Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Hackers use Microsoft security tool to pwn Microsoft security tool

    FireEye security wonks Abdulellah Alsaheel and Raghav Pande have twisted the barrels of Microsoft's lauded EMET Windows defence gun 180 degrees and fired.

    The result of their research is p0wnage of the enhanced mitigation toolkit so that instead of defending Windows it attacks it.

    The attacks the pair found affect older versions of Windows which rely on EMET for modern defences like address space layout randomisation and data execution prevention.

  • Is Linux Really as Secure as You Think It Is?

    Security is an important topic on everyone’s minds in today’s highly-technological world. With all of the security news that pops up on almost a daily basis, trying to be aware of the choices you make can make a big difference. Linux is often touted as the most secure operating system you can get your hands onto, but is this reputation deserved?

  • A Fedora Distribution download primer

    With the fresh news of a compromise in the Linux Mint distribution images, I thought I would take a few minutes to explain how Fedora handles image downloads and what you can do as an end user to make sure you have the correct and official Fedora images.

  • Mousejack: Hacking Computers Via Your Mouse With 15 Lines Of Code And Radio Dongle
  • How Criminals Could Hijack Wireless Mice to Hack Computers from Afar

    Wireless computer mice give users the convenience of not having to deal with cumbersome wires and cables. But they might also open up the door for malicious hackers to get a way into their computers, researchers warn.

    A flaw in the way several popular models of wireless mice and their corresponding receivers, the sticks or “dongles” that plug into a USB port and transmit data between the mouse and the computer, handle encryption could leave “billions” of computers vulnerable to hackers, security firm Bastille warned on Tuesday.

  • Child tracking firm calls out security researcher on 'hack'

    A CHILD MONITORING COMPANY is mad as heck at a security researcher for highlighting a security problem without asking its consent first. Or something.

    The company in question is uKnowkids and its target is a chap called Chris Vickery, a security researcher. His crime? Security research.

    uKnowKids.com is a kind of virtual Mary Poppins. It does not put children in danger, like Mary Poppins, but it does look out for them and keep an eye on what they do by monitoring their communications and stuff.

    We imagine that in some circumstance it has got some children in trouble. This week it is getting an older person in trouble, and accusing a security researcher of hacking as opposed to security researching.

  • URL shortening – are these services now too big a security risk to use?

    Spammers and malware pushers are still heavily abusing URL shortening services, messaging security firm Cloudmark has reported in its 2015 annual security report (reg required). The popular Bit.ly service has recently become a particular favourite with criminals with 25,000 individual malicious links run though that service every single day in recent times. This sounds alarming but it gets worse. According to the firm, this meant that an extraordinary 97 percent of Bit.ly links now led to malicious websites.

More in Tux Machines

today's leftovers

  • 20 Years of LWN
    Back in mid-1997, your editor (Jonathan Corbet) and Liz Coolbaugh were engaged in a long-running discussion on how to trade our nice, stable, reliably paying jobs for a life of uncertainty, poverty, and around-the-clock work. Not that we thought of it in those terms, naturally. We eventually settled on joining Red Hat's nascent "support partner" program; while we were waiting for it to get started, we decided to start a weekly newsletter as a side project — not big and professional like the real press — to establish ourselves in the community. Thus began an amazing journey that has just completed its 20th year. After some time thinking about what we wanted to do and arguing about formats, we published our first edition on January 22, 1998. It covered a number of topics, including the devfs controversy, the pesky 2GB file-size limit on the ext2 filesystem, the use of Linux on Alpha to render scenes in the film "Titanic", the fact that Red Hat had finally hired a full-time quality-assurance person and launched the Red Hat Advanced Development Labs, and more. We got almost no feedback on this issue, though, perhaps because we didn't tell anybody that we had created it.
  •  
  • EzeeLinux Show 18.4 | Ubuntu 17.10 Revisited
    Canonical revised Ubuntu 17.10 with the new 17.10.1. Time to take another look…
  • PodCTL #22 – Highway to Helm
    One of the reasons that Kubernetes has gained so much traction in the marketplace is because it is flexible enough to allow innovation to happen all around the core APIs. One area where that has happened is in application package management, specifically with the Helm project.
  • LibreELEC Linux OS Will Get Meltdown and Spectre Patches with Next Major Release
    The development team behind the Kodi-based LibreELEC (Libre Embedded Linux Entertainment Center) open-source HTPC operating system for embedded systems and PCs released LibreELEC 8.2.3. LibreELEC 8.2.3 is the third maintenance update to the LibreELEC 8.2 "Krypton" series of the Just enough Operating System (JeOS), which is based on the Kodi 17 "Krypton" open-source and cross-platform media center. It's here a month after the LibreELEC 8.2.2 point release to address a few issues.
  • openSUSE 42.2 to Reach End-of-Life This Week
    The minor release of openSUSE Leap 42.2 will reach its End-of-Life (EOL) this week on Jan. 26. The EOL phase ends the updates to the operating system, and those who continue to use EOL versions will be exposed to vulnerabilities because these discontinued versions no longer receive security and maintenance updates; this is why users need to upgrade to the newer minor; openSUSE Leap 42.3. “We are very pleased with the reliability, performance and longevity of Leap,” said openSUSE member Marcus Meissner. “Both the openSUSE community and SUSE engineers have done a fantastic job with security and maintenance of the Leap 42 distribution; users can be confident that their openSUSE operating system is, and will continue to be, receiving bug fixes and maintenance updates until its End-of-Life.”
  • French Gender-Neutral Translation for Roundcube
    Here's a quick blog post to tell the world I'm now doing a French gender-neutral translation for Roundcube.
  •  
  • This Oil Major Has a Supercomputer the Size of a Soccer Field
    Big Oil is now Big Tech. So big, in fact, that Eni SpA’s new supercomputer is the size of a soccer field. In the multimillion-dollar pursuit of the world’s most powerful computers, the Italian explorer says it’s taken the lead. Its new machine, located outside Milan, will scan for oil and gas reservoirs deep below the Earth over thousands of miles. “This is where the company’s heart is, where we hold our most delicate data and proprietary technology,” Eni Chief Executive Officer Claudio Descalzi said in an interview on Thursday.

Compilers and CLI: LLVM, GCC and Bash

KDE/GNOME: Usability and Productivity, Krita Interview, GNOME Builder

  • This week in Usability and Productivity, part 2
    This is your weekly status update for the KDE community’s progress in the Usability and Productivity initiative. KDE contributors have been busy, and here’s a sampling of features, improvements, and bugfixes relevant to the initiative that KDE developers landed over the past week-and-a-half...
  • Interview with Baukje Jagersma
    How and when did you get to try digital painting for the first time? Probably when I first discovered Deviantart. I was already familiar with GIMP, which I used to create photo-manipulations with. But seeing all the amazingly talented artists on there made me want to try out digital painting for myself.
  • Builder happenings for January
    I’ve been very busy with Builder since returning from the holidays. As mentioned previously, we’ve moved to gitlab. I’m very happy about it. I can see how this is going to improve the engagement and communication between our existing community and help us keep new contributors. I made two releases of Builder so far this month. That included both a new stable build (which flatpak users are already using) and a new snapshot for those on developer operating systems like Fedora Rawhide.

KDE/GNOME: Usability and Productivity, K

  • This week in Usability and Productivity, part 2
    This is your weekly status update for the KDE community’s progress in the Usability and Productivity initiative. KDE contributors have been busy, and here’s a sampling of features, improvements, and bugfixes relevant to the initiative that KDE developers landed over the past week-and-a-half...
  • Interview with Baukje Jagersma
    How and when did you get to try digital painting for the first time? Probably when I first discovered Deviantart. I was already familiar with GIMP, which I used to create photo-manipulations with. But seeing all the amazingly talented artists on there made me want to try out digital painting for myself.
  • Builder happenings for January
    I’ve been very busy with Builder since returning from the holidays. As mentioned previously, we’ve moved to gitlab. I’m very happy about it. I can see how this is going to improve the engagement and communication between our existing community and help us keep new contributors. I made two releases of Builder so far this month. That included both a new stable build (which flatpak users are already using) and a new snapshot for those on developer operating systems like Fedora Rawhide.