Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.
Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.
In a recent paper accepted at 13th International Conference on Open Source Systems, we study code authorship in a large and long-lived system — the Linux kernel. Our goal is to identify authorship parameters from the Linux kernel evolution history, as well as interpret why they appear as such. We also check whether those parameters apply to the subsystem level, allowing us to assess their generality across different parts of the kernel.
Red Hat Gluster Storage 3.2 addresses an inherent challenge with network attached storage (NAS) around scaling metadata-intensive operations, particularly with files under a few megabytes. These improvements to metadata operations can benefit storage of Red Hat OpenShift Container Platform registries. Container registries, the heart of a container platform, are critical to resident applications and need highly elastic, durable storage. In addition, faster metadata-intensive operations can improve day-to-day operations by as much as 8x according to Red Hat performance data, increasing the responsiveness of the storage system at scale and improving the overall end-user experience.
Red Hat has announced that OpenSCAP 1.2, an open source Security Content Automation Protocol (SCAP) scanner, has been certified by the National Institute of Standards and Technology as a US government evaluated configuration and vulnerability scanner for Red Hat Enterprise Linux 6 and 7-based systems.