GNU/Linux and Security Leftovers

posted by Roy Schestowitz on Oct 14, 2025

• GNU/Linux

  • XDA ☛ Using Linux to simulate internet outages in my home lab was the best bad idea

    When you run a home lab, it is easy to think everything works perfectly until something breaks. I wanted to see how my setup handled chaos, so I created controlled internet outages using Linux tools. The goal was to test my recovery procedures, alert systems, and overall network resilience. What I found was a mix of learning moments, avoidable mistakes, and some genuinely helpful discoveries that improved how I run my network.

    It began as a harmless idea: to simulate brief service drops to ensure my automations could recover. Within hours, it grew into complete network isolation experiments that left parts of my lab unresponsive. I learned the hard way that simulated chaos needs careful planning and tight control. Still, the insights gained from those failures made it one of the most valuable experiments I have conducted in my home lab.

  • Games

    • Boiling Steam ☛ New Steam Games Playable on the Steam Deck, with Absolum - 2025-10-11 Edition

      Between 2025-10-04 and 2025-10-11 we selected 8 newly released games that are rated as Verified or Playable on the Steam Deck, and meeting specific criteria in terms of user ratings. This time I’d like to point out Absolum as a highlight - it seems to be an absolute blast if you like action / roguelite games in the same vein as Hades. Here’s the whole list below.

  • Desktop Environments (DE)/Window Managers (WM)

    • System76 ☛ Betting on Beta: Oryx Pro debuts with new Pop!_OS

      The System76 Oryx Pro laptop is back! It’s faster, lighter, made with silver aluminum and a bigger, more immersive display. And, it’s now the first laptop with Pop!_OS and COSMIC preloaded.

• Distributions and Operating Systems

  • SUSE/OpenSUSE

    • OpenSUSE ☛ Leap Powers Consultants on the Move

      From airport lounges to boardrooms across Europe and beyond, the tool of choice for one tech consultant is Slimbook Executive edition powered by openSUSE Leap; it’s a reliable, secure, and flexible Linux machine that seamlessly adapts to the ever-changing demands of independent consulting.

  • Debian Family

    • Wouter Verhelst: RPM and ECDSA GPG keys

      Dear lazyweb,

      At work, we are trying to rotate the GPG signing keys for the GNU/Linux packages of the eID middleware

      We created new keys, and they will be installed on all GNU/Linux machines that have the eid-archive package installed soon (they were already supposed to be, but we made a mistake).

• Security

  • Security Week ☛ Spanish Authorities Dismantle ‘GXC Team’ Crime-as-a-Service Operation

    The authorities arrested GoogleXcoder, the alleged administrator of GXC Team, which offered phishing kits and Android malware.

  • LWN ☛ Security updates for Monday

    Security updates have been issued by AlmaLinux (compat-libtiff3, iputils, kernel, open-vm-tools, and vim), Debian (asterisk, ghostscript, kernel, linux-6.1, and tiff), Fedora (cef, chromium, cri-o1.31, cri-o1.32, cri-o1.33, cri-o1.34, docker-buildx, log4cxx, mingw-poppler, openssl, podman-tui, prometheus-podman-exporter, python-socketio, python3.10, python3.11, python3.12, python3.9, skopeo, and valkey), Mageia (open-vm-tools), Red Hat (compat-libtiff3, kernel, kernel-rt, vim, and webkit2gtk3), and SUSE (distrobuilder, docker-stable, expat, forgejo, forgejo-longterm, gitea-tea, go1.25, haproxy, headscale, open-vm-tools, openssl-3, podman, podofo, ruby3.4-rubygem-rack, and weblate).

  • SANS ☛ Heads Up: Scans for ESAFENET CDG V5 , (Mon, Oct 13th)

    In January, a possible XSS vulnerability was found in the electronic document security management system ESAFENET CDG. This was the latest (as far as I can tell) in a long list of vulnerabilities in the product. Prior vulnerabilities included SQL injection issues and weaknesses in the encryption used to safeguard documents. In other words: A typical "secure" document management system. The product appears to be targeting the Chinese market, and with a website all in Chinese, I doubt it is used much, if at all, outside China.