Language Selection

English French German Italian Portuguese Spanish

Security

VirtualBox 5.0.8 Has Better systemd Support, Debian and El Capitan Fixes

Filed under
OSS
Security

On October 20, Oracle announced the immediate availability for download of the eighth maintenance release of their open-source and cross-platform VirtualBox virtualization software for GNU/Linux, Mac OS X, and Windows operating systems.

Read more

Canonical Releases Important Security Patches for Ubuntu 15.04 and 14.04 LTS

Filed under
Security
Ubuntu

After announcing the general availability of a new kernel version of its Ubuntu 12.04 LTS (Precise Pangolin) operating system, Canonical published details about an important security patch for the kernel packages of Ubuntu 15.04 and Ubuntu 14.04 LTS.

Read more

AllSeen Alliance Adds Security Updates to Open Source IoT Platform

Filed under
OSS
Security

The AllSeen Alliance claims to have made open source Internet of Things (IoT) development more secure with the latest update to its AllJoyn IoT framework, Security 2.0. The new feature brings authentication, device authorization and encryption enhancements to the platform.

Read more

Git 2.6.2 Distributed Version Control System Has Many Bugfixes, Some Features

Filed under
OSS
Security

This past weekend, the developers of the open-source Git distributed version control system published details about the second maintenance release in the Git 2.6 series.

Read more

Attacker slips malware past Ubuntu Phone checks

Filed under
Security
Ubuntu

Canonical has issued a security advisory to all fifteen people who installed a particular Ubuntu Phone app.

While its reach might be trivial, the bug itself was serious: someone worked out how to bypass checks that are supposed to protect the Ubuntu Phone operating system's single-click app installation process.

Read more

Security Leftovers

Filed under
Security

Ubuntu Phone Users Will Receive an OTA-6 Hotfix to Patch a Security Vulnerability

Filed under
Security
Ubuntu

We're reported earlier today, October 15, that a member of the Ubuntu App Developer Google+ community has discovered a malicious app on the Ubuntu Touch Store that could give root access to an intruder.

Read more

Security Leftovers

Filed under
Security
  • Security advisories for Wednesday
  • HP perfomance monitor can climb through Windows

    Crimp nasty privilege escalation bug by running it in Linux instead says Rapid7

  • Why Cybersecurity Experts Want Open Source Routers

    A coalition of 260 cybersecurity experts is taking advantage of a Federal Communications Commission (FCC) public comment period to push for open source Wi-Fi router firmware.

  • Have your say on the FCC's plan to lock down WiFi routers

    You may know that you can replace your WiFi router's software with an open source version like DD-WRT or Tomato to make it more secure or powerful. However, the US wireless regulator (FCC) only seems to have figured that out recently, and is not happy with your ability to boost the signal power excessively on such devices. As such, it proposed changes to regulations, with one document suggesting it may ban or restrict third-party software altogether. That caught the eye of the Electronic Frontier Foundation (EFF), which created an online petition asking the FCC to make changes.

    The EFF petition says that "router manufacturers are notoriously slow about updating their software -- even with critical security fixes on the way. Under the FCC's proposal, you could have no alternative to running out-of-date and vulnerable firmware." It's referring, in part, to an FCC demand that manufacturer's "describe in detail how the device is protected from 'flashing' and the installation of third-party firmware such as DD-WRT."

  • Vint Cerf, hundreds of researchers, call on FCC to mandate open-source router firmware

    The FCC is currently inviting open comments on its plan to require router manufacturers to lock down device firmware as a means of ensuring that consumer devices can’t operate in certain frequency bands or at power levels that violate FCC guidelines. While these requirements are made to guarantee that limited spectrum is allocated fairly and in a manner that minimizes interference, many have raised concerns that locking down devices in this way will prevent open source firmware projects from continuing as well as hampering critical security research.

    Now, a group of more than 250 researchers and developers, including the Internet’s grandpa, Vint Cerf, have sent the FCC a letter proposing an altogether different set of rules that would actually mandate open-source firmware while simultaneously protecting the FCCs original goals. There are multiple reasons, the letter argues, why open-source firmware updates are a necessary part of securing the Internet against attack.

  • Hackers Can Silently Control Siri From 16 Feet Away

    Siri may be your personal assistant. But your voice is not the only one she listens to. As a group of French researchers have discovered, Siri also helpfully obeys the orders of any hacker who talks to her—even, in some cases, one who’s silently transmitting those commands via radio from as far as 16 feet away.

  • Is Apple's security honeymoon on OS X ending?

    Apple scored unforgettable hits against Microsoft with its Mac vs. PC ads, which anthropomorphized Windows as a sneezing, miserable office worker.

    Security experts always knew that the campaign was a clever bit of marketing fluff, one that allowed Apple to capitalize on Microsoft's painful, years-long security revamp.

Security Leftovers

Filed under
Security

KDE Applications 15.08.2 Officially Released with Over 30 Fixes

Filed under
KDE
Security

The KDE Community has just announced that KDE Applications 15.08.2 has been released and is now available for download and testing.

Read more

Syndicate content

More in Tux Machines

Meet UDOO X86, a Maker Board That's 10 Times More Powerful Than Raspberry Pi 3

Today we would like to introduce our readers to an upcoming maker board that features some very powerful components and aims to overpower every SBC (single-board computer) in its path. Read more

Watch: Ubuntu Convergence in Action on Meizu PRO 5 Ubuntu Edition with Miracast

Earlier today, May 23, 2016, the Ubuntu Community Manager at Canonical, Mr. Alan Pope, received his Meizu PRO 5 Ubuntu Edition smartphone, so he immediately ran some tests to see the Ubuntu convergence with his own eyes. Read more

Leftovers: Software

  • Roundcube Webmail 1.2.0 released
    We proudly announce the stable version 1.2.0 of Roundcube Webmail which is now available for download. It introduces new features since version 1.1 covering security and PGP encryption topics...
  • Roundcube Webmail 1.2 Adds PGP Encryption
    For those using the open-source Roundcube software for your webmail needs, Roundcube 1.2 is now available as the latest stable version.
  • Systemd 230 Opens Up A New Graphics Vulnerability & FBDEV Still Should Die
    A change made in the recent release of systemd 230 makes it easy for rogue user processes to be able to spy on your desktop, assuming a few conditions are met. If you are using FBDEV, such as with Wayland's Weston FBDEV back-end, other user processes can now read from the frame-buffer device. The change in systemd is, "Framebuffer devices (/dev/fb*) and 3D printers and scanners (devices tagged with ID_MAKER_TOOL) are now tagged with 'uaccess' and are available to logged in users."
  • systemd 230 Launches with DNSSEC Enabled by Default in systemd-resolved, More
  • 7 Best Command Line Navigation Tools
    The desktop environment with its bundle of programs sharing a common graphical user interface (GUI) remains a firm favorite with users. Not surprising really given that a good desktop environment makes computing fun and simple. The graphical desktop environment has become so ingrained in almost everyone's computer activities that it might seem the command line will wither away. Yet, there is still an important role to play for the humble command-line interface (CLI).
  • GNU Parallel 20160522 ('TTIPleaks') released
    GNU Parallel 20160522 ('TTIPleaks') has been released.

today's howtos