Security: WPA2, CVE-2017-15265, Fuzzing, Hyperledger
-
Fedora Dev Teaches Users How to Protect Their Wi-Fi Against WPA2 KRACK Bug
Former Fedora Project leader Paul W. Frields talks today about how to protect your Fedora computers from the dangerous WPA2 KRACK security vulnerability that affects virtually any device using the security protocol to connect to the Internet.
-
WPA2 was kracked because it was based on a closed standard that you needed to pay to read
How did a bug like krack fester in WPA2, the 13-year-old wifi standard whose flaws have rendered hundreds of millions of devices insecure, some of them permanently so?
Thank the IEEE's business model. The IEEE is the standards body that developed WPA2, and they fund their operations by charging hundreds of dollars to review the WPA2 standard, and hundreds more for each of the standards it builds upon, so that would-be auditors of the protocol have to shell out thousands just to start looking.
It's an issue that Carl Mamamud, Public Resource and the Electronic Frontier Foundation have been fighting hard on for years, ensuring that the standards that undergird public safety and vital infrastructure are available for anyone to review, audit and criticize.
-
Patch Available for Linux Kernel Privilege Escalation
The issue — tracked as CVE-2017-15265 — is a use-after-free memory corruption issue that affects ALSA (Advanced Linux Sound Architecture), a software framework included in the Linux kernel that provides an API for sound card drivers.
-
Linus Torvalds says targeted fuzzing is improving Linux security
Announcing the fifth release candidate for the Linux kernel version 4.14, Linus Torvalds has revealed that fuzzing is producing a steady stream of security fixes.
Fuzzing involves stress testing a system by generating random code to induce errors, which in turn may help identify potential security flaws. Fuzzing is helping software developers catch bugs before shipping software to users.
-
Devsecops: Add security to complete your devops process [Ed: more silly buzzwords]
-
Companies overlook risks in open source software [Ed: marketing disguised as "news" (and which is actually FUD)]
-
Q&A: Does blockchain alleviate security concerns or create new challenges?
According to some, blockchain is one of the hottest and most intriguing technologies currently in the market. Similar to the rising of the internet, blockchain could potentially disrupt multiple industries, including financial services. This Thursday, October 19 at Sibos in Toronto, Hyperledger’s Security Maven Dave Huseby will be moderating a panel “Does Blockchain technology alleviate security concerns or create new challenges?” During this session, experts will explore whether the shared nature of blockchain helps or hinders security.
- Login or register to post comments
- Printer-friendly version
- 3056 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago