Feed aggregator

Security: Accenture, Australian Cyber Security Centre, Voting and North Korea

TuxMachines - Wed, 2017-10-11 12:23
  • Accenture's crown jewels found exposed in unsecured AWS buckets

    Global corporate consulting and management firm Accenture left at least four cloud-based storage servers unsecured and open to the public, the security company UpGuard has found.

    Exposed to the world were secret API data, authentication credentials, certificates, decryption keys, customer information and other data that could have been used to attack both the company and its clients.

  • Cyber terror? Ain't seen it yet, says Australian Cyber Security Centre

    Despite all the hyper-ventilation by politicians who paint grim scenarios of cyber Armageddon always being around the corner, Australia is yet to face malicious activity that would constitute a cyber attack, according to the Australian Cyber Security Centre.

  • The Race to Secure Voting Tech Gets an Urgent Jumpstart

    On Tuesday, representatives from the hacking conference DefCon and partners at the Atlantic Council think tank shared findings from a report about DefCon's Voting Village, where hundreds of hackers got to physically interact with—and compromise—actual US voting machines for the first time ever at the conference in July. Work over three days at the Village underscored the fundamental vulnerability of the devices, and raised questions about important issues, like the trustworthiness of hardware parts manufactured in other countries, including China. But most importantly, the report highlights the dire urgency of securing US voting systems before the 2018 midterm elections.

  • North Korean Hack [sic] of U.S. War Plans Shows Off Cyber Skills

read more

More AMD Zen Tuning Patches Posted For GCC

Phoronix - Wed, 2017-10-11 12:10
A few days back I initially wrote about a SUSE developer working on Zen tuning patches for GCC. That work has continued with more compiler patches coming for optimizing the GNU's compiler for Ryzen / Threadripper / EPYC processors...

How to Install Mailtrain Newsletter Application on CentOS 7

LXer - Wed, 2017-10-11 12:03
Mailtrain is an open source self-hosted newsletter application written on Node.js. In this tutorial, we will install Mailtrain along with all the required dependencies on CentOS 7. We will also setup Nginx as a reverse proxy to serve the application on standard HTTP port.

Is this weird problem with Firefox universal on all linux distros?

Reddit - Wed, 2017-10-11 11:44

There is this weird glitch with firefox that I've only observed on linux distros but not any other OSes. When you press "Control-T" (to open a new tab), sometimes (about 3 to 4 percent of times), instead of opening a new tab, it starts the effect of "Control-+" multiple times in a loop (i.e. the web-page starts zooming in). At least on Ubuntu and Linux Mint, this behavior happens quite a lot.

Does anyone has any idea about this?

submitted by /u/94e7eaa64e
[link] [comments]

In Device We Trust: Measure Twice, Compute Once with Xen, Linux, TPM 2.0 and TXT

LXer - Wed, 2017-10-11 10:43
Is anything in my device the same as yesterday? When we observe our evolving devices and their remote services, what can we question and measure?

ryzen segmentation fault testing

Reddit - Wed, 2017-10-11 10:22


Did anyone here try the segmentation fault test?

I tried it last night and it failed after about 5 minutes, but I didn't get the expected

[KERN] Jul 12 13:35:04 strider kernel: bash[11568]: segfault at 60 ip 0000000000435d7e sp 00007fff8106ee00 error 6 in bash[400000+100000]

error. It just said it failed.

I did not get the "segfault" message, just the "build failed" message with no other errors.

I also tried other stress tests that worked and normal compiling works.

submitted by /u/adevland
[link] [comments]

Discovering Linux opened a window to the open source world

TuxMachines - Wed, 2017-10-11 09:52

Life happened, and it was not until the fall of 2013—two full years later—that I took the plunge and wiped my wife’s old laptop to install Ubuntu 13.10. What a thrill of adventure! I discovered LibreOffice, GIMP, Inkscape, and Blender (my personal favorite). I continued to dabble in Linux on the spare laptop, as I was still required to run Windows 7 on my ThinkPad while I was attending grad school. In the spring of 2015, my grandfather gave me a monetary gift, for which I was grateful. At long last, I was able to purchase my first true Linux laptop. I immediately went to the System76 website, which I had almost memorized from repeated viewing, to configure and order my Bonobo Extreme.

read more

GNOME 3.28 Desktop Environment to Land March 14, 2018, Development Starts Soon

TuxMachines - Wed, 2017-10-11 09:40

Now that the GNOME 3.26 desktop environment received its first point release and it already started landing in the repositories of various popular GNU/Linux distributions, it's time for the GNOME devs to concentrate their efforts on the next major release.

read more

KDE Neon 5.11 Is the First Linux Distro to Ship with KDE Plasma 5.11 Desktop

LXer - Wed, 2017-10-11 09:23
Just hours after the release of the KDE Plasma 5.11 desktop environment, the developers behind the KDE Neon GNU/Linux distribution have announced the availability of a new version that ships with Plasma 5.11.

KDE Plasma 5.12 Pushing For "An Awesome Release On Wayland"

Phoronix - Wed, 2017-10-11 08:35
While today's release of KDE Plasma 5.11 brings with it many Wayland improvements, KWin maintainer Martin Flöser (né Gräßlin) is proposing to get the Plasma 5.12 support into better shape on Wayland...

rTorrent A CLI Based Torrent Client For Linux

TuxMachines - Wed, 2017-10-11 08:25

​Unlike familiar graphical torrent clients such as Deluge and uTorrent, rTorrent is a completely text-based torrent application, designed to be used in a terminal or terminal multiplexer such as tmux.

more" title="Read the rest of this article" />

read more

Can we talk about SELinux and software for a minute [kind of a rant, but i would like an explanation]

Reddit - Wed, 2017-10-11 08:20

So, i started a job a while ago, and started getting into setting up new config management. In doing so, we agreed to leave SELinux on, and building policies, enabling allowances as needed. This turned into me spending collectively about a week or more writing policies for everything from rsyslog to fpm, mysql, basically every software we used didnt have supporting policies for doing most of their basic functions.

Now, i get that to some extent, thats the point. Least privilege. However, i shouldn't have to go do an setsebool to allow nginx to communicate via fcgiproxy. If that module is enabled, then, you should also enable the (nonexistent) SELinux policy that blocks it. I shouldnt have to allow external connections on a service whose sole purpose is to communicate outside that server.

So, my question is, why do these maintainers completely ignore an important, and integrated part of the system. It cant be just laziness, can it? Surely some maintainer or developer of these packages has seen this too, why isnt it stopping?

Why is the answer always to just disable SELinux/AppArmor. That's a terrible practice, and yet i see it everywhere.

submitted by /u/AccidentallyTheCable
[link] [comments]

Purism Linux smartphone makes its $1.5 million crowdfunding goal

LXer - Wed, 2017-10-11 08:03
Hundreds of millions are happy with Android smartphones and iPhones. But there are some users who want the maximum possible control over their smartphones. For those people, Purism now has the funding it needs for its free-software smartphone without a trace of proprietary code or firmware: The Purism Librem 5 smartphone.

How to test internet speed in Linux terminal

LinuxToday - Wed, 2017-10-11 08:00

Learn how to use speedtest cli tool to test internet speed in Linux terminal.

What are some of the rites of passages in Linux?

Reddit - Wed, 2017-10-11 07:29

Right now, I'm compiling a kernel for the first time, and couldn't help but think about how far I've gone as a nerdy hobbyist. From writing my first HTML file to modifying an early CS game to Windows shell scripting to C programming to Linux.

Sometimes I worry that I'll either eventually get bored of this, that what I'm doing may be useless or that I'll eventually run out of things to do.

Either way, what do you consider to be the rites of passages within our culture? Which ones have you completed?

submitted by /u/DumbMobile2
[link] [comments]

Nvidias latest Drive PX car computer offers Level 5 autonomy

LXer - Wed, 2017-10-11 06:43
Nvidia unveiled a “Drive PX Pegasus” computer for Level 5 self-driving cars that runs Linux on up to 4x octa-core “Xavier” SoCs and a 640-core Volta GPU. At the GPU Technology Conference in Munich, Nvidia founder and CEO Jensen Huang announced a more powerful version of the chip designer’s Linux-based Drive PX platform for autonomous cars.


Subscribe to LinuxInsight aggregator