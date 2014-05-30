Language Selection

English French German Italian Portuguese Spanish

Mozilla: FirefoxOS, Extensions in Firefox 62, Vision for Engineering Workflow at Mozilla and More

Submitted by Roy Schestowitz on Friday 6th of July 2018 08:40:26 AM Filed under
Moz/FF
»

More in Tux Machines

How the Kubernetes Release Process is Different Than Other Open Source Projects

The Kubernetes 1.11 release became generally available on June 27, providing users of the container orchestration with multiple new features and continued performance improvements. While Kubernetes releases were originally all led by Google staffers, that has changed in the last two years, with a rigous release management Special Interest Group (SIG) that has mandated that there be a new leader for each release. For the 1.11 release, the role of release lead was held by Red Hat's Josh Berkus, who is well known in the open-source community for his work helping to lead PostgreSQL database releases. Read more

Today in Techrights

Security: 2FA, Android, Microsoft-Connected FUD, Weak Passwords and More Scaremongering

  • Why SMS should never be used as second factor
    To have a multi-factor authentication, you need to use at least two of those. The easiest one, and therefore always used, is the knowledge factor in the form of a password. The inherent factor is by far the most complex one, since it requires specialized and expensive hardware. Also due to how those hardware work, is not possible to hash the expected value on the server side, so there is a security risk there as well. For those reasons, the possession factor is the go-to second-factor.
  • Google Releases July 2018's Android Security Patch to Fix 70 Vulnerabilities
    Google has released July 2018's Android Security Patch for all supported Pixel and Nexus devices to fix numerous security vulnerabilities and add various improvement. The Android Security Patch for July 2018 is now rolling out to Pixel and Nexus users worldwide, and, as usual, it consists of two security patch levels, 2018-07-01 and 2018-07-05, which address a total of 44 vulnerabilities across several core components, including Framework, Media Framework, Kernel and Qualcomm components, as well as Qualcomm closed-source components.
  • Top 5 New Open Source Vulnerabilities in June 2018 [Ed: Oh, great, let's just keep ignoring all those back doors in proprietary software to perpetuate the stigma of FOSS having holes. WhiteSource trying to sell its proprietary stuff by badmouthing FOSS again.]
  • Open-Source Software as Easy Target for Hackers [Ed: This is the kind of press coverage Microsoft proxies and the likes of WhiteSource hope to generate for FOSS]
  • Is open source software a cyber security risk in connected vehicles? [Ed: Here comes Microsoft 'proxy' Black Duck insinuating that FOSS is going to kill you. This is marketing/lobbying disguised as "news" or "reporting".]
  • Gentoo GitHub repo hack made possible by these 3 rookie mistakes [Ed: And Gentoo should now delete GitHub altogether because Microsoft works closely with the NSA]
    The developers of Gentoo Linux have revealed how it was possible for its GitHub organization account to be hacked: someone deduced an admin’s password – and perhaps that admin ought not to have had access to the repos anyway. [...] The wiki page also reveals that the project got lucky. “The attack was loud; removing all developers caused everyone to get emailed,” the wiki reveals. “Given the credential taken, its likely a quieter attack would have provided a longer opportunity window.” Also helpful was that “Numerous Gentoo Developers have personal contacts at GitHub, and in the security industry and these contacts proved valuable throughout the incident response.”
  • Gentoo Linux GitHub Hacked via Password Guessing [Ed: Secure systems aren't enough if you have a bad password]
    Following the recent Gentoo Linux hack the distribution’s security team started to investigate how the intrusion was made. The published report showcases exactly how the criminals have been able to break into their GitHub accounts and embedded malicious code.
  • Linux becomes major cryptomining target [Ed: At least with GNU/Linux you must install the malicious software; with proprietary OSes there are back doors that cannot be removed and NSA leaks open these up]

SF’s open-source voting effort mired in indecision

Indecision around San Francisco’s open-source voting project has kept it in “a state of hypothetical exploration for the better part of a decade,” according to a new civil grand jury report. The City’s vision for becoming the first to launch an open source voting system has suffered from having those involved in the effort scattered throughout multiple city departments and not all aligned as well as “most critically, there is not a clear project owner,” the San Francisco Open Source Voting civil grand jury report said. “San Francisco has taken a decade to debate and assess the value of open source voting. If this project continues, in ten more years, San Francisco will either have created new critical democratic infrastructure or will have wasted taxpayer dollars by perpetually planning for an unrealized future,” the report, released June 29, said. “What separates these two scenarios is strategic multilateral partnerships, open source best practices and culture, and strong commitment under unambiguous ownership.” Read more

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6