🗞️ The September issue of RDE Monthly is out!

The best monthly newsletter about Guix, Guile and RDE ecosystems.

Brought to you by Kirill Yermak and community.

https://lists.sr.ht/~abcdw/rde-monthly/%3C250419570.99760.1727873737363@office.mailbox.org%3E

Events, Releases, Announces, Articles and Videos, everything from the last month collected in one place.

Contribute to the next issue:
https://todo.sr.ht/~abcdw/tickets/66

Stay informed, stay engaged!

At https://www.triumf.ca

Tweety.

Just like I did for 6.10, I wrote up a "what's new with io_uring" but for the 6.11/12 kernels. 6.11 wasn't super exciting in terms of features, so bundled these into a single page.

https://github.com/axboe/liburing/wiki/What's-new-with-io_uring-in-6.11-12

Seriously, I only have two DVD/CD drives, both are slot drive and choke on this. It's 2024 and I'm buying a tray-drive.

What am I supposed to do with this? Wrong answers only.

Tomorrow I'll be hosting a Linux Security Modules (LSM) BoF at LPC. If you have any LSM questions or a related topic to discuss, please join us!

https://lpc.events/event/18/contributions/1890/

#lpc #linux #lsm

Great write-up by @psychomario on a root privilege escalation toolchain which leverages DBus, CUPS, and WPA on Ubuntu: https://snyk.io/blog/abusing-ubuntu-root-privilege-escalation/

@ljs @vegard cardio? Is that a type of pasta?

Free livestream info is here: https://events.linuxfoundation.org/linux-security-summit-europe/attend/live-stream-information/#general

@ksaj the operations that a quantum computer are theorised to perform faster than a classical computer are well understood, so post-quantum cryptography chooses mathematical problems that are known to be hard even for a QC.

https://nap.nationalacademies.org/catalog/25196/quantum-computing-progress-and-prospects is a good and fairly comprehensive introduction to quantum computing for non-physicists :)

Please help us test OpenSSH ahead of the 9.9 release, due in a few weeks.

New features include a new post-quantum key exchange based on ML-KEM, improved controls to disallow unwanted connections and better performance for the existing PQ key exchange.

Full details at: https://marc.info/?l=openssh-unix-dev&m=172638834815257&w=2

@robpike @timbray wait until we have several generations of AI trained on AI generated material, and people have lost the ability to write on their own. Almost nobody will be able to discern AI vs. human.

Having worked on the kernel for decades, and imposing a lot of the same code/git hygiene for liburing, there can be a disconnect for contributors on what is expected of a commit and commit message, and what series of commits should look like. I attempted to provide a basic guideline here:

https://github.com/axboe/liburing/blob/master/CONTRIBUTING.md

and would appreciate feedback from folks on what I missed, what isn't clear, etc.

Four days to go!

RE: https://social.kernel.org/objects/d8ef1ebf-0dcc-4013-9590-8dfe13da27b3

Gonna be giving a talk "SLUB Internals for Exploit Developers" at @LinuxSecSummit next week.

Plan to cover the basics one needs to know before writing exploits for slab bugs; slides coming along 😁

Also gonna stay around for @linuxplumbersconf.

https://lsseu2024.sched.com/event/1ebVN

@josh after 15 years of TPMs and they becoming quite ubiquitious, I am still not seeing how they ever have been misused like this outside of theories and labs.

To me this appears to be mostly FUD from FSF/GNU.

I think if Linux OSes would actually start using TPMs properly, the net outcome for everyone would be *good*, and not bad. It would be much harder to gain persistence for an attacker, for example. And that's a massive benefit, for everyone.

@Catvalente I remember this from a previous decade. He is from a wealthy New England family, old-school Republican style. Also, he was responsible for linking Southern evangelicals to his father's campaign & the rest is history.

@mcc I think that's cocaine?

This is a real command that people type instead of grep:

Select-String -Path "C:\file\Path\*.txt" -Pattern "REGEX"