Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Monday
  • Gmail and a Can of Spam

    I am still trying to figure out the events that led to this intrusion. I’ve read almost everything there is to read on Google’s Gmail pages, without finding much. Google seems adamant about not giving-out one-on-one help, but maybe I just didn’t look long enough. On my own, I’ve evoked two step verification on my main email addresses, so that’s settled. But still…I’d like to figure out when and how this breach took place. What magic sequence of events happened to allow this?

    Did I mention I’m a security idiot? Yeah…I thought I did.

    It feels strange to again delve into antivirus and malware protection. I’ve been a smug, self-assured dummy when it comes to online threats and Linux in general. And while what happened can’t really be blamed on Linux per se, it happened in a Linux neighborhood, so I am going to arm myself against any and all malware comers

    Although I’m not above paying for good software, trying to discern what software is good and which is shiny junk can be a daunting challenge, especially in the Linuxsphere. In the tests I’ve studied over the past four days, ClamAV seems to be an online favorite, but they lack the one thing I am going to need on our Reglue kid’s computers: a friendly, useful graphical interface. I’m not going to tell an 11-year-old to drop to the command line to do anything, even if they do need to learn that the blinking prompt can make magic things happen. In time, I will teach them, but for now…. ClamAV failed the initial tests.

  • 602 Gbps! This May Have Been the Largest DDoS Attack in History

    Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one of the favorite weapon for hackers to temporarily suspend services of a host connected to the Internet.

    Until now, nearly every big website had been a victim of this attack, and the most recent one was conducted against the BBC's websites and Republican presidential candidate Donald Trump's main campaign website over this past holiday weekend.

  • How to Set up a Successful Bug Bounty Program [VIDEO]

    A bug bounty program is among the most impactful additions to a software security process. With a bug bounty program, security researchers submit reports on potential vulnerabilities, typically with the promise of a reward or "bounty" for their efforts.

More in Tux Machines

From ‘guix environment’ to ‘guix shell’

There are times when what looked like the right design choice some years back comes out as an odd choice as time passes. The beloved guix environment tool is having that fate. Its command-line interface has become non-intuitive and annoying for the most common use cases. Since it could not be changed without breaking compatibility in fundamental ways, we devised a new command meant to progressively replace it; guix shell—that’s the name we unimaginatively ended up with—has just landed after a three-week review period, itself a followup to discussions and hesitations on the best course of action. This post introduces guix shell, how it differs from guix environment, the choices we made, and why we hope you will like it. Read more

SUSE/OpenSUSE: Digest of YaST Development Sprints, SUSE Linux Enterprise Micro 5.1, and Documentation by Meike Chabowski

  • Digest of YaST Development Sprints 133 & 134

    Let us start by quoting our latest report: “regarding the management of users, we hope to report big improvements in the next blog post”. Time has indeed come and we can now announce we brought the revamped users management described in this monographic blog post to the last parts of YaST that were still not taking advantage of the new approach. The changes are receiving an extra round of testing with the help of the Quality Assurance team at SUSE before we submit them to openSUSE Tumbleweed. When that happens, both the interactive YaST module to manage users and groups and its corresponding command line interface (not to be confused with the ncurses-powered text mode) will start using useradd and friends to manage users, groups and the related configurations.

  • SUSE Linux Enterprise Micro 5.1 is Generally Available

    Today, we are proud to announce the release of SUSE Linux Enterprise Micro 5.1 – a lightweight and secure operating system built for containerized and virtualized workloads. [...] SLE Micro can be used as a single-node container host, Kubernetes cluster node, single-node KVM virtualization host or in public cloud. Since its built to scale, customers can incorporate SLE Micro into their digital transformation plans – whether at the edge or supporting edge deployments with mainframes – in a way that allows them to transition workload designs from monolithic to microservices, at their own pace. They can start with container workloads or virtualize their current legacy workloads, then move to containerized workloads when they are ready, with no change in the underlying system platform.

  • SUSE Expands Computing Possibilities Beyond the Edge with SUSE Linux Enterprise Micro 5.1
  • SUSE Expands Computing Possibilities Beyond the Edge with SUSE Linux Enterprise Micro 5.1
  • Document formats – There is choice [Ed: Meike Chabowski on formats of documentation files in SUSE]

    For publishing large documentation projects, DocBook is the ideal framework. It consists of a language (DocBook XML) and a set of stylesheets to translate this language into different output formats such as HTML, PDF, and EPUB. The stylesheets define the layout you want to apply when transforming the XML sources into output formats. For SUSE documentation, we wrote our own XSLT stylesheets to ensure the corporate design is properly reflected. The language DocBook XML is based on the eXtensible Markup Language (XML) and defines the content in a semantic way through elements like in HTML. DocBook itself is written as a schema that defines the element names and the content and where they can appear. The DocBook schema is used to fulfill two tasks: guided editing and validation. Guided editing is done via an XML editor (such as oXygen, Vim or Emacs). The editor reads in the DocBook schema and suggests which elements are allowed in the current context. Validation gives hints about structural errors in an XML document; this could, for example, be a missing element.

Authelia: Open-source SSO Single Sign-on for enterprise

Single Sign-on (SSO), is a technology that combines several app login screens into one single login. In contrast, it offers a session and user authentication service for a user to use a single login for many apps. Let us take Google as an example, soon as login into your Google Gmail account, you have access to all Google services like Google calendar, Google Drive, Developer account YouTube, and Google Play Store, and more other services. Read more

OVPN-Admin is a Simple Web UI to Manage OpenVPN Users

OVPN-Admin makes the administration of OpenVPN users, their certificates and routes quickly and easily by using a convenient web-based UI. OpenVPN is one of the most popular VPN protocols among VPN users. It’s both – a VPN protocol and software that uses VPN techniques to secure point-to-point and site-to-site connections. OpenVPN is an open source and free VPN option for those looking to protect their privacy. It uses the TLS/SSL protocol for key exchange and can travel through firewalls and NATs (Network Address Translators). However, the administration of the OpenVPN users requires certain level of skills with the Linux command line. Read more