As IT workers continue their arduous job of protecting network users from the bad guys, some new tools could help stem the tide of vulnerabilities that continue to add up to open source and proprietary software.

Canonical and Microsoft reached a new agreement to keep their two cloud platforms running well together. Meanwhile, Microsoft apologized to open-source software developers. But BitLocker made no apology for shutting down Linux users.

Let’s take a look at the latest open-source software industry news.

New open-source tool helps devs spot exploits

Vulnerability software platform firm Resilien announced on August 12 the availability of its new open-source tool MI-X from its GitHub repository. The CLI tool helps researchers and developers quickly know whether their containers and hosts are affected by a specific vulnerability to shorten the attack window and create an effective treatment plan.

Yotam Perkal, director of vulnerability research at Resilion, said, “Cyber ​​security vendors, software providers, and CISA are issuing daily vulnerability disclosures alerting the industry to the fact that all software is built with mistakes, which are often immediately detected. should be addressed.”

“With this flow of information, the launch of Mi-X provides users with a repository of information to validate the exploitability of specific vulnerabilities, creating greater focus and efficiency around patching efforts,” he added.

“As an active participant in the vulnerability research community, this is an impressive milestone for developers and researchers to collaborate and build together,” Perkle said.

Current tools fail to factor in exploitability as organizations grapple with critical and zero-day vulnerabilities, and scramble to understand whether they are affected by that vulnerability. It’s an on-going race to figure out the answer before the threatening actor.

To determine this, organizations need to identify a vulnerability in their environment and find out whether this vulnerability is indeed exploitable, for which there is a mitigation and treatment plan.

Current vulnerability scanners take too long to scan, don’t factor in exploit potential, and often miss it entirely. This is what happened with the Log4j vulnerability. According to Resilien, a lack of equipment gives threat actors plenty of time to exploit a flaw and do major damage.

The launch of Mi-X is the first in a series of initiatives to foster a community to detect, prioritize and address software vulnerabilities.

Linux thrives along with growing security crisis

Recent data monitoring of more than 63 million computing devices across 65,000 organizations shows that the Linux OS is alive and well within businesses.

New research from IT asset management software firm Lensweeper shows that even though Linux lacks the more widespread popularity of Windows and macOS, a lot of corporate devices still run the Linux operating system.

Scanning data from more than 300,000 Linux devices in approximately 26,000 organizations, Lensweeper also revealed the popularity of each Linux operating system based on the total amount of IT assets managed by each organization.

The company released its discovery on August 4, noting that around 32.8 million people worldwide use Linux, about 90% of all cloud infrastructure and nearly all of the world’s supercomputers are dedicated users.

Research by Lensweeper showed that CentOS is the most widely used (25.6%) followed by Ubuntu (20.8%) and Red Hat (15%). The company didn’t break down the percentages of users of many of the other Linux OS distributions in use today.

Chart showing Linux devices by company size

Lensweeper suggested that businesses exhibit a disconnect between using Linux for their enhanced security and proactively putting security processes in place.

Two recent Linux vulnerabilities this year — Dirty Pipe in March and Nimbuspun in April — plus new data from Lensweeper show that businesses are going blind when it comes to the security under their roof.

“It is our belief that the majority of devices running Linux are business-critical servers, which are desired targets for cybercriminals, and the logic suggests that the larger the company, the more Linux devices that need to be protected. ,” said Roel Decnett, chief strategy officer at Lensweeper.

“With so many versions and ways of installing Linux, IT teams are faced with the complexity of tracking and managing devices as well as trying to keep them safe from cyberattacks,” he explained.

Since its launch in 2004, Lensweeper has been developing a software platform that scans and inventory all types of IT equipment, installed software and active users on a network. It allows organizations to centrally manage their IT.

BitLocker, Linux Dual Booting Together Isn’t Perfect

Microsoft Windows users who want to install Linux distributions to dual boot on the same computer are now between a technical rock and a Microsoft hard place. They can thank the increased use of Windows BitLocker software for the worsening of the Linux dual-booting dilemma.

Developers of Linux distros are facing more challenges in supporting Microsoft’s full-disk encryption on Windows 10 and Windows 11 installations. The Fedora/Red Hat engineers noted that the problem is made worse by Microsoft sealing the full-disk encryption key, which is then sealed using Trusted Platform Module (TPM) hardware.

Fedora’s Anaconda installer cannot resize BitLocker volumes with other Linux distribution installers. The workaround is first resizing the BitLocker volume within Windows to create enough free space for the Linux volume on the hard drive. This useful detail is not covered in the often vulnerable installation instructions for dual-booting Linux.

A related problem complicates the process. The BitLocker encryption key imposes another deadly restriction.

To seal, the key must match the boot chain measurement in the TPM’s Platform Configuration Register (PCR). Using the default settings for GRUB in the boot chain for a dual boot setup produces incorrect measurement values.

According to the discussion of the problem in the Fedora mailing list, users trying to dual boot when attempting to boot Windows 10/11 are then left at the BitLocker recovery screen.

Microsoft, Canonical: A Case of Opposites Attract

Canonical and Microsoft have tightened the business knot connecting them with the common goal of better securing the software supply chain.

Both software companies announced on August 16 that native .NET is now available for Ubuntu 22.04 hosts and containers. This collaboration between .NET and Ubuntu provides enterprise-grade support.

Support lets .NET developers install the ASP.NET and .NET SDK runtimes from Ubuntu 22.04 LTS with a single “apt install” command.

Check out the full details here and watch this short video for updates:

Microsoft reverses open-source app sales ban

In what could be the latest case of Microsoft opening its marketing mouth to stumbling blocks, the company recently rattled software developers by banning the sale of open-source software in its App Store. Microsoft has since reversed that decision.

Microsoft had announced new terms for its App Store, effective July 16. The new terms state that not all pricing may attempt to profit from open source or other software that is otherwise generally available at no cost. Many software developers and re-distributors of free- and open-source software (FOSS) sell installable versions of their products at the Microsoft Store.

Redmond said the new restrictions would address the problem of “misleading listings”. Microsoft claimed that FOSS licenses allow anyone to post a version of a FOSS program written by others.

However, the developers pushed back, noting that the problem is easily solved in the same way regular stores solve it – through trademarked names. Consumers may disclose the actual sources of the Software Products from third-party re-packers with pre-existing trademark rules.

Microsoft has since accepted and removed references to open-source pricing restrictions in its store policies. The company clarified that the previous policy was intended to “help protect customers from misleading product listings”.

More information is available in the Microsoft Store Policies document.

Isolation from friends and other factors during the pandemic contributed to a significant increase in screen use by tweens and teens from pre-pandemic levels.

Common Sense Media – a non-profit organization dedicated to improving the lives of all children and families – released a detailed report in March showing that screen use grew faster in 2021 than in the previous four years. . This use of tweens was six times higher in the past two years.

The pandemic was a major contributor to the change in screen usage. According to the study, the popularity of platforms like TikTok continues to grow and it may be getting more usage.

The researchers sought details about whether there were any lasting differences in youth’s use of screen media as societies began to reopen in the fall of 2021. They focused on US tweens (ages eight to 12) and teens (ages 13 to 18) and the amount of time they spent using digital devices in addition to the time they spent doing online classes and homework.

Total entertainment screen use among tweens and adolescents per day, 2015 to 2021

2021 Common Sense Census: Media Use by Twins and Teens

Entertainment screen use includes time spent watching television and online video, playing video games, using social media, browsing websites, creating content, e-reading, and other digital activities. In 2021, for the first time, time spent reading e-books was included in the total (six minutes among tweens and eight among teens), and time spent watching movies in movie theaters and using iPod Touch. was not included (accounted for seven minutes among adolescents and six minutes among adolescents in 2019). Source: Common Sense Media

The results show no dramatic change in the overall pattern of media use by tweens and adolescents in terms of the type of equipment used. The amount of time they devote to non-school screen activities has increased significantly, as social media use has spread somewhat among younger age groups.

Online video has cemented its place at the top of young people’s media hierarchy. However, video gaming did not increase dramatically during the pandemic. The top activities remain the same – online video, gaming and social media. In addition, the general pattern between tweens and teens, or between boys and girls, has continued.

Media can be used both positively or negatively. Vulnerable children are using the media excessively, or using media that contributes to mental health issues, according to Mike Robb, senior director of research at Common Sense Media.

“We need to be able to identify and support those children. But there are also some children who are using the media to lift their mood, connect with friends, or support their mental health. We need to make sure we are not explicitly displaying all screen time,” he told TechNewsWorld.

“It really depends on who’s using it, what they’re using, and what needs they’re meeting.”

More Media Experiment Findings

The report found eight key results in 2019 compared to the previous media usage report before the pandemic. The Common Sense Media study is the only nationally representative survey that tracks media use patterns, actually among a random sample of eight to 18-year-olds. According to James P. Steyer, founder and CEO of Common Sense Media, the United States.

site teen 2021 . wouldn’t want to live without

79 percent of 13 to 18 year olds who are regular users of social media and online videos (use at least once a week), the percentage who choose each site as a site they wouldn’t want to live without.

Sites teens won't want to live without, 2021

Source: Common Sense Media

In addition to the results cited above, the researchers found:

  • If forced to choose, teens say YouTube is the site they wouldn’t want to live without. In fact, watching online videos is the preferred media activity of both groups among both boys and girls across racial/ethnic groups and income levels.
  • The use of social media is increasing among eight to 12-year-olds. Thirty-eight percent of tweens used social media (up from 31 percent in 2019). Nearly one in five (18 percent) said they now use social media daily (up from 13 percent since 2019).
  • Teens now use social media for about an hour and a half a day, but have conflicting feelings about the medium. Even though teens devote a lot of time to social media, they don’t enjoy it as much as they do with other types of media.
  • The top five social media sites teens have used so far include Instagram (53 percent), Snapchat (49 percent), Facebook (30 percent), Discord (17 percent), and Twitter (16 percent).
  • Tweens and teens both differ greatly in the average amount of screen media they engage in each day. Boys use more screen media than girls. Black and Hispanic/Latino children use more than white children. Children from low-income households use more than those from high-income households.
  • Children consumed more media overall during the pandemic than before 2019, except for one source: reading did not increase use.
  • Nearly half of all teens listen to a podcast, and one in five said they do it at least once a week. They engage with a variety of media, including media based primarily on the spoken word.
  • A large number of black, Hispanic/Latino children from low-income families still do not have access to computers at home. It is one of the most basic building blocks of digital equity.

dangerous consequences

Rob was struck by the huge increase in the amount of screen time in the last two years compared to the four years before the pandemic. From 2015 to 2019, media use for tweens grew only three percent. For teens, it increased to 11 percent.

However, from 2019 to 2021 alone, media use for both tweens and teens increased by about 20 percent. This is about six times the increase we saw for tweens alone before the pandemic.

“I am also impressed by the fact that 38 percent of tweens use social media, despite the fact that most platforms are not meant to be used by people under the age of 13,” he said.

Top entertainment screen media activities among tweens and teens, 2021

Top entertainment screen media activities among tweens and teens, 2021

Video game refers to a game played on a console, computer or portable game player. Mobile game refers to a game played on a smartphone or tablet. Source: Common Sense Media

What children do with media is as important or more important as the amount of time they spend with media, Rob offered. If kids are using great content, using technology to socialize with their friends and using technology to express themselves, they don’t think we need to worry so much about time. Is required.

“It’s when media use is replacing important activities, such as socializing, spending quality time with family, or sleeping, that worries me,” he said.

Researchers’ Tech

The researchers noted that they were surprised to find no significant expansion of new tablet and smartphone distribution among tweens and teens. He said the survey did not indicate that this had happened.

“We are beginning to see a slight trend towards the use of social media in earlier eras. This is particularly interesting given the ongoing debate about the impact of social media on the well-being of young people,” he wrote.

The other new media product pushed by Facebook (now Meta) is immersive media, which is accessed through virtual reality. The increase in time is only for entertainment media and not for school, distance learning or homework, Rob clarified.

At this point, use of the new medium has been slow to catch on; Slower, in fact, than the growth of podcasts, notes the report.

“I keep wondering if we’ll reach the media usage limit at some point, but we haven’t yet,” Rob said.

Changing thoughts on the impact of children

A recent study (Rideout & Robb, 2021) shows that many young people have used their digital devices during the pandemic to socialize with friends online, learn about the things they do and create and share their content. did. Steyer of Common Sense Media wrote in the conclusion of the report that this work suggests that parents and teachers should be careful about reducing children’s screen time consumption.

“It clearly plays an important role for many tweens and teens during the pandemic,” he said.

This latest survey of children’s media use shows that activities such as content creation, video chatting and online reading occur frequently among young people and are important and meaningful to them. But this increased screen time still constitutes a small fraction of overall screen usage, Steyer warned.

“Ultimately, the amount of time young people spend on content produced by others is still heavily dominated, whether it is the content they watch, read, play, or scroll through. Media given by children As time goes by, it is more important to elevate quality media by creating and highlighting shows, games, apps and books that create, inspire and provide positive representation,” he concluded.

2021 Common Sense Census: Media Use by Twins and Teens Report Available here.