So according to Intel, dmesg poses a security risk. Look here, since May 29th. Hardware mitigation on new Intel CPU is a placebo. New security hole discovered.
Announcement
Collapse
No announcement yet.
Clear Linux Moving Ahead With Blocking dmesg Access For Non-Root Users
Collapse
X
-
Originally posted by Konstantin A. View PostSo according to Intel, dmesg poses a security risk. Look here, since May 29th. Hardware mitigation on new Intel CPU is a placebo. New security hole discovered.
https://arxiv.org/abs/1905.12701
If the kernel command to enable the fix for that isn't "radaway=on" I'm going to be just a little pissed.
- Likes 4
Comment
-
To get a nice terminal experience, I need to run Wayland or X together with GNOME Terminal in fullscreen?
If I run the terminal from the Linux kernel, then its a bad, ugly, poor experience. 😞
Can't have 24-bit color, 4K, pretty color theme, anti-aliased fonts, wallpaper, mouse support?
Comment
-
Originally posted by Shtirlic View PostAt firs glance it looks like security through obscurity, but in this current situation it's okay.
Comment
-
Originally posted by debianxfce View PostDisable CONFIG_SECURITY_DMESG_RESTRICT in your kernel configuration and use mitigations=off in your kernel command line. Use a firewall in your router and a virus scanner in your web folders. Never trust to your OS solutions.
https://arstechnica.com/information-...-av-detection/
- Likes 5
Comment
-
Originally posted by F.Ultra View Post
"security through obscurity" is among the most misunderstood concepts in computer security. It does not mean that obscurity is bad, just that it should not form the base of the security.
Comment
-
Originally posted by debianxfce View Post
Move to North Korea, there you would be happier than in the internet.
And funny how you finally respond to one of my posts that don't say anything about having Michael benchmark your "distro" Could it be that you don't have one? or that you are scared that it will do horrible in the benchmarks? That your 'setup' won't win every test? Or is it that you don't actually use the bullshit you spout? I think its the last one. I bet you are a gnome3 systemd redhat loving user. Why else won't you provide your "distro" for Michael to benchmark. I'm sure he would do it just because he knows that that benchmark would get killer views proving that you are wrong with your setup being the best.
Also never give out "security" advise again. some one might actually listen to you and that would be bad.
- Likes 3
Comment
-
Originally posted by monraafIs Phoronix now going to report about every tiny change in Clear Linux?
I don't understand why a distribution which has virtually zero relevance in the distro market is getting so much attention on Phoronix.
- Likes 1
Comment
-
Originally posted by debianxfce View Post
"Since Wednesday’s post went live, AV detection rates have grown, but at the time Ars published this article, the rates still remained low. Depending on the file being analyzed, the rates ranged from two to 13, out of 59 AV engines tracked."
Most virus scanners will find it soon. ClamAV updates virus images very often. Japanese are good.
For the shell scrip in question to work a user have to receive it via e.g e-mail and then deliberately execute it so the fact that there exists infections in the wild tells a story that there exists some mighty stupid admins/users out there.
Comment
Comment