Applying updates to an active kernel with Ksplice
Clever Helper for Some Scenarios
Ksplice includes clever mechanisms to support hot kernel updates at the binary level. Despite intelligent code pushing and vector analysis, administrators should be aware that they do need to check manually on a case-by-case basis to determine whether the tool is useful. Ksplice is useful for simple cases, but it is no replacement for a hardware failover solution in situations that require high system availability.
- "Ksplice: An Automatic System for Rebootless Linux Kernel Security Updates" by Jeffrey Brian Arnold, Massachusetts Institute of Technology, http://web.mit.edu/ksplice/doc/ksplice.pdf
- Ksplice download and installation: http://web.mit.edu/ksplice/
- GNU binutils and BFD library: http://sourceware.org/binutils/
- Announcement and discussion on the Linux Kernel mailing list: http://thread.gmane.org/gmane.linux.kernel/669951
Buy this article as PDF
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.