Linux fréttir

Legacy app whitelist can be abused to bypass latest macOS security features, expert warns

TheRegister - Mon, 2019-06-03 12:10
Three words to ruin an Apple engineer's day: 'Patrick Wardle disclosure'

Malware can bypass protections in macOS Mojave, and potentially access user data as well as the webcam and mic – by exploiting a hole in Apple's legacy app support.…

Categories: Linux fréttir

One man went to mow a meadow, hoping Trump would spot giant grass snake under flightpath

TheRegister - Mon, 2019-06-03 11:45
Childish prank for childish visitor

Here's hoping Trump spotted the welcome willy at the Essex village of Hatfield Heath when he flew into London Stansted Airport this morning for his UK state visit.…

Categories: Linux fréttir

Pharma-testing biz Eurofins Scientific says it fell victim to 'new version' of malware

TheRegister - Mon, 2019-06-03 11:15
No data nicked in weekend attack but systems and server pulled to contain infection

Bio-analytical testing biz Eurofins Scientific today admitted it was the subject of a ransomware attack at the weekend.…

Categories: Linux fréttir

What Would Happen If All Encryption Could Be Broken?

Slashdot - Mon, 2019-06-03 10:34
"What would happen, or what should happen, if tomorrow a trivial method was discovered for Prime Factorization?" asks Slashdot reader medv4380: By trivial I mean an algorithm that runs in relatively constant time that could factor a number like 2737631357921793461914298938174501291 relatively instantly on most modern hardware today. And that even increasing the bit length wouldn't slow it down much. How much chaos would result if such a method were revealed tomorrow with little warning? Keeping it a secret only means that others may have long ago exploited the method at the expense of others. Should proof be presented without revealing the method, to reduce the impact, and who should be told first if at all? Slashdot reader Shikaku sees a real possibility of this actually happening when quantum computers are developed, adding that quantum-resistant encryption "is an ongoing experiment." But if development lags -- what would happen if all encryption could be broken?

Read more of this story at Slashdot.

Categories: Linux fréttir

Apple iPrunes iTunes: Moldering platform's death expected to be announced at WWDC

TheRegister - Mon, 2019-06-03 10:24
Service will split into separate apps for music, TV, podcasts

Apple is expected to confirm the imminent death of its iTunes service to be replaced with separate apps for music, video and podcasts.…

Categories: Linux fréttir

What does $9bn buy you? For Infineon, a Cypress hill of California semis

TheRegister - Mon, 2019-06-03 09:52
Mega-chips ahoy: German chip biz takes over piece of US real estate

Munich-based Infineon has said it will cough €9bn for California's Cypress Semiconductor.…

Categories: Linux fréttir

More facial-recognition bans, new creeper tool links girlfriends to past porno, Microsoft's AI school, and more

TheRegister - Mon, 2019-06-03 09:20
Plus machine systems can trounce humans at Quake III flag captures

Roundup Let's get right to it: here's your latest roundup of recent machine-learning related news beyond what we've already reported.…

Categories: Linux fréttir

Firmware update borks Bose boxes: Owners report crackles on Lex-i of the soundbar world

TheRegister - Mon, 2019-06-03 08:45
Heaven forfend, someone had to use their actual TV speakers

Owners of Bose kit are filling support forums with moans that a recent firmware update has introduced a deeply irritating crackling noise to "the world's best performing soundbar".…

Categories: Linux fréttir

Das geeks hit crowdfunding target: IBM mainframes are coming home

TheRegister - Mon, 2019-06-03 08:10
Plus a punched card reader and some extra manuals

Big congratulations to Adam Bradley and Chris Blackburn, who have raised enough cash to get their rescued IBM 360s back from Nuremberg.…

Categories: Linux fréttir

'U.S. Navy Says UFOs Are Real, UFO Hunters Are Thrilled'

Slashdot - Mon, 2019-06-03 07:34
dryriver writes: Vice/Motherboard writes that since the U.S. Navy admitted that its pilots encounter unidentified flying objects all the time, and mainstream news outlets like the New York Times have devoted coverage to Navy Pilots' UFO encounter stories, old UFO hunters around the world feel vindicated, and many new younger people are taking an interest in the phenomenon. For decades people who believe in UFOs, UFO lore and take UFO sightings and UFO encounters seriously have been widely ridiculed as stupid, uneducated, gullible, deluded or crazy. Now that highly trained military pilots are talking about encountering UFOs all the time and mainstream media doesn't ridicule UFO sightings anymore — this only took a few decades — a fundamental taboo appears to have been broken. UFO sightings are suddenly real, not a product of overactive imaginations, people mistaking clouds for aliens or people spreading fake news to sell books, seminars and videos. The question is, why, for so long, did mainstream media systematically ignore and ridicule a phenomenon just about everybody around the world has some knowledge of and had some exposure to? And if UFOs are "officially not crazy" now, what else that still is ridiculed by the MSM may also turn out to be "officially not crazy" in the future? As a counterpoint, long-time Slashdot reader Martin S. argues that "UFO's are real, they are unidentified flying objects. There is absolutely no evidence that they are Aliens. "If people continue to equate them with little green men then they can still expect to be ridiculed."

Read more of this story at Slashdot.

Categories: Linux fréttir

I'll just clear down the database before break. What's the worst that could happen? It's a trial

TheRegister - Mon, 2019-06-03 07:13
Hey – watch where you're pointing that code!

Who, Me? A fresh week means a fresh story to add to The Register's regular hall of shame where hapless techies tell tales of in-the-field slip-ups: welcome to Who, Me?

Categories: Linux fréttir

Nginx nJS will need patches, hotels exposed by their own security tools, Docker containers dinged, and more

TheRegister - Mon, 2019-06-03 06:03
Another week of security mishaps is in the books

Roundup Here's a quick summary of news in the world of information security beyond everything we've already covered.…

Categories: Linux fréttir

YouTube Star Who Gave Man Toothpaste-Filled Oreos Sentenced To Prison

Slashdot - Mon, 2019-06-03 03:34
CNET reports on the prison sentence given to "the YouTuber who reportedly filmed himself tricking a homeless man into eating Oreos filled with toothpaste." Barcelona prankster Kanghua Ren, 21, known to his followers as ReSet, was sentenced on Friday to 15 months in prison for his crime against the "moral integrity" of the homeless man, according to El Pais newspaper. The court also reportedly ordered Ren's YouTube and other social media channels to be shut down for five years and said he must give the victim 20,000 euros ($22,305) in compensation.... Ren was 19 when he filmed the prank in early 2017 after being challenged by one of his 1.2 million followers, according to the Times. He also gave the homeless man a 20 euro bill. Ren called the video just a bad joke, but the judge noted that he earned more than 2,000 euros in ad revenue generated from the video, the Times said. It's unlikely Ren will actually serve time behind bars, The New York Times reports, because Spanish law usually suspends sentences under two years for first-time offenders.

Read more of this story at Slashdot.

Categories: Linux fréttir

Boeing Says Some 737 Max Planes Might Have Defective Parts

Slashdot - Mon, 2019-06-03 01:42
"Boeing on Sunday said some of its 737 planes, including many 737 Max aircraft, may have faulty parts on their wings," reports CNN. Working with the Federal Aviation Administration, Boeing said it has reached out to airlines that fly 737 planes, advising them to inspect their slat track assemblies on Max and NG aircraft. The 737 NG series includes the 737-600, -700, -800 and -900 planes. Leading edge slats are an aerodynamic control surface that extend from the front of the wing. Some the tracks may not meet manufacturing standards and may need to be replaced, Boeing and the FAA said. They said if the parts are found to be defective, airlines should replace them before returning the planes to service. The faulty parts could fail prematurely or crack. The FAA said a part failure would not bring down a plane, it could damage an aircraft while in flight. Boeing has sent out a service bulletin and the FAA will issue an airworthiness directive requiring airlines to inspect and repair its slat track assemblies within 10 days. The company discovered the problem Friday, when Boeing was meeting with the parts supplier. Boeing employees noticed some of the parts were not heat treated, which led them to believe there might be a safety issue. CNBC reminds readers that the Boeing 737 Max have already been grounded worldwide after two fatal crashes, with airlines cancelling thousands of flights through August. "Boeing's CEO, Dennis Muilenburg, last week said the company had to regain the public's trust...."

Read more of this story at Slashdot.

Categories: Linux fréttir

Sunday seems really quiet. Hmm, thinks Google, let's have a four-hour Gmail, YouTube, G Suite, Cloud outage

TheRegister - Mon, 2019-06-03 00:06
Unlucky netizens struggle to connect to web giant suffering from 'network congestion'

Google is right now recovering from a multi-hour outage that knocked several of its internet services offline for unlucky netizens on Sunday.…

Categories: Linux fréttir

Ask Slashdot: Is Dockerization a Fad?

Slashdot - Sun, 2019-06-02 23:27
Long-time Slashdot reader Qbertino is your typical Linux/Apache/MySQL/PHP (LAMP) developer, and writes that "in recent years Docker has been the hottest thing since sliced bread." You are expected to "dockerize" your setups and be able to launch a whole string of processes to boot up various containers with databases and your primary PHP monolith with the launch of a single script. All fine and dandy this far. However, I can't shake the notion that much of this -- especially in the context of LAMP -- seems overkill. If Apache, MariaDB/MySQL and PHP are running, getting your project or multiple projects to run is trivial. The benefits of having Docker seem negilible, especially having each project lug its own setup along. Yes, you can have your entire compiler and Continuous Integration stack with SASS, Gulp, Babel, Webpack and whatnot in one neat bundle, but that doesn't seem to dimish the usual problems with the recent bloat in frontend tooling, to the contrary.... But shouldn't tooling be standardised anyway? And shouldn't Docker then just be an option, who couldn't be bothered to have (L)AMP on their bare metal? I'm still skeptical of this Dockerization fad. I get it makes sense if you need to scale microsevices easy and fast in production, but for 'traditional' development and traditional setups, it just doesn't seem to fit all that well. What are your experiences with using Docker in a development environment? Is Dockerization a fad or something really useful? And should I put up with the effort to make Docker a standard for my development and deployment setups? The original submission ends with "Educated Slashdot opinions requested." So leave your best answers in the comments. Is Dockerization a fad?

Read more of this story at Slashdot.

Categories: Linux fréttir

To Protect Secrets, US Won't Charge Assange Over Exposing CIA Tools, Reports Politico

Slashdot - Sun, 2019-06-02 22:25
Some interesting news from Politico. America's Justice Department will still prosecute Julian Assange for allegedly assisting Chelsea Manning, and for 17 counts of violating the Espionage Act -- but "has decided not to charge Julian Assange for his role in exposing some of the CIA's most secret spying tools, according to a U.S. official and two other people familiar with the case." It's a move that has surprised national security experts and some former officials, given prosecutors' recent decision to aggressively go after the WikiLeaks founder on more controversial Espionage Act charges that some legal experts said would not hold up in court. The decision also means that Assange will not face punishment for publishing one of the CIA's most potent arsenals of digital code used to hack devices, dubbed Vault 7. The leak -- one of the most devastating in CIA history -- not only essentially rendered those tools useless for the CIA, it gave foreign spies and rogue hackers access to them... [P]rosecutors were worried about the sensitivity of the Vault 7 materials, according to an official familiar with the deliberations over whether to charge Assange. Broaching such a classified subject in court risks exposing even more CIA secrets, legal experts said.

Read more of this story at Slashdot.

Categories: Linux fréttir

Eric S. Raymond Calls SaaS 'Dangerous', 'Worse Than Proprietary Software'

Slashdot - Sun, 2019-06-02 21:17
After Salesforce warned it retailers to stop selling military-style files, a larger issue was identified by Eric S. Raymond: software as a service. If the provider decides it doesn't want your business, you probably have no real recourse. OK, you could sue for tortious interference in business relationships, but that's chancy and anyway you didn't want to be in a lawsuit, you wanted to conduct your business. This is why "software as a service" is dangerous folly, even worse than old-fashioned proprietary software at saddling you with a strategic business risk. You don't own the software, the software owns you. It's 2019 and I feel like I shouldn't have to restate the obvious, but if you want to keep control of your business the software you rely on needs to be open-source. All of it. All of it. And you can't afford it to be tethered to a service provider even if the software itself is nominally open source. Otherwise, how do you know some political fanatic isn't going to decide your product is unclean and chop you off at the knees?

Read more of this story at Slashdot.

Categories: Linux fréttir

Massive Google Cloud Outage Takes Down YouTube, Gmail, and Snapchat In Parts of US

Slashdot - Sun, 2019-06-02 20:16
An anonymous reader quotes the Verge: YouTube, Snapchat, Gmail, Nest, Discord, and a number of other web services are suffering from outages in the U.S. today. The root cause appears to be problems with Google's Cloud service which powers apps other than just Google's own web services. Google has issued a status update on its Cloud dashboard, noting that issues began at around 3:25PM ET / 12:25PM PT. The issues appear to be mostly affecting those on the East Coast of the US, but some YouTube and Gmail users across Europe are also reporting that they're unable to access the services. Discord and Snapchat users are experiencing issues logging into the apps, and these both use Google Cloud on the backend.

Read more of this story at Slashdot.

Categories: Linux fréttir

Scammers Try Elaborate Fake Job Interviews On Google Hangouts

Slashdot - Sun, 2019-06-02 19:34
Ars Technica documents "a new breed of digital fraudsters" using a complicated scam to prey on white-collar job-seekers. It involves setting up a fake job interview process and the promises of high-paying work: Like most successful cons, this one involved gaining the willing consent of its victim through some combination of greed, fear, or desperation... The recruiter was responding to the application I had submitted a day earlier for a remote-work tech writer position at a biotech firm... The following day, I logged onto Google Hangouts, properly dressed and groomed for the video chat I'd been preparing for. To my surprise, I learned that the interview would be conducted using Hangouts' text messaging service... After a long briefing about the company, its research, and the oncology treatments it was developing, Mark began the formal part of the interview by introducing himself as the assistant chief human resources officer of the company and describing the duties I'd be expected to fulfill... But there were two questions that seemed out of place. They wanted to know which bank I used and whether it supported electronic deposits, a process in which you deposit checks by taking pictures of them with your Smartphone. It seemed like an odd thing to ask, but I told them that my bank did accept electronic deposits and moved on to the next question... Within a few minutes of submitting my answers, Mark informed me that I'd passed the interview and would receive a formal offer to work from my home as a copywriter/proofreader. My pay would be $45/hour during my one-week training and evaluation period, stepping up to $50/hour when I became an employee. The scammer even assigned fake work -- editing a monograph on cancer treatment protocols following the company's style guide -- while casually promising to send along a check to purchase the necessary high-end equipment for the job. The job-seeker was instructed to scan their deposit receipt and then email the image to the scammers. (And the check was issued from a private Catholic girls' school in Southern California -- while the job-seeker was instructed to make their purchase from "preferred vendors.") Though the scam ultimately wasted 'more than two days worth of my time," at least it revealed something about today's online job sites. "After some more digging, it quickly became apparent that the False Flag Employer scam I nearly fell for is an increasingly common type of cybercrime."

Read more of this story at Slashdot.

Categories: Linux fréttir

Pages

Subscribe to netserv.is aggregator - Linux fréttir