Scott's Weblog The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking

Technology Short Take 176

Welcome to Technology Short Take #176! This Tech Short Take is a bit heavy on security-related links, but there’s still some additional content in a number of other areas, so you should be able to find something useful—or at least interesting—in here. Thanks for reading!




  • In early February a vulnerability was uncovered in a key component of the Linux boot process. The vulnerability affects virtually all Linux distributions and allows attackers to bypass the secure boot protections and insert a low-level bootkit. While the requirements for exploiting the vulnerability are not insurmountable, they do require a certain level of effort. More details available via Ars Technica and via ZDnet.
  • Nick Frichette shares how to bypass GuardDuty Tor client findings (basically, how to connect to Tor without GuardDuty detecting it).
  • The Sysdig Threat Research Team uncovered the malicious use of a network mapping tool called SSH-Snake. Read more about it in this post.
  • VMware is patching a set of severe “sandbox escape” bugs. Two of the vulnerabilities are rated a 9.3 out of 10, and even VMware’s flagship ESXi hypervisor is affected. More details are available from Ars Technica.
  • Think Linux doesn’t have malware? A new Bifrost remote access trojan (RAT) for Linux employs a number of techniques to remain hidden, including using a “VMware-esque” domain name for command and control servers.
  • And here’s another example of malware that is targeting Linux (along with Windows).
  • This would be why I hate it when companies force me to use SMS for two-factor authentication—at least let me use a one-time passcode or something.

Cloud Computing/Cloud Management

Operating Systems/Applications



  • In the wake of Broadcom discontinuing VMware ESXi Free, Nutanix is hoping to fill the gap with Nutanix Community Edition. Vladan Seget provides some additional details in his blog post. Given that Nutanix Community Edition is based on the open source KVM hypervisor, this could lead to greater KVM adoption among small businesses and virtualization hobbyists who formerly would have used VMware’s solution.
  • Staf Wagemakers (I think I have the name right) describes running OpenBSD as a UEFI virtual machine on a Raspberry Pi.
  • I stumbled across a pair of articles by Greg Gant on the use of QEMU to run older versions of Mac OS (including pre-Mac OS X versions): there’s the original piece, and then an updated piece.

Career/Soft Skills

That’s all for now! I always love hearing from readers, so if you found something useful in this post—or in any post—don’t hesitate to reach out! You can reach me on Twitter, on the Fediverse, or in a number of different Slack communities. You’re also welcome to drop me an e-mail; my address is here on the site (it’s not hard to find). Enjoy!

Metadata and Navigation

Be social and share this post!