Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Security: Updates, Systematic Evaluation of Transient Execution Attacks and Defenses, New IoT Security Regulations and GPU Side-Channel Attacks

  • Security updates for Thursday
  • A Systematic Evaluation of Transient Execution Attacks and Defenses

    [...] we present a sound and extensible systematization of transient execution attacks. Our systematization uncovers 7 (new) transient execution attacks that have been overlooked and not been investigated so far. This includes 2 new Meltdown variants: Meltdown-PK on Intel, and Meltdown-BR on Intel and AMD. It also includes 5 new Spectre mistraining strategies. We evaluate all 7 attacks in proof-of-concept implementations on 3 major processor vendors (Intel, AMD, ARM). Our systematization does not only yield a complete picture of the attack surface, but also allows a systematic evaluation of defenses. Through this systematic evaluation, we discover that we can still mount transient execution attacks that are supposed to be mitigated by rolled out patches.

  • New IoT Security Regulations
    Due to ever-evolving technological advances, manufacturers are connecting consumer goods­ -- from toys to light bulbs to major appliances­ -- to the Internet at breakneck speeds. This is the Internet of Things, and it's a security nightmare. The Internet of Things fuses products with communications technology to make daily life more effortless. Think Amazon's Alexa, which not only answers questions and plays music but allows you to control your home's lights and thermostat. Or the current generation of implanted pacemakers, which can both receive commands and send information to doctors over the Internet. But like nearly all innovation, there are risks involved. And for products born out of the Internet of Things, this means the risk of having personal information stolen or devices being overtaken and controlled remotely. For devices that affect the world in a direct physical manner -- ­cars, pacemakers, thermostats­ -- the risks include loss of life and property.
  • University Researchers Publish Paper On GPU Side-Channel Attacks
    University researchers out of University of California Riverside have published a paper this week detailing vulnerabilities in current GPU architectures making them vulnerable to side-channel attacks akin to Spectre and Meltdown. With their focus on NVIDIA GPUs, UCLA Riverside researchers demonstrated attacks both for graphics and compute by exploiting the GPU's performance counters. Demonstrated attacks included a browser-based attack, extracting passwords / keystroke logging, and even the possibility of exposing a CUDA neural network algorithm.

VirtualBox 6.0 Beta 2

  • Announcement: VirtualBox 6.0 Beta 2 released
    Please do NOT use this VirtualBox Beta release on production machines! A VirtualBox Beta release should be considered a bleeding-edge release meant for early evaluation and testing purposes. You can download the binaries here: http://download.virtualbox.org/virtualbox/6.0.0_BETA2 Please do NOT open bug reports at our public bugtracker but use our VirtualBox Beta Feedback forum at https://forums.virtualbox.org/viewforum.php?f=15 to report any problems with the Beta. Please concentrate on reporting regressions since VirtualBox 5.2! Version 6.0 will be a new major release. Please see the forum at https://forums.virtualbox.org/viewtopic.php?f=15&t=90315 for an incomplete list of changes. Thanks for your help! Michael
  • VirtualBox 6.0 Beta 2 Adds File Manager For Host/Guest File Copies, OS/2 Shared Folder
    Last month Oracle rolled out the public beta of VirtualBox 6.0 though didn't include many user-facing changes. They have now rolled out a second beta that does add in a few more features. VirtualBox 6.0 Beta 2 was released today and to its user-interface is a new file manager that allows the user to control the guest file-system with copying file objects between the host and guest. Also improved with VirtualBox 6.0 Beta 2 is better shared folder auto-mounting with the VBox Guest Additions. This beta even brings initial shared folder support to the guest additions for OS/2.

Thunderbird version 60.3.1 now Available, Includes Fixes for Cookie Removal and Encoding Issues

Thunderbird happens to be one of the most famous Email client. It is free and an open source one which was developed by the Mozilla Foundation back in 2003, fifteen years ago. From a very basic interface, it has come a long way to be what it is today in 2018. With these updates, a recent one into the 60.x series from the 52.x series was a significant one. While the 60.x (60.3.0) update started rolling out, Mozilla was keen to push out 60.3.1. This new version of Thunderbird had a few bugs and kinks here and there which needed to be addressed which Mozilla did, most of them at least. Read more

Games: Feral Interactive, ATOM RPG, Lore Finder, UnDungeon, Humble Store Fall Sale