The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Treść dostarczona przez Jupiter Broadcasting. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Jupiter Broadcasting lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
Linux Action News 231
MP4•Źródło odcinka
Manage episode 322409879 series 2135834
Treść dostarczona przez Jupiter Broadcasting. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Jupiter Broadcasting lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Why Dirty Pipe is a dirty dog, the explosive adoption of Linux at AMD, and an important update on elementary OS.
Sponsored By:
- Ting: Save $25 off your first device, or $25 in service credit if you bring one!
- Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
Links:
- Linux has been bitten by its most high-severity vulnerability in years — Dirty Pipe has the potential to smudge people using Linux and Linux derivitives.
- Catalin Cimpanu on Twitter — “DirtyPipe (CVE-2022-0847) is a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit.
- Ron Amadeo on Twitter — “By my count, Dirty Pipe affects only brand-new Android 12 devices like the Pixel 6 and S22. Linux 5.8 and above has only been an Android option for five months."
- Canonical Patches “Dirty Pipe” Vulnerability in Ubuntu 21.10 and 20.04 LTS
- BLASTY on Twitter: “Hacked up a quick Dirty Pipe PoC that spawns a shell by hijacking (and restoring) the contents of a setuid binary.”
- The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
- AMD Posts Some New Linux Job Openings From Client CPU To Server — AMD would need a lot more Linux engineers to achieve the same level of timely Linux support and low-level kernel enhancements that Intel has been focused on for years, especially when it comes to Intel's open-source work beyond just the actual hardware device enablement.
- Introducing Native Matrix VoIP with Element Call! — What’s more, Element Call is built entirely on Matrix: it doesn’t need any additional servers to get going. You can run it against your existing Matrix homeserver to provide complete self-sovereignty… while still being able to talk to anyone else anywhere on the wider Matrix network! We will also be able to automatically use Matrix’s end-to-end encryption to secure all Element Call conferences
- call.element.io
- https://github.com/vector-im/element-call/issues
- Extending Matrix’s E2EE calls to multiparty
- Danielle Foré on Twitter — Okay it’s been a full month and this situation still isn’t resolved, and it sucks for you to just be completely in the dark and it’s pretty obvious something is up and people are asking what’s going on, so here is my side of the story 🧵
- Danielle gives an update on elementary Reddit Thread
- Jupiter Broadcasting East Coast Meetup
1662 odcinków
MP4•Źródło odcinka
Manage episode 322409879 series 2135834
Treść dostarczona przez Jupiter Broadcasting. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Jupiter Broadcasting lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Why Dirty Pipe is a dirty dog, the explosive adoption of Linux at AMD, and an important update on elementary OS.
Sponsored By:
- Ting: Save $25 off your first device, or $25 in service credit if you bring one!
- Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
Links:
- Linux has been bitten by its most high-severity vulnerability in years — Dirty Pipe has the potential to smudge people using Linux and Linux derivitives.
- Catalin Cimpanu on Twitter — “DirtyPipe (CVE-2022-0847) is a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit.
- Ron Amadeo on Twitter — “By my count, Dirty Pipe affects only brand-new Android 12 devices like the Pixel 6 and S22. Linux 5.8 and above has only been an Android option for five months."
- Canonical Patches “Dirty Pipe” Vulnerability in Ubuntu 21.10 and 20.04 LTS
- BLASTY on Twitter: “Hacked up a quick Dirty Pipe PoC that spawns a shell by hijacking (and restoring) the contents of a setuid binary.”
- The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
- AMD Posts Some New Linux Job Openings From Client CPU To Server — AMD would need a lot more Linux engineers to achieve the same level of timely Linux support and low-level kernel enhancements that Intel has been focused on for years, especially when it comes to Intel's open-source work beyond just the actual hardware device enablement.
- Introducing Native Matrix VoIP with Element Call! — What’s more, Element Call is built entirely on Matrix: it doesn’t need any additional servers to get going. You can run it against your existing Matrix homeserver to provide complete self-sovereignty… while still being able to talk to anyone else anywhere on the wider Matrix network! We will also be able to automatically use Matrix’s end-to-end encryption to secure all Element Call conferences
- call.element.io
- https://github.com/vector-im/element-call/issues
- Extending Matrix’s E2EE calls to multiparty
- Danielle Foré on Twitter — Okay it’s been a full month and this situation still isn’t resolved, and it sucks for you to just be completely in the dark and it’s pretty obvious something is up and people are asking what’s going on, so here is my side of the story 🧵
- Danielle gives an update on elementary Reddit Thread
- Jupiter Broadcasting East Coast Meetup
1662 odcinków
كل الحلقات
×Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.