security Archives - Heiko's Blog

Qemu and libvirt security – ppa:jacob/virtualisation

I’m running Linux Mint 18.3 which is based on Ubuntu 16.04 Xenial. Until yesterday I used the Personal Packet Archive ppa:jacob/virtualisation to get more up-to-date releases of Qemu, libvirt, and virt-manager.

Ubuntu and Linux Mint recently released security updates for their official (but old) qemu and libvirt packages to address the Meltdown and Spectre vulnerabilities. Unfortunately the Ubuntu 16.04 releases in the ppa:jacob/virtualisation archive have not been updated, judging from the upload date.

Why run Windows on Linux?

Last edited: May 31, 2020

I’ve written several tutorials on “how to make dual-boot obsolete using VGA passthrough“, yet one may ask why run Windows on Linux? Most PC or laptop come pre-installed with Windows, in fact its rare to see computers pre-installed with Linux. So why not just leave Windows and install Linux in a virtual machine (VM), for example using Oracle VirtualBox?

Installing Linux in a VirtualBox VM is definitely a lot easier than following my tutorials on VGA passthrough (VFIO). Not only that, most computer users who want or need to use both Windows and Linux will find that this simple solution is all they need.

Linux Security Part 2

I already wrote about why I think Linux is the way to go, and why I consider Linux more secure than most commercial operating systems. But what if your favorite distribution gets hacked?

Exactly this happened a little more than a year ago, when the Linux Mint website – probably the most popular Linux distribution – got hacked. The hacker placed a backdoored version of the Linux Mint ISO onto the download page. The perpetrator was also successful in hacking into the forum and stealing all user data and passwords. The user data / passwords are still available for purchase on the dark net, anyone paying the requested amount can download it.

Today, a year later, the Linux Mint forum and community websites are down. In the meantime the site has come up – according to a admin note it was shutdown for maintenance.

Monitoring Hard Drives Using Smartmontools

Yesterday I wrote about Linux security and the need for monitoring hard drives for failure symptoms. As if this was an omen, today the following message popped up on my screen:

At any given time, my PC runs between 6 to 10 hard drives of varying size and make. In recent years I’ve replaced some old and small 1TB and 2TB drives for larger 3TB and 4TB drives, sometimes replacing two drives for one. I’m also adding more SSD to improve performance, but my main data storage still uses mechanical hard drives.

Linux Security

In my “Why Linux” post, I explained the advantages of Linux over commercial operating systems such as Microsoft Windows or Apple OS. In this post I like to point out some of the risks running Linux. The risks are by no means limited to Linux – you run the same or similar risks with all the other OS. So why bother reading this post?