The Sky is Falling! (Again)
We’ve been here before, haven’t we? Every other week, a new vulnerability with a sky-high CVSS score causes a frenzy. This time, it’s a 9.9 CVSS vulnerability that was billed as a gift to hackers – a remote exploit that would supposedly render all Linux systems defenseless. The announcement of ... Read More
CVEs, Damned CVEs, and Statistics
Is your vulnerability scanner showing zero problems with your Linux systems? If so, it’s probably missing something important. Conversely, if it’s suddenly showing hundreds of vulnerabilities, that’s likely an overstatement too. And if your compliance reports look clean and problem free? Well, you can bet they’re far from accurate. ... Read More
Live Patching as a Growth Enabler for Your Infrastructure
Yesterday, as I was preparing this article, I had the opportunity to present at a TuxCare webinar, where we introduced live patching. Throughout the presentation, we discussed various characteristics of this patching methodology. While reflecting on these aspects, I realized that one particular point deserves more attention — the role ... Read More
News of On-Premises’ Death Is Greatly Exaggerated
We often find ourselves making educated guesses about the future. We speculate which technologies will soar, which platforms are worth our investment, and what the landscape of our tech stacks will look like a few years down the line. Sometimes, we’re even right. Cloud Adoption: The Hype vs. Reality ... Read More
Crowdstrike, or “How to Own the Planet”
I recently wrote about reliable software. I also usually write about cybersecurity and major incidents. Today’s story intertwines both, in a situation so far reaching that, if you tried to write it as the script of the next Bond movie with a villain scheming to cause worldwide chaos, it would ... Read More
The Skewed Perception of Security: A Dangerous Mindset
Recently, a survey was released that examined how different organizations perceive data security. One question, in particular, yielded surprising yet unsurprising results: a large majority of respondents expressed confidence in the effectiveness of their organization’s data security measures. This is alarming. Not because you shouldn’t trust your efforts, but because ... Read More
The Ultimate Guide to Linux Patch Management
System administrators that work in enterprise environments know that patching is practically a full-time job. Consider the effort involved in patching just one system: a sysadmin must determine that a patch is available, plan for downtime or disruption, download the patch, deploy the patch to the system, and ensure it ... Read More
A Blast From The Past: RegreSSHion
It’s summer, and the year so far has been prodigious in high-stakes hacks impacting very high profile companies, like Ticketmaster or Change Healthcare, and sophisticated malicious operations like the one targeting the xz project. We can now add another very significant incident to the list, with the RegreSSHion (these names…) ... Read More
Why Is Reliable Software Surprising?
Software comes in all shapes and sizes: monolith applications, small utilities, run-of-the-mill middleware, web platforms, mobile apps, etc.. But it seems like finding one that actually “just works” as advertised is increasingly difficult. A Pleasant Surprise Recently I had the opportunity to participate in a round of talks ... Read More
Which Linux Distro is Best for Embedded Development?
If your organization deploys IoT solutions, you know that development of embedded systems is a bit different from standard desktop development. Linux’s low cost is attractive to IoT developers, so it’s often the choice for embedded development over expensive proprietary kernels. It’s not uncommon for developers to work with an ... Read More