Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close
Thank you for contacting us. A member of our team will be in touch shortly. Close
Last Friday (11 May 2018) we learned that a snap was mining cryptocurrency in the background while the application was running. The practical implication of that is the overuse of local resources on a user’s system, well beyond what a typical application would use, consuming more energy than would be expected. The net effect is ...
For some time, we’ve wanted a mechanism to alert snap publishers to security updates which affect their snaps. All the pieces have come together and we are now sending alerts via email. Stated more precisely, publishers who use ‘stage-packages’ in their snapcraft.yaml will now be alerted when Ubuntu Security Notices (USNs) have been issue ...
As details of the Meltdown and Spectre vulnerabilities1 have become clearer a number of statements have been published by the multiple vendors affected; Canonical has issued advisories and updates on fixes and mitigations, the latest of which includes a first round of Spectre mitigations. However, most of these statements focus on the mec ...
Canonical holds Ubuntu to the highest standards of security and quality. This week we published candidate Ubuntu kernels providing mitigation for CVE-2017-5715 and CVE-2017-5753 (ie, Spectre / Variants 1 & 2) to their respective -proposed pockets for Ubuntu 17.10 (Artful), 16.04 LTS (Xenial), and 14.04 LTS (Trusty). We have also expande ...
For up-to-date patch, package, and USN links, please refer to: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown Unfortunately, you’ve probably already read about one of the most widespread security issues in modern computing history — colloquially known as “Meltdown” (CVE-2017-5754) and “Spectre” (CVE-2017-5753 an ...
We are pleased to announce that officially certified FIPS 140-2 level 1 cryptographic packages are now available for Ubuntu 16.04 LTS for Ubuntu Advantage Advanced customers and as a separate, stand-alone product. In 2016 Canonical began the process of completing the Cryptographic Module Validation Program to obtain FIPS 140-2 validation ...
DeNA is one of the most popular mobile and online platforms in Japan, offering games, e-commerce, entertainment, healthcare, and automotive services. The always-on DeNA infrastructure is powered by Ubuntu. When Canonical released Livepatch in October 2016, with the ability to patch servers without downtime, DeNA saw an opportunity to redu ...
The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] Due to the holiday l ...
Of course you know Ubuntu. Your developers use it everywhere. But you’re from an enterprise, where the IT Security team has the final say. As they should. Before your app built on Ubuntu can go into production, you need their signoff. So what’s the security story with Ubuntu? How is it hardened? Are there best ...
When building or deploying any IoT device either in remote locations or consumer’s homes, it is now essential for manufacturers to consider and review how their devices can be future-proofed once it leaves their warehouses – such as update mechanisms and deploying security patches quickly. This is particularly so in the consumer market wh ...
The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] During the last we ...
The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] During the last week ...