Skip to main content

Posts

Showing posts with the label Linux

Bug in Bash shell creates big security hole on anything with *nix in it

The Bash vulnerability, now dubbed by some as "Shellshock," has been reportedly found in use by an active exploit against Web servers. Additionally, the initial patch for the vulnerability was incomplete and still allows for attacks to succeed, according to a new CERT alert. See Ars' latest report for further details, our initial report is below. A security vulnerability in the GNU Bourne Again Shell (Bash), the command-line shell used in many Linux and Unix operating systems, could leave systems running those operating systems open to exploitation by specially crafted attacks. “This issue is especially dangerous as there are many possible ways Bash can be called by an application,” a Red Hat security advisory warned. The bug, discovered by Stephane Schazelas, is related to how Bash processes environmental variables passed by the operating system or by a program calling a Bash-based script. If Bash has been configured as the default system shell, it can be used by n...
Read more

Hack runs Android apps on Windows, Mac, and Linux computers

If you remember, about a week ago, Google gave Chrome OS the ability to run Android apps through the "App Runtime for Chrome." The release came with a lot of limitations—it only worked with certain apps and only worked on Chrome OS. But a developer by the name of "Vladikoff" has slowly been stripping away these limits. First he figured out how to load any app on Chrome OS, instead of just the four that are officially supported. Now he's made an even bigger breakthrough and gotten Android apps to work on any desktop OS that Chrome runs on. You can now run Android apps on Windows, Mac, and Linux. The hack depends on App Runtime for Chrome (ARC), which is built using Native Client, a Google project that allows Chrome to run native code safely within a web browser. While ARC was only officially released as an extension on Chrome OS, Native Client extensions are meant to be cross-platform. The main barrier to entry is obtaining ARC Chrome Web Store, which flags ...
Read more

5 Ways To Generate Secure Passwords On Linux

It has become more crucial than ever to use strong passwords for your online accounts. Without a secure password, it’s easy for others to crack yours. It’s great if you can come up with a good password on your own, but if you are out of ideas or feel like your own ideas aren’t secure enough, you can get your computer to spit one out for you. It’s worth the effort, so let’s get right to it. Here are five ways you can generate brand new, secure passwords you can trust. APG The Automatic Password Generator, or APG for short, comes installed on all Ubuntu systems. It’s an easy to use utility which can give you various passwords based on the random input from your keyboard. For example, you can run apg in a terminal and it will offer six “pronounceable” passwords. They’re meant to be pronounceable in order to make them somewhat more memorable, although the majority of them are still very random. If you’d like entirely random passwords, you can run apg -a 1, which will give you passwo...
Read more