Security: Updates, Anitya, Dell, Password Manager Roundup and Apple is Faking It
-
Security updates for Friday
-
Get notified of new upstream releases
There is a really useful service Anitya that resides on release-monitoring.org. It watches almost 20 thousand projects for new releases and notify about them.
I maintain several packages in Fedora and the Fedora Project already makes it really convenient for me. It uses Anitya and opens a new bug against your package every time there is a new upstream release which I close once I update the package. But not every project gives you this service.
I also maintain several apps on Flathub which doesn’t provide such a service (yet). And it’s even more important to know about new upstream releases because besides the apps themselves I also have to maintain their dependencies which are not available in runtimes. Especially Evolution has quite a few of them.
-
Remote Code Execution on most Dell computers
What computer do you use? Who made it? Have you ever thought about what came with your computer? When we think of Remote Code Execution (RCE) vulnerabilities in mass, we might think of vulnerabilities in the operating system, but another attack vector to consider is “What third-party software came with my PC?”. In this article, I’ll be looking at a Remote Code Execution vulnerability I found in Dell SupportAssist, software meant to “proactively check the health of your system’s hardware and software” and which is “preinstalled on most of all new Dell devices”.
-
17-Yr-Old Finds Dell Laptops And PCs Are Vulnerable To Remote Attack
ell laptop and computer owners beware! Your machine is vulnerable to an attack that can be executed remotely to hijack your system — just by making you visit a malicious website.
As reported by ZDNet, a 17-year-old security researcher, Bill Demirkapi, discovered a vulnerability in the Dell SupportAssist utility that allows attackers to execute malicious codes remotely.
-
Dell laptops and computers vulnerable to remote hijacks
-
Password Manager Roundup
I used to teach people how to create "good" passwords. Those passwords needed to be lengthy, hard to guess and easy to remember. There were lots of tricks to make your passwords better, and for years, that was enough.
That's not enough anymore.
It seems that another data breach happens almost daily, exposing sensitive information for millions of users, which means you need to have separate, secure passwords for each site and service you use. If you use the same password for any two sites, you're making yourself vulnerable if any single database gets compromised.
There's a much bigger conversation to be had regarding the best way to protect data. Is the "password" outdated? Should we have something better by now? Granted, there is two-factor authentication, which is a great way to help increase the security on accounts. But although passwords remain the main method for protecting accounts and data, there needs to be a better way to handle them—that's where password managers come into play.
-
Apple Is Telling Lawmakers People Will Hurt Themselves if They Try to Fix iPhones
In recent weeks, an Apple representative and a lobbyist for CompTIA, a trade organization that represents big tech companies, have been privately meeting with legislators in California to encourage them to kill legislation that would make it easier for consumers to repair their electronics, Motherboard has learned.
According to two sources in the California State Assembly, the lobbyists have met with members of the Privacy and Consumer Protection Committee, which is set to hold a hearing on the bill Tuesday afternoon. The lobbyists brought an iPhone to the meetings and showed lawmakers and their legislative aides the internal components of the phone. The lobbyists said that if improperly disassembled, consumers who are trying to fix their own iPhone could hurt themselves by puncturing the lithium-ion battery, the sources, who Motherboard is not naming because they were not authorized to speak to the media, said.
-
- Login or register to post comments
- Printer-friendly version
- 591 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Android Leftovers
Gaming via Linux: Looking To The Future – What’s The Outlook For Gamers?
For a long time, of the operating systems out there, Linux was a distinct “also-ran” when it came to gaming. However, this all changed with the explosion of mobile gaming. It’s fair to say that over the years since its introduction in the early 1990s, Linux has gradually moved away from the domain of the IT-savvy developer and broken into the mainstream thanks to distributions like Ubuntu and Linux Mint – with around 1.3 billion Android devices using a Linux operating system.
Wear OS getting a new update with “Tiles” feature
Google is adding a new piece of feature to the Wear OS, once again bringing back an ounce of hope on the dying platform. The new feature makes navigation through the most-used functions of the watch much easier. Google is calling this bite-sized feature Tiles. Tiles is pretty much the same swipe feature that Google introduced for the Google Fit, Google Assistant, notifications, and quick settings last year. Earlier, swiping down from the watch face would bring up quick settings, swiping up would bring the notifications, swiping right showed the feed from the Google Assistant and swiping left showed data from Google Fit. Now with the new addition, you can keep swiping left to access more information, like the weather forecast, news headlines, calendar events, heart rate, and more.
Snek on the Arduino Mega 2560 Rev3
The Arduino Mega 2560 Rev3 is larger in almost all ways than the ATmega328P based Arduino boards. Based on the ATMega 2560 SoC, the Mega has 256K of flash, 8K of RAM and 4K of EEPROM. The processor and peripherals are compatible with the ATMega 328P making supporting this in Snek pretty easy.
Recent comments
1 hour 49 min ago
2 hours 45 min ago
2 hours 53 min ago
3 hours 12 min ago
3 hours 20 min ago
3 hours 24 min ago
3 hours 36 min ago
3 hours 47 min ago
3 hours 56 min ago
4 hours 23 min ago