Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Mar 06, 2023

=> 9to5Linux Weekly Roundup: March 5th, 20234 | BSD: OpenBSD, Self-Hosting, and FreeBSD

https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_365_I_am_not_your_supplier_with_Thomas_Depierre.mp3

=> ↺ https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_365_I_am_not_your_supplier_with_Thomas_Depierre.mp3

New TPM 2.0 flaws could let hackers steal cryptographic keys [Ed: Microsoft Garrett is pushing this into Linux; fake security (lockdown, lockin, restrictions, remote controls disguised as "safety")]

=> ↺ New TPM 2.0 flaws could let hackers steal cryptographic keys

The Trusted Platform Module (TPM) 2.0 specification is affected by two buffer overflow vulnerabilities that could allow attackers to access or overwrite sensitive data, such as cryptographic keys.

TPM is a hardware-based technology that provides operating systems with tamper-resistant secure cryptographic functions. It can be used to store cryptographic keys, passwords, and other critical data, making any vulnerability in its implementation a cause for concern.

Open Source Vulnerability Assessment Tools & Scanners

=> ↺ Open Source Vulnerability Assessment Tools & Scanners

Computer systems, software, applications, and other network interfaces are vulnerable to various threats. Failure to find these vulnerabilities can lead to the downfall of the company.

Episode 365 – “I am not your supplier” with Thomas Depierre

=> ↺ Episode 365 – “I am not your supplier” with Thomas Depierre

Josh and Kurt talk to Thomas Depierre about his "I am not a supplier" blog post. We drink from the firehose on this one. Thomas describes the realities and challenges of being an open source maintainer. What open source and society owe each other. How safety can help describe what we see.

=> gemini.tuxmachines.org