Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Fedora (kernel, kernel-headers, and kernel-tools), openSUSE (glibc and qemu), Red Hat (chromium-browser, container-tools:1.0, container-tools:rhel8, firefox, ipmitool, kernel, kernel-rt, krb5-appl, ksh, nodejs:10, nss-softokn, python, qemu-kvm, qemu-kvm-ma, telnet, and virt:rhel), Scientific Linux (ipmitool and telnet), SUSE (ceph and firefox), and Ubuntu (haproxy, linux, linux-aws, linux-gcp, linux-gcp-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2, linux-raspi2-5.3, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, and linux, linux-hwe).

  • Josh Bressers: Who are the experts

    These are certainly strange times we are living in. None of us will ever forget what’s happening and we will all retell stories for the rest of our days. Many of us asked “tell me about the depression grandma”, similar questions will be asked of us someday.

    The whirlwind of confusion and chaos got me thinking about advice and who we listen to. Most of us know a staggering number of people who are apparently experts in immunology. I have no intention of talking about the politics of the current times, goodness knows nobody in their right mind should care what I think. What all this does have me pondering is what are experts and how can we decide who we should listen to?

    So I’ve been thinking a lot about “experts” lately. Especially in the context of security. There have been a ton of expert opinions on how to work from home, and how to avoid getting scammed, which video conferencing software is the best (or worst). There are experts everywhere, but which ones should we listen to? I’m not an expert in anything, but there are some topics I know enough about to question some of these “experts”.

  • seL4 Microkernel Optimized for Security Gets Support of Linux Foundation

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it will host the seL4 Foundation, the nonprofit organization established by Data61, the digital specialist arm for Australia’s national science agency CSIRO. The seL4 microkernel is the world’s first operating system (OS) kernel that is proved secure; it is designed to ensure the security, safety and reliability of real-world critical computer systems.

    The new Foundation aims to accelerate the development of seL4 and related technologies, and under the Linux Foundation will provide a global, independent and neutral organization for funding and steering the future evolution of seL4. Founding members include Cog Systems, DornerWorks, Ghost Locomotion, HENSOLD Cyber and UNSW Sydney.

    The trustworthiness of embedded computing systems is vital to improving the security of critical systems around the world to safeguard them from cyber threats. This is particularly paramount in industries including avionics, autonomous vehicles, medical devices, critical infrastructure and defense. The seL4 microkernel is the world’s first operating system with a proof of implementation correctness and presents an unparalleled combination of assurance, generality and performance, making it an ideal base for building security- and safety-critical systems. The seL4 Foundation provides a forum for developers to collaborate on growing and integrating the seL4 ecosystem.

  • The Linux Foundation Throws Weight Behind Secure Microkernel

    Gernot Heiser, who will serve as chair of the new foundation, said the seL4 is unique in that it is mathematically proven to be secure, which provides a robust foundation on which a new generation of embedded systems can be built to drive, for example, internet of things (IoT) applications.

    Founding members of the seL4 Foundation include Data61, University of New South Wales in Sydney, HENSOLDT Cyber GmbH, Ghost Locomotion Inc., Cog Systems Inc. and DornerWorks Ltd.

    The hosting of the seL4 Foundation is sure to add more fuel to an increasingly fierce debate over the future of operating systems. Advocates of microkernels contend operating systems in terms of functions and size should be kept to an absolute minimum to both ensure security and maximize flexibility.

Linux Foundation backs security-oriented seL4

  • Linux Foundation backs security-oriented seL4 microkernel operating system

    However, SeL4 can be used, in theory, as a foundation for Linux and other Unix related operating systems. For example, it was briefly considered for use in Richard M. Stallman's still-born Gnu Hurd operating system. Now, with its latest edition and broader support, seL4 may be more broadly deployed.

    This kernel is a member of the L4 microkernel family. SeL4 is a mathematically proven correct, bug-free operating system kernel. It's designed to enforce strong security properties. Data61 claims it's the world's first operating system with such proof. It's also, they say, the only proven operating system featuring fine-grained, capability-based security and high performance. In the real world, it supports mixed criticality real-time systems.

Linux Foundation To Support seL4 Foundation

  • Linux Foundation To Support seL4 Foundation

    The Linux Foundation will be hosting seL4 Foundation, the nonprofit organization established by Data61 (the digital specialist arm for Australia’s national science agency CSIRO). The seL4 microkernel is designed to ensure the security, safety and reliability of real-world critical computer systems.

The seL4 microkernel: Optimized for security and endorsed...

  • The seL4 microkernel: Optimized for security and endorsed by the Linux foundation

    The Linux Foundation is a fundamental organization for the promotion of open source software and has officially endorsed the seL4 microkernel. To further boost seL4, the Linux Foundation will host seL4 Foundation, which is a non-profit organization, established by Data61.

    In order to understand seL4, we must first know what a microkernel is. A microkernel is the bare minimum of components needed to form an operating system. Usually, microkernels are comprised of...

From Data Center Knowledge

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Android Leftovers

Python Programming

  • Add interactivity to your Python plots with Bokeh

    In this series of articles, I'm looking at the characteristics of different Python plotting libraries by making the same multi-bar plot in each one. This time I'm focusing on Bokeh (pronounced "BOE-kay"). Plotting in Bokeh is a little more complicated than in some of the other plotting libraries, but there's a payoff for the extra effort. Bokeh is designed both to allow you to create your own interactive plots on the web and to give you detailed control over how the interactivity works. I'll show this by adding a tooltip to the multi-bar plot I've been using in this series. It plots data from UK election results between 1966 and 2020.

  • Bruteforcing Emails Using a Simple Python Script

    Brute forcing is an essential part of hacking – it is the last resort, it offers hope and sometimes, it just works! Have you ever wanted to code a small script that would bruteforce email servers for you? It is imperative to remember that our brute forcing efforts are only as great as our password list, and as such, the list must be chosen with care. That said, first and foremost, we need to import the two modules we will need from Python.

  • Best Python Game Engines

    To write computer games (us oldies call them video games!), you may be wondering, “Where do I start?” To make a playable game in a decent timeframe while also learning how the program works, you will need a game framework. The framework creates many of the constructs that you will need for your games to function. You do not want to invent these yourself. These include how to draw anything to screen, how to detect a collision, and how to keep the score. Even making things move on the screen is complex without some underlying library. In this article, you will learn about which packages do what and how easy it is to get started on your game.

  • Week 1 Check-in

    During the community bonding period, i am working on the first step of my proposal. I have used shlex to split the shell script into tokens, and then find the seperator(&&|;) to concatenate the commands. After the review from my mentor, we find that we can improve the code. We do not need to split into tokens at first. Instead, we can directly find the seperator(&&|;) to seperate the commands. This will save a lot of time, since we are not going through every word in the shell script.

  • Backing up and restoring Zato Single Sign-On data

    This article presents a procedure for backing up all of Zato Single Sign-On (SSO) data and restoring it later on. A single Zato server with SQLite is used for simplicity reasons but the same principles hold regardless of the size of one's environment or the SQL database used.

  • Attrs, Dataclasses and Pydantic

    Attrs also adds a nice string representation, comparison methods, optional validation and lots of other stuff to your classes, if you want to. You can also opt out of everything; attrs is very flexible. Attrs became so popular, that since Python 3.7 we also have the dataclasses module in the standard library. It is predominantly inspired by attrs (the attrs team was involved in the design of data classes) but has a smaller feature set and will evolve a lot slower. But you can use it out-of-the box without adding a new requirement to your package.

Latest BlackArch Linux ISO Adds More Than 150 New Hacking Tools, Linux 5.6

Coming five months after the previous release, the BlackArch Linux 2020.06.01 ISOs are here packed with more than 150 new tools for all your penetration testing and ethical hacking needs. According to the team, this latest BlackArch Linux ISO a high-quality release, which means that all the included packages have been quality tested and numerous bugs were fixed, including missing dependencies. This is also the first BlackArch Linux release to ship with a newer kernel, namely Linux 5.6. The Linux kernel 5.6.14 is included in the ISO images for better hardware support. Read more

today's howtos