Ubuntu Weekly Topics Ubuntu 23.04(lunar)の開発 / リリースまであと一週間、HWEカーネル向けのLivepatch lunar(Ubuntu 23.04)の開発 / リリースまであと一週間 4月20日のリリースに向けて、lunar(Ubuntu 23.04)の開発はQA(と、リリースに間に合あわせつつ、機能を調整する作業)に専念する時期に入りました。とはいえ、現状でまだGCP向けの各種パッケージの調整や、net-snmpのちょっとした修正(Docker上のオーバーレイファイルシステムを検出する機能の追加)といった、『大規模な影響を及ぼすわけではないものの、リリースには間に合わせておきたい修正』が投じられる段階で、「QAに専念」と言える段階まではもう数日を要することになりそうです。 調整作業の横ではリリースノートの準備も進められており、カーネル(今
Jailbreaking RabbitOS: Uncovering Secret Logs, and GPL Violations | Blog
Welcome to my ::'########::'##::::::::'#######:::'######::: :: ##.... ##: ##:::::::'##.... ##:'##... ##:: :: ##:::: ##: ##::::::: ##:::: ##: ##:::..::: :: ########:: ##::::::: ##:::: ##: ##::'####: :: ##.... ##: ##::::::: ##:::: ##: ##::: ##:: :: ##:::: ##: ##::::::: ##:::: ##: ##::: ##:: :: ########:: ########:. #######::. ######::: ::........:::........:::.......::::......:::: CTF writeups, prog
Every six weeks, we create a new branch of V8 as part of our release process. Each version is branched from V8’s Git master immediately before a Chrome Beta milestone. Today we’re pleased to announce our newest branch, V8 version 8.6, which is in beta until its release in coordination with Chrome 86 Stable in several weeks. V8 v8.6 is filled with all sorts of developer-facing goodies. This post pr
[Update: Red Hat Enterprise Linux 9 was released in May 2022. Read more about it here, Hot Off the Presses: Red Hat Enterprise Linux 9.] Red Hat Enterprise Linux (RHEL) 9 Beta is now available and delivers exciting new features and many more improvements. RHEL 9 Beta is based on upstream kernel version 5.14 and provides a preview of the next major update of RHEL. This release is designed for deman
I usually do my changes and updates on the GitBook version of the book first and then publish them on freeCodeCamp. You can find the always updated and often unstable version of the book at the following link: Whichever version of the book you end up reading though, don't forget to let me know your opinion. Constructive criticism is always welcomed. Introduction to Containerization and Docker Acco
B O O K O F N E W S Microsoft Ignite 2019 Orlando, November 4 – 8, 2019 | Foreword by Frank Shaw 9 Section 1 Azure 10 Chapter 1 Azure Infrastructure 11 Item 1.1.1 Azure Arc: Extended Azure management and security to any infrastructure Item 1.1.2 Azure Data Services Preview: Run Azure data services anywhere Item 1.1.3 Azure Da v4 and Das v4 series virtual machines Item 1.1.4 Serial Console for Azur
Linux Security Hardening and Other Tweaks by @blakkheim Last updated: 09/21/2024 This page lists the changes I make to a vanilla install of Arch Linux for security hardening, as well as some other changes I find useful. Most of the changes will work on any Linux distro that's reasonably up to date. It's not a one-size-fits-all setup, but hopefully certain pieces will be useful to anyone wanting a
What's New In DevTools (Chrome 101) | Blog | Chrome for Developers
Import and export recorded user flows as a JSON file The Recorder panel now supports importing and exporting user flow recordings as a JSON file. This addition makes it easier to share user flows and can be useful for bug reporting. For example, download this JSON file. You can import it with the import button and replay the user flow. Apart from that, you can export the recording as well. After r
PipeWire - ArchWiki
PipeWire は新しい低レベルマルチメディアフレームワークです。 映像と音声を最小の遅延で再生/キャプチャすることを目的としていて、PulseAudio、JACK、ALSA、GStreamer をベースとしたアプリケーションと互換性があります。 このフレームワークのデーモンは (PulseAudio と JACK の機能を持った) オーディオサーバーとしても、ビデオキャプチャサーバーとしても設定できます。 また PipeWire は Flatpak のようなコンテナをサポートしており、audio や video ユーザーグループに依存するのではなく、Flatpak や Wayland にスクリーンや音声を録音する許可を求める Polkit のようなセキュリティモデルを使用しています。 インストール 公式リポジトリから pipewire パッケージを インストール してください。mult
What's New In DevTools (Chrome 86) | Blog | Chrome for Developers
New Media panel DevTools now displays media players information in the Media panel. Prior to the new media panel in DevTools, logging and debug information about video players could be found in chrome://media-internals. The new Media panel provides an easier way to view events, logs, properties, and a timeline of frame decodes in the same browser tab as the video player itself. You can live view a
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques
This blogpost is the next instalment of my series of hands-on no-boilerplate vulnerability research blogposts, intended for time-travellers in the future who want to do Linux kernel vulnerability research. Specifically, I hope beginners will learn from my VR workflow and the seasoned researchers will learn from my techniques. In this blogpost, I'm discussing a bug I found in nf_tables in the Linux
CipherTrust Data Security Platform(CDSP:データセキュリティプラットフォーム) | Thales
Security architects are implementing comprehensive information risk management strategies that include integrated Hardware Security Modules (HSMs). Reduce risk and create a competitive advantage. Get the White Paper
Be in demand. Be in computer science. This 100% online MSc Computer Science programme is aimed at working professionals and graduates from other disciplines who are seeking to move into a career in computer science. You will develop skills in computational thinking and an academic understanding of key computing concepts and techniques and their application to real world problems. This programme is
eBPF Updates #2: eBPF with Zig, libbpf-bootstrap, Rust Linker, BTF in Kernel Modules, Cgroup-Based Memory Accounting Foreword Welcome to the second issue of the eBPF Updates! This time we have interesting resources about how to write eBPF programs with Zig, or with Rust, or on how to manage them with libbpf. On the kernel side, modules now support BTF, and improvements to memory accounting for eBP
GitHub - a13xp0p0v/linux-kernel-defence-map: Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
Linux kernel security is a very complex topic. There are many concepts that have interesting relationships with each other: Vulnerability classes Exploitation techniques Bug detection mechanisms Defence technologies Some defence technologies are provided by the Linux kernel mainline. Others are going out‑of‑tree for various reasons (some of them are commercial, for example). Moreover, there are ke
It’s that time of year: time to start winding down for the winter holiday season, time to reflect on the past year, and time to think about what we can accomplish together in 2024. The Wasmtime and Cranelift projects are no exception. This article recounts Wasmtime and Cranelift progress in 2023 and explores what we might do in 2024. Wasmtime is a standalone WebAssembly runtime. It is fast, secure
this has not been updated post Bun 1.0, we will update it soon. This tracks the current near-term plans for Bun. Edge bundling With bundle-time functions, static analysis goes dynamic. Objects returned by functions executed at bundle-time are injected into the AST. This makes dead-code elimination work a lot better. I expect this to spawn a new generation of bundle-time JavaScript frameworks. But
VMware Fusion Tech Preview 2023
Powering Up Your Macs with Apple Silicon A screenshot of VMware Fusion Tech Preview 2023 on macOS Sonoma Beta 3, running the Arm version of Windows 11 to run the 3DMark Firestrike Ultra 4K DirectX 11 benchmark via 64bit x86 emulation, hardware-accelerated by Metal on the Mac… (Try saying that 3 times fast!) We are thrilled to announce the release of VMware Fusion Tech Preview 2023, marking a signi
GitHub - taishi-i/awesome-ChatGPT-repositories: A curated list of resources dedicated to open source GitHub repositories related to ChatGPT
awesome-chatgpt-api - Curated list of apps and tools that not only use the new ChatGPT API, but also allow users to configure their own API keys, enabling free and on-demand usage of their own quota. awesome-chatgpt-prompts - This repo includes ChatGPT prompt curation to use ChatGPT better. awesome-chatgpt - Curated list of awesome tools, demos, docs for ChatGPT and GPT-3 awesome-totally-open-chat
A new, modern, and secure print experience from Windows
Over the past year, the MORSE team has been working in collaboration with the Windows Print team to modernize the Windows Print System. This new design represents one of the largest changes to the Windows Print stack in more than 20 years. The goal was to build a more modern and secure print system that maximizes compatibility and puts users first. We are calling this new platform Windows Protecte
Hyperscale in your Homelab: The Compute Blade arrives | Jeff Geerling
This is the Compute Blade, and I'm test driving it in a four-node cluster: I'm testing the Dev version, and @Merocle from Uptime Lab sent four Blades, a 3D-printed 4-bay case (a metal 1U rackmount enclosure is in the works), and two fan modules. He's been testing 40 of these in a rack at Jetbrains for months, and they're about to go live on Kickstarter. But why build a cluster with these Blades? A
What's New In DevTools (Chrome 99) | Blog | Chrome for Developers
Throttling WebSocket requests The Network panel now supports throttling web socket requests. Previously, the network throttling didn't work on web socket requests. Open the Network panel, click on a web socket request and open the Messages tab to observe the message transfers. Select Slow 3G to throttle the speed. Chromium issue: 423246 New Reporting API pane in the Application panel Use the new R
Introducing reTerminal, a new member of our reThings family. This future-ready Human-Machine Interface (HMI) device can easily and efficiently work with IoT and cloud systems to unlock endless scenarios at the edge. reTerminal is powered by a Raspberry Pi Compute Module 4 (CM4) which is a Quad-Core Cortex-A72 CPU running at 1.5GHz and a 5-inch IPS capacitive multi-touch screen with a resolution of
Next-Gen Exploitation: Exploring the PS5 Security Landscape whoami - @SpecterDev - Security researcher with a focus on kernel and platform security - Work on console security as a hobby - Started with PS4 ~5 years ago - Also co-host Dayzerosec podcast/media channel - First time presenter Agenda - Where we were (PS4 exploitation) - Attack surface, mitigations, post-exploitation - Where we are now -
At InfinyOn we are seeing an increasing amount of traffic in Infinyon Cloud. Given our current projections we anticipate over 1 million edges to connect our platform in the next 12-18 months. One of bottlenecks is the compute resources needed to process ingress traffic. We have a couple of places in our cloud offering where we needed to intercept TCP network traffic, perform some analysis on the f
What's New In DevTools (Chrome 97) | Blog | Chrome for Developers
Preview feature: New Recorder panel Use the new Recorder panel to record, replay and measure user flows. Open the Recorder panel. Follow the instructions on screen to start a new recording. For example, you can record the coffee checkout process with this coffee ordering demo application. After adding a coffee and filling out payment details, you can end the recording, replay the process or click
Amazon Web Services ブログ AWS IoT を利用して IoT デバイスの証明書の更新を管理する方法 この記事は Ryan Dsouza と Lukasz Malinowski によって投稿された How to manage IoT device certificate rotation using AWS IoT を翻訳したものです。 はじめに IoT (Internet of Things) は、さまざまな業界でビジネスオペレーションやカスタマーエクスペリエンスを変化させています。この無限のチャンスはビジネスの変革を可能にしますが、正しく導入されなければ、セキュリティ、リスク、プライバシーの懸念をもたらし、データやブランドを危険にさらすことにもなります。産業設備では OT(Operational Technology) 環境は、生産高と効率を向上させるために、より多
What's New In DevTools (Chrome 107) | Blog | Chrome for Developers
Customize keyboard shortcuts in DevTools You can now customize keyboard shortcuts for your favorite commands in DevTools. Go to Settings > Shortcuts, hover over a command and click the Edit button (pen icon) to customize the keyboard shortcut. You can create chords (a.k.a multi-key press shortcuts) as well. Chromium issues: 1335274, 174309 Toggle light and dark themes with keyboard shortcut Config
TLS-enabled Kubernetes clusters with ACM Private CA and Amazon EKS | Amazon Web Services
AWS Security Blog TLS-enabled Kubernetes clusters with ACM Private CA and Amazon EKS October 21, 2021: We updated this post to a new version of the helm chart awspca/aws-privateca-issuer. The old version of the chart awspca/aws-pca-issuer will no longer receive updates. In this blog post, we show you how to set up end-to-end encryption on Amazon Elastic Kubernetes Service (Amazon EKS) with AWS Cer
What is a Scamp?
Scamp has an I/O connector that makes it very easy to interface to external devices. You can add switches, buttons, control knobs, LEDs, and other electronics modules just by plugging them in. It can be interfaced to many of the modules that are available for Arduinos and similar embedded systems. Writing software to use other hardware is very easy, and fun. You can interactively talk with peri
New in HW VSP3 Single-port and multi-port version: Single-port version of HW VSP3 is available freely Multi-port version is available only for HW group products Runs as a stand-alone application, or as a NT service suitable for servers Complete support for Windows 8 and Windows 10 Supports all 32-bit or 64-bit Windows systems, including Server versions Configuration is stored in an INI file for ea
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor | Microsoft Security Blog
Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant operational resources often showcased in their campaigns, including custom-built malware and tools. In March 20
ハードウェアセキュリティモジュールとは?
Entrustは、顧客がIDとデータを保護し、リスクを軽減し、マルチクラウドインフラストラクチャ全体でコンプライアンスを達成するために役立つ、比類のないゼロトラストセキュリティソリューションスイートを提供します。
Cranelift
A Bytecode Alliance project Cranelift is a fast, secure, relatively simple and innovative compiler backend. It takes an intermediate representation of a program generated by some frontend and compiles it to executable machine code. Cranelift is meant to be used as a library within an "embedder". It is in successful use by the Wasmtime WebAssembly virtual machine, for just-in-time (JIT) and ahead-o
xv6: a simple, Unix-like teaching operating system Russ Cox Frans Kaashoek Robert Morris September 6, 2021 2 Contents 1 Operating system interfaces 9 1.1 Processes and memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.2 I/O and File descriptors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 1.3 Pipes . . . . . . . . . . . . . . . . . . . . . . . . . .
What's New in DevTools (Chrome 112) | Blog | Chrome for Developers
Recorder updates Replay extensions support The Recorder introduces support for custom replay options that you can embed into DevTools with an extension. Try out the example extension. Select the new custom replay option to open the custom replay UI. To customize the Recorder to your needs and integrate it with your tools, consider developing your own extension: explore the chrome.devtools.recorder
Finding LogoFAIL: The Dangers of Image Parsing During System Boot
Finding LogoFAIL: The Dangers of Image Parsing During System BootBinarly Research Team Binarly REsearch team investigates vulnerable image parsing components across the entire UEFI firmware ecosystem and finds all major device manufacturers are impacted on both x86 and ARM-based devices. [ See previous blog post “The Far-Reaching Consequences of LogoFAIL” preview of Black Hat EU presentation ] As
Automated Hydroponic System Build – Projects | Kyle Gabriel
Last Updated: August 28, 2022 Hydroponic farming is a method of growing crops without soil, with the main benefits of environmental and nutrient control, water conservation, and reduction of labor. This technique relies on a number of technologies that the principles of automation can be applied in order to improve yield and consistency. In this article and accompanying video, I’ll show you how to
eBPF Updates #3: Atomics Operations, Socket Options Retrieval, Syscall Tracing Benchmarks, eBPF in the Supply Chain With the festive season, it would seem that eBPF blogging has cooled down a little, and we have fewer items to report this time. But eBPF is getting traction everywhere, so we can be confident that more material will be available for the months to come. Let's wager that 2021 will be
A list of tools and applications used internally at GitLab and how to access them. This is a listing of the applications we use at GitLab. If you’re looking for the technology used to deliver GitLab.com, please visit the Production Architecture page. Tech stack related processes Update tech stack information Please visit our Tech Stack main page for instructions on how to request updates to the Te
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Ubuntu 23.04(lunar)の開発 / リリースまであと一週間、HWEカーネル向けのLivepatch | gihyo.jp
V8 release v8.6 · V8
What's new in Red Hat Enterprise Linux 9 Beta
The Docker Handbook – Learn Docker for Beginners
Book of News - Ignite 2019
Linux Security Hardening and Other Tweaks
MSc Computer Science Online - University of York
eBPF Updates #2: eBPF with Zig, libbpf-bootstrap, Rust Linker, BTF in Kernel Modules, Cgroup-Based Memory Accounting
Wasmtime and Cranelift in 2023
Bun's Roadmap · Issue #159 · oven-sh/bun
Getting Started with reTerminal | Seeed Studio Wiki
Next-Gen Exploitation: Exploring the PS5 Security Landscape
Routing traffic in Rust using eBPF
AWS IoT を利用して IoT デバイスの証明書の更新を管理する方法 | Amazon Web Services
HW VSP3 - Virtual Serial Port | HW-group.com
xv6: a simple, Unix-like teaching operating system
eBPF Updates #3: Atomics Operations, Socket Options Retrieval, Syscall Tracing Benchmarks, eBPF in the Supply Chain
Business Technology - Tech Stack Details