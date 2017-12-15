Security: Mirai, Vista 10, Starbucks, and Hacking Team Investigation
The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site).
Google security researcher Tavis Ormandy, who has previously discovered, reported, and disclosed several major bugs in Windows and its features, came across a new security vulnerability affecting Microsoft users.
This time, the flaw exists in the Keeper password manager that comes pre-installed in some Windows 10 versions, with Ormandy explaining that it’s similar to a vulnerability that he discovered in August 2016.
“I remember filing a bug a while ago about how they were injecting privileged UI into pages,” Ormandy explained on December 14. “I checked and, they're doing the same thing again with this version,” he continues.
The free Wi-Fi that the Buenos Aires Starbucks offers to its customers was being used to mine for cryptocurrency, and what’s worse, it used people’s laptops to do it.
The whole thing was discovered by Stensul CEO Noah Dinkin who actually paid a visit to the store and wanted to browse the web using the free Wi-Fi, only to discover that his laptop was unknowingly converted into a cryptocurrency miner.
He then turned to Twitter to ask Starbucks if they know about the what he described as bitcoin mining taking place without customers knowing about it.
“Hi Starbucks, did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer's laptop? Feels a little off-brand,” he said in his tweet.
The damaging data breach that exposed the secrets of an infamous surveillance tech company might go unsolved forever. After more than two years, the Italian prosecutor who was investigating the attack on the Milan-based Hacking Team has asked the case to be dismissed, according to multiple sources.
On Monday, the Milan prosecutor Alessandro Gobbis sent a notice to the people under investigation informing them that he had sent the judge a request to shut down the investigation, according to a copy of the document obtained by Motherboard.
GNOME: Bluetooth, Predictions, Librsvg and NetworkManager
Finally, this is the boring part. Benjamin and I reworked code that's internal to gnome-bluetooth, as used in the Settings panel as well as the Shell, to make it use modern facilities like GDBusObjectManager. The overall effect of this is, less code, less brittle and more reactive when Bluetooth adapters come and go, such as when using airplane mode.
Ever since Steve Jobs died it has become quite clear in my opinion that the emphasis
on the traditional desktop is fading from Apple. The pace of hardware refreshes seems
to be slowing and MacOS X seems to be going more and more stale. Some pundits have already
started pointing this out and I predict that in 2018 Apple will be no longer consider the
cool kid on the block for people looking for laptops, especially among the tech savvy crowd.
Hopefully a good opportunity for Linux on the desktop to assert itself more.
Today I released librsvg 2.40.20. This will be the last release in the 2.40.x series, which is deprecated effectively immediately.
People and distros are strongly encouraged to switch to librsvg 2.41.x as soon as possible. This is the version that is implemented in a mixture of C and Rust. It is 100% API and ABI compatible with 2.40.x, so it is a drop-in replacement for it. If you or your distro can compile Firefox 57, you can probably build librsvg-2.41.x without problems.
GNOME developer Beniamino Galvani announced the availability of the first point release of the NetworkManager 1.10 open-source network connection manager software.
NetworkManager is the most popular network connection manager tool these days, coming pre-installed with numerous GNU/Linux distributions. The latest stable release, NetworkManager 1.10.2, is here about five weeks after the launch of NetworkManager 1.10.0 to add a handful of new features and improvements.
Parrot Security 3.10 Ethical Hacking OS Adds Full Firejail/AppArmor Sandboxing
ParrotSec devs released today a new stable version of their Debian-based Parrot Security OS ethical hacking and penetration testing GNU/Linux distribution.
There are many enhancements implemented in the Parrot Security OS 3.10 release, but the biggest new feature is the introduction of a full Firejail and AppArmor sandboxing system that should proactively protect the operating system from attacks by isolating its components with the combination of various security techniques.
"The first experiments were already introduced in Parrot 3.9 with the inclusion of Firejail, but we took almost a month of hard work to make it even better with the improvement of many profiles, the introduction of the AppArmor support and enough time to make all the tests," reads today's announcement.
Also: Parrot 3.10 is out
GNOME 3.27.3 Released
GNOME 3.27.3, the third development snapshot in the 3.28 development cycle, is now available.
A few more modules have been ported to meson, and lots of development is happening across all modules. To point out a few highlights, dconf-editor is seeing significant work, and evolution has had many bug fixes.
Matthias Clasen of Red Hat announced the release of GNOME 3.27.3 this weekend.
GNOME 3.27.3 is the latest in a string of development releases leading up to the stable GNOME 3.28 debut in March.
GNOME leader Matthias Clasen announced a few moments ago the availability of the third development snapshot towards the GNOME 3.28 desktop environment for GNU/Linux distributions.
The development cycle of the upcoming GNOME 3.28 desktop environment continues today with the GNOME 3.27.3 milestone, which ports more components to the Meson build system and adds various improvements to various apps and tools, including the Evolution email and calendar client, NetworkManager network connection manager, and dconf-editor.
