Language Selection

English French German Italian Portuguese Spanish

FUD, Security and Microsoft Spin

Filed under
Microsoft
Security
  • Commercial vs open source software [Ed: Falsehoods all along. FOSS is also "commercial"; they deceive to make proprietary software seem like the only option for commerce]

    Every business owner that needs a personalized software needs to make a choice between two options. Choosing a commercial software or open-source software. If you are not familiar with these two terms, worry not, we’ll explain everything.

  • The need for open source audits in cybersecurity M&As [Ed: Microsoft-connected Black Duck is smearing FOSS again... to sell its proprietary software snakeoil]
  • Software Security Witching Hour is Upon us [Ed: Microsoft-connected Black Duck continues to attack FOSS with FUD. Microsoft hates FOSS. It just uses Synopsys et al as proxies for the badmouthing.]
  • Let’s Talk Open Source Trends (A 2020 Early Look) [Ed: Well, Flexera views "open source" as little more than opportunity for "compliance" job (money), much like Black Duck]

    There are two emerging trends to take note of now. First, there’s an increased importance around open source compliance and security due to specific industry regulatory changes and requirements. For example, this year the PCI Security Standards Council introduced a new standard of making electronic payments more secure. The standard requires software companies to continuously identify and assess weaknesses in software applications, including the entire software supply chain; key word here being “continuously.” Prior to the implementation of this standard, companies were advised to monitor their use of open source software with no emphasis on ongoing scanning and management.

  • The First BlueKeep Mass Hacking Is Finally Here—but Don't Panic [Ed: NSA collusion with Microsoft gives us this and much more]

    When Microsoft revealed last May that millions of Windows devices had a serious hackable flaw known as BlueKeep—one that could enable an automated worm to spread malware from computer to computer—it seemed only a matter of time before someone unleashed a global attack. As predicted, a BlueKeep campaign has finally struck. But so far it's fallen short of the worst case scenario.

    Security researchers have spotted evidence that their so-called honeypots—bait machines designed to help detect and analyze malware outbreaks—are being compromised en masse using the BlueKeep vulnerability. The bug in Microsoft's Remote Desktop Protocol allows a hacker to gain full remote code execution on unpatched machines; while it had previously only been exploited in proofs of concept, it has potentially devastating consequences. Another worm that targeted Windows machines in 2017, the NotPetya ransomware attack, caused more than 10 billion dollars in damage worldwide.

    But so far, the widespread BlueKeep hacking merely installs a cryptocurrency miner, leeching a victim's processing power to generate cryptocurrency. And rather than a worm that jumps unassisted from one computer to the next, these attackers appear to have scanned the internet for vulnerable machines to exploit. That makes this current wave unlikely to result in an epidemic.

  • Hackers can steal the contents of Horde webmail inboxes with one click [Ed: Microsoft Zack ('former' employee) not covering Microsoft NSA back doors that cause billions in damage, instead trying to damage the name of FOSS because sending people a malicious link and a trick can cause problems?

    A security researcher has found several vulnerabilities in the popular open-source Horde web email software that allow hackers to near-invisibly steal the contents of a victim’s inbox.

    Horde is one of the most popular free and open-source web email systems available. It’s built and maintained by a core team of developers, with contributions from the wider open-source community. It’s used by universities, libraries and many web hosting providers as the default email client.

    Numan Ozdemir disclosed his vulnerabilities to Horde in May. An attacker can scrape and download a victim’s entire inbox by tricking them into clicking a malicious link in an email.

  • New Tool Will Find Secrets – Including Crypto Keys – in Your Public Code

    The app, which is open source, scans code repository GitHub for dangerous files and data. As a beginning coder, you may have left your password data or private keys inside public repository without realizing. When this happens, hackers and other nasties can easily access your stuff.

  • Briefing: Microsoft's GitHub Employees Still Pushing Back On ICE Contract

    Employees from Microsoft’s GitHub subsidiary are continuing to voice their concerns over the recent decision to renew a software contract with U.S. Immigration and Customs Enforcement (ICE), and least one GitHub employee has resigned in protest, the Los Angeles Times reported.

    The situation illustrates the difficulties large software companies sometimes experience when integrating acquisitions of smaller companies.

    GitHub, which has built a more diverse and inclusive corporate culture in the years following a gender harassment scandal in 2014, is one of several open source companies where employees pay close attention to how their products are used, said Josh McKenty, an executive who has worked at companies that sell open source software.

    “The open source ethos represents a fundamental attitude of being able to control what happens to your work product,” he said.

More in Tux Machines

Multi-touch Gestures in elementary OS 6

One of the most hotly requested features for years has been to have multi-touch gestures in elementary OS, and with 6.0 I’m excited to say that we will deliver. Like the dark style preference, delivering a great multi-touch experience is a little more complicated than it seems on the surface. There have been some 3rd party tools to detect touchpad gestures and then trigger actions after-the-fact, but it wasn’t until recently that we’ve had the technical ability to provide smooth, responsive animations that track 1:1 with your finger movement across a touchpad or touch screen. We’ve had the great pleasure of working with José Expósito, the author of Touchégg, on our window manager gestures. In elementary OS 6, we use Touchégg Daemon behind the scenes to capture input events and communicate them to Gala, our window manager. Read more Also: elementary OS 6 to get great looking multi-touch gestures

Watch Live TV on Linux With Hypnotix: A New IPTV Application Being Developed by Linux Mint Team

The rise of streaming services like Netflix made people speculate about the dim future of TV channels. While the newer generation might not watch TV anymore, TV channels are not out of fashion, yet. Many streaming services like Hulu and Hotstar include TV channels in their offering. TV channels are also utilizing live streaming to broadcast their content to viewers on the internet. Another way to watch live TV is by using IPTV. There are a number of TV channels available via IPTV so that viewers can use internet to watch the live broadcast. Some channels are available for free while some might require subscription. Read more

Best Linux distros for power users in 2020

The Linux power user is a celebrated breed, and one that does not simply burst fully-formed from the earth. All newbies must toil long and hard with their Linux installations before they can describe themselves as one. At the very least, the power user will have a great degree of skill concerning all things Linux, whether it's the kernel, Bash or package management systems – and they won’t be afraid to get their hands dirty in the name of configuring the system. Read more

Budgie 10.5.2 Desktop Environment Released with Support for the GNOME 3.38 Stack

More than a year in the works, Budgie 10.5.2 is here with a wide range of changes, starting with support for GNOME Project’s latest GNOME 3.38 stack. However, Budgie still supports the older GNOME 3.36 stack to make it easier for Linux OS maintainers to backport it to older operating systems. The biggest new feature in this release is the new desktop icons implementation called Budgie Desktop View. While an initial release, it already supports single (default) or double-click for launching items. However, future releases will bring drag and drop support, keyboard navigation, and GTK4 support. Read more