10 Jan 2018
As you might have heard, there are 2 new major vulnerabilities and they are called Meltdown and Spectre.
Both are tie to the CPU manufacturing and to a process of preparing in cache the next cpu instruction leading this to a vulnerability called “speculative execution”
But I’m here just to show some real effects in AWS Cloud.
Everyone that has any instance at AWS should update their machines.
At this moment, new RedHat instances are patched but new Ubuntu instances are not yet patched so they need to be patched ASAP after creation.
It’s not yet the final solution but it patches some stuff.
Please check the pictures provided.
RedHat out-of-the-box (only git was installed)
Ubuntu 16.04 straight from AWS
Ubuntu 16.04 updated
There are tons of reading to do if you want.
Some I found that where interesting are:
https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
Ubutu: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
RedHat: https://access.redhat.com/security/cve/CVE-2017-5754
AWS: https://alas.aws.amazon.com/ALAS-2018-939.html
Nextcloud: https://nextcloud.com/blog/security-flaw-in-intel-cpus-breaks-isolation-between-cloud-containers/
Git repo used to show the status: https://github.com/abacao/spectre-meltdown-checker
AB
22 Dec 2017
If you are using WSL and AWS Cli, you might be missing the TAB to autocomplete.
Follow the instruction below and behold the magic.
which aws_completer
complete -C '/usr/local/bin/aws_completer' aws
If it works, you have to keep this instruction started in every bash, so:
Add the next line to the bottom of the file.
complete -C '/usr/local/bin/aws_completer' aws
Save, quit, start a new session and see if it worked.
AB
21 Dec 2017
Yet again another step to a better direction.
sudo apt-get -y install python-pip python-dev libffi-dev libssl-dev
pip install ansible
echo 'PATH=$HOME/.local/bin:$PATH' >> ~/.bashrc
Soon I will try to use Vagrant with Windows being the host of the VMs
AB
19 Dec 2017
Unfortunatly, in my work, I have to use Windows It started as Windows 7 and now I’m using a Windows 10 (not fully updated).
This is the way I found to install Terraform quickly in WSL (Ubuntu).
cd /tmp
wget https://releases.hashicorp.com/terraform/0.11.1/terraform_0.11.1_linux_amd64.zip
sudo mkdir -p /opt/terraform
sudo unzip /tmp/terraform_0.11.1_linux_amd64.zip -d /opt/terraform
export PATH="/opt/terraform:$PATH"
As I’m testing this, I will probably use my Terraform Snap package in a near future and maybe be able to run a full Linux system.
AB
18 Dec 2017
Who never opened a file with vim and then realized that you need to write but you forgot root?
###Easy fix:
sudo vim ~/.vimrc
add the following line
command W :execute ':silent w !sudo tee % > /dev/null' | :edit!
With this we only need to save the file like “:W”
AB
