Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Illumos-Powered OmniOS Gets Updated Against MDS / ZombieLoad Vulnerabilities

    While it was just earlier this month that the OpenSolaris/Illumos-based OmniOS saw a big LTS release, it's already been succeeded by a new release given the recent Intel MDS / Zombieload CPU vulnerabilities coming to light.

    There are new spins of OmniOS for all supported releases. These new OmniOS Community Edition releases mitigate against the Multiarchitectural Data Sampling (MDS) vulnerabilities and also bundle in the updated Intel CPU microcode.

  • Hackers Hack A Forum For Hacked Accounts: Here’s How

    A group of hackers failed to deploy security mechanisms to secure the storage where they store hacked accounts and another hacker group hacked it.

    The story is indeed funny and real. Infamous forum named OGUSERS which is popular amongst hackers for obtaining “OG” Instagram, Twitter usernames, hacked accounts of Domino’s Pizza, Steam, PlayStation Network, and other online accounts was hacked by a hacker group and its data was published in another hacker forum.

  • Security Announcement: Disabling SMT by default on affected Intel processors

    This is an important announcement with an upcoming change in the next Core Update of IPFire.

    Because of the recent vulnerabilities in Intel processors, the IPFire team has decided, that - to keep systems as secure as possible - Simultaneous Multi-Processing (SMT) is automatically disabled if the processor is vulnerable to one of the attacks.

    SMT is also called Intel(R) Hyper-Threading Technology and simulates more virtual cores than the system has. This allows to perform faster processing when applications benefit from it. Unfortunately with networking, we benefit from that. Therefore the effect of disabling SMT will be a very signifiant performance impact of around 30% or more. Applications that will be affected in IPFire are the firewall throughput itself as well as other CPU and memory-bound tasks like the web proxy and the Intrusion Prevention System. On systems that are not vulnerable for this attack, SMT is being left enabled. If you still want to disable it, please do so in the BIOS of your firewall.

More in Tux Machines

Linux Candy: ASCIIQuarium – embrace marine life from the terminal

Who loves eye candy? Don’t be shy — you can raise both hands!! Linux Candy is a new series of articles covering interesting eye candy software. We’re only going to feature open-source software in this series. I’m not going to harp on about the tired proverb “All work and no play makes Jack a dull boy”. But there’s a certain element of truth here. If you spend all day coding neural networks, mastering a new programming language, sit in meetings feeling bored witless, you’ll need some relief at the end of the day. And what better way by making your desktop environment a bit more memorable. Read more

Bookworm is a light-weight eBook reader for Linux

While Calibre has a built-in reader, and is the absolute best when it comes to managing and converting eBooks, some people may prefer an alternative when it comes to reading ebooks. Bookworm, a lightweight ebook reader for Linux, offers a minimalist experience. Developed for Elementary OS, Bookworm is also available for other Linux distributions such as Ubuntu or OpenSUSE. Options to install from source or flatpack are provided as well. Read more

Review: Drauger OS 7.4.1, and EndeavourOS 2019.07.15

This week I once again turned to the DistroWatch waiting list to sample new items I had not tried before. Near the top of the list of projects waiting for evaluation was Drauger OS, a Linux distribution based on Xubuntu. The project uses the Xfce desktop environment and is built to run on 64-bit (x86_64) computers. The project places a strong focus on offering easy access to games and, correspondingly, good desktop performance. To this end, Drauger ships with Steam installed by default, along with WINE and PlayOnLinux. Drauger OS also comes with the modified, low-latency, Liquorix Linux kernel, which is based off the ZEN kernel. According to the project's documentation, the distribution can run on UEFI-enabled machines, but booting in legacy BIOS mode is recommended. The documentation also mentions that in place of the regular Xubuntu installer, Drauger uses the System Install utility to copy the operating system from the live media to the local hard drive. While most of the project's listed features are technical in nature, one of the main talking points goes a bit over the top when describing Drauger's security advantage: "Drauger OS is far more secure than the leading desktop operating system. This means that you can game without fear of trolls hacking into your computer, getting a virus, or losing your data." Of course Linux systems can be hacked and certainly may lose data due to various bugs, security breaches or hardware failure. The developers' claims strike me as being optimistic, at best. Drauger is available in one edition and the distribution's ISO file is a 3.2GB download. Booting from the disc brings up a menu asking if we would like to run a live desktop session or launch a system installer. The live option shows the Ubuntu boot screen, which identifies the distribution as "Ubuntu 7.4.1". The system then presents us with a graphical login screen where we are given the choice of using a "user" account or a "guest" account. In either case we can sign in without a password. Drauger's live mode uses the Xfce 4.12 desktop. Once the desktop loads, a welcome screen appears, showing buttons that open links to the distribution's website, launch a tool for installing third-party drivers, open a readme file, and link to some on-line resources. There is also a tutorial button which opens a series of pop-up messages about the desktop elements. We can only move forward through the tutorial tips one at a time, and cannot go back to previous pop-ups. The Additional Drivers button opens the Ubuntu software sources, updates and driver utility. On-line resources and documentation are opened in the Firefox web browser. The welcome window is pretty straight forward to use and navigate and I like that we are put in touch with both on-line and off-line resources. Read more

GNU Guile 2.9.4 (beta) released

We are delighted to announce GNU Guile 2.9.4, the fourth beta release in preparation for the upcoming 3.0 stable series. See the release announcement for full details and a download link. This release enables inlining of references to top-level definitions within a compilation unit, speeding up some programs by impressive amounts. It also improves compilation of floating-point routines like sin, implements the Ghuloum/Dybvig "Fixing Letrec (reloaded)" algorithm, and allows mixed definitions and expressions within lexical contours, as is the case at the top level. Try it out, it's good times! GNU Guile 2.9.4 is a beta release, and as such offers no API or ABI stability guarantees. Users needing a stable Guile are advised to stay on the stable 2.2 series. Experience reports with GNU Guile 2.9.4, good or bad, are very welcome; send them to guile-devel@gnu.org. If you know you found a bug, please do send a note to bug-guile@gnu.org. Happy hacking! Read more