SMLR 307 Night of The Living Daemon
Podcast: Play in new window
Subscribe: Apple Podcasts | RSS
Downloads:
Contact Us:
show (at) smlr.us or the Contact us page
On the Lawrence Systems Forums
https://forums.lawrencesystems.com/c/smlr-podcast
Intro:
Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix
Sound bites by Mike Tanner
Phils GitHub
The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge
Jay’s Site
Jay’s Bash Prompt https://pastebin.com/kzPjE8y4
Show Notes
South Korea will ditch Microsoft Windows for Linux
https://betanews.com/2019/05/18/korea-linux/
List of Linux adopters
https://en.wikipedia.org/wiki/List_of_Linux_adopters
The attacks can be launched with the help of specially crafted TCP packets sent to vulnerable Linux boxes which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.
The remotely exploitable vulnerability has been assigned a 8.1 high severity base score by NIST’s NVD, it is being tracked as CVE-2019-11815 (Red Hat, Ubuntu, SUSE, and Debian) and it could be abused by unauthenticated attackers without interaction from the user.
Nextcloud 16 introduces machine learning based security and usability features, ACL permissions and cross-app projects
History of the OwnCloud to NextCloud Fork
https://media.libreplanet.org/u/libreplanet/m/why-i-forked-my-own-project-and-my-own-company-31c3/
Six more devices from ThinkPenguin, Inc. now FSF-certified to Respect Your Freedom
Linux Kernel’s Perf Now Supports Zstd-Compressed Trace Recording
https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.2-Compressed-Perf
ZombieLoad
https://www.phoronix.com/scan.php?page=news_item&px=MDS-Zombieload-Initial-Impact
PineBook
https://liliputing.com/2019/05/pinebook-pro-update-the-199-linux-laptop-is-almost-ready-to-go.html
=====================================================
Tony
It’s not just Huawei. Trump’s new tech sector order could ripple through global supply chains.
Executive Order on Securing the Information and Communications Technology and Services Supply Chain
Ann Arbor Tech Trak – June 7, 2019
https://a2tech360.com/events/tech-trek/
Hack:A2 – June 8, 2019
https://a2tech360.com/events/hacka2/
Jay
—
Next Generation Plasma Notifications
https://blog.broulik.de/2019/05/next-generation-plasma-notifications
Tilix Terminal Emulator Needs a New Maintainer
https://www.omgubuntu.co.uk/2019/05/tilix-terminal-emulator-new-maintainer
Mozilla Had A Rough Night With Add-Ons Getting Disabled Due To An Expired Certificate
https://www.phoronix.com/scan.php?page=news_item&px=Firefox-Add-Ons-Cert-Expired
===============================
Phil
—
What is a zombie process?
https://www.howtogeek.com/119815/htg-explains-what-is-a-zombie-process-on-linux/
Centos8 build cycle and status
https://wiki.centos.org/About/Building_8
FCC to combat robocalls (finally wow, great job team, /sarcasm)
https://www.fcc.gov/about-fcc/fcc-initiatives/fccs-push-combat-robocalls-spoofing
https://letsencrypt.org/2019/05/15/introducing-oak-ct-log.html
Today we are announcing a new Certificate Transparency log called Oak. The Oak log will be operated by Let’s Encrypt and all publicly trusted certificate authorities will be welcome to submit certificates.
Certificate Transparency (CT) is a system for logging and monitoring certificate issuance. It greatly enhances everyone’s ability to monitor and study certificate issuance, and these capabilities have led to numerous improvements to the CA ecosystem and Web security. As a result, it is rapidly becoming critical Internet infrastructure. Let’s Encrypt accelerated the adoption of CT by logging every certificate since we started issuing in 2015 – approximately half a billion certificates at this point.
Microarchitectural Data Sampling “MDS” vulnerabilities now known more commonly as Zombieload
https://www.phoronix.com/scan.php?page=article&item=mds-zombieload-mit&num=1
This content is published under the Attribution-Noncommercial-Share Alike 3.0 Unported license.