".sh" files are Linux shell scripts. But what if you want to change these extensions for some reason? Perhaps you need to rename a text file to a Bash script. Simply writing the code in a text file won't do the job. On Linux, changing file extensions is much easier than you might think.
How to Install and Set up PostgreSQL Database on Ubuntu 22.04 LTS (Jammy Jellyfish) – LinuxWizardry

PostgreSQL is a free and open-source relational database management system that allows both SQL and JSON querying. With over 30 years of active development, it has gained a solid reputation for its reliability, data integrity, extensibility, ACID compliance, and robust features. It allows you to create your own data types, define custom functions, and write different programming language codes without recompiling your database. It is compatible with all major operating systems including Windows, Linux/UNIX, Mac OS, IRIX, Solaris, etc. This tutorial will teach you how to install and set up PostgreSQL on the Ubuntu system.
How To Install PlayOnLinux on Ubuntu 22.04 LTS - idroot

In this tutorial, we will show you how to install PlayOnLinux on Ubuntu 22.04 LTS, as well as some extra required packages by PlayOnLinux
Setting Up Environment Variables on Ubuntu – TecAdmin

An environment variable contains a value, that is used to change the behaviors of the processes at run time. Similar to the other operating systems, we can also set the environment variables on a Ubuntu system.
How to Hide Lock Screen option from System Menu in Ubuntu 22.04 | UbuntuHandbook

Want to hide the lock screen option from the upper-right corner system menu? Here’s how to do the trick in Ubuntu 22.04 LTS. For Ubuntu, Fedora and other Linux with GNOME desktop, the screen lock can be disabled either totally or only from the system menu.

Free, Libre, and Open Source Software

Rygel is an open-source free UPnP Media Server

Rygel is released under the LGPL-2.0 License
Habitica is more than a gamified habit tracker app, it is an RPG game

Code is GPL v3 licensed: This Source Code is subject to the terms of the GNU General Public License, v. 3.0.
Citybound is an open-source city sim game with Rust

Citybound is released under the AGPL-3.0 License.
Skytable is a NoSQL real-time Database built with Rust

This project is licensed under the AGPL-3.0 License.
DigitalOcean Functions Expands the Serverless Cloud Landscape

DigitalOcean Functions brings new open-source-based serverless capabilities to the growing cloud provider that targets SMBs.

Ole Aamoton GNOME Voice, GNOME Radio, and Gingerblue

Voice 0.0.4 for GNOME 42

Voice will let you listen to and share short, personal and enjoyable Voicegrams via electronic mail and on the World Wide Web by GNOME executives, employees and volunteers. Xiph.org Ogg Vorbis is a patent-free audio codec that more and more Free Software programs, including GNOME Voice (https://www.gnomevoice.org/) have implemented, so that you can listen to Voicegram recordings with good/fair recording quality by accessing the Voicegram file $HOME/Music/GNOME.ogg in the G_USER_DIRECTORY_MUSIC folder in Evolution or Nautilus.
Radio 16.0.43 for GNOME 42 (gnome-radio) – Ole Aamot

New stations in GNOME Radio version 16.0.43 is NRK Folkemusikk (Oslo, Norway), NRK P1+ (Oslo, Norway), NRK P3X (Oslo, Norway), NRK Super (Oslo, Norway), Radio Nordfjord (Nordfjord, Norway), and Radio Ålesund (Ålesund, Norway).
Gingerblue 6.0.1 with Immediate Ogg Vorbis Audio Encoding

Gingerblue 6.0.1 is Free Music Recording Software for GNOME available under GNU General Public License version 3 (or later) that now supports immediate Ogg Vorbis audio recordings in compressed Ogg Vorbis encoded audio files stored in the $HOME/Music/ folder. https://download.gnome.org/sources/gingerblue/6.0/gingerblue-6.0.1.tar.xz

GUADEC 2022 Conference Takes Place July 20–25 in Guadalajara, Mexico, for GNOME 43

GUADEC 2022 is the first in-person GUADEC event in the last two years due to the COVID-19 pandemic and associated traveling restrictions and health safety measures, and it also marks GNOME’s 25th anniversary.

Latest News

today's leftovers

Coffee Lake based rugged PC offers flexible display support and extensive storage capacity

Taiwan based Cincoze, released a compact and robust PC that is powered by 9/8th Gen Intel Core CPUs (i7, i5, i3) and up to 128GB of DDR4 memory. The company claims the DV-1000 PC has a footprint of half a sheet of an A4 paper but it packs several interfaces to meet demands in industrial, robotics, in-vehicle computing and many other applications. For storage options, the DV-1000 includes one SATA tray, two mSATA slots, one M.2 Key M 2280 slot for NVMe SSD. In addition to supporting legacy displays such as two VGA ports, the rugged PC provides one DisplayPort and one HDMI port.
Save session at any time

In that scenario, could only save the session at shutdown. Which I was not entirely happy with. If doing some important work that don't want to lose, having to reboot just to save the session, is not satisfactory.
Linux Plumbers Conference Refereed-Track Deadlines

The proposal deadline is June 12, which is right around the corner. We have excellent submissions, for which we gratefully thank our submitters! For the rest of you, we do have one problem, namely that we do not yet have your submission. So please point your browser at the call-for-proposals page and submit your proposal. After all, if you don’t submit it, we won’t accept it!
Bitcoin Core

There is a new application available for Sparkers: Bitcoin Core
raku & rust: a romance? – Physics::Journey

Rust is blazingly fast and memory-efficient: with no runtime or garbage collector, it can power performance-critical services, run on embedded devices, and easily integrate with other languages. Rust continues the spirit of C with emphasis on code safety and performance with a compiled approach. Raku is an open source, gradually typed, Unicode-ready, concurrency friendly programming language made for at least the next hundred years. Raku continues the spirit of Perl with interpreter-like code generation (actually on MoarVM), one-liners, shell-centric, lightweight objects and expressiveness to get code up and running fast.

Using GNU/Linux Like It's Windows

Newest Version of Systemd Includes Experimental Feature for A/B-Style Updating
SystemD Is Being "Forced" Upon Us (Myth Busted!) - Invidious

I keep seeing the systemd haters spouting their nonsense on the Internet.
Setup Windows EXE on Linux - Invidious

Using Windows Setup EXEs can be difficult on Linux. This shows you how to do that with a variety of different Windows programs and how to interface with existing programs.
New malware for Windows Subsystem for Linux steals browser auth cookies [Ed: This is a Windows issue, not a "Linux" issue, but Microsoft-connected sites spin it like this]

Builder GTK 4 Porting, Part V

Small changes here and there for template-glib to cover more cases for us in our keybindings effort. Improved type comparisons, fixed some embarrassing bugs, improved both GObject Introspection and GType method resolution. Had some interesting talks with Benjamin about expression language needs within GTK and what things I’ve learned from Template-GLib that could be extracted/rewritten with a particular focus on continuously-evaluating-expressions. Also: Aman Kumar: Beginning my GSoC'22 journey with GNOME

Syndication & Social Media

Follow the site via RSS/Twitter.

Full RSS:

RSS feeds for particular topics are also available

Twitter:

Content (where original) is available under CC-BY-SA, copyrighted by original author/s.

Support Tux Machines

Help Support TM
Wall of Appreciation

Gizmoz

FOSSMint

Debug Point

LXer

UbuntuBuzz

SparkyLinux

Linux Journal

Linux Today

System 76

Pop!_OS 22.04 LTS has landed!

Kernel Planet

Purism

LinuxSecurity.com Advisories

Debian

It's FOSS

OMG! Ubuntu!

GamingOnLinux

Slashdot

DW Latest Releases

DistroWatch

More on Tux Machines: About ● Gallery ● Forum ● Blogs ● Search ● News ● RSS Feed

Part of Bytes Media ● Sister sites below.

FSF

Ubuntu Buzz

LinuxLinks

Content available under CC-BY-SA

Navigation

Language Selection

Search

Tux Machines Section/s

Authors Information

LWN

Active forum topics

Collabora

9to5Linux

Gnu Planet

FOSS Force

FOSSLinux

Phoronix

OpenSource.com

Kde Planet

Fedora Magazine

Mozilla