Articles and News


FragAttacks

FragAttacks is a collection of 12 Wi-Fi fragmentation and aggregation vulnerabilities. The security researchers found that every Wi-Fi product is affected by at least one of the vulnerabilities, most of them by several.

https://www.fragattacks.com/

#wi-fi #wi-fi-security


The Syslog Hell

The author goes on a (totally justified) rant about all the vendor-specific, non-RFC-conform Syslog implementations out there.

https://techblog.bozho.net/the-syslog-hell/

#syslog #monitoring #rfc


Dear EU: Please Don’t Ruin the Root

Bert Hubert on the possible harm local EU regulations could do to the DNS root servers and the Internet.

https://berthub.eu/articles/posts/dont-ruin-the-root/

#dns #dns-root #eu


Poor Disk Performance

Brendnan Gregg reporting on the results of bringing back an old, dusty 80 GB HDD to live.

http://www.brendangregg.com/blog/2021-05-09/poor-disk-performance.html


Observing My Cellphone Switch Towers

The author observed, visualized, and analyzed the cell tower switching behavior of his cellphone.

https://fabiensanglard.net/lte/index.html

#cellphone #lte


Hackers Using Microsoft Build Engine to Deliver Malware Filelessly

Interesting article on how attackers can use MSBuild to filelelessly compromise a machine.

https://thehackernews.com/2021/05/hackers-using-microsoft-build-engine-to.html

#microsoft #fileless-malware


Debugging Random Slow Writes in PostgreSQL

The author analyzes a real-world Postgres performance issue related to the GIN index fast update technique analyzed.

https://iamsafts.com/posts/postgres-gin-performance/

#postgresql #database-performance #gin-index


Projects and Releases


GNU Guix 1.3

Version 1.3 of the declarative, idempotent package manager comes with new installation methods, improved user experience, performance improvements, and POWER9 support.

https://guix.gnu.org/en/blog/2021/gnu-guix-1.3.0-released/

#type:release #guix #package-manager #declarative-package-manager


YunoHost 4.2

YunoHost 4.2, the operating system aiming for simple self-hosting, moved from Python 2 to Python 3 and now comes with a web admin interface rewritten in Vue.js.

https://forum.yunohost.org/t/yunohost-4-2-release-sortie-de-yunohost-4-2/15673

#type:release #self-hosting


containerd 1.5.0

Version 1.5.0 of containerd includes experimental FreeBSD runtime support.

https://github.com/containerd/containerd/releases/tag/v1.5.0

#containerd #container-runtime


Erlang/OTP 24

Erlang/OTP 24 was released, with the JIT compiler probably being the most anticipated feature.

https://www.erlang.org/news/148

#type:release #erlang


eBPF on Windows

eBPF on Microsoft Windows. Currently, work-in-progress.

https://github.com/microsoft/ebpf-for-windows

#ebpf #microsoft-windows


DragonFly BSD 6.0

https://www.dragonflybsd.org/release60/

#bsd #dragonfly-bsd


FreeIPA

https://www.freeipa.org/

»FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System).«

#identity-management #freeipa


OpenSCAP

OpenSCAP is a popular implementation of the Security Content Automation Protocol (SCAP) for automated vulnerability management and compliance evaluation.

https://www.open-scap.org/

#scap #security #vulnerability-management #audit


NetBox

NetBox is an open-source IP address management (IPAM), and datacenter infrastructure management (DCIM) tool initially conceived by the network engineering team at Dropbox.

https://github.com/netbox-community/netbox

#dropbox #ip-address-management #datacenter-infrastructure-management


Lima: Linux-on-Mac

Lima allows running containerd containers on macOS.

https://github.com/AkihiroSuda/lima

#containerd #virtualization #container


Zstandard 1.5

This major release features significant performance improvements as well as API changes.

https://github.com/facebook/zstd/releases/tag/v1.5.0

#zstd #compression #type:release


greenboot

Greenboot is a systemd health check framework.

https://github.com/fedora-iot/greenboot

#greenboot #systemd #fedora


Termgraph

termgraph is a command-line tool for basic graphs in the terminal.

https://github.com/mkaz/termgraph

#terminal-ui #command-line #graph


sqliteviz

»Sqliteviz is a single-page offline-first PWA for fully client-side visualization of SQLite databases or CSV files.«

https://github.com/lana-k/sqliteviz

#sqlite #database-management


chezmoi

Chezmoi is a dotfile manager.

https://www.chezmoi.io/

#dotfiles #dotfile-manager


OpenPGP CA

OpenPGP CA is a tool to handle OpenPGP keys in groups or organizations.

https://sequoia-pgp.org/blog/2021/05/12/202105-hello-openpgp-ca/

#pgp #certificate-authority #gpg


Catalog of Supply Chain Compromises

https://github.com/cncf/tag-security/tree/main/supply-chain-security/compromises

#supply-chain-integrity #supply-chain-security #cncf


Software Supply Chain Best Practices

https://raw.githubusercontent.com/cncf/tag-security/main/supply-chain-security/supply-chain-security-paper/CNCF_SSCP_v1.pdf

#supply-chain-security #supply-chain-integrity #cncf


:wq