Items tagged with Linux

Linux is generally considered the Fort Knox of operating system (OS) standards, but it is not completely immune to security exploits. And it's not just kids breaking and bypassing screensave locks, either. Case in point, the folks at Qualys discovered a heap overflow vulnerability in Sudo, the common utility in major Unix-like OSes, that could allow an attacker to gain root privileges on an unpatched system. According to the security researchers at Qualys, the vulnerability has been hiding in plain sight for almost a decade, tracing back to July 2011. It affects all legacy versions of Sudo from 1.8.2 to 1.8.31p2, and all stable builds from 1.9.0 to 1.9.5p1. "Successful exploitation of this vulnerability... Read more...
One of the more pragmatic aspects of Intel-powered Macs was their ability to run alternative operating systems, including Windows and Linux, without much effort at all. Apple even included a Windows preparation tool, Boot Camp, on all of its systems with Intel Core processors. With the advent of Apple Silicon Macs (such as the recent Mac mini) that have the company's M1 SoC under the hood, Apple discontinued Boot Camp. Those systems had been locked into macOS 11 Big Sur, but thanks to Arm-based virtual cloud device maker Corellium, Ubuntu Linux is now "completely usable." Arm offers an array of licenses to its architecture that range from processor licenses, in which a chip vendor can whole hog... Read more...
If you give some kids restricted access to technology, they are bound to find a loophole or bug that lets them do what they want regardless. After being asked by his kids to “hack” his Linux desktop, one Dad let the kids play with the keyboard. This button-mashing actually crashed the machine's screensaver by sheer luck, allowing them onto the desktop, ultimately leading to the discovery of a high priority security vulnerability for the Linux Mint team. The bug report, posted to GitHub by user Robo2Bobo, states that it became possible to crash the screensaver and unlock the desktop via the virtual keyboard. Robo2Bobo then explained that this was found because “A few weeks ago,... Read more...
For as long as developers have been writing software code, they've been inadvertently creating bugs. It's when those bugs can compromise the security of a PC that a bug goes from an annoyance to a potential real danger. Security issues with apps can be worked around in the interim, even if it means uninstalling it, but what about when the security vulnerability is in the driver for some critical piece of hardware; say a video adapter? When that happens, developers have to isolate the cause and act quickly to plug the holes, or else risk any PC with that hardware being open to attack. Such was the case for NVIDIA this week.  The GeForce, Quadro, and AI accelerator maker has issued a series... Read more...
Earlier this year, retro gamers and emulator fans got their hands on the Odroid-Go Advanced Black Edition, a portable emulator akin to a Nintendo Switch. Now, Odroid has announced another product, the Odroid-Go Super, which has some marked improvements and losses over the last device. First, and most importantly, are the specs in this retro gaming console. This time around, though, not much is changing. The Odroid-Go Super retains the Rockchip RK3326 SoC with a quad-core ARM Cortex-A35 processor paired with a Mali-G31 MP2 GPU. It also still has 1GB of RAM and 16MB of flash memory for bootloading. However, the most noticeable upgrade is the screen, which has gone from 3.5” to 5”. The... Read more...
Blockchain is back, and cryptocurrency is coming up again. Earlier this week, PayPal announced that it would accept cryptocurrency payments, which gave Bitcoin a bump in price. With AMD Radeon RX 6000 "Big Navi" cards coming soon, there could be a new rush to mine cryptocurrency.  The fine folks at Phoronix, however, have discovered something called “navi10 blockchain SKU” in the AMD Linux drivers hinting at older hardware purpose-built for mining. When Bitcoin and Ethereum peaked several years ago, it lead to a mass frenzy of graphics cards for mining. At that time, GPU manufacturers started to produce display-less GPUs for cryptocurrency mining. These GPUs would, in theory,... Read more...
A new Bluetooth security vulnerability has appeared, and this time Linux is under the gun. Andy Nguyen, an information security researcher, discovered the vulnerabilities. They are collectively known as BleedingTooth, which allows for zero-click remote code execution on Linux devices within Bluetooth range. The code can be executed with kernel privileges, and Intel has rated the exploit at an 8.3 on the common vulnerability scoring system (CVSS). According to the research page for CVE-2020-12351, BleedingTooth is a "Heap-Based Type Confusion in L2CAP." What this means is that a malicious user can send data to the Bluetooth subsystem (BlueZ program) in Linux, after which the code for the subsystem... Read more...
Recently, an article entitled “Last phase of the desktop wars?” poses an interesting notion and question, that is both polarizing and provocative, regarding the future of Microsoft's OS strategy. What is next for Windows? As the author of the article, open source software developer and advocate Eric S. Raymond notes, Microsoft has added features to Windows to better align it with Linux. He also suggests that the divide between Linux and Windows could eventually shrink until the two operating systems essentially become one. As he puts it, Linux would win the desktop wars, “not by displacing Windows but by co-opting it. Perhaps this is always how it had to be.”... Read more...
While COVID-19 can claim some credit for more workers than ever performing their job duties remotely over the course of this year, the fact is the corporate world has been moving in that direction for a long time. At the same time, more businesses are trusting their data with private datacenters or public cloud hosting solutions. The two-fold struggle for IT departments has been how to securely give employees access to cloud apps, in-house data servers, and applications, while also managing a fleet of PCs when that fleet is outside of the corporate firewall. VPNs can help but there's a lot more to it than that. In fact, VPNs are just another variable that has to be considered, and often... Read more...
Linux typically does not get all that much love when it comes to games. Now, the penguin-people out there are getting an update to a free kart racer called Super Tux Kart with Tux the penguin as the main character. First off, what is Super Tux Kart? According to the project’s webpage, it is an “3D open-source arcade racer with a variety characters, tracks, and modes to play.” In the early 2000s, a project called TuxKart floated around for Linux (if you want to see this lovely Word-webpage, you can do so here). Once the project tapered off around 2004, it was picked up again in 2006 by Joerg Henrichs, now with the moniker of “Super Tux Kart.” Over time, updates... Read more...
Microsoft has confirmed that support for Windows Subsystem for Linux 2 (WSL 2) was backported to version 1903 and version 1909 of Windows 10. Developers have worked over the last few months to bring WSL 2 to those versions of Windows 10 and did so thanks to customer feedback from users who have enjoyed using it. WSL 2 is a new version of the architecture in WSL that modifies how the Linux distribution interacts with Windows. Each Linux distribution can run as WSL 1 or WSL 2 and can be switched between any time. Some of the significant changes for WSL 2 distros include: File system performance now on par with Mac and Linux speeds Improved System Call Support for all Linux applications notably:... Read more...
Bootloaders are an essential bit of software for almost every modern electronic device. Unfortunately, any vulnerabilities in the bootloader can open a device up to attackers. Eclypsium researchers recently discovered a buffer overflow vulnerability in the GRUB2 bootloader, nicknamed “BootHole”. This affects any device that uses GRUB2 with Secure Boot, including most Linux and some Windows devices. How Does BootHole Work The “GRand Unified Bootloader version 2”, or GRUB2, is a bootloader that is common on many Linux devices. It uses bison, a parsers generator, and flex, a lexical analyser, to “generate a parsing engine for a domain-specific language (DSL).”... Read more...
If you're reading this article from home, it’s likely that you're connected to a consumer-grade Wi-Fi router, either wirelessly or via hard wired Ethernet. And if that's the case, you should probably take this time to upgrade your router's firmware ASAP. That is if an update is even available from the manufacturer. We say this because the Fraunhofer Institute for Communication (FKIE) in Germany recently performed test of 127 home routers, to probe them for their resistance to security threats. Of the routers the researchers tested, 91 percent of them were found to be running some version of embedded Linux, which isn’t surprising. What was surprising, however, was that the researchers... Read more...
Linux got a big boost this week with the announcement that Lenovo is certifying some of its ThinkPad and ThinkStation PCs to run the operating system. Windows may be the popular “desktop” operating system around the globe, but Linux has a loyal fanbase and there are plenty of distros available that have made Linux more consumer-friendly over time. With its announcement, all of Lenovo’s mobile and desktop workstations have been certified to work with Ubuntu and Red Hat. And Lenovo isn’t be scattershot about its approach here: every single ThinkStation and ThinkPad P Series workstation is supported. That is incredible commitment from Lenovo which will definitely be applauded... Read more...
Microsoft was once apprehensive about Linux, with Steve Ballmer likening the operating system in 2001 to a “cancer that attaches itself in an intellectual property sense to everything it touches.” While that wasn’t a very flattering portrayal of Linux and open source software by the then Microsoft CEO, the company has since embraced the open source movement, and Linux in particular. At Microsoft’s BUILD 2020 event, which is streaming online right now, the company announced that it is ready to take its tight relationship with Linux to the next level. That means that full GUI support for Linux apps is now coming to Windows 10. Not only will there be Linux GUI support... Read more...
As an organization, Microsoft no longer likens Linux to a deadly disease, as was the sentiment put out there by former CEO Steve Ballmer nearly a decade ago. Microsoft is now embracing Linux, or at least welcoming it into the fold, as the company readies its second iteration of Windows Subsystem for Linux (WSL2) in Windows 10. This is a pretty remarkable turnabout when you think about it. In 2001, a boisterous Ballmer called "Linux a cancer that attaches itself in an intellectual property sense to everything it touches." The basis of his argument was that "if you use an open-source software, you have to make the rest of your software open source." Ballmer was wrong, and now several years later,... Read more...
Gamers all around the world were extremely excited when Half-Life: Alyx was announced. After many years, fans were able to get back into the Half-Life universe. The game has been updated recently to include Steam Workshop support along with a beta release of community development tools. One of the best things about the update for fans is that it brings a native version of the game for the Linux, and optional support for Vulkan on Windows. To enable Vulkan on Windows, go to the main menu, then Options > Performance > Advanced (gear icon) > Rendering API, and choosing Vulkan. While support for Linux is welcome, the big news is that the tools in the Steam Workshop update allow players to... Read more...
Think you have what it takes to thwart the security mechanisms in Azure Sphere, a comprehensive security solution Microsoft developed for the Internet of Things (IoT) category? Those who do could potentially collect up to a $100,000 bug bounty. That's some serious cash, and it applies to two specific type of hacks. The bug bounties are part of a three-month research challenge, in which accepted applicants are invited to look for flaws in Microsoft's Azure Sphere platform. To qualify for the maximum award amount, a security researcher would need to demonstrate an ability to execute unauthorized code on either Pluton or Secure World. "While Azure Sphere implements security upfront and by default,... Read more...
Retro gaming fans who want to be able to play their favorite classics on the go may want to check out the Odroid-Go Advanced Black Edition. The Black Edition is an upgrade to the Odroid-Go Advance that launched last year with key upgrades fans have been calling for. The significant upgrades compared to the previous generation include Wi-Fi and the elimination of the large barrel power port. The portable retro gaming console is powered by a Rockchip RK3326 SoC featuring a quad-core ARM Cortex-A35 processor operating at 1.3 GHz with a Mali-G31 MP2 GPU. System memory is 1GB along with 16MB SPI Flash for bootloading and a microSD card slot for storage. The little display is a 3.5-inch unit with a... Read more...
Microsoft has pushed a new Insider Preview of Windows 10 to the Fast ring, which brings it up to Build 19603. There are a number of changes that have been incorporated into this latest build, but the headlining feature is new File Explorer integration for the Windows Subsystem for Linux, aka WSL. We should mention that Microsoft first gave users the ability to gain access to their Linux files dating back to Windows 10 1903. However, Microsoft is now making accessing those files even easier by adding a Linux icon to the left-hand side navigation pane in File Explorer. After clicking the Linux icon, it will expand to show you all of the currently installed distros on your system. Clicking each... Read more...
Microsoft is making a change to how it bundles the Linux kernel within its Windows Subsystem for Linux (WSL) in Windows 10. Starting with the Windows 10 version 2004 update (20H1) that will soon be made available to the general public, the second version of the Windows Subsystem for Linux (WSL2) will see the Linux kernel removed from the Windows OS image and pushed out via Windows Update instead. This is essentially how third party drivers are installed in Windows 10 PCs, and according to Microsoft, the move to deliver the Linux kernel inside of WSL2 in the same fashion is based on hearing "lots of community feedback" on how the installation could be streamlined. Microsoft says this is the first... Read more...
Microsoft has announced that it will be expanding Microsoft Defender ATP to the Linux operating system very soon. Microsoft has been working to expand its security solutions outside of its own Windows universe. The announcement of the public preview for Linux is the latest move for Microsoft in its expansion. Microsoft offers no specific timeframe for the software debut other than saying the public preview will open "in the next few days." The software giant will offer preventative capabilities for Linux servers that will include a full command line experience to configure and manage the agent, initiate scans, and manage threats. The company plans to offer a Microsoft Defender Security Center... Read more...
1 2 3 4 5 Next ... Last