NEWS
NEWS
Updates on technologies, trends, and tools.
Dyreza Malware is Back
The Proofpoint security firm reports that attackers have shifted the focus of the powerful Dyreza malware tool to operate outside of the banking sector. Dyreza gained fame as a man-in-the-middle banking trojan used to steal passwords for online banking accounts. Proofpoint reports that Dyreza is increasing attacking fulfillment services for online shopping sites.
According to a report in the Register, Dyreza uses "Word macros to compromise phished users in what is an old attack vector that has gained latent popularity."
Kernel Developer Matthew Garrett Forks the Linux Kernel
Prominent Linux kernel developer Matthew Garrett announced he is forking the Linux kernel. Garrett, who was instrumental in exposing the problems with Linux compatibility in UEFI secure boot a few years ago, says he is frustrated with the disrespect and argumentative tone of the Linux development community.
In his personal blog, Garrett writes, "I remember having to deal with interminable arguments over the naming of an interface because Linus has an undying hatred of BSD securelevel, or having my name forever associated with the deepthroating of Microsoft because Linus couldn't be bothered asking questions about the reasoning behind a design before trashing it."
Kernel leader Linus Torvalds has come under fire in the past for using harsh language and negative criticism. Another noted kernel developer, Sarah Sharp, who was the Linux kernel coordinator for the FOSS Outreach Program for Women and maintainer of the USB 3.0 host controller driver, also dropped out of the kernel community recently for similar reasons. In her own blog post, Sharp does not single out Linus specifically but takes on the whole kernel culture. "I could not work with people who helpfully encouraged newcomers to send patches, and then argued that maintainers should be allowed to spew whatever vile words they needed to in order to maintain radical emotional honesty. I did not want to work professionally with people who were allowed to get away with subtle sexist or homophobic jokes … ."
Time will tell if these recent defections will cause a change in kernel community attitudes. Both Sharp and Garrett seem to doubt that reform will come anytime soon. The presence of an alternative kernel development tree maintained by a programmer of Garrett's stature and experience certainly adds a new dimension to the drama. Forks happen from time to time in the open source community, which is both the curse and the magic of Free Software. The question is, does Garrett really want to start an alternative development effort, or does he just want to implement his own changes without the tension and theater of the Linux kernel development war zone.
Bugzilla Bug
The Bugzilla bug database system has a flaw that could allow an attacker to access the database and read about potential exploits before the patch is released to the public. The problem affects Bugzilla implementations that use email-based permissions. Login names longer than 127 characters are "silently truncated in MySQL," which could allow an attacker to assign permissions to an email address that is different from the address originally requested.
The fix for this bug is included in the Bugzilla 4.2.15, 4.4.10, and 5.0.1 releases. All Bugzilla users are encouraged to upgrade.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Gnome 47.2 Now Available
Gnome 47.2 is now available for general use but don't expect much in the way of newness, as this is all about improvements and bug fixes.
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.