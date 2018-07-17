Security Leftovers
Security updates for Tuesday
Ex-cyber officials demand to know security measures for 2020 Census
In a letter Monday, coordinated by Georgetown Law's Institute for Constitutional Advocacy and Protection, the former officials asked Ron Jarmin, acting director of the Census Bureau, and Commerce Secretary Wilbur Ross to publicly explain the technical protocols and systems the bureau will use to ensure the security of data obtained electronically in the 2020 Census.
Developer faces prison after admitting admin software was really a RAT
On Monday, Grubbs signed a plea agreement that admitted that from 2015 to 2017 he designed LuminosityLink and sold it for $40 apiece to more than 6,000 individuals, knowing that some of them were using it maliciously. While previously claiming the software was a legitimate tool for system administrators, Monday’s plea agreement admitted he knew some customers were using it to control computers without owners’ knowledge or permission.
60% of Indian computers vulnerable [Ed: Fails to mention Microsoft Windows with its back doors]
Stable kernels 4.17.7, 4.14.56, 4.9.113 and 4.4.141
Open-spec NAS SBC with 4x SATA 3.0 ports relaunches
Kobol has relaunched its open-spec “Helios4” NAS SBC and fanned system. The Helios4 runs Debian on a Marvell Armada 388 SoC with 2GB ECC RAM and offers 1x GbE, 2x USB 3.0, and 4x SATA 3.0 ports for up to 48TB. In May 2017, Singapore-based startup Kobol attempted to launch its open-spec Helios4 SBC and fan-equipped system for network attached storage (NAS) on Kickstarter. A total of 337 backers ponied up $74K for the Helios4, which also supports media streaming and file sharing. Kobol fell short of its $110K funding goal, but it fulfilled the last of its KS orders in January. The company is now running its own funding campaign to manufacture a second 500-unit batch.
Cutelyst 2.5.0 released
Cutelyst a C++ web framework based on Qt got a new release. This release has some important bug fixes so it’s really recommended to upgrade to it. Most of this release fixes came form a side project I started called Cloudlyst, I did some work for the NextCloud client, and due that I became interested into how WebDAV protocol works, so Cloudlyst is a server implementation of WebDAV, it also passes all litmus tests. WebDAV protocol makes heavy use of REST concept, and although it uses XML instead of JSON it’s actually a good choice since XML can be parsed progressively which is important for large directories.
