Jan 042019
 

News briefs for January 4, 2019.

Google’s Fuchsia OS will have Android app support via Android Runtime.
According to 9To5Google,
it was expected that Fuchsia would support Android apps, and now “that
suspicion has been confirmed by a new change found in the Android Open
Source Project, and we can say with confidence that Fuchsia will be capable
of running Android apps using the Android Runtime.” The article also notes
that “How exactly Fuchsia will use the Android Runtime from there is still
unclear. This is includes whether the Android Runtime is able to work as
expected to replace Linux kernel calls with equivalents from Fuchsia’s
Zircon kernel or if ART will run inside of a Linux virtual machine using
Machina, Fuchsia’s virtual machine system.”

Linux servers equipped with poorly
configured IPMI (Intelligent Platform Management Interface) cards are prone
to attack. ITPro
Today
reports that “since November, black hat hackers have been using
the cards to gain access in order to install JungleSec ransomware that
encrypts data and demands a 0.3 bitcoin payment (about $1,100 at the
current rate) for the unlock key”. The post recommends that to secure against these attacks, make
sure the IPMI password isn’t the default and “access control lists (ACLs)
should be configured to specify the IP addresses that have access the IPMI
interface, and to also configure IPMI to only listen on internal IP
addresses, which would limit access to admins inside the organization’s
system.”

LinuxGizmos has published its 2019
catalog of open-spec Linux hacker boards
.
These are all “hacker-friendly, open-spec SBCs that run Linux or Android”,
and LinuxGizmos provides “recently updated descriptions, specs, pricing,
and links to details for all 122 SBCs.”

USB Type-C is becoming more secure with the launch of the USB Type-C
Authentication Program. eWeek
reports
that the USB-IF (USB-Implementers Forum) is
“taking a
cryptographic approach to helping protect USB users and devices against
potential risks”. In addition, “With the authentication specification,
compliance with USB specifications is validated in an effort to prevent
potentially dangerous devices and chargers from connecting to a system.
The specification can also limit the risk of malicious software that
might be embedded within a USB device from attacking a system. According
to the USB-IF, the authentication specification enables implementors of
the standard to authenticate certified USB Type-C chargers, devices,
cables and power sources.”

Epic Games says it doesn’t currently plan to provide a Linux version of
its store. GamingOnLinux,
quoted this tweet from Sergey Galyonkin, Director of Publishing Strategy
for
Epic Games, in response to a question on Reddit: “It really isn’t on the
roadmap right now. Doesn’t mean this
won’t change in the future, it’s just we have so many features to
implement.”

Google's Fuchsia OS to Support Android Apps, Linux Servers with Poorly Configured IPMI Cards Prone to Attack, LinuxGizmos' 2019 SBC Catalog Is Out, USB Type-C Becoming More Secure and Epic Games Not Planning to Provide a Linux Version of Its Store
Source: Linux Journal