Software updates and TUF
You can no longer assume downloading unsigned software is safe. Between programs like FinFisher and the verified incidents of widespread BGP route hacking, it is best to assume that even if you are not targeted by attackers, you might get caught up in a widespread attack. Relying on HTTPS isn't a safe bet anymore, because certificate authorities can issue fake certificates to government departments so that they can intercept SSL communications. What is needed is end-to-end signing of the data, as well as signed metadata – all of which TUF provides.
- FinFisher: http://en.wikipedia.org/wiki/FinFisher
- OpenSSL website compromised: http://www.openssl.org/news/secadv_hack.txt
- TUF – The Update Framework: https://github.com/theupdateframework
- Tor: https://www.torproject.org/
- Survivable key compromise: http://freehaven.net/~arma/tuf-ccs2010.pdf
- OpenGPG card: http://www.g10code.de/p-card.html
- PEP 458: http://www.python.org/dev/peps/pep-0458/
- TUF interface for RubyGems: http://rubyforge.org/pipermail/rubygems-developers/2013-November/007044.html
- Targeted Internet traffic misdirection: http://www.renesys.com/2013/11/mitm-internet-hijacking/
- Further improving digital certificate security: http://googleonlinesecurity.blogspot.ca/2013/12/further-improving-digital-certificate.html
Buy this article as PDF
News site for the openSUSE community falls victim to a Wordpress exploit.
The source code is available online.
One out of three virtual machines on Microsoft Azure Cloud run Linux.
The form factor of the board makes it a drop-in replacement for Raspberry Pi.
Makes it easier for customers to move workloads into container-centric applications.
SUSE’s answer to container-centric operating systems.
Linux 4.9 is the biggest release in terms of number of commits.
The latest version of the official RHEL clone is here.
New release targets Linux professionals.
The Fedora project adds Wayland and Gnome 3.22