Language Selection

English French German Italian Portuguese Spanish

Security: RDP and Free Software

Filed under
Security
  • Microsoft and Open Source RDP Clients Are Vulnerable to System Takeover Attacks [Ed: Microsoft protocols were all along designed to be vulnerable (for remote access by the state)]
  • Remote Desktop Protocols Riddled With Vulns: Check Point Finds 16 Modes of Pwnage [Ed: Remote Desktop Protocol (RDP) has long been known to be crap, but Microsoft still loves it.]
  • Open Source Software: How Good Is Its Overall Security?

    Open source software has been a boon to many individual users and businesses. Open source software development brought about the rise of the Linux and Ubuntu operating systems and the Firefox browser.

    [...]

    Although it’s possible for a rogue developer to insert malicious code into open source software, this behavior is discouraged by legitimate developers. Software developers form a close community and strive to create the best possible products, so they have a vested interest in keeping their software secure and free from problems.

    CEO Vlad Vorobiov of Ruby Garage notes, “Simply put, the more eyes are looking at code, the more bugs will be found and fixed in a stated period of time……the fact that the software has a strong community around it, which is interested to make it better and believes in its future potential, is a great security indicator on its own.”

  • The dangers of proprietary software

    Let us consider what would have happened if Apple was an open source software or project. First, you would not need to wait for the main developers to patch the issue. You could review the code, make changes and update them as you wish. You could also submit the change to the project’s repository – GitHub or GitLab – and if accepted, the updated code would be implemented for all people to benefit from.

    You wouldn’t need a resume or an interview to see if you are worthy to contribute. You would be judged based on your work. You could be a 10-year-old living in the Arctics, it would not matter.

    As for the reporting of bugs in an open source environment, you can use the available social media channels, messaging platforms or the repository management system to directly reach the main development team. A common practice within open source communities, whether it is involving public blockchains or open source software and projects.

    Such communities are openly available for collaboration, suggestions or participation via an array of social platforms – such as Telegram, Slack, Discord and IRC. This is why they are so powerful, adaptable and robust.

More in Tux Machines

Variscite unveils two i.MX8 QuadMax modules

Variscite announced Linux-powered “VAR-SOM-MX8” and “SPEAR-MX8” modules with an up to an i.MX8 QuadMax SoC plus up to 8GB LPDDR4 and 64GB eMMC. It also previewed a VAR-SOM-6UL COM. At Embedded World next week in Nuremberg, Germany, Variscite will showcase its Linux and Android driven i.MX8-family computer-on-modules, including new VAR-SOM-MX8 and SPEAR-MX8 modules that feature NXP’s highest-end i.MX8 SoC up to a QuadMax model (see farther below). We have already covered most of the other showcased products, including the 14nm fabricated, quad -A53 i.MX8M Mini based DART-MX8M-Mini. When we covered the DART-MX8M-Mini in September, Variscite didn’t have an image or product page, but both are now available here Read more

Android Leftovers

Programming: Developer Happiness, Rblpapi 0.3.8 and Python

  • Developer happiness: What you need to know
    A person needs the right tools for the job. There's nothing as frustrating as getting halfway through a car repair, for instance, only to discover you don't have the specialized tool you need to complete the job. The same concept applies to developers: you need the tools to do what you are best at, without disrupting your workflow with compliance and security needs, so you can produce code faster. Over half—51%, to be specific—of developers spend only one to four hours each day programming, according to ActiveState's recent Developer Survey 2018: Open Source Runtime Pains. In other words, the majority of developers spend less than half of their time coding. According to the survey, 50% of developers say security is one of their biggest concerns, but 67% of developers choose not to add a new language when coding because of the difficulties related to corporate policies.
  • Rblpapi 0.3.8: Keeping CRAN happy
    A minimal maintenance release of Rblpapi, now at version 0.3.9, arrived on CRAN earlier today. Rblpapi provides a direct interface between R and the Bloomberg Terminal via the C++ API provided by Bloomberg (but note that a valid Bloomberg license and installation is required). This is the ninth release since the package first appeared on CRAN in 2016. It accomodates a request by CRAN / R Core to cope with staged installs which will be a new feature of R 3.6.0. No other changes were made (besides updating a now-stale URL at Bloomberg in a few spots and other miniscule maintenance). However, a few other changes have been piling up at the GitHub repo so feel free to try that version too.
  • Episode #200: Escaping Excel Hell with Python and Pandas
  • Testing native ES modules using Mocha and esm.

Games: Steam, Devil Engine, City Game Studio and More