0

SMLR 307 Night of The Living Daemon

Posted by Tom Lawrence on May 20, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 307

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

South Korea will ditch Microsoft Windows for Linux
https://betanews.com/2019/05/18/korea-linux/

 

List of Linux adopters

https://en.wikipedia.org/wiki/List_of_Linux_adopters

 

The attacks can be launched with the help of specially crafted TCP packets sent to vulnerable Linux boxes which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.

 

The remotely exploitable vulnerability has been assigned a 8.1 high severity base score by NIST’s NVD, it is being tracked as CVE-2019-11815 (Red Hat, Ubuntu, SUSE, and Debian) and it could be abused by unauthenticated attackers without interaction from the user.

https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/

 

Nextcloud 16 introduces machine learning based security and usability features, ACL permissions and cross-app projects

https://nextcloud.com/blog/nextcloud-16-introduces-machine-learning-based-security-and-usability-features-acl-permissions-and-cross-app-projects/

 

History of the OwnCloud to NextCloud Fork

https://media.libreplanet.org/u/libreplanet/m/why-i-forked-my-own-project-and-my-own-company-31c3/

 

Six more devices from ThinkPenguin, Inc. now FSF-certified to Respect Your Freedom

https://www.fsf.org/news/six-more-devices-from-thinkpenguin-inc-now-fsf-certified-to-respect-your-freedom

 

Linux Kernel’s Perf Now Supports Zstd-Compressed Trace Recording

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.2-Compressed-Perf

 

ZombieLoad

https://www.phoronix.com/scan.php?page=news_item&px=MDS-Zombieload-Initial-Impact

 

PineBook

https://liliputing.com/2019/05/pinebook-pro-update-the-199-linux-laptop-is-almost-ready-to-go.html

=====================================================

Tony

 

It’s not just Huawei. Trump’s new tech sector order could ripple through global supply chains.

https://www.washingtonpost.com/politics/2019/05/18/its-not-just-huawei-trumps-new-tech-sector-order-could-ripple-through-global-supply-chains/?noredirect=on&utm_term=.e85ef78273d8

 

Executive Order on Securing the Information and Communications Technology and Services Supply Chain

https://www.whitehouse.gov/presidential-actions/executive-order-securing-information-communications-technology-services-supply-chain/

 

Ann Arbor Tech Trak – June 7, 2019

https://a2tech360.com/events/tech-trek/

 

Hack:A2 – June 8, 2019

https://a2tech360.com/events/hacka2/

Jay

Next Generation Plasma Notifications

https://blog.broulik.de/2019/05/next-generation-plasma-notifications

 

Tilix Terminal Emulator Needs a New Maintainer

https://www.omgubuntu.co.uk/2019/05/tilix-terminal-emulator-new-maintainer

 

Mozilla Had A Rough Night With Add-Ons Getting Disabled Due To An Expired Certificate

https://www.phoronix.com/scan.php?page=news_item&px=Firefox-Add-Ons-Cert-Expired

 

===============================

Phil

What is a zombie process?

https://www.howtogeek.com/119815/htg-explains-what-is-a-zombie-process-on-linux/

 

Centos8 build cycle and status

https://wiki.centos.org/About/Building_8

 

FCC to combat robocalls (finally wow, great job team, /sarcasm)

https://www.fcc.gov/about-fcc/fcc-initiatives/fccs-push-combat-robocalls-spoofing

 

https://letsencrypt.org/2019/05/15/introducing-oak-ct-log.html

Today we are announcing a new Certificate Transparency log called Oak. The Oak log will be operated by Let’s Encrypt and all publicly trusted certificate authorities will be welcome to submit certificates.

 

Certificate Transparency (CT) is a system for logging and monitoring certificate issuance. It greatly enhances everyone’s ability to monitor and study certificate issuance, and these capabilities have led to numerous improvements to the CA ecosystem and Web security. As a result, it is rapidly becoming critical Internet infrastructure. Let’s Encrypt accelerated the adoption of CT by logging every certificate since we started issuing in 2015 – approximately half a billion certificates at this point.

 

Microarchitectural Data Sampling “MDS” vulnerabilities now known more commonly as Zombieload

https://www.phoronix.com/scan.php?page=article&item=mds-zombieload-mit&num=1

 

This content is published under the Attribution-Noncommercial-Share Alike 3.0 Unported license.

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2011-2019 Sunday Morning Linux Review All rights reserved.
This site is using the Desk Mess Mirrored theme, v2.5, from BuyNowShop.com.