Weekly Digest – Week 39, 2020
Articles
NSA UEFI Secure Boot Customization Report
The document explains the use cases and customizations of Secure Boot, the UEFI boot integrity feature. It also includes recommendations for system administrators and infrastructure owners.
The BeOS File System, an OS Geek Retrospective (2018)
This article introduces some general file system basics and then explains interesting BeOS specifics. It also includes a short interview with a developer at BeOS.
https://arstechnica.com/information-technology/2018/07/the-beos-filesystem/
Source Code of Windows XP, Server 2003 Allegedly Leaked
Two torrent links to archives that could contain the original source code of older Microsoft operating systems were posted on 4chan.
https://www.securityweek.com/source-code-windows-xp-server-2003-allegedly-leaked
Money Well Spent
Sometimes, less really is more. Many of us have already witnessed something similar in their professional lives more than once.
https://userweb.cs.txstate.edu/~br02/cs1428/ShortStoryForEngineers.htm
Videos
PostgreSQL on K8S at Zalando: Two Years in Production
Interesting insights on containerized Postgres in production by the main developer of patroni. If Zalando can run their database workload in containers, you can probably run yours too. However, just because you could do it doesn’t mean you should do it.
https://www.youtube.com/watch?v=StLzIkU00HY
Vulnerabilities
US Government Emergency Directive 20-04 for CVE-2020-1472
The Department of Homeland Security’s cybersecurity division has ordered federal civilian agencies to mitigate the netlogon elevation of privilege vulnerability (Zerologon) until Monday, 2020-09-21.
On a side note: Samba Active Directory Domain Controller implementations are affected as well if server schannel is not set to yes.
https://cyber.dhs.gov/ed/20-04/
Releases and Projects
PostgreSQL 13
»PostgreSQL 13 includes significant improvements to its indexing and lookup system that benefit large databases, including space savings and performance gains for indexes, faster response times for queries that use aggregates or partitions, better query planning when using enhanced statistics, and more.«
Also new: parallelized vacuuming, incremental sorting, and security-related improvements.
https://www.postgresql.org/about/news/2077/
https://www.2ndquadrant.com/en/blog/new-features-in-postgresql-13-full-webinar-video/
Debian 10.6
As always, the new point release of Debian contains a lot of security-related corrections.
https://www.debian.org/News/2020/20200926
Podman 2.1.0 (and 2.1.1)
Podman 2.1 can now mount images r/o without creating a container. Also the podman generate kube and podman play kube commands were improved.
Using it for production projects on RHEL, I appreciate the progress the container ecosystem based on Podman, Buildah, and Skopeo makes and how (relatively) fast updates land in the latest RHEL point releases.
https://github.com/containers/podman/releases
virt-manager 3.0.0
Version 3 of the desktop client for managing KVM, Xen, and LXC virtualization via libvirt was released with UI improvements, new features, and some legacy ones removed.
https://www.redhat.com/archives/virt-tools-list/2020-September/msg00003.html
DOS Subsystem for Linux
Like WSL but for DOS. But why?
https://github.com/charliesome/doslinux
Ventoy
With ventoy you can put multiple ISO files on your USB drive and select which one you want to start at boot time.
https://www.ventoy.net/en/index.html
Blacklight
Blacklight is a real-time website privacy inspector.
https://themarkup.org/blacklight/
https://themarkup.org/blacklight/?url=sysop.cafe
:wq