NSA UEFI Secure Boot Customization Report
The document explains the use cases and customizations of Secure Boot, the UEFI boot integrity feature. It also includes recommendations for system administrators and infrastructure owners.
The BeOS File System, an OS Geek Retrospective (2018)
This article introduces some general file system basics and then explains interesting BeOS specifics. It also includes a short interview with a developer at BeOS.
Source Code of Windows XP, Server 2003 Allegedly Leaked
Two torrent links to archives that could contain the original source code of older Microsoft operating systems were posted on 4chan.
Money Well Spent
Sometimes, less really is more. Many of us have already witnessed something similar in their professional lives more than once.
PostgreSQL on K8S at Zalando: Two Years in Production
Interesting insights on containerized Postgres in production by the main developer of patroni. If Zalando can run their database workload in containers, you can probably run yours too. However, just because you could do it doesn’t mean you should do it.
US Government Emergency Directive 20-04 for CVE-2020-1472
The Department of Homeland Security’s cybersecurity division has ordered federal civilian agencies to mitigate the netlogon elevation of privilege vulnerability (Zerologon) until Monday, 2020-09-21.
On a side note: Samba Active Directory Domain Controller implementations are affected as well if
server schannel is not set to
Releases and Projects
»PostgreSQL 13 includes significant improvements to its indexing and lookup system that benefit large databases, including space savings and performance gains for indexes, faster response times for queries that use aggregates or partitions, better query planning when using enhanced statistics, and more.«
Also new: parallelized vacuuming, incremental sorting, and security-related improvements.
As always, the new point release of Debian contains a lot of security-related corrections.
Podman 2.1.0 (and 2.1.1)
Podman 2.1 can now mount images r/o without creating a container. Also the
podman generate kube and
podman play kube commands were improved.
Using it for production projects on RHEL, I appreciate the progress the container ecosystem based on Podman, Buildah, and Skopeo makes and how (relatively) fast updates land in the latest RHEL point releases.
Version 3 of the desktop client for managing KVM, Xen, and LXC virtualization via libvirt was released with UI improvements, new features, and some legacy ones removed.
DOS Subsystem for Linux
Like WSL but for DOS. But why?
With ventoy you can put multiple ISO files on your USB drive and select which one you want to start at boot time.
Blacklight is a real-time website privacy inspector.