New Linux Malware Called EvilGnome Discovered; First Preview of Fedora CoreOS Now Available; Germany Bans Schools from Using Microsoft, Google and Apple; VirtualBox 6.0.10 Released; and Sparky 5.8 Has New Live/Install Media for Download

News briefs for July 18, 2019.

New Linux malware has been discovered that masquerades as a GNOME shell
extension and spies on users. Bleeping
Computer reports that Intezer Labs' researchers made the discovery earlier this
month, and they say that "EvilGnome's functionalities include desktop screenshots,
file stealing, allowing capturing audio recording from the user's microphone
and the ability to download and execute further modules. The implant contains an
unfinished keylogger functionality, comments, symbol names and compilation metadata
which typically do not appear in production versions." See Intezer's blog
for more on EvilGnome.

Fedora recently announced
the first preview release of Fedora CoreOS. From the announcement:
"Fedora CoreOS is built to be the secure and reliable host for your compute
clusters. It's designed specifically for running containerized workloads without
regular maintenance, automatically updating itself with the latest OS improvements,
bug fixes, and security updates. The initial preview release of Fedora CoreOS
runs on bare metal, QEMU, VMware, and AWS, on x86_64 only." Go here to download and get started with
Fedora CoreOS.

Germany has banned its schools from using cloud-based productivity suites from
Microsoft, Google, and Apple, because the companies weren't meeting the country's
privacy requirements. Naked
Security reports, that the statement from the Hessische Beauftragte für Datenschutz und
Informationsfreiheit (Hesse Commissioner for Data Protection and Freedom of
Information, or HBDI) said, "The digital sovereignty of state data processing must
be guaranteed. With the use of the Windows 10 operating system, a wealth of
telemetry data is transmitted to Microsoft, whose content has not been finally
clarified despite repeated inquiries to Microsoft. Such data is also transmitted
when using Office 365." The HBDI also stressed that "What is true for Microsoft is also
true for the Google and Apple cloud solutions. The cloud solutions of these
providers have so far not been transparent and comprehensible set out. Therefore,
it is also true that for schools, privacy-compliant use is currently not possible."

VirtualBox 6.0.10 was released this week. According to Linux
Uprising, it's a maintenance release with mostly bug fixes, but it does have
one main new addition: "support for UEFI secure boot driver signing on Ubuntu and
Debian 10+ hosts". See the full Changelog for more
details.

Sparky 5.8 "Nibiru" has new live/install media available to download. This is the
first release of the stable line based on Debian 10 "Buster". Changes include Linux
kernel 4.19.37-5 (i686 and amd64) and 4.19.57-v7 (ARMHF), Calamares installer
updated to 3.2.11, old third party repositories have been removed and much more.
Go here to download the
Sparky stable edition.

Jill Franklin is an editorial professional with more than 17 years experience in technical and scientific publishing, both print and digital. As Executive Editor of Linux Journal, she wrangles writers, develops content, manages projects, meets deadlines and makes sentences sparkle. She also was Managing Editor for TUX and Embedded Linux Journal, and the book Linux in the Workplace. Before entering the Linux and open-source realm, she was Managing Editor of several scientific and scholarly journals, including Veterinary Pathology, The Journal of Mammalogy, Toxicologic Pathology and The Journal of Scientific Exploration. In a previous life, she taught English literature and composition, managed a bookstore and tended bar. When she’s not bugging writers about deadlines or editing copy, she throws pots, gardens and reads. You can contact Jill via e-mail, ljeditor@linuxjournal.com.

Comments are closed.