Language Selection

English French German Italian Portuguese Spanish


Wireshark 2.2

Filed under
  • Wireshark 2.2 Released

    Wireshark 2.2 features "Decode As" improvements, the various UIs now support exporting packets as JSON, there is new file format decoding support, and a wide range of new protocol support. New protocol coverage includes Apache Cassandra, USB3 Vision Protocol, USIP protocol, UserLog protocol, Zigbee Protocol Clusters, Cisco ttag, and much more.

  • Wireshark 2.2.0 Is Out as the World's Most Popular Network Vulnerability Scanner

    Today, September 7, 2016, the development team behind the world's most popular network protocol analyzer, Wireshark, proudly announced the release of a new major stable version, namely Wireshark 2.2.

    After being in development for the past couple of months, Wireshark 2.2.0 has finally hit the stable channel, bringing with it a huge number of improvements and updated protocols. For those of you who never heard of Wireshark, we want to remind them that it's an open-source network vulnerability scanner used by security researchers and network administrators for development, analysis, troubleshooting, as well as education purposes.

Security News

Filed under
  • New release: usbguard-0.6.0

    Another milestone behind us. The 0.6.0 release brings the promissed CentOS/RHEL 7 compatibility. This means that our Copr EPEL-7 repository as well as Fedora’s EPEL-7 repository will now provide the latest versions of USBGuard. Check it out!

    One more very good piece of news is that USBGuard was accepted in Debian and is available in Sid (unstable). A big thanks goes to Muri Nicanor and others involved in this packaging effort!

  • StartSSL customers, it is time to leave. Now!

    While listening to the Security Now podcast, I have listened first with amusement then with horror to Steve reading email from Mozilla about the security problems with WoSign CA.

    Their list of woes is long, read the linked email for details, but one thing turned up during the email which I was not aware of: StartCom (owner of the StartSSL certificate authority) was apparently recently bought by WoSign CA! Apparently one of the security bugs StartSSL has (had?) was that with properly modified POST request (yes, I guess you can do it in the Developer Tools of your Firefox) you can get certificate linked to the root ceritificate “CA 沃通根证书” (or “WoSign CA Free SSL Certificate G2” with another value of the parameter). Awesome!

    What’s even more interesting is that I am a paying customer of StartSSL CA and I have never been made aware of the change of ownership. The only other mention of the possible change of ownership I found was on the Wikipedia page, which linked to the blogpost, which is now unavailable due to “legal review of the site” […]. Even better!

  • Debian GNU/Linux Fixes Dangerous TCP Flaw In New Update
  • Why Security Performance Will be Key in NFV

    There is growing evidence that the data center is driving toward a more software-centric security model that will be core to network functions virtualization (NFV) and software-defined networking (SDN) technology. This new model means that security performance in NFV will be key.

  • How to enable server-side encryption in Nextcloud

    Out of the box, Nextcloud servers do not run with server-side encryption. Follow these steps to enable an extra layer of security for Nextcloud.

  • Umbreon rootkit targets Linux on x86, ARM [Ed: nonsensical marketing hype from Trend Micro]
  • Pokemon Themed 'Umbreon' Rootkit Hides In Linux Systems
  • Taking umbrage at Umbreon, the Linux rootkit that likes to hide
  • Linux rootkit, named for Pokémon's Umbreon, targets Linux

Calamares 2.4 Universal Linux Installer Gets Its First Point Release to Fix Bugs

Filed under

The Calamares team announced recently the availability of the first point release to the new stable series of the distribution-independent system installer used in many GNU/Linux distributions, Calamares 2.4.

Read more

Security News

Filed under
  • Security advisories for Monday
  • Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86 [Ed: IDG covers this nonsense from Trend Micro (not a real risk, just the name Pokémon for better headlines])
  • You can't weigh risk if you don't know what you don't know

    If any of us have ever been in a planning meeting, a variant of this has no doubt come up at some point. It came up for me last week, and every time I hear it I think about all things we don't know we don't know. If you're not familiar with the concept, it works a bit like this. I know I don't know to drive a boat. But because I know I don't know this, I could learn. If you know you lack certain knowledge, you could find a way to learn it. If you don't know what you don't know, there is nothing you can do about it. The future is often an unknown unknown. There is nothing we can do about the future in many instances, you just have to wait until it becomes a known, and hope it won't be anything too horrible. There can also be blindness when you think you know something, but you really don't. This is when people tend to stop listening to the actual experts because they think they are an expert.

Security News

Filed under
  • Pokémon-inspired rootkit attacks Linux systems [Ed: Media hyping up "Linux" threat which requires 1) the cracker has access to the device. 2) cracker installs malware.]

    Provides backdoor and traffic-hiding capabilities.

    A new persistent stealthy malware that can give attackers full control over Linux servers has been discovered by researchers.

    Researcher Fernando Mercês with security vendor Trend Micro said the malware - a rootkit family - is named after a character in the Pokémon fantasy game called Umbreon.

    Umbreon is a dark Pokémon that hides in the night, an "appropriate characteristic for a rootkit," Mercês wrote.

  • Pokémon-loving VXer targets Linux with 'Umbreon' rootkit [Ed: More hysteria, now in British media, over something that's not a real risk, thanks to self promotion]
  • ,

  • LuaBot Is the First Botnet Malware Coded in Lua Targeting Linux Platforms [Ed: so don’t install malware]

    Unlike Mirai, which is the fruit of a two-year-long coding frenzy, LuaBot is in its early stages of development, with the first detection being reported only a week ago and a zero detection rate on VirusTotal for current samples.

  • Nearly 800,000 Brazzers Porn Site Accounts Exposed in Forum Hack [Ed: Remember Canonical having Ubuntu Forums cracked, twice, due to proprietary vBulletin? Well, vBulletin -- again.]

    Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach. Although the data originated from the company's separate forum, Brazzers users who never signed up to the forum may also find their details included in the dump.

    Motherboard was provided the dataset by breach monitoring site for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.)

    Troy Hunt, a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who confirmed a number of their details from the data.

Debian plugs Linux 'TCP snoop' bug

Filed under

Debian's maintainers have moved to plug the TCP snooping flaw that emerged in August 2016.

The bug, CVE-2016-5696, was spotted by University of California Riverside's Zhiyun Qian and his collaborators and published in August.

It enabled an attack against Linux (and Android) implementations of RFC 5961, which used challenge ACK packets to try and harden Linux. The implementation bug, present in the kernel since 2012, meant targets could be fooled into rate-limiting their challenge ACKs, letting an attacker work out sequence numbering when it resumed.

Read more

Security News

Filed under

Additional Information About Linux Foundation Breach

Filed under
  • Linux project mum after man indicted for 2011 breach

    The Linux Kernel Organisation, the non-profit that manages development of the kernel, is still reluctant to make any statement about a breach of its servers that took place more than five years ago, despite the fact that a man from South Florida has been charged with being responsible for the intrusion.

    The same man, named as Donald Ryan Austin by the US Attorney's Office in the Northern District of California, was also charged with gaining unauthorised access to the servers of the Linux Foundation, an organisation that employs Linux creator Linus Torvalds.

    Asked for a response to the development, senior kernel developer Greg Kroah-Hartman told iTWire: "The process is not complete yet, so sorry, I do not have any comment at this point in time."

  • Hacker behind Linux Kernel’s Mass Trojan Infection Arrested in Florida

    Cert-Bund, a German cyber security group estimated that a third of Linux computers in the U.S., and a tenth of those in the world that were checked, were in fact infected with the Trojan Austin had uploaded into the servers.

    After obtaining the credentials, he used them to make unauthorized changes to those servers by adding messages that automatically appeared when the servers rebooted. He also broke into a private email server of Linux Kernel Founder Peter Anvin, along with the Odin1, Zues1, and Pub3 servers.

Development Starts for Tails 2.6 Anonymous Live CD, Now Based on Tor

Filed under

The development team behind the Tails amnesic incognito live system project known to many as the Linux-based Live CD used by ex-CIA employee Edward Snowden to stay hidden and anonymous online, announced the release of Tails 2.6 RC1.

Read more

Syndicate content

More in Tux Machines

KNOPPIX 7.7.1 Distro Officially Released with Debian Goodies, Linux Kernel 4.7.9

Believe it or not, Klaus Knopper is still doing his thing with the KNOPPIX GNU/Linux distribution, which was just updated to version 7.7.1 to offer users the latest open source software and technologies. Read more

CentOS 6 Linux Servers Receive Important Kernel Security Patch, Update Now

We reported a couple of days ago that Johnny Hughes from the CentOS Linux team published an important kernel security advisory for users of the CentOS 7 operating system. Read more

Games for GNU/Linux

  • Why GNU/Linux ports can be less performant, a more in-depth answer
    When it comes to data handling, or rather data manipulation, different APIs can perform it in different ways. In one, you might simply be able to modify some memory and all is ok. In another, you might have to point to a copy and say "use that when you can instead and free the original then". This is not a one way is better than the other discussion - it's important only that they require different methods of handling it. Actually, OpenGL can have a lot of different methods, and knowing the "best" way for a particular scenario takes some experience to get right. When dealing with porting a game across though, there may not be a lot of options: the engine does things a certain way, so that way has to be faked if there's no exact translation. Guess what? That can affect OpenGL state, and require re-validation of an entire rendering pipeline, stalling command submission to the GPU, a.k.a less performance than the original game. It's again not really feasible to rip apart an entire game engine and redesign it just for that: take the performance hit and carry on. Note that some decisions are based around _porting_ a game. If one could design from the ground up with OpenGL, then OpenGL would likely give better performance...but it might also be more difficult to develop and test for. So there's a bit of a trade-off there, and most developers are probably going to be concerned with getting it running on Windows first, GNU/Linux second. This includes engine developers.
  • Why Linux games often perform worse than on Windows
    Drivers on Windows are tweaked rather often for specific games. You often see a "Game Ready" (or whatever term they use now) driver from Nvidia and AMD where they often state "increased performance in x game by x%". This happens for most major game releases on Windows. Nvidia and AMD have teams of people to specifically tweak the drivers for games on Windows. Looking at Nvidia specifically, in the last three months they have released six new drivers to improve performance in specific games.
  • Thoughts on 'Stellaris' with the 'Leviathans Story Pack' and latest patch, a better game that still needs work
  • Linux community has been sending their love to Feral Interactive & Aspyr Media
    This is awesome to see, people in the community have sent both Feral Interactive & Aspyr Media some little care packages full of treats. Since Aspyr Media have yet to bring us the new Civilization game, it looks like Linux users have been guilt-tripping the porters into speeding up, or just sending them into a sugar coma.
  • Feral Interactive's Linux ports may come with Vulkan sooner than we thought
  • Using Nvidia's NVENC with OBS Studio makes Linux game recording really great
    I had been meaning to try out Nvidia's NVENC for a while, but I never really bothered as I didn't think it would make such a drastic difference in recording gaming videos, but wow does it ever! I was trying to record a game recently and all other methods I tried made the game performance utterly dive, making it impossible to record it. So I asked for advice and eventually came to this way.

Leftovers: Software

  • DocKnot 1.00
    I'm a bit of a perfectionist about package documentation, and I'm also a huge fan of consistency. As I've slowly accumulated more open source software packages (alas, fewer new ones these days since I have less day-job time to work on them), I've developed a standard format for package documentation files, particularly the README in the package and the web pages I publish. I've iterated on these, tweaking them and messing with them, trying to incorporate all my accumulated wisdom about what information people need.
  • Shotwell moving along
    A new feature that was included is a contrast slider in the enhancement tool, moving on with integrating patches hanging around on Bugzilla for quite some time.
  • GObject and SVG
    GSVG is a project to provide a GObject API, using Vala. It has almost all, with some complementary, interfaces from W3C SVG 1.1 specification. GSVG is LGPL library. It will use GXml as XML engine. SVG 1.1 DOM interfaces relays on W3C DOM, then using GXml is a natural choice. SVG is XML and its DOM interfaces, requires to use Object’s properties and be able to add child DOM Elements; then, we need a new set of classes.
  • LibreOffice 5.1.6 Office Suite Released for Enterprise Deployments with 68 Fixes
    Today, October 27, 2016, we've been informed by The Document Foundation about the general availability of the sixth maintenance update to the LibreOffice 5.1 open-source and cross-platform office suite. You're reading that right, LibreOffice 5.1 got a new update not the current stable LibreOffice 5.2 branch, as The Document Foundation is known to maintain at least to versions of its popular office suite, one that is very well tested and can be used for enterprise deployments and another one that offers the latest technologies.