Linux kernel flaw endangers millions of PCs, servers and Android devices

For almost three years, a serious vulnerability in the Linux kernel could have allowed attackers to take full control over Linux-based PCs, servers, Android phones and other embedded devices.The flaw, which stems from the kernel's keyring facility, allows applications running under a local user to execute code in the kernel. As a result, an attacker with access to only a limited account on a Linux system can escalate their privileges to root.The vulnerability, tracked as CVE-2016-0728, was found and reported to the Linux kernel security team and several Linux distribution maintainers by researchers from an Israeli threat defense start-up called Perception Point.To read this article in full or to leave a comment, please click here

More Jinja – Working with YAM as an Input

 

Jinja2 Simple YAML Example

We’re now going to take a look at grabbing a file from the hard drive written in YAML syntax. YAML is arguably the most human readable data serialization format which makes it really easy for coders and non-coders alike to work with.

We’re going to build on the last Jinja2 example. Instead of creating the templates and variables directly in python. We’re going to load them instead from files on our computer.

This may seem like a small detail, but this allows us to deconstruct the building of our configurations, meaning that different people can be responsible for different components of the configuration. As with anything, if you can break a complex process down into several smalller less complex tasks, the whole thing starts to feel easier.

Loading Libraries

We’ll start by loading the required libraries

In [2]:
import yaml
from jinja2 import Environment, FileSystemLoader, Template
 

Set the Environment

Essentially, this set’s the path which will define the directory where the templates will be loaded from. In this case, I’m setting it to load from the same directory.

In [3]:
ENV = Environment(loader=FileSystemLoader('./'))
 

Printing Continue reading

Social engineering: 7 signs that something is just not right

Keep an eye out for thisImage by ThomasThe best remedies a company can put in place start with education and teaching what to look for and what not to do. Morey Haber, vice president of Technology, BeyondTrust, lists some of the gotchas that should make your employees back away from the incoming email.To read this article in full or to leave a comment, please click here

Linux zero-day affects most Androids, millions of Linux PCs

A new zero-day vulnerability has been discovered that allows Android or Linux applications to escalate privileges and gain root access, according to a report released this morning by Perception Point."This affects all Android phones KitKat and higher," said Yevgeny Pats, co-founder and CEO at security vendor Perception Point.ALSO: A brief history of Linux malware Any machine with Linux Kernel 3.8 or higher is vulnerable, he said, including tens of millions of Linux PCs and servers, both 32-bit and 64-bit. Although Linux lags in popularity on the desktop, the operating system dominates the Internet, mobile, embedded systems and the Internet of Things, and powers nearly all of the world's supercomputers.To read this article in full or to leave a comment, please click here

Upcoming Events: Data Center Fabrics Workshop in Zurich

Online webinars are great, but many engineers still prefer live workshops – they’re an excellent opportunity for unrestricted 2-way communication and exchange of ideas – so I decided to turn a few of my best webinars (or webinar tracks) into workshops, and Gabi Gerber, the wonderful organizer of Data Center days in Switzerland took over the logistics, resulting in the first-ever Data Center Fabrics workshop in Zurich in late March.

Read more ...

Network Design – Where Should I Start?

After listening to a recent Packet Pushers podcast, the question was raised about network design and where the network design should start. When I first started designing IT, I believed the correct starting point was to define the required outcome through the deployment of technology. For example, the requirement from the customer could be to […]

The post Network Design – Where Should I Start? appeared first on Packet Pushers.

Network Design – Where Should I Start?

After listening to a recent Packet Pushers podcast, the question was raised about network design and where the network design should start. When I first started designing IT, I believed the correct starting point was to define the required outcome through the deployment of technology. For example, the requirement from the customer could be to […]

The post Network Design – Where Should I Start? appeared first on Packet Pushers.

Non-Blocking 1: sFlow with Peter Phaal of InMon and sFlow.org

The inaugural "Non-Blocking" podcast for ForwardingPlane.net. We discuss sFlow with one if its creators, Peter Phaal of InMon.Discuss sFlow, the protocol, it's uses, similarities to other management frameworks, how it is dissimilar from netflow and why it is worth while to take some time to learn it.

The post Non-Blocking 1: sFlow with Peter Phaal of InMon and sFlow.org appeared first on Packet Pushers.

Non-Blocking #1: sFlow with Peter Phaal of InMon and sFlow.org

The inaugural "Non-Blocking" podcast for ForwardingPlane.net. We discuss sFlow with one if its creators, Peter Phaal of InMon.Discuss sFlow, the protocol, it's uses, similarities to other management frameworks, how it is dissimilar from netflow and why it is worth while to take some time to learn it.

The post Non-Blocking #1: sFlow with Peter Phaal of InMon and sFlow.org appeared first on Packet Pushers.

Flawed From the Start & Missing the Mark: Georgia’s Proposed Anti-Drone Legislation

Bad state laws can have the same chilling effect on technology as bad federal laws.  In this guest post, friend of Errata Elizabeth Wharton (@lawyerliz) discusses the latest anti-drone law introduced here in the Georgia legislature and how one bill manages to kill innovation across several key Georgia industries. 




By Elizabeth Wharton 
Georgia’s newly proposed anti-drone legislation is an economic and research buzz kill.  The bill, HB 779, through poorly crafted provisions places unnecessary red tape for use of drones by the film industry and by cellular, telephone, and cable utility companies.  It also completely shuts down Georgia's aerospace defense industry research (and related funding) conducted by universities including Georgia Tech and all related manufacturing by companies such as Lockheed Martin.  Biting the industry hands that bring billions of dollars into Georgia’s economy seems a bold move for state legislators, particularly during an election year.    

Gaps between technology policy and technology practice at the federal level such as the Commerce Department’s proposed Wassenaar Arrangement rules, extend to the states as well.  With over 168 drone-related bills considered by 45 states in 2015 according to the National Conference of State Legislatures, 2016 is already off to a Continue reading
1 3,100 3,101 3,102 3,103 3,104 3,763