Linux Security Week: May 27th, 2019
Linux Security Week: May 27th, 2019
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
LinuxSecurity.com Feature Extras:
Press Release: Guardian Digital Leverages the Power of Open Source to Combat Evolving Email Security Threats - Cloud-based email security solution utilizes the open source methodology for securing business email, recognized by many as the best approach to the problem of maintaining security in the relentlessly dynamic environment of the Internet.
You've Been Pwned! Best Practices to Prevent Your Email Account from Being Compromised in a Data Breach - An Interview with Dave Wreski, CEO of Guardian Digital
Google pulls Huawei’s Android license, forcing it to use open source version (May 20)
Following the US crackdown on Chinese technology companies, Google has cut off Huawei's Android license, dealing a huge blow to the besieged phonemaker. Reuters first reported the news, and The Verge subsequently confirmed Google's suspension of business with Huawei with a source familiar with the matter.
South Korea eyes Linux as Windows 7 end of support nears (May 20)
Rather than pay hefty fees to Microsoft once Windows 7 becomes unsupported, the South Korean government is looking to roll out more Linux systems.
The future of AI is collaborative (May 21)
AI is becoming increasingly widespread, affecting all facets of society -- even Sonic drive-ins are planning to implement artificial intelligence to provide better customer service.
Huawei says it's a 'victim of bullying by the US' (May 21)
To no one's surprise, Huawei isn't reacting calmly to losing key suppliers in the wake of the US' trade restrictions. Representative Abraham Liu said the company was the "victim of the bullying by the US administration," and that this was an attack on the "liberal, rules-based order." He added that the company wasn't taking the loss of Android support lying down. Huawei was "working closely" with Google to see how it could "handle the situation," Liu said, noting that Google had no motivations to block the company beyond complying with US law.
Cyber Security NSW to boost state capabilities (May 20)
The New South Wales government has launched Cyber Security NSW in a bid to consolidate and lift the cyber capability of state entities.
Cache of 49 million Instagram records found online (May 22)
A security researcher has discovered a massive cache of data for millions of Instagram accounts, publicly accessible for everyone to see. The account included sensitive information that would be useful to cyberstalkers, among others.
Google stored some G Suite passwords in unhashed form for 14 years (May 22)
Google revealed that it recently discovered a bug that caused a subset of its enterprise G Suite customers to have their passwords stored in an unhashed -- albeit encrypted -- form for about 14 years.
GDPR adtech complaints keep stacking up in Europe (May 20)
It's a year since Europe's General Data Protection Regulation (GDPR) came into force and leaky adtech is now facing privacy complaints in four more European Union markets. This ups the tally to seven markets where data protection authorities have been urged to investigate a core function of behavioral advertising.
Linux 5.1 Hit By A Data Loss Bug Due To Overly Aggressive FSTRIM (May 25)
As a forewarning to those using LVM, dm-crypt, and Samsung solid-state drives, this combination in some manner(s) may lead to data corruption if using the Linux 5.1 kernel.
2016 election hacking in Florida: Russian emails, hidden tracks (May 24)
Since early April when Special Counsel Robert Mueller's redacted report on the investigation into Russian interference in the 2016 presidential election was released, a storm of confusion and controversy has raged over what happened in Florida during that election. A cryptic passage in the Mueller report outlines how Unit 74455 of Russia's military intelligence arm GRU sent "spear-phishing emails to public officials involved in election administration and personnel involved in voting technology."
Tor Browser for Android 8.5 offers mobile users privacy boost (May 23)
After nine months of alpha testing, a stable release of the Tor browser for Android can now be downloaded from Google's Play store or direct from the Project's website.
Why the future of US data regulation must come from Congress (May 25)
As of May 2019, over 20 US states have introduced bills seeking to regulate data privacy, data security, or some combination of the two. While many of these bills agree in spirit (i.e. privacy good, data collection and usage bad), the various bills are decidedly more divergent as to how to accomplish these objectives.
Ransomware attacks in US cities are using a stolen NSA tool (May 26)
The ransomware attacks in Baltimore and other US cities appear to have a common thread: they're using NSA tools on the agency's home soil. In-the-know security experts talking to the New York Times said the malware in the cyberattacks is using the NSA's stolen EternalBlue as a "key component," much like WannaCry and NotPetya. While the full list of affected cities isn't available, San Antonio and the Pennsylvania city of Allentown have reportedly been victims of EternalBlue-based campaigns.
Huawei Linux Laptop Driver Improvements On The Way (May 23)
While Microsoft is severing its relationship with Huawei, those with Huawei laptops may find a better experience on Linux.
Edge Magnifies Open Source Challenges, Opportunities (May 27)
There are almost as many open source groups and projects working on edge computing as there are definitions of edge -- one such project, in fact, focuses exclusively on defining edge terms. This is partially due to the hype, and consolidation will probably happen as the hype turns into real-life deployments and concrete use cases.
All the Ways Google Tracks You—And How to Stop It (May 27)
You're probably aware that Google keeps tabs on what you're up to on its devices, apps, and services--but you might not realize just how far its tracking reach extends, into the places you go, the purchases you make, and much more. It's an extensive set of data, but you can take more control over what Google collects about you and how long the company keeps it. Here's how.