We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The Linux Foundation and OpenSSF Alpha-Omega Project, backed by Microsoft and Google, aims to improve the security of 10,000 open-source projects through a human-centered approach to open-source software security.
Following a meeting with government and industry leaders at the White House, OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing.
Along with the broader industry trend of transitioning security-sensitive code to memory-safe languages like Rust, there has been an effort to write a Rust-based replacement to GNU Coreutils. For nearly a year that Rust Coreutils has been able to run a basic Debian system while more recently they have been increasing their level of GNU Coreutils compatibility and in some cases now even outperforming the upstream project.
The Linux Vendor Firmware Service (LVFS) with Fwupd for firmware updating on Linux could soon be making it easier to transition older, end-of-life devices off official firmware packages and onto the likes of open-source Coreboot for capable aging PC hardware. This not only would make the system run on more free software but would extend the life of the hardware with firmware updates where the vendor has ceased their support.
Way back in August Intel posted a set of Linux kernel patches for supporting "unaccepted memory" by the Linux kernel in preparation for next-generation Xeon processors and speeding up the boot time for guest virtual machines making use of Intel's Trust Domain Extensions (TDX) security feature. Unaccepted memory support hasn't yet made it to the mainline kernel but now a second iteration of the patches have been posted.
Cleaning off decades of code mess isn't for the faint of heart, but leading Linux kernel developer Ingo Molnar is giving it the old college try in the Linux kernel. The result will make it easier and quicker than ever to make improvements, patches, and add features to Linux.
Intel is bringing a feature upgrade to Linux that will make Windows users jealous. "The upcoming “pfr_update” driver is set to be introduced in Linux kernel 5.17. Sources say it appears to be designed for system firmware updates in cases of critical bugs or security issues, allowing server administrators to patch their hardware without downtime."
It's been nearly two years in the making since Intel posted FGKASLR patches for improving Linux kernel security. While that work on Finer Grained / Function Granular KASLR stalled for a year, in recent months work on it was revived and it looks like this security feature is on a path for mainlining in 2022.
A few days ago, a serious new vulnerability was identified in Apache log4j v2 and published as CVE-2021-44228. We were one of the first security companies to write about it, and we named it "Log4Shell".
Linux is a versatile operating system. Its use cases vary greatly, from hosting hundreds of containers across a complex network, to running a single desktop, to the operating systems of TVs, Android phones and most Internet of Things (IoT) devices.
Linux is getting more Rust in it by the day! Why? Because it's more stable and much safer than C - especially at handling memory errors.
The time has come to say goodbye to another Linux kernel series, Linux 5.14, which is now end-of-life and it won’t receive further updates, so it’s time to upgrade to a newer kernel branch.
The Internet Security Research Group (ISRG)'s new Prossimo project seeks to make many basic internet programs and protocols memory-safe by rewriting them in Rust.
Microsoft has announced it's adding even more security features to the protection it offers Linux operating systems for the cloud.
Security is becoming an increasingly key piece of the open source puzzle amid industry-wide pushes to shift left and integrate security during early stages of application development. The Linux Foundation’s Open Source Security Foundation (OpenSSF), which encompasses Google’s Supply chain Levels for Software Artifacts (SLSA), is one example of how the open source community is working to improve software security through an ecosystem approach, vying for proactive handling of security by default.
Oracle has published its latest quarterly update to GraalVM, the open-source Java JVM/JDK implemented in Java that also supports other execution modes and programming languages from Python to R to Ruby, adding Java 17 support and featuring a selection of other improvements you don't want to miss!
The Linux Foundation has raised $10 million in new investments to expand and support its Open Source Security Foundation project. “This industrywide commitment is answering the call from the White House to raise the baseline for our collective cybersecurity well-being, as well as ‘paying it forward’ to open source communities to help them create secure software from which we all benefit,” Jim Zemlin, executive director at the Linux Foundation, said in a statement. “With the tremendous growth and pervasiveness of open source software, building cybersecurity practices and programs that scale is our biggest task at hand.”
The Secure Open Source (SOS) Rewards pilot program, run by the Linux Foundation, will reward developers with potentially more than $10,000 for enhancing the security of critical open-source software.
Security researcher and Linux kernel contributor Alexander Popov has proposed a new kernel option called "pkill_on_warn" that would kill all threads in a process if that process provoked a kernel warning. This wouldn't change the default kernel behavior but if/when the patch is merged, booting the kernel with pkill_on_warn=1 would enable this new behavior to kill processes causing kernel warnings.
A friendly reminder for Linux kernel 5.13 users: the Linux 5.13 kernel series has reached end of life and it will no longer be supported with security updates. Upgrade to Linux Kernel 5.14 as soon as you have the chance to do so!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
