Language Selection

English French German Italian Portuguese Spanish


Security: Purism, SLAPP, Windows Servers, Windows at SMBs and More

Filed under
  • Tamper-evident Boot Update: Making Heads More Usable

    We announced not too long ago that we have successfully integrated the tamper-evident boot software Heads into our Librem laptops. Heads secures the boot process so that you can trust that the BIOS and the rest of the boot process hasn’t been tampered with, but with keys that are fully under your control.

    Heads is cutting edge software and provides a level of security beyond what you would find in a regular computer. Up to this point though, its main user base are expert-level users who are willing to hardware flash their BIOS. The current user interface is also geared more toward those expert users with command-line scripts that make the assumption that you know a fair amount about how Heads works under the hood.

  • Keeper Security Reminds Everyone Why You Shouldn't Use It; Doubles Down On Suing Journalist

    Back in December, we wrote about a blatant SLAPP suit filed by Keeper Security against Ars Technica and its reporter Dan Goodin. Keeper makes a password manager product, and Goodin wrote an article, based on a flaw discovered by Google's Tavis Ormandy. The flaw impacted the browser extension that works with Keeper's application. Keeper took offense to certain elements of the article, and in particular to the idea that Microsoft had forced people to install the flawed software (since the flaw was actually in the browser extension, which is optional). Keeper Security also felt that the article implied that users of its software were vulnerable to a broad attack that put their passwords at risk, when the details suggested it was a more narrow (but still pretty bad) flaw that would require a specific set of circumstances to expose passwords, and there was no evidence that such a set of circumstances existed.

  • New cryptojacking attack uses Redis and NSA exploits to infect machines

    After the script completed the Redis scan, it launches another scan process named “”. This time the new process uses the masscan tool to discover and infect publicly available Windows servers with the vulnerable SMB version.

  • Cyberattack risks mounting for Aussie SMBs: report

    It’s only a matter of time before Australian small businesses are hit hard by a cybersecurity attack but there are things they can do to protect themselves, according to a newly published security report.

  • Stack-register Checking

    Recently, Theo de Raadt (deraadt@) described a new type of mitigation he has been working on together with Stefan Kempf (stefan@)...

Security Leftovers

Filed under

Security: Updates, DDOS. US and Election

Filed under
  • Security updates for Thursday
  • It just got much easier to wage record-breaking DDoSes

    Now, two separate exploits are available that greatly lower the bar for waging these new types of attacks. The first one, called Memcrashed, prompts a user to enter the IP address to be targeted. It then automatically uses the Shodan search engine to locate unsecured memcached servers and abuses them to flood the target. Here's a screenshot showing the interface: [...]

  • Push to bolster election security stalls in Senate

    But Lankford on Wednesday was forced to table an amendment to a bill moving through the Senate that was aimed at improving information-sharing between federal and state election officials on election cyber threats. State officials objected to the amendment.

  • Senate committee approves bill reorganizing Homeland Security’s cyber office

    A key Senate panel on Wednesday advanced legislation to reauthorize the Department of Homeland Security (DHS) that includes a measure reorganizing the department’s cybersecurity wing.

    The bill includes language that would reorganize and rename the office within the department that protects federal networks and critical infrastructure from physical and cyber threats, currently known as the National Protection and Programs Directorate (NPPD). Under the legislation, the entity would be transformed into an operational agency called the Cybersecurity and Infrastructure Security Agency.

Security: Calling Cisco "Linux", DDoS Due to Bug, and Already Fixed Exim Bug

Filed under

Security: Updates, Windows, Apple, and FUD

Filed under

Security Leftovers

Filed under
  • A few things I've learned about computer networking


    But I thought it could maybe be useful to list a bunch of concrete skills and concepts I’ve learned along the way. Like anything else, “computer networking” involves a large number of different concepts and skills and tools and I’ve learned them all one at a time. I picked most of these things up over the last 4 years.

  • Making security sustainable

    Perhaps the biggest challenge will be durability. At present we have a hard time patching a phone that’s three years old. Yet the average age of a UK car at scrappage is about 14 years, and rising all the time; cars used to last 100,000 miles in the 1980s but now keep going for nearer 200,000. As the embedded carbon cost of a car is about equal to that of the fuel it will burn over its lifetime, we just can’t afford to scrap cars after five years, as do we laptops.

  • US senator grills CEO over the myth of the hacker-proof voting machine

    Zetter unearthed a 2006 contract with the state of Michigan and a report from Pennsylvania's Allegheny County that same year that both showed ES&S employees using a remote-access application called pcAnywhere to remotely administer equipment it sold.

Plasma 5.12.3 bugfix updates available for 17.10 backports PPA

Filed under

Users of Kubuntu 17.10 Artful Aardvark can now upgrade via our backports PPA to the 3rd bugfix release (5.12.3) of the Plasma 5.12 LTS release series from KDE.

(Testers of 18.04 Bionic Beaver will need to be patient as the Ubuntu archive is currently in Beta 1 candidate freeze for our packages, and but we hope to update the packages there once the Beta 1 is released)

The full changelog of fixes for 5.12.3 can be found here.

Read more

Security: DDoS, Reproducible Builds, and Microsoft Word

Filed under
  • Hackers Set New DDoS World Record: 1.7 Tbps

    Not even a week has passed since the code sharing platform GitHub suffered the world’s biggest DDoS attack recorded at 1.35Tbps. Just four days later, the world record of the biggest DDoS has been broken in an attempt to take down the systems of an unknown entity identified as a “US-based service provider”.

  • DDoS Record Broken Again as Memcached Attack Hits 1.7 Tbps

    The size of massive distributed denial-of-service attacks continues to grow, hitting yet another new high on March 5, with a report of a 1.7-Tbps attack.

    The attack was reported by Netscout Arbor and came just four short days after the March 1 report of the then largest DDoS attack at 1.35 Tbps against GitHub. Both of the record breaking DDoS attacks were enabled via improperly configured memcached servers that reflected attack traffic, amplifying the total volume.

  • Reproducible Builds: Weekly report #149
  • Hacking operation uses malicious Word documents to target aid organisations

    A newly uncovered 'nation-state level' cyber espionage operation has targeted humanitarian aid organisations around the globe via the use of backdoors hidden within malicious Word documents.

    Dubbed Operation Honeybee based on the name of lure documents used during the attacks, the campaign has been discovered by security researchers at security company McAfee Labs after a new variant of the Syscon backdoor malware was spotted being distributed via phishing emails.

Security: Updates, 4G LTE, and Chip Bugs Handling by Oracle and OpenIndiana

Filed under
  • Security updates for Tuesday
  • Researchers detail new 4G LTE vulnerabilities allowing spoofing, tracking, and spamming

    4G LTE isn’t nearly as secure or private as you think it is. Mobile privacy and security are both at risk. Researchers from Purdue University and the University of Iowa have released a new research paper detailing ten attacks on 4G LTE networks. Some attacks allow fake emergency alerts to be sent to a phone, others allow for the spoofing or tracking of the target’s location. The attacks could be carried out with less than $4,000 of equipment and open source 4G LTE software.

  • Oracle Brings KPTI Meltdown Mitigation To Linux 4.1

    If for some reason you are still riding the Linux 4.1 kernel series, you really should think about upgrading to at least a newer LTS series in the near future. But if you still plan on riding it for a while longer, at least it's getting page table isolation support for Meltdown mitigation.

    An Oracle kernel developer has posted patches bringing kernel page table isolation (KPTI, formerly known as KAISER) to the Linux 4.1 stable kernel series.

  • OpenIndiana Now Has KPTI Support Up For Testing To Mitigate Meltdown

    The Solaris-derived OpenIndiana operating system now has KPTI (Kernel Page Table Isolation) support for testing to mitigate the Intel Meltdown CPU vulnerability.

    Thanks in large part to the work done by Joyent on KPTI support for SmartOS/OmniOSce, the Illumos kernel used by OpenIndiana now has a KPTI implementation for testing. They have spun up some live install images for testing as well as an IPS repository containing a KPTI-enabled kernel build. With this KPTI work is also PCID (Process Context Identifier) support too.

  • A long two months

    I had a quiet New Year's Eve and Day for the beginning of 2018. We had originally planned a trip away with my parents and some friends from southern California, but they all fell through -- my father was diagnosed with cancer late in 2017 and their trip to visit us in the U.S. was cancelled, and our friends work in medicine and wound up being on call. One of Lou's other friends came to visit us, instead: she was on a mission to experience midnight twice on January 1st by flying from Hong Kong to San Francisco. That might sound like an excuse to party hard, but instead we sat around an Ikea table playing board games, drinking wine and eating gingerbread. It was very pleasant.


    To mitigate Meltdown (and partially one of the Spectre variants), you have to make sure that speculative execution cannot reach any sensitive data from a user context.

Security: Memcached, Intel MKTME, and Open Source Security Podcast

Filed under
Syndicate content

More in Tux Machines

Security: Updates, Synopsys/Black Duck FUD, and Software Security Over Convenience

  • Security updates for Tuesday
  • With Much of the Data Center Stack Open Source, Security is a Special Challenge [Ed: Black attacking FOSS again in order to sell its proprietary products; does proprietary software have no security issues? Which cannot be fixed, either?]
  • Synopsys reveals its open-source rookies of the year [Ed: Anti-FOSS company Black Duck, which markets its proprietary software by attacking FOSS (it admitted being anti-GPL since inception, created by Microsoft employee), wants the public to think of it as a FOSS authority]
  • Software security over convenience
    Recently I got inspired (paranoid ?) by my boss who cares a lot about software security. Previously, I had almost the same password on all the websites I used, I had them synced to google servers (Chrome user previously), but once I started taking software security seriously, I knew the biggest mistake I was making was to have a single password everywhere, so I went one step forward and set randomly generated passwords on all online accounts and stored them in a keystore.

MIPI-CSI camera kit runs Linux on Apollo Lake

Congatec’s rugged, Linux-driven “Conga-CAM-KIT/MIPI” camera kit combines its Intel Apollo Lake based Conga-PA5 SBC with a MIPI-CSI 2 camera from Leopard Imaging and other components. Congatec announced a Conga-CAM-KIT/MIPI camera kit, also referred to as the MIPI-CSI 2 Smart Camera Kit. The kit runs a Yocto Project based Linux distribution on Congatec’s Conga-PA5, a Pico-ITX SBC with Intel’s Apollo Lake Atom, Pentium, and Celeron SoCs. Also included is a MIPI-CSI 2 camera (LI-AR023Z-YUV-MIP) from Leopard Imaging based on ON Semiconductor’s AR0237 HD sensor. Extended temperature ranges are supported. Read more

Latest on webOS

Red Hat Leftovers