Linux-Unix

  • Development Team Releases CentOS Atomic Host 7.5

    Atomic SIG team members from CentOS announced a new version of their operating system that’s sure to be an attractive option for those who want to run containerized applications in a secure cloud-native environment. The new CentOS Atomic Host version 7.5 (7.1805) features install media for a wide variety of…

  • Keybase Introduces Exploding Messages to Ensure Forward Secrecy of Transmitted Data

    Encrypted social networking service Keybase introduced a new technology that they call exploding messages. As of today, you can put a timed fuse on any messages that you send through a Keybase chat interface. In a rather snarky yet good-natured blog post, Keybase recommended that intimate and important messages get…

  • OpenBSD Project Announces They’re Disabling Intel HT Support by Default

    Representatives from the OpenBSD project announced today on their mailing list that they’ll soon be disabling support for hyper-threading (HT) technology on machines that use Intel-based CPU architectures. With many people concerned about so-called Spectre-class bugs, these developers felt the most prudent course of action was to turn the technology…

  • UBports Announces First Ubuntu Touch OTA-4 Release Candidate

    Marius Gripsgård, lead developer of the UBports project, announced today that the first release candidate for the upcoming OTA-4 Ubuntu Touch update is now available. The announcement was made through Softpedia as well as Gripsgård’s own Twitter account. While some individuals have already decreed the end of the so-called Ubuntu…

  • Linux Kernel Dumps Out 107,000+ More Lines of Code

    Several agencies have reported on the recent agreement to drop a large amount of code from the Linux kernel, but it now looks like the kernel’s size reduction will be even greater than anyone previously imagined. Release number 4.18-rc1 is just the latest step toward a leaner core package. Most…

  • Debian Jessie Enters End of Life Phase

    If you’re still running Debian Jessie as of today, then you might not be as secure as you were just 24 hours ago. Debian GNU/Linux 8, better known as Debian Jessie, has stopped receiving regular security updates with the last of these having come out on June 17. Released back…

  • RC3 Builds Begin for FreeBSD 11.2

    The third release candidate builds for FreeBSD version 11.2 have begun, and they’re on course to allow developers to start issuing genuine release builds as early as June 22. A proper release announcement should come only five days after that. The releng/11.2 branch will then get turned over to the…

  • 17 Tainted Docker Images Removed from Hub

    It’s now been confirmed that Docker’s team had to pull 17 different container images that had dangerous backdoors stored inside of them. These backdoors had been used to install things like hacked cryptocurrency mining software and reverse shells on servers for approximately the last year. New Docker images don’t go…

  • More Intel Users are Protected Against CVE-2018-3665 than Developers Originally Feared

    An Intel-related security vulnerability deemed CVE-2018-3665 created quite a stir when many organizations attempted to quickly release patches for the problem on Tuesday. While details are still coming out, information released last evening and as late as this afternoon suggests that some users might actually already be safe without having…

  • Secured CopperheadOS Distribution Experiences Potential Issues in Wake of Personnel Changes

    You could say that CopperheadOS is to mobile Android-based Unix-like system software what SEL and Tails are to desktop Linux distributions. While CopperheadOS has offered a security-hardened version of the kernel coupled with an efficient sandboxing system that helps to prevent unauthorized access, it looks like the operating system’s future…

  • Around Five Percent of Monero Coins were Mined Using Compromised Installs

    According to a report that was originally released by security analysts from Palo Alto Networks, at least five percent of all Monero tokens that are currently in circulation on the market were mined using malware. This means that criminal organizations have used security breaches in servers and end-user machines to…

  • NethServer Brings New Security Options to the Table with Release of Version 7.5

    With the release of NethServer 7.5 on June 11 came the news that the latest version of NextCloud would be integrated into the operating system. Several improvements were added to NextCloud 13.02 in order to build better overall security for users who employ the platform as well as to increase…

  • Tails Version 3.7.1 Released, Promises Privacy and Security Improvements

    The Amnesic Incognito Live System (Tails) released version 3.7.1 of their GNU/Linux distribution on Sunday June 10, and it promises to be even more secure and private than their previous releases. All outgoing connections sent from a machine running Tails are forced to go through Tor, and it blocks any…

  • New GPG Security Recommendations Help to Assuage Concerns of Vulnerabilities

    Back in May, a technical paper published by EFAIL encouraged users to cease using GNU Privacy Guard (GPG) plugins when they wanted to encrypt email. As with many open-source products made by GNU developers, GPG is widely used by those who run GNU/Linux in a desktop or laptop environment and…

  • Linux Users Among Others Urged to Update Flash Player Because of Vulnerabilities

    While Adobe Flash Player updates are par for the course for when it comes to anyone who has used a browser for any length of time, Adobe’s latest security bulletin is recommending that all users update their software due to vulnerabilities. This includes those running GNU/Linux as well as Chrome…

  • BSD Advocates Question Security Situation as Linux Server Popularity Booms

    While Linux security has always been a hot button issue, a series of comments have recently reignited the war over whether or not the popular open-source kernel can ever be considered truly secure. Proponents of other operating system architectures, including that of OpenBSD, have pointed out that GNU/Linux as an…

  • Bodhi Linux Founder Addresses Community Forum Closure

    Jeff Hoogland, developer of Bodhi Linux, announced on June 3rd that he had closed the user forum and deleted all associated data along with it. He also announced that the distribution deleted all emails, names and comments associated with the Bodhi WordPress page and furthermore disabled comments. He felt that…

  • Debian Issues Security Advisory for Wireshark Users

    The Debian Project has put out a security advisory for users of its GNU/Linux distribution in regards to several vulnerabilities found in the popular Wireshark network protocol analyzer. These problems could be exploited to execute arbitrary code or carry out a denial of service operation. Vulnerabilities were discovered in dissectors…

  • Leaner Linux Kernel 4.17 Sees Full Release

    Two major stories seemed to surround the news involving the release of Linux kernel version 4.17, and those were related to Microsoft’s acquisition of GitHub as well as Linus Torvalds’ announcement that the newest kernel release release wouldn’t be labeled version 5.0. Ironically, Torvalds originally considered using the 5.0 name…

  • FOSS Organizations Begin GitLab Code Migration

    Judging by recent social media posts to both Reddit and YouTube, a great migration from GitHub to GitLab is right around the corner as Linux security and privacy experts are concerned about a potential buyout of the world’s largest source code host. Heretofore unconfirmed rumors have painted a picture of…

  • Linux Lite 4.0 Offers Improved Performance as Well as Security

    Linux Lite 4.0 Final, also known by the code name Diamond, has promised some very big changes that should catch the eye of those following recent Linux security headlines. This version of the simple and speedy GNU/Linux implementation has received an official release from its sponsoring organization. As with all…

  • Gentoo Developers Address Questions at AMA Session

    A group of social media-equipped Gentoo Developers hosted an AMA session on Reddit today, and they didn’t shy away from fielding difficult questions. Many of these were related to security issues, thought it should be noted that Gentoo Linux already has a reputation for being ahead of the game when…

  • BlackArch Linux Version 2018.06.01 Now Available for Free Download

    Security researchers who rely on BlackArch Linux as a penetration testing platform now have a new more secure edition of their chosen distribution to work with. Version 2018.06.01 is available for download as of today, both as a 64-bit live ISO and a 64-bit Netinstall image. The new release comes…

  • Microsoft Azure AD Preview Feature Tightens Up Linux VM Log In Support

    Representatives from Microsoft have announced a new Azure AD ability that might hold the key to fixing a Linux security problem that has plagued those who use the platform to run virtual machines. While Azure infrastructure has offered support for GNU/Linux-based VMs for several years, technicians have usually had to…

  • GitHub Repository Contributors Compile List of Potential Security Exploits

    While most commentators consider Linux and the greater Unix ecosystem much more secure as a whole than other technology platforms, one list on GitHub begs to differ. A project by the name of GTFOBins has been collecting the names of otherwise legitimate Unix binaries that can be abused by attackers…