Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Illumos-Powered OmniOS Gets Updated Against MDS / ZombieLoad Vulnerabilities

    While it was just earlier this month that the OpenSolaris/Illumos-based OmniOS saw a big LTS release, it's already been succeeded by a new release given the recent Intel MDS / Zombieload CPU vulnerabilities coming to light.

    There are new spins of OmniOS for all supported releases. These new OmniOS Community Edition releases mitigate against the Multiarchitectural Data Sampling (MDS) vulnerabilities and also bundle in the updated Intel CPU microcode.

  • Hackers Hack A Forum For Hacked Accounts: Here’s How

    A group of hackers failed to deploy security mechanisms to secure the storage where they store hacked accounts and another hacker group hacked it.

    The story is indeed funny and real. Infamous forum named OGUSERS which is popular amongst hackers for obtaining “OG” Instagram, Twitter usernames, hacked accounts of Domino’s Pizza, Steam, PlayStation Network, and other online accounts was hacked by a hacker group and its data was published in another hacker forum.

  • Security Announcement: Disabling SMT by default on affected Intel processors

    This is an important announcement with an upcoming change in the next Core Update of IPFire.

    Because of the recent vulnerabilities in Intel processors, the IPFire team has decided, that - to keep systems as secure as possible - Simultaneous Multi-Processing (SMT) is automatically disabled if the processor is vulnerable to one of the attacks.

    SMT is also called Intel(R) Hyper-Threading Technology and simulates more virtual cores than the system has. This allows to perform faster processing when applications benefit from it. Unfortunately with networking, we benefit from that. Therefore the effect of disabling SMT will be a very signifiant performance impact of around 30% or more. Applications that will be affected in IPFire are the firewall throughput itself as well as other CPU and memory-bound tasks like the web proxy and the Intrusion Prevention System. On systems that are not vulnerable for this attack, SMT is being left enabled. If you still want to disable it, please do so in the BIOS of your firewall.

More in Tux Machines

Red Hat Enterprise Linux 6 and CentOS 6 Receive Important Kernel Security Update

The new Linux kernel security update is marked by the Red Hat Product Security team as having an "Important" security impact due to the fact that it patches several critical flaws, including the Spectre SWAPGS gadget vulnerability (CVE-2019-1125) affecting x86 processors. Also patched are a security vulnerability (CVE-2019-5489) leading to page cache side-channel attacks, an issue in the Salsa20 encryption algorithm that could allow local attackers to cause a denial of service (CVE-2017-17805), and a flaw (CVE-2018-17972) that let unprivileged users inspect kernel stacks of arbitrary tasks. Read more

Meet the GNOMEies: Max Huang

Max Huang has been GNOME since 2010, starting with forming a GNOME users group in Taiwan. Max has a story you may understand: being a user, meeting the right person, and slowly finding yourself more and more deeply involved with a community in terms of working together and making friends. Read more

Review: Raspberry Pi 4

The Raspberry Pi began life as a hacker's dream: a cheap, low-power, highly extendable, hackable PC that shipped as a bare circuit board. Intended as one part educational device, one part tinkering tool, it became something of a phenomenon that has been used to power everything from scaled-down Mars rovers to millions of science and hackday experiments in schools around the world. Read more

Debian: No longer a “Universal” operating system

The Debian project has removed support for the MIPS architecture. This is the latest CPU architecture to be removed from Debian, betraying their tagline of being “The Universal Operating System”.

I take issue not only with their removal of the MIPS architecture, but of their reasoning for doing it.

Read more