Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

Blog posts tagged
"Security"


Canonical
15 May 2018

Trust and security in the Snap Store

Desktop Article

Last Friday (11 May 2018) we learned that a snap was mining cryptocurrency in the background while the application was running. The practical implication of that is the overuse of local resources on a user’s system, well beyond what a typical application would use, consuming more energy than would be expected. The net effect is ...


Canonical
2 May 2018

Introducing developer notifications for snap security updates

Desktop Article

For some time, we’ve wanted a mechanism to alert snap publishers to security updates which affect their snaps. All the pieces have come together and we are now sending alerts via email. Stated more precisely, publishers who use ‘stage-packages’ in their snapcraft.yaml will now be alerted when Ubuntu Security Notices (USNs) have been issue ...


Christian Reis
24 January 2018

Meltdown, Spectre and Ubuntu: What you need to know

Cloud and server Article

As details of the Meltdown and Spectre vulnerabilities1 have become clearer a number of statements have been published by the multiple vendors affected; Canonical has issued advisories and updates on fixes and mitigations, the latest of which includes a first round of Spectre mitigations. However, most of these statements focus on the mec ...


Dustin Kirkland
17 January 2018

Spectre mitigation updates available for testing in Ubuntu Proposed

Cloud and server Article

Canonical holds Ubuntu to the highest standards of security and quality.  This week we published candidate Ubuntu kernels providing mitigation for CVE-2017-5715 and CVE-2017-5753 (ie, Spectre / Variants 1 & 2) to their respective -proposed pockets for Ubuntu 17.10 (Artful), 16.04 LTS (Xenial), and 14.04 LTS (Trusty).  We have also expande ...


Dustin Kirkland
4 January 2018

Ubuntu Updates for the Meltdown / Spectre Vulnerabilities

Canonical announcements Article

  For up-to-date patch, package, and USN links, please refer to: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown   Unfortunately, you’ve probably already read about one of the most widespread security issues in modern computing history — colloquially known as “Meltdown” (CVE-2017-5754) and “Spectre” (CVE-2017-5753 an ...


Chris Johnston
13 December 2017

FIPS 140-2 Certified Modules for Ubuntu 16.04 LTS

Canonical announcements Article

We are pleased to announce that officially certified FIPS 140-2 level 1 cryptographic packages are now available for Ubuntu 16.04 LTS for Ubuntu Advantage Advanced customers and as a separate, stand-alone product. In 2016 Canonical began the process of completing the Cryptographic Module Validation Program to obtain FIPS 140-2 validation ...


Canonical
12 December 2017

Canonical helps DeNA lower operational cost of always-on service

Cloud and server Article

DeNA is one of the most popular mobile and online platforms in Japan, offering games, e-commerce, entertainment, healthcare, and automotive services. The always-on DeNA infrastructure is powered by Ubuntu. When Canonical released Livepatch in October 2016, with the ability to patch servers without downtime, DeNA saw an opportunity to redu ...


Canonical
7 December 2017

Security Team Weekly Summary: December 7, 2017

Cloud and server Article

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] Due to the holiday l ...


Ellen Arnold
2 December 2017

Ubuntu: What’s the security story?

Cloud and server Webinar

Of course you know Ubuntu. Your developers use it everywhere. But you’re from an enterprise, where the IT Security team has the final say. As they should. Before your app built on Ubuntu can go into production, you need their signoff. So what’s the security story with Ubuntu? How is it hardened? Are there best ...


Sarah Dickinson
20 November 2017

Building a future-proofed IoT consumer device with brand stores

Internet of Things Article

When building or deploying any IoT device either in remote locations or consumer’s homes, it is now essential for manufacturers to consider and review how their devices can be future-proofed once it leaves their warehouses – such as update mechanisms and deploying security patches quickly. This is particularly so in the consumer market wh ...


Canonical
16 November 2017

Security Team Weekly Summary: November 16, 2017

Cloud and server Article

  The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] During the last we ...


Canonical
9 November 2017

Security Team Weekly Summary: November 9, 2017

Cloud and server Article

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] During the last week ...