Red Hat Adds Security Features to RHEL 7.3

Today's topics include the new security features added to Red Hat Enterprise Linux 7.3; Microsoft's rollout of its Teams work collaboration application; Apple's latest MacBook Pro laptops get a low ease-of-repair score; and why Google, Apple and Mozilla will reject browser certificates from WoSign and its affiliates.

Red Hat Enterprise Linux 7.3 became generally available Nov. 3 after being in beta since September. The new release is the first major update to Red Hat's flagship platform since RHEL 7.2 debuted a year ago.

RHEL 7.3 includes a series of improvements to Security Enhanced Linux. In a bid to help provide better risk mitigation, SELinux provides an additional layer of mandatory access controls to Linux.

The upgrades to SELinux allow users to override a system module with a custom module that has a higher priority, according to Red Hat officials. By using the custom module, performance for SELinux policy management is improved with a 2x increase in speed.

As expected, Microsoft Teams debuted Nov. 2 at a media event in New York City. Microsoft's answer to the Slack group collaboration platform, the Teams business collaboration service is currently in beta and is only available as part of business Office 365 plans.

The move pits Microsoft against Slack, a fast-growing startup whose platform quickly became the group collaboration standard for organizations large and small, including Samsung, NASA's Jet Propulsion Laboratory, and interestingly, LinkedIn, a recent Microsoft acquisition.

Last week, San Francisco-based Slack announced it had surpassed 1.25 million paid seats and 33,000 paid teams.

When Apple unveiled its new three MacBook Pro models on Oct. 27, the company touted the new Touch Bar on the two premium versions and their thinner, lighter and faster form factors. But when computer tear-down specialist iFixit deconstructed one of the new MacBook Pro 13 models that contained a standard function key array, it reported that the machine only received a score of 2 on a scale of 10 for ease-of-repair.

The problem, according to iFixit, is that the new thinner, lighter and denser MacBook Pro 13 model has been designed and assembled in ways that don't allow easy disassembly. The 13-inch model with the standard function keys, which iFixit has dubbed the "Escape Edition" because it still has a physical ESC key, has a "battery [that] is stubbornly adhered and really tough to remove," according to the report, and it only has three cells instead of the six used in previous MacBook Pro machines.

A foundational element of the Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate system is that browser vendors need to trust the certificate authorities that issue certificates. For China-based CA WoSign, that trust has been lost and, as a result, hundreds of thousands of sites could have trouble in 2017 as Google, Microsoft and Mozilla will not recognize certificates issued by WoSign or its affiliate StartCom.

Security experts eWEEK contacted said CA's breach of trust is serious and that they support the browser vendors' moves to distrust WoSign.

Users should also heed warnings from browser vendors regarding untrusted sites.