Security: OpenBSD, FUD and More
-
OpenBSD Disabling SMT / Hyper Threading Due To Security Concerns
Security oriented BSD operating system OpenBSD is making the move to disable Hyper Threading (HT) on Intel CPUs and more broadly moving to disable SMT (Simultanious Multi Threading) on other CPUs too.
Disabling of Intel HT and to follow with disabling SMT for other architectures is being done in the name of security. "SMT (Simultanious Multi Threading) implementations typically share TLBs and L1 caches between threads. This can make cache timing attacks a lot easier and we strongly suspect that this will make several spectre-class bugs exploitable. Especially on Intel's SMT implementation which is better known as Hypter-threading. We really should not run different security domains on different processor threads of the same core."
OpenBSD could improve their kernel's scheduler to workaround this, but given that is a large feat, at least for now they have decided to disable Hyper Threading by default.
Those wishing to toggle the OpenBSD SMT support can use the new hw.smt sysctl setting on OpenBSD/AMD64 and is being extended to cover CPUs from other vendors and architectures.
-
Linux malware threats - bots, backdoors, trojans and malicious apps [Ed: Ignoring back doors in Windows and other proprietary platforms to instead focus on malicious software one actually needs to install on one's machine or choose a trivial-to-guess password (when there are open ports)]
-
Does Open Source Boost Security? Hortonworks Says Yes
Organizations are best served security-wise if they favor and adopt open source technology — especially enterprise open source — over proprietary alternatives, according to Hortonworks. However, not everybody agrees that open source software intrinsically is more secure.
It’s tough to argue that open source hasn’t brought significant benefits to the IT industry and the tens of thousands of organizations that rely on IT products to automate their operations. Starting with the introduction of Linux in the late 1990s, major swaths of the tech industry have shifted to open source development methodologies. That includes the vast majority of the big data ecosystem, which has been largely bootstrapped by various Apache Software Foundation projects.
-
Don't Neglect Open Source Security [Ed: Well, if you have chosen proprietary software, then you have already given up on security altogether. With FOSS there's at least control and hope.]
-
How to build a strong DevSecOps culture: 5 tips [Ed: Red Hat is still promoting dumb buzzwords that help employers overwork their staff]
-
A Framework to Strengthen Open Source Security and Compliance [Ed: Firms that profit from perceived insecurity of FOSS push so-called 'white papers' into IDG]
- Login or register to post comments
- Printer-friendly version
- 2413 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago