Security: Bug Doors, Samba, GitHub Cracks, Microsoft Entryism
-
Zoom.us flaw forces users onto video and audio calls
The macOS client application for the popular audio and video conferencing service Zoom can be made to forcibly join users to calls, activating Mac microphones video cameras without users being asked for permission, a researcher has found.
-
Years late to the SMB1-killing party, Samba finally dumps the unsafe file-sharing protocol version by default
Samba says its next release will switch off previously on-by-default support for the aging and easily subverted SMB1 protocol. It can be reenabled for those truly desperate to use the godforsaken deprecated protocol version.
The open-source SMB toolkit's developers say the Samba 4.11 build, currently in preview, will by default set SMB2_02 as the earliest supported version of the Windows file-sharing protocol.
"This means clients without support for SMB2 or SMB3 are no longer able to connect to smbd (by default)," the 4.11 release notes read.
"It also means client tools like smbclient and others, as well as applications making use of libsmbclient are no longer able to connect to servers without SMB2 or SMB3 support (by default)."
Admins will still have the option to allow SMB1 on their servers if they so choose, but support will be turned off by default.
-
The GitHub account of Canonical who developed popular Ubuntu Linux was hacked[Ed: GitHub is Microsoft's responsibility, so speak to Microsoft. Ubuntu needs to delete GitHub.]
-
GitHub account belonging to Ubuntu Linux maker Canonical hacked [Ed: The account belongs to Microsoft actually. The site is entirely owned by it.]
“Canonical has removed the compromised account from the Canonical organization in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected,” the team said.
-
Microsoft to Join Linux Mailing List That Privately Discusses Unpatched Security Issues [Ed: It is pretty revealing that it is mostly Microsoft propaganda sites which push the "Microsoft loves Linux" lie.]
Microsoft will become a member of the sought after Linux-distros mailing list, which privately discusses non-public security issues. To qualify for the membership, a member must have been submitting fixes for at least a year, with the tech giant’s anniversary and join date on August 5.
-
Microsoft set to join private Linux security mailing list [Ed: Microsoft entryism is progressing inside Linux and Windows promotion sites are pleased.]
As it stands right now, there are representatives from ALT Linux, Amazon Linux AMI, Arch Linux, Chrome OS, CloudLinux, CoreOS, Debian, Gentoo, Openwall, Oracle, Red Hat, Slackware, SUSE, Ubuntu, and Wind River on the list. According to the list’s information page, issues disclosed here are subject to a maximum embargo period of 14 days but seven days are preferable.
- Login or register to post comments
- Printer-friendly version
- 1887 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Samba 4.11-RC1 Released
Samba 4.11-RC1 Released With Scalability Improvements, Disables SMB1 By Default