NEWS
NEWS
Updates on technologies, trends, and tools
Mate 1.1 Arrives
The Mate desktop team has announced the arrival of the Mate 1.1 desktop. Mate, which is largely supported by the Mint project, has gained a significant share of the Linux desktop market since it first appeared in 2011. Mate is a fork of the Gnome 2 desktop and was launched when the Gnome team abandoned Gnome 2 development to focus on Gnome 3. The move was controversial at the time, with many users expressing a preference for Gnome 2, but the Gnome team chose not to divide their efforts, which led to an opening for a new project that would provide a continuation of the Gnome 2 code.
The big news for the latest version 1.1 is that Mate now supports both the GTK2 and GTK3 development environments, so users can have the best of both Gnome 2 and Gnome 3. (The developers emphasize that GTK3 support is still experimental.)
Mate originally rocketed to public attention through its association with the popular Mint project, but since then, several other leading Linux distros have included Mate in their package repositories. Mate 1.1 has been in development for 15 months. For more information on the new release, see the announcement at the Mate project website.
RIP SSLv3
The venerable "secure" network protocol Secure Sockets Layer (SSL) v3 has met its end. SSL has co-existed on the Internet alongside its presumed successor TLS for many years, even though experts have long warned of its shortcomings. A recent rash of high-profile incidents, however, including the famous POODLE exploit, have finally caused the Internet Engineering Task Force (IETF) to take action. Request for Comment (RFC) 7568 "Deprecating Secure Sockets Layer Version 3.0" officially states the requirement that SSLv3 should not be supported.
The RFC is unusually blunt, with its all-cap stipulation that "SSLv3 MUST NOT be used." Although most systems today support the safer TLS, many provide fallback support for SSLv3 if an SSL connection is requested. Attackers have perfected the technique of requesting an SSL connection then use one of the many exploits associated with SSL. RFC 7568 states that "Any party receiving a Hello message with the version set to {3,00} MUST respond with a 'protocol_version' alert message and close the connection."
Many OS and application vendors have already turned off support for SSLv3 through patches and security updates.
NoScript Flaw
Security researchers have discovered a major flaw with Mozilla's popular NoScript security add-on. NoScript is supposed to create an environment where JavaScript, Java, and other executable content can only run in scripts that come from a trusted domain.
According to Detectify researcher Linus Särud, NoScript whitelists the entire googleapis.com domain and any subdomain, which means an attacker could create a nefarious script that uses Google services APIs to bypass NoScript. The discovery follows an earlier project by Matthew Bryant, who successfully launched an attack that bypassed whitelist protections.
It isn't clear whether attackers are already using this technique. The discovery challenges the prestige of the Mozilla NoScript plugin, which bills itself as "The best security you can get in a web browser!" According to a report in The Register, the NoScript team immediately responded by adapting the tool to whitelist only Google's hosted libraries at ajax.googleapis.com, which should reduce the threat, although it might require more intervention from the user to get any necessary legitimate sites whitelisted.
Users are encouraged to install updates. Bryant adds, "Please purge your whitelist. Remove everything you don't trust."
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.