Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • Hosted S/MIME by Google provides enhanced security for Gmail in the enterprise [Ed: It’s not end-to-end but end-to-Google i.e. end-to-NSA PRISM]

    We are constantly working to meet the needs of our enterprise customers, including enhanced security for their communications. Our aim is to offer a secure method to transport sensitive information despite insecure channels with email today and without compromising Gmail extensive protections for spam, phishing and malware.

  • Razer Core on Linux with Razer Blade Stealth and BIOS Mod
  • How Did Cybersecurity Become So Political?

    Less than a month before he was elected president, Donald Trump promised to make cybersecurity “an immediate and top priority for my administration.” He had talked about technology often on the campaign trail—mostly to attack Hillary Clinton for using a private email server when she was Secretary of State. But less than two weeks into his presidency, it’s Trump and his team who have struggled to plug important security holes, some of which are reminiscent of Clinton’s troubles.

  • New zero-day exploit affects current Windows versions

    A new zero-day exploit that affects current versions of Windows has been released on Github, according to an announcement from the Internet Storm Centre.

    Johannes Ullrich of the ISC said the exploit implemented an SMBv3 server and clients connecting to it would be affected.

    He said he had tested it with a fully patched Windows 10 machine and experienced a blue screen of death.

    "An attacker would have to trick the client to connect to this server. It isn't clear if this is exploitable beyond a denial of service," he wrote.

Security News

Filed under
Security

Tails and 64-bit Processors

Filed under
Security
Debian
  • Next major Tails release will require a 64-bit processor

    The popular Linux distribution, Tails OS, carries the following slogan on its website “privacy for anyone anywhere”. It seems, though, following some of the latest news from the project, this slogan isn’t exactly true. Beginning with Tails 3.0, users will need a 64-bit processor powering their computer.

  • Privacy-focused Linux-based operating system Tails 3.0 will drop 32-bit processor support

    If you find yourself needing an operating system that respects your privacy, you cannot go wrong with Tails. The live Linux-distro can be run from a DVD which is read-only, meaning there is less of a chance of files being left behind. Heck, Edward Snowden famously used it to protect himself when shining a light on the overreaching US government.

    Unfortunately for some users, Tails will soon not work on their computers. The upcoming version 3.0 of the operating system is dropping 32-bit processor support. While a decline in compatibility is normally a bad thing, in this case, it is good. You see, because there are so few 32-bit Tails users, the team was wasting resources by supporting them. Not to mention, 64-bit processors are more secure too.

Security Leftovers

Filed under
Security
  • Click Here to Kill Everyone

    With the Internet of Things, we’re building a world-size robot. How are we going to control it?

  • New open source project Trireme aims to secure containers

    A team made of former Cisco and Nuage Networks veterans has developed an open source project it released this week named Trireme that takes an application-centric approach to securing code written in containers.

  • An Introduction to the Shorewall Firewall Tool

    Linux is well known for being a highly secure platform. One of the reasons for said security is the Netfilter system. For those that don’t know, Netfilter is a framework, provided by the Linux kernel, that allows for various networking operations, such as packet filtering, network address translations, port translation, and the ability to block packets from reaching specific locations. For most distributions, Netfilter is implemented through the user-space application, iptables. Although many would agree that iptables is the most powerful security tool you can work with, along with that power comes a level of complexity that stumps many an IT administrator.

    That’s where the likes of Shorewall comes into play. Shorewall is an open source firewalling tool that not only makes the task of network security easier, it also allows for much easier handling of zones. Shorewall uses zones to define different portions of a network. Say, for instance, you want to create a private internal network that can only be accessed by specific machines, a guest network that can be accessed by anyone, a network dedicated to production machines, and a network that can be accessed from machines outside your Local Area Network (LAN). With Shorewall, you can easily do this.

Security News

Filed under
Security
  • Thursday's security advisories
  • The design of Chacha20

    Chacha20 is a secure, fast, and amazingly simple encryption algorithm. It's author Daniel J. Bernstein explains it well in his Salsa20 and Chacha20 design papers (which I recommend), but did not dwell on details experts already know. Filling the gap took me a while.

    Quick summary: Chacha20 is ARX-based hash function, keyed, running in counter mode. It embodies the idea that one can use a hash function to encrypt data.

  • Ransomware completely shuts down Ohio town government [iophk: “Microsoft = lost productivity”]

    These sorts of attacks are becoming more commonplace and, as mentioned before, can be avoided with good backup practices. Sadly not every computer in every hospital, county office or police department is connected to a nicely journaled and spacious hard drive, so these things will happen more and more. Luckily it improves cryptocurrency popularity as these small office finally give up and buy bitcoin to pay their ransom.

  • Windows DRM Social Engineering Attacks & TorBrowser

    HackerHouse have been investigating social engineering attacks performed with Digital Rights Management (DRM) protected media content. Attackers have been performing these attacks in the wild to spread fake codec installers since Microsoft introduced DRM to it’s proprietary media formats. Despite their prevalence we could not find many tools to misuse these formats. We found only a small number of blog posts [2] on identifying the files being used to spread malware. We observed some interesting behaviours during our analysis which we have shared here. DRM is a licensing technology that attempts to prevent unauthorised distribution and restrictive use of a media file. It works by encrypting the video and audio streams with an encryption key and requesting a license (decryption key) from a network server when the file is accessed. As it requires network connectivity it can cause users to make network requests without consent when opening a media file such as a video file or audio file. WMV is using Microsoft Advanced Systems Format (ASF) to store audio and video as objects. This file format consists of objects that are labelled by GUID and packed together to make a media package. A number of tools such as ffmpeg & ASFView support opening, viewing and browsing these objects. There are three objects with the following GUID’s which are of interest for these attacks.

Linux Kernel 3.12.70 Is a Big Patch with Over 220 Improvements, Security Fixes

Filed under
Linux
Security

Jiri Slaby is announcing the release of the 70th maintenance update to the long-term supported Linux 3.12 kernel series, which will be supported for a few more months in 2017.

Read more

Privacy-Focused Tails 2.10 Linux Includes Security Updates, New Tools

Filed under
Linux
Security

The Amnesic Incognito Live System, also known more simply as Tails, is a privacy-focused Linux distribution loaded with tools and features to help users stay somewhat anonymous on the internet. Tails first rose to prominence in 2013 as the Linux distribution used by U.S. National Security Agency (NSA) whistleblower Edward Snowden and reached the 1.0 milestone in April 2014. The latest Tails release is version 2.10, which became generally available Jan. 24, providing users with security patches and some incremental feature updates. Among the new features in the Tails 2.10 release is the Onion Share anonymous file-sharing tool. Staying anonymous online is a core element of Tails, thanks to the integration with the Tor (The Onion Router) network technology. Tor also is updated in the Tails 2.10 release, to version 0.2.9.9 and the included Tor Browser, which is based on Mozilla's Firefox, is updated to version 6.5. To help protect users against online tracking in advertisements, Tails 2.10 now includes the uBlock Origin plugin with the Tor Browser, replacing the AdBlock Plus plugin that had been in previous releases. This slide show examines the important features of the Tails 2.10 release.

Read more

Security News

Filed under
Security
  • Epic Fail: Linux Encryption App, Cryptkeeper, Has Universal Password "p"

    Cryptkeeper is a popular Linux encryption application that’s used to encrypt your valuable data. But, it’s not as safe as you think. A bug has was recently discovered that allows universal decryption using a single letter password “p.” Debian developer Simon McVittie has advised the dev team to take it out of Debian altogether.

  • AppArmor - or: Working for the enemy?

    Some weeks ago, someone asked on the opensuse-wiki mailinglist if it's acceptable to move documentation (in this case about Icecream) from the openSUSE wiki to the upstream repo on github.

  • Spotting vulnerabilities in your open source code [Ed: Inadequate title because the same issues occur in proprietary software and usually remain unfixed]

    ESET researchers have offered programmers a few tips for spotting vulnerable code and how to correct them before they make it into your system.

Security Leftovers

Filed under
Security

Security News

Filed under
Security

  • You're taking the p... Linux encryption app Cryptkeeper has universal password: 'p'

    Linux encryption app Cryptkeeper has a bug that causes it to use a single-letter universal decryption password: "p".

    The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem's command line interface: Cryptkeeper invokes encfs and attempts to enter paranoia mode with a simulated 'p' keypress – instead, it sets passwords for folders to just that letter.

  • Reproducible Builds: week 92 in Stretch cycle

    John Gilmore wrote an interesting mail about how Cygnus.com worked on reproducible builds in the early 1990s. (It's eye opening to see how the dealt with basically the very same problems we're dealing with today, how they solved them and then to realize that most of this has been forgotten and bit-rotted in the last 20 years. How will we prevent history repeating it)self here?)

  • MongoDB ransom attacks continue to plague administrators

    Earlier this month, Salted Hash reported on a surge in attacks against publicly accessible MongoDB installations.

    Since January 3, the day of that first report, the number of victims has climbed from about 200 databases to more than 40,000. In addition to MongoDB, those responsible for the attacks have started targeting Elasticsearch and CouchDB.

    No matter the platform being targeted, the message to the victim is the same; send a small Bitcoin payment to the listed address, or forever lose access to your files.

Syndicate content

More in Tux Machines

Leftovers: Gaming

Leftovers: Software

  • What's New in Deepin File Manager 1.4
    Deepin File Manager (DFM) reached version 1.4 at March 2017. Its a bugfix version, but very interesting as it brings many new features. The most noticeable changes are Settings dialog, new disk-space display, new "Format" option on disk storage, and new copying dialog. It's smoother now by having drop shadow on file/folder icons. DFM is much more beautiful and usable in this 1.4 version. Anyway, you can upgrade DFM to 1.4 on deepin OS, or in another distro (Manjaro DDE or Ubuntu).
  • Rock On: Deepin Music is Now Available as a Snap App on Ubuntu
    Deepin envy is a condition afflicting Linux users who like the look of Deepin Linux’s apps, but don’t want to switch entire distro to use then. And there’s finally a cure: Snaps. Snap apps allow applications to bundle in all of their dependencies, which makes it easy for apps that typically rely on a certain set of libraries to run on distributions where those libraries are not normally available (or are, but only through additional repos and installing all sorts of junk that conflicts with your current system).
  • Nord: Modern Design Color Theme Palette for Your Terminal
    Nord is a minimal flat design theme pattern created to enhance your work experience by improving focus and readability for code syntax highlighting and UI. It has 4 main colors namely Polar Night, Snow Storm, Frost, and Aurora, which are further partitioned into a total of 16 dimmed pastel. It has been used to style so many things including iTerm, Hyper Terminal, and Intelli J IDE, among others.
  • PeaZip 6.4 Open-Source Archiver Brings Support for P7ZIP 16.02, Tabbed Browsing
    The development team behind the open-source and multi-platform PeaZip archiver manager utility announced the release of PeaZip 6.4.0, an important update that brings new features and lots of improvements. PeaZip 6.4.0 comes one and a half months after the release of the version 6.3.1, and updates the backend to use p7zip 16.02 on 64-bit GNU/Linux platforms, as well as pea 0.61 for all supported operating systems. Under the hood, there are a bunch of fixes, performance improvements, and code cleanup.
  • GnuCash 2.6.16 Free Accounting Software Adds HiDPI Improvements, Bug Fixes
    The development team behind the GnuCash open-source and cross-platform accounting software announced the release and immediate availability of the sixteenth maintenance update to the 2.6 stable series. GnuCash 2.6.16 comes four months after the release of version 2.6.15, which means that it's also the first to launch in 2017. It also means that a lot of issues reported by users since then have been addressed, including the display of small reports on HiDPI screens, wrong menu entry in the "Tip of the Day" dialog, and much more.
  • Notepadqq – Source Code Editor for Linux
    Notepadqq is a free, an open source code editor and Notepad replacement, that supports several languages (100 languages supported) and helps developers to work more efficiently.
  • Fman is a Powerful Dual Pane File Manager
    If you’re looking for a dual-pane file manager available for Linux (or macOS or Windows) look no further than Fman. Fman is pitched as “modern file manager for power users”. It has a clean design, runs quickly, and its functionality can be extended through plugins.

Leftovers: OSS

  • Blockchain Startups Venture Beyond Bitcoin
    Bitcoin is the most widely-known example of blockchain-based technology, but many of today's startups are looking past the cryptocurrency and towards other, more business-friendly implementations. European blockchain startup incubator Outlier Ventures and Frost & Sullivan have mapped out the blockchain startup landscape, identifying several key areas of activity. It outlines possible paths to success following a busy year for blockchain investments.
  • Another Sandy Bridge Era Motherboard Now Supported By Coreboot
    The Sapphire Pure Platinum H61 is the latest motherboard to be supported by mainline Coreboot for replacing the board's proprietary BIOS.
  • OSI Welcomes the Journal of Open Source Software as Affiliate Member
    The Open Source Initiative® (OSI), a global non-profit organization formed to educate about and advocate for the benefits of open source software and communities, announced that the Journal Of Open Source Software (JOSS), a peer-reviewed journal for open source research software packages, is now an OSI affiliate member.
  • Open source project uses Docker for serverless computing
    Serverless computing has fast become a staple presence on major clouds, from Amazon to Azure. It’s also inspiring open source projects designed to make the concept of functions as a service useful to individual developers. The latest of these projects, called simply Functions as a Service (FaaS) by developer and Linux User contributor Alex Ellis, uses Docker and its native Swarm cluster management technology to package any process as a function available through a web API.
  • PyCharm 2017.1, MicroStrategy 2017.1, Next.js 2.0, and Ubuntu 17.04 final beta released — SD Times news digest: March 27, 2017
  • Open source JavaScript, Node.js devs get NPM Orgs for free
    The SaaS-based tool, which features capabilities like role-based access control, semantic versioning, and package discovery, now can be used on public code on the NPM registry, NPM Inc. said on Wednesday. Developers can transition between solo projects, public group projects, and commercial projects, and users with private registries can use Orgs to combine code from public and private packages into a single project.
  • Slaying Monoliths at Netflix with Node.js
    The growing number of Netflix subscribers -- nearing 85 million at the time of this Node.js Interactive talk -- has generated a number of scaling challenges for the company. In his talk, Yunong Xiao, Principal Software Engineer at Netflix, describes these challenges and explains how the company went from delivering content to a global audience on an ever-growing number of platforms, to supporting all modern browsers, gaming consoles, smart TVs, and beyond. He also looks at how this led to radically modifying their delivery framework to make it more flexible and resilient.
  • Mudlet, the open source MUD client has a new major stable build available
    I don't know how many of you play MUDs, but Mudlet, an open source cross-platform MUD client has hit version 3.0.

today's howtos