Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Illumos-Powered OmniOS Gets Updated Against MDS / ZombieLoad Vulnerabilities

    While it was just earlier this month that the OpenSolaris/Illumos-based OmniOS saw a big LTS release, it's already been succeeded by a new release given the recent Intel MDS / Zombieload CPU vulnerabilities coming to light.

    There are new spins of OmniOS for all supported releases. These new OmniOS Community Edition releases mitigate against the Multiarchitectural Data Sampling (MDS) vulnerabilities and also bundle in the updated Intel CPU microcode.

  • Hackers Hack A Forum For Hacked Accounts: Here’s How

    A group of hackers failed to deploy security mechanisms to secure the storage where they store hacked accounts and another hacker group hacked it.

    The story is indeed funny and real. Infamous forum named OGUSERS which is popular amongst hackers for obtaining “OG” Instagram, Twitter usernames, hacked accounts of Domino’s Pizza, Steam, PlayStation Network, and other online accounts was hacked by a hacker group and its data was published in another hacker forum.

  • Security Announcement: Disabling SMT by default on affected Intel processors

    This is an important announcement with an upcoming change in the next Core Update of IPFire.

    Because of the recent vulnerabilities in Intel processors, the IPFire team has decided, that - to keep systems as secure as possible - Simultaneous Multi-Processing (SMT) is automatically disabled if the processor is vulnerable to one of the attacks.

    SMT is also called Intel(R) Hyper-Threading Technology and simulates more virtual cores than the system has. This allows to perform faster processing when applications benefit from it. Unfortunately with networking, we benefit from that. Therefore the effect of disabling SMT will be a very signifiant performance impact of around 30% or more. Applications that will be affected in IPFire are the firewall throughput itself as well as other CPU and memory-bound tasks like the web proxy and the Intrusion Prevention System. On systems that are not vulnerable for this attack, SMT is being left enabled. If you still want to disable it, please do so in the BIOS of your firewall.

More in Tux Machines

IBM/Red Hat Leftovers

  • Accelerating the journey to open hybrid cloud with Red Hat Modernization and Migration Solutions

    The integration of technology into all areas of a business (the "digital transformation" we hear so much about) is fundamentally changing how organizations operate as well as how they deliver value to customers. An example is Lockheed Martin, who opted to undergo an eight-week agile transformation labs residency to implement an open source architecture onboard the F-22 and simultaneously disentangle its web of embedded systems. But such transformation can also create new challenges, from additional competitive pressures to increased customer expectations. To help overcome these challenges, Red Hat is introducing a family of solutions to help optimize infrastructure, modernize applications and accelerate innovation while supporting customers in their journey to the open hybrid cloud. Red Hat Modernization and Migration Solutions are designed to help customers realize the benefits of open technologies and adopt containers, Kubernetes and hybrid cloud-ready platforms. The family of solutions offers a path for customers from restrictive, proprietary environments to more flexible and (often) less costly open source alternatives, in an iterative approach.

  • Let’s talk about Privacy by Design

    Privacy by Design or Privacy by Default (PbD) is not a new concept. However PbD received renewed attention when the GDPR added PbD as a legal requirement. PbD refers to the process of building in technical, organizational and security measures at the beginning stage of product development and throughout the product lifecycle. [...] One PbD tool we use to build in privacy to our development process is our Privacy Impact Assessment, also known as a PIA. The PIA is a process which assists developers at the early stages in identifying and mitigating privacy risks associated with the collection and use of personal data. The PIA tool begins with a self assessment that asks a lot of questions about the planned project or product. This initiates a process of review by individuals trained in privacy and security. The process is collaborative and creates an on-going dialogue about privacy with respect to the product, system or application at hand.

  • IBM Open Sources Its Workhorse Power Chip Architecture

    RISC-V now has formidable competition from an architecture with a long track record in servers and supercomputers.

Simplicity Linux 19.10 Alpha ISOs are here!

We’re proud to announce the release of Simplicity Linux 19.10. It is based on Stretchdog, which in turn is based on Debian Stretch. As this is an alpha release, none of these images should be considered finished versions, and may contain bugs or issues which won’t be present in the final release. These images should also be considered to be designed for live booting rather than being installed. All three editions of Simplicity Linux 19.10 feature Ecosia as the default search engine. This is a search engine where revenue from ads is used to plant trees. It is something we have been testing for some time, and we weren’t going to include it in the alpha releases. However, after hearing about the fires in the Amazon Rainforest, we have decided to include Ecosia in each version. It’s our way of trying to help in whatever small way we can. Simplicity Mini 19.10 Alpha is our cut down version of Simplicity Linux. There are few local applications, instead being replaced by browser based versions of software which are run through Google Chrome. comes with Google Docs, Gmail, Netflix, Vortex Cloud Gaming, Spotify, Mega.nz, Vivaldi browser which opens on boot, Lastpass password manager, DotVPN, uBlock Origin. Read more

Programming Leftovers

  • Animating Ptolemy’s Equant with Python, SVG, and CSS

    You will recall my previous blog post that tried to build the necessary scaffolding for me to finally write up my 2017 PyCon Ireland keynote on the structure of the Medieval universe. It ran into several problems with matplotlib animations — but, having written that post, I realized that the problem ran deeper. How could any animation show a Solar System, when a Solar System’s motion never exactly repeats? The orbital periods of the planets aren’t exact multiples of each other, and don’t provide a moment when the planets reach their original positions and the animation can start over again. At whatever moment an animation finished and looped back to the beginning, the planets would visibly and jarringly jump back to their original position.

  • Train your own spell corrector with TextBlob

    TextBlob is a wonderful Python library it. It wraps nltk with a really pleasant API. Out of the box, you get a spell-corrector.

  • How To Learn Any Programming Language Online in 2019

    Let’s face it, computers are everywhere these days, and the need for programmers is ever-increasing. Programming is vital to make computers be able to help us solve our everyday problems. It’s also a means to increase their speed and usability. With this in mind, it’s high time you jumped on this bandwagon and learned a language yourself! However, picking out the most appropriate programming language to learn is a substantial task for beginners. A good approach to making this choice is to consider the most popular programming languages, which languages are easy-to-learn, and how easy it is to find a job for beginners in these languages.

  • How to Build a Custom Anaconda Installer for R

    A frequent question on the Anaconda Community mailing list is how to package R with conda for distribution. Depending on the use case, one option may be to use conda to move environments. This requires that conda has been previously installed on the system. Another option is conda constructor, a utility for packaging a complete conda installation with Python and R packages. Constructor is the same utility we use to build Anaconda Distribution and Miniconda installers. It’s a multi-platform installer which means you can build an installer for Windows, Linux and macOS. It also supports a number of options to control how the installer is built. These options are documented on the GitHub constructor repository.

  • Digging into regressions

    Whenever a patch is landed on autoland, it will run many builds and tests to make sure there are no regressions. Unfortunately many times we find a regression and 99% of the time backout the changes so they can be fixed. This work is done by the Sheriff team at Mozilla- they monitor the trees and when something is wrong, they work to fix it (sometimes by a quick fix, usually by a backout). A quick fact, there were 1228 regressions in H1 (January-June) 2019. My goal in writing is not to recommend change, but instead to start conversations and figure out what data we should be collecting in order to have data driven discussions. Only then would I expect that recommendations for changes would come forth.

  • “Sudo Mastery” and the new Tilted Windmill Press clothing line

    Sudo Mastery, 2nd edition, is now complete. I’m doing the release slightly different this time, however.

  • Fossil Versus Git

    The feature sets of Fossil and Git overlap in many ways. Both are distributed version control systems which store a tree of check-in objects to a local repository clone. In both systems, the local clone starts out as a full copy of the remote parent. New content gets added to the local clone and then later optionally pushed up to the remote, and changes to the remote can be pulled down to the local clone at will. Both systems offer diffing, patching, branching, merging, cherry-picking, bisecting, private branches, a stash, etc.

weston 7.0.0

Weston 7.0.0 is released!

ABI note: the return value of two functions introduced in this release
has been changed from void to int: weston_log_scope_printf and
weston_log_scope_vprintf. Additionally weston_binding_destroy has been
made public again.

Daniel Stone (1):
      backend-drm: Enforce content protection for hardware planes

Manuel Stoeckl (1):
      weston-terminal: Ignore SIGPIPE

Marius Vlad (2):
      weston-log: Return bytes written for 'printf()' and 'vprintf()' functions
      compositor: Return the number of bytes written as to format properly

Simon Ser (1):
      build: bump to version 7.0.0 for the official release

sichem (1):
      make weston_binding_destroy public

git tag: 7.0.0
Read more Also: Wayland's Weston 7.0 Compositor Released With PipeWire Streaming Support