Linux Security Week: January 6th, 2020

    Date06 Jan 2020
    285
    Posted ByLinuxSecurity Advisories
    Linux Security Week Newsletter
    Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

    Linux: An OS Capable of Effectively Meeting the US Governments Security Needs Heading into 2020 - As Open Source has become increasingly mainstream and widely accepted for its numerous benefits, the use of Linux as a flexible, transparent and highly secure operating system has also increasingly become a prominent choice among corporations, educational institutions and government sectors alike. With national security concerns at an all time high heading into 2020, it appears that the implementation of Linux could effectively meet the United States governments critical security needs for application development and installations.

    Linux Kernel Security in a Nutshell: How to Secure Your Linux System - The Linux kernel is the core component of the Linux operating system, maintaining complete control over everything in the system. It is the interface between applications and data processing at the hardware level, connecting the system hardware to the application software. The kernel manages input/output requests from software, memory, processes, peripherals and security, among other hefty responsibilities. Needless to say, the Linux kernel is pretty important.


     Chrome extension caught stealing crypto-wallet private keys (Jan 1)
     

    A Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys, security researcher says. Learn more about this malicious extension:

     AI creativity will bloom in 2020, all thanks to true web machine learning (Jan 2)
     

    Machine learning has been trotted out as a trend to watch for many years now. But theres good reason to talk about it in the context of 2020. And thats thanks to developments like TensorFlow.js : anend-to-end open source machine learninglibrary that is capable of, among other features, running pre-trained AI directly in a web browser. Learn howtrue web machine learning is expected to foster AI creativity in an interesting The Next Web article:

     Google's Kernel Runtime Security Instrumentation (KRSI) Is Something To Look Forward To In 2020 (Jan 1)
     

    Back in September was an initial "request for comments" by Google on some kernel work they are doing with Kernel Runtime Security Instrumentation (KRSI) for providing eBPF-powered security helpers, ultimately for creating dynamic MAC and audit policies. Just before Christmas the first official version of this new eBPF-based instrumentation was sent out and is being prepared for deployment within Google. Learn more about Google's work with KRSI in a great Phoronix article:

     New USB cable kills your Linux laptop if stolen in a public place (Jan 3)
     

    A software engineer has designed a so-called USB "kill cable" that works as a dead man's switch to shut down or wipe a Linux laptop when the device is stolen off your table or from your lap in public spaces like parks, malls, and internet cafes. Learn more about this interesting and potentially dangerous new USB cable:

     How AI and Cybersecurity Will Intersect in 2020 (Dec 31)
     

    So much of the discussion about cybersecurity's relationship with artificial intelligence and machine learning (AI/ML) revolves around how AI and ML can improve security product functionality. However, that is actually only one dimension of a much broader collision between cybersecurity and AI. Learn aboutthe new risks and threats posed by increased use of artificial intelligence:

     BlackArch Linux Ethical Hacking OS Gets First 2020 Release with 120 New Tools (Dec 30)
     

    BlackArch Linux developers have announced the release of new ISOs and OVA image for their penetration testing and ethical hacking operating system with new tools and many improvements. Learn more:

     Python 2.7 Reaches End of Life After 20 Years of Development (Jan 3)
     

    Are you a Python user? As of January 1st, 2020, Python 2.7 has officially reached the end of life and will no longer receive security updates, bug fixes, or other improvements going forward. Learn more:

     Linux Kernel 5.3 Reached End of Life, Users Urged to Upgrade to Linux Kernel 5.4 (Dec 30)
     

    The Linux 5.3 kernel series has reached end of life and it will no longer receive maintenance updates that fix critical security issues or bugs. Learn more:

     FPGA cards can be abused for faster and more reliable Rowhammer attacks (Jan 2)
     

    In a new research paper published on the last day of 2019, a team of American and German academics has shown that field-programmable gate array (FPGA) cards can be abused to launch better and faster Rowhammer attacks. Learn more about howFPGA cards can be abused for faster and more reliable Rowhammer attacks:

     Activists Worldwide Face Off Against Face Recognition: 2019 Year in Review (Dec 31)
     

    2019 has marked the year where activists worldwide have taken action against the use of privacy-threatening facial recognition technology in public spaces. Learn more:

     Linux and open-source rules: 2019's five biggest stories show why (Dec 30)
     

    This was the year when, once and for all, it became clear that the future of technology belongs to Linux and open-source software. Get the details in an interesting ZDNet article:

     Linux 5.5-rc5 Released With "Fixes All Over" + A Big Performance Regression Fix (Jan 6)
     

    Linux 5.5 development has been picking up in recent days following Christmas week and New Year's but now more upstream developers returning to their keyboards in order to get this next kernel update buttoned up for its debut around month's end. Learn about the fixes and improvements that users can expect when they update to Linux 5.5-rc5:

     Kali Linux to Default to Non-Root User With 2020.1 Release (Jan 6)
     

    The Kali Linuxdistribution is going to switch to a new security model by defaulting to a non-root user starting with the upcoming 2020.1 release. Learn more:

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"48","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"4","type":"x","order":"2","pct":7.41,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"2","type":"x","order":"3","pct":3.7,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.