News for Admins

Tech News

Article from ADMIN 56/2020
By
In the news: Open source software dominates the enterprise; Linux systems vulnerable to attack; Nine-year-old bug found and fixed in sudo; and systemd-homed is coming to a Linux distribution near you.

Open Source Software Dominates the Enterprise

A recent Red Hat survey (https://www.redhat.com/en/enterprise-open-source-report/2020) has uncovered something that might not surprise anyone in the open source world – that open source software is dominating the large-scale business IT landscape. In fact, the results of this survey indicate that proprietary software is on the decline, while open source software is seeing a dramatic rise in deployment.

From the survey, 95 percent of respondents claimed that open source is strategically important, while 36 percent said it was very important. Of those respondents, only five percent declared open source was only somewhat important.

The survey also indicated that 77 percent of respondents agreed that enterprise adoption will continue to grow, with 45 percent saying it will increase slightly and 32 percent stating it will increase significantly. Only 22 percent of respondents claimed open source adoption will remain the same and one percent replied to say it would slightly decrease.

What areas are finding the highest rate of open source adoptions? According to the survey respondents, those areas are:

  • Security – with 52 percent of respondents claiming it as a top usage
  • Cloud management tools – with 51 percent of respondents claiming it as a top usage
  • Database – with 49 percent of respondents claiming it as a top usage
  • Big data and analytics – with 47 percent of respondents claiming it as a top usage

Finally, the benefits of open source software in the enterprise was broken down by respondents claiming that higher quality software, lower total cost of ownership, better security, better cloud-native tech, and safer levering of tech were the top benefits of using open source software.

Linux Systems Vulnerable to Attack

A number of laptops have been discovered to be vulnerable to attack. The security research group Eclypsium has discovered (https://eclypsium.com/2020/2/18/unsigned-peripheral-firmware/) that hardware made by Dell, HP, and Lenovo can contain unsigned firmware in WiFi adapters, USB hubs, touchpads, and cameras. When a device uses unsigned firmware, it is considered unprotected.

Signed firmware is software that has been signed by a vendor, using a private key. When firmware has been signed, a device with the feature enabled will validate the firmware before accepting installation. The signed firmware can be trusted, so when a hardware vendor applies unsigned firmware, the chain of trust is broken and malware can find its way to those insecure pieces of hardware and do things like disable or take control of devices, steal data, and launch various types of attacks. Because these vulnerabilities are found in firmware, antivirus and anti-malware solutions are of no help, regardless of operating system.

Eclypsium has found such unsigned firmware on touchpad and TrackPoint devices in Lenovo laptops, the HP Wide Vision FHD camera on the HP Spectre x360 laptop, the WiFi adapter on the Dell XPS 15 laptop, and a VLI USB hub. As these particular brands (especially Lenovo and Dell) are favorites among the Linux community, users should immediately investigate how to upgrade the affected firmware (as the checking of firmware signatures is up to the peripheral device and not the operating system).

Nine-Year-Old Bug Found and Fixed in Sudo

Sudo is found in most Linux distributions and is responsible for elevating privileges for users, so that they can perform admin tasks. Recently it was discovered that a buffer-overflow bug (https://www.sudo.ws/alerts/pwfeedback.html) had been in hiding for nine years. This bug (CVE-2019-18634 – https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634 – which has existed in sudo versions 1.7.1 through 1.8.25p1) can be triggered when an administrator or a downstream distribution (such as any based on Debian/Ubuntu) enables the pwfeedback option in the /etc/sudoers file. Once pwfeedback is enabled, the vulnerability can be exploited by any user on the system (even those not listed in the sudoers file).

The pwfeedback option is used to hash passwords when you type them (so the irony of this feature being a security vulnerability cannot be missed).

There are two bits of good news on this front. First and foremost, the vulnerability has been patched. So long as you've updated sudo to any version beyond 1.8.25p1, you're safe. The second bit of news is that, even if you've not updated, pwfeedback isn't enabled by default in most distributions. Issue the command sudo -l to see if pwfeedback is listed among the enabled options. If not, you're good to go. If you do see pwfeedback in the output of the command, upgrade sudo immediately and consider disabling the option.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus