Security expert and co-creator of the Linux-hardening (and now Unix-hardening) project Bastille Linux. That’s Jay Beale. He’s been working with Linux, and specifically on security, since the late 1980s. The greatest threat to Linux these days? According to Beale, the thing you really need to watch out for is your Android phone, which your handset manufacturer and wireless carrier may or may not be good about updating with the latest security patches. Even worse? Applications you get outside of the controlled Google Play and Amazon environments, where who-knows-what malware may lurk.
On your regular desktop or laptop Linux installation, Beale says the best security precaution you can take is encrypting your hard drive — which isn’t at all hard to do. He and I also talked a bit, toward the end, about how “the Linux community” was so tiny, once upon a time, that it wasn’t hard to know most of its major players. He also has some words of encouragement for those of you who are new to Linux and possibly a bit confused now and then. We were all new and confused once upon a time, and got less confused as we learned. Guess what? You can learn, too, and you never know where that knowledge can take you.
The vehicles we drive are becoming increasingly connected through a variety of technologies. Features such as keyless entry and self-diagnostics are becoming commonplace. Unfortunately, they can also introduce IT security issues.
The web is not secure. As of August 2016, only 45.5 percent of Firefox page loads are HTTPS, according to Josh Aas, co-founder and executive director of Internet Security Research Group. This number should be 100 percent, he said in his talk called “Let’s Encrypt: A Free, Automated, and Open Certificate Authority” at LinuxCon North America.
Why is HTTPS so important? Because without security, users are not in control of their data and unencrypted traffic can be modified. The web is wonderfully complex and, Aas said, it’s a fool’s errand to try to protect this certain thing or that. Instead, we need to protect everything. That’s why, in the summer of 2012, Aas and his friend and co-worker Eric Rescorla decided to address the problem and began working on what would become the Let’s Encrypt project.
OpenSSL 1.1.0 was released today as a major update to this free software cryptography and SSL/TLS toolkit.
In addition to OpenSSL 1.1 rolling out a new build system and new security levels and support for pipelining and a new threading API, security additions to OpenSSL 1.1 include adding the AFALG engine, support for ChaChao20 in libcrypto/libssl, scrypto algorithm support, and support for X25519, among many other additions.
4Duino combines Arduino, WiFi, and a 2.4-inch touchscreen
4D Systems launched a $79 “4Duino-24” Arduino compatible board, with a 2.4-inch resistive touchscreen and an ESP8266 WiFi module.
One reason you might choose a Linux SBC like a Raspberry Pi over an Arduino is that it’s easier to control an LCD display for simple IoT GUIs and other HMI applications. Now the 4Duino-24 board aims to smooth the path to Arduino-based IoT displays with an Arduino Leonardo clone board that not only adds an ESP8266 WiFi module, but also includes a 2.4-inch TFT LCD display with resistive touch.
Also: Tegra TK1 COM Express module runs Ubuntu at 15W
The 25 biggest events in Linux's 25-year history
You can argue about Linux's official birthday. Heck, even Linus Torvalds thinks there are four different dates in 1991 that might deserve the honor. Regardless, Linux is twenty-five years old this year. Here are some of its highlights and lowlights.
Also: 25 Years of Linux: What a Long, Strange Trip It's Been