Language Selection

English French German Italian Portuguese Spanish

Security and FUD Leftovers

Filed under
Linux
Security
  • Fwupd 1.3.8 Brings More Improvements For Firmware Updating On Linux Systems

    Red Hat's Richard Hughes has released Fwupd 1.3.8 as the latest version of this Linux utility for performing firmware updates of various system components.

    With the meteoric rise of Fwupd and LVFS, more Fwupd releases are having to deal with quirks and other peculiarities of different hardware components seeing Fwupd support and v1.3.8 is no different. Fwupd 1.3.8 adds a plug-in to support updating the power delivery controllers by Fresco Logic, a fix for Synaptics multi-stream transport devices, various EFI fixes/improvements, more parent devices are detected for different Lenovo USB hubs, support for GNUEFI file locations, and other fixes.

  • Cyber-gangs using SSH identities to sell on the black market [Ed: How to associate secure shell, SSH, with "black market", skull and bones, just because of machines that are already cracked because of something totally unrelated]

    Malware campaigns equipped with the capability to exploit powerful, hidden backdoors are becoming commoditised, researchers from Venafi have warned.

    The research shows several high-profile hacker campaigns are integrating the misuse of SSH machine identities capabilities into their attacks.

    Now, any attacker with access to the dark web can gain access to the same techniques that took down the Ukrainian power grid against every business and government agency.

    Malware can target common SSH machine identities used to access and automate Windows, Linux and MacOS in the enterprise and out to the cloud.

  • SAMM v2 – OWASP releases revamped security assurance framework

    A revamped version of OWASP’s Software Assurance Maturity Model (SAMM) adds automation along with maturity measurements to the open source security-related framework.

    OWASP SAMM v2 – released on Tuesday after three years of refinement – is geared towards helping organizations that develop software to travel down the path towards becoming more secure.

    The approach is based on a community-led open source framework that “allows teams and developers to assess, formulate, and implement strategies for better security which can be easily integrated into an existing organizational software development lifecycle”.

    [...]

    The OWASP SAMM community includes security knowledgeable volunteers from both businesses and educational organizations. The global community works to create “freely-available articles, methodologies, documentation, tools, and technologies”.

  • Smack: Some more busy nights and 12 bytes of IV

    Anu brought up the fact that the OMEMO XEP is not totally clear on the length of initialization vectors used for message encryption. Historically most clients use 16 bytes length, while normally you would want to use 12. Apparently some AES-GCM libraries on iOS only support 12 bytes length, so using 12 bytes is definitely desirable. Most OMEMO implementations already support receiving 12 bytes as well as 16 bytes IV.

More in Tux Machines

Repo Review: VidCutter

VidCutter is a simple program available in the repository for performing very basic video editing tasks. It allows you to quite easily trim and split videos at multiple points, and also join video clips together without the need for a full featured video editing program. The user interface is, for the most part, fairly well laid out. Below the video preview screen is a nice timeline with thumbnails. At the right of the preview is the Clip Index. When you start making cuts in a video, each new clip you split will be added to the Clip Index, where you can rearrange the order in which they will be joined. To begin editing, click Open Media and load in a video file. Read more

Android Leftovers

Best Linux Desktop Environments In 2020

Let’s discuss the Linux desktop environments for the year 2020. These days every Linux distros have their own desktop environments which means that we have plenty of options available on the Internet to replace our default Linux desktop environment. Note: This is our list of best Linux desktop environments in 2020 but let us know if you want to include or remove any desktop environments from this list with your valid opinions. Read more

The April 2020 Issue of the PCLinuxOS Magazine

The PCLinuxOS Magazine staff is pleased to announce the release of the April 2020 issue. With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution- NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved. All articles may be freely reproduced via any and all means following first publication by The PCLinuxOS Magazine, provided that attribution to both The PCLinuxOS Magazine and the original author are maintained, and a link is provided to the originally published article. In the April 2020 issue: * Things To Do With Your PCLinuxOS During The Quarantine * Short Topix: Plex Comes Under Fire From Pro-Copyright Group * Game Zone: Last Chaos On PCLinuxOS! * Inkscape Tutorial: Create A Website Background * PCLinuxOS Family Member Spotlight: mutse * Mind Your Step: Vintage Computing On PCLinuxOS * ms_meme's Nook: Eight More Gigabytes * Repo Review: VidCutter * PCLinuxOS Recipe Corner: Beef & Salsa Skillet * And much more inside! This month’s cover was designed by Meemaw. Download the PDF (13.7 MB) https://pclosmag.com/download.php?f=2020-04.pdf Download the EPUB Version (7.5 MB) https://pclosmag.com/download.php?f=202004epub.epub Download the MOBI Version (9.0 MB) https://pclosmag.com/download.php?f=202004mobi.mobi Visit the HTML Version https://pclosmag.com/html/enter.html