NEWS
NEWS
Updates on technologies, trends, and tools.
Dyreza Malware is Back
The Proofpoint security firm reports that attackers have shifted the focus of the powerful Dyreza malware tool to operate outside of the banking sector. Dyreza gained fame as a man-in-the-middle banking trojan used to steal passwords for online banking accounts. Proofpoint reports that Dyreza is increasing attacking fulfillment services for online shopping sites.
According to a report in the Register, Dyreza uses "Word macros to compromise phished users in what is an old attack vector that has gained latent popularity."
Kernel Developer Matthew Garrett Forks the Linux Kernel
Prominent Linux kernel developer Matthew Garrett announced he is forking the Linux kernel. Garrett, who was instrumental in exposing the problems with Linux compatibility in UEFI secure boot a few years ago, says he is frustrated with the disrespect and argumentative tone of the Linux development community.
In his personal blog, Garrett writes, "I remember having to deal with interminable arguments over the naming of an interface because Linus has an undying hatred of BSD securelevel, or having my name forever associated with the deepthroating of Microsoft because Linus couldn't be bothered asking questions about the reasoning behind a design before trashing it."
Kernel leader Linus Torvalds has come under fire in the past for using harsh language and negative criticism. Another noted kernel developer, Sarah Sharp, who was the Linux kernel coordinator for the FOSS Outreach Program for Women and maintainer of the USB 3.0 host controller driver, also dropped out of the kernel community recently for similar reasons. In her own blog post, Sharp does not single out Linus specifically but takes on the whole kernel culture. "I could not work with people who helpfully encouraged newcomers to send patches, and then argued that maintainers should be allowed to spew whatever vile words they needed to in order to maintain radical emotional honesty. I did not want to work professionally with people who were allowed to get away with subtle sexist or homophobic jokes … ."
Time will tell if these recent defections will cause a change in kernel community attitudes. Both Sharp and Garrett seem to doubt that reform will come anytime soon. The presence of an alternative kernel development tree maintained by a programmer of Garrett's stature and experience certainly adds a new dimension to the drama. Forks happen from time to time in the open source community, which is both the curse and the magic of Free Software. The question is, does Garrett really want to start an alternative development effort, or does he just want to implement his own changes without the tension and theater of the Linux kernel development war zone.
Bugzilla Bug
The Bugzilla bug database system has a flaw that could allow an attacker to access the database and read about potential exploits before the patch is released to the public. The problem affects Bugzilla implementations that use email-based permissions. Login names longer than 127 characters are "silently truncated in MySQL," which could allow an attacker to assign permissions to an email address that is different from the address originally requested.
The fix for this bug is included in the Bugzilla 4.2.15, 4.4.10, and 5.0.1 releases. All Bugzilla users are encouraged to upgrade.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
New Slimbook EVO with Raw AMD Ryzen Power
If you're looking for serious power in a 14" ultrabook that is powered by Linux, Slimbook has just the thing for you.
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.