Language Selection

English French German Italian Portuguese Spanish

Malicious Proprietary Software From Microsoft and Google

Filed under
Google
Microsoft
  • Microsoft rolls out a new update for Surface Duo SDK Preview

    The new update is available for Mac, Windows and Ubuntu....

  • Microsoft Brings Its Windows 10 Antivirus Arsenal to Linux [Ed: Wow. Softpedia's "LINUX" section (Popa) is now an arm of Microsoft proprietary software marketing. Sure missing Marius Nester there. Whose arsenal is this? NSA's?]
  • Microsoft: Linux Defender antivirus now in public preview, iOS and Android are next [Ed: Of course Microsoft's sponsored propaganda network also promotes Microsoft proprietary software in the “LINUX” section. It does this all the time. The site has also just put "GitHub: We won't take down any of your content unless we really have to" under the "LINUX" section because proprietary software (GitHub) is somehow "LINUX"?!]
  • Chrome deploys deep-linking tech in latest browser build despite privacy concerns

    Google has implemented a browser capability in Chrome called ScrollToTextFragment that enables deep links to web documents, but it has done so despite unresolved privacy concerns and lack of support from other browser makers.

    Via Twitter on Tuesday, Peter Snyder, privacy researcher at privacy-focused browser maker Brave Software, observed that ScrollToTextFragment shipped earlier this month in Chrome 80 unflagged, meaning it's active, despite privacy issues that have been raised.

    "Imposing privacy and security leaks to existing sites (many of which will never be updated) REALLY should be a 'don't break the web,' never-cross redline," he wrote. "This spec does that."

    The debate over the feature percolated last year on mailing lists and in GitHub issues posts and picked up in October when the team working on Chrome's Blink engine declared their intent to implement the specification. The feature rollout serves to illustrate that the consensus-based web standards process doesn't do much to constrain the technology Google deploys.

  •      

  • New Mexico Sues Google Over Collection of Children's Data

           

             

    New Mexico’s attorney general sued Google Thursday over allegations the tech company is illegally collecting personal data generated by children in violation of federal and state laws.

More in Tux Machines

Security Leftovers

  • Security updates for Monday

    Security updates have been issued by Debian (bind9, dosfstools, gst-plugins-good0.10, gst-plugins-ugly0.10, json-c, php-horde, php-horde-gollem, salt, and sane-backends), Fedora (drupal7, marked, NetworkManager, and wireshark), Mageia (gdb, jasper, and json-c), openSUSE (freetds, jasper, libmspack, mariadb-connector-c, sysstat, and trousers), Red Hat (bind), Scientific Linux (bind and freerdp), and SUSE (file-roller and java-11-openjdk).

  • New software security tool to detect bugs in OS

    The Universal Serial Bus (USB) connects external devices to a host. This interface exposes the OS kernels and device drivers to attacks by malicious devices. To help detect such vulnerabilities, EPFL researchers have come up with a new security tool called USBFuzz to identify vulnerabilities in the USB driver stacks of widely used operating systems, including Linux, Windows, and macOS.

  • Github uncovers malicious ‘Octopus Scanner’ targeting developers

    The malware is called the Octopus Scanner, and it targets Apache NetBeans, which is an integrated development environment used to write Java software. In its write-up of the attack, the GitHub Security Labs team explains how the malware lurks in source code repositories uploaded to its site, activating when a developer downloads an infected repository and uses it to create a software program.

  • Joomla Team Disclosed Data Breach Occurred Last Week

    Joomla! is one of the biggest CMS in the World, to be specific, it is the 3rd most popular after WordPress and Drupal. Being that big in the industry, even a tiny error can cause millions of users worldwide. Just a few days back, the Joomla! team announced a data breach that occurred accidentally last week. Thankfully, the breach does not affect millions but 2,700 users who registered on JRD, Joomla Resources Directory. The incident happened last week when a member of JRD left a full unencrypted backup of JRD on AWS S3 server. [...] Most of the users’ information involved in the breach is already public except the IP address and hashed passwords. If anyone found the backup and successfully unhashed the passwords, he can use those passwords on other websites like Gmail, Microsoft, Facebook, etc. to access them. If you are affected by the breach, used the same passwords on Gmail, Facebook, etc. as on JRD platform, change your passwords immediately.

  • KeePassXC review

    KeePassXC appeals to Linux users who want to handle their own password management offline, but the added effort involved and lack of built-in password sync will frustrate casual users.

  • Career Choice Tip: Cybercrime is Mostly Boring [iophk: Windows TCO]

    For example, running an effective booter service requires a substantial amount of administrative work and maintenance, much of which involves constantly scanning for, commandeering and managing large collections of remote systems that can be used to amplify online attacks.

Welcome FOSSlife! A new web magazine is born

With FOSSlife, a new web magazine was launched today. It’s a destination for all who care about the FOSS community and want to follow the trends, tools, projects, programs, and people who define the FOSS experience. The FOSSlife project is proudly supported by Linux Professional Institute (LPI) which is happy to provide a home to this new resource for all existing and future FOSS professionals and enthusiasts. The FOSS life is about community, it is about advocacy, and it is about bringing people together and building sustainable, accessible solutions. Everyone is invited to become part of this community, which stands for openness and equality like no other. FOSSlife is intended to be a new place to go, both for experienced experts and for those who are interested in the subject and just starting to come to grips with it. "At the Linux Professional Institute, we are committed to spreading FOSS knowledge as well as the spirit which helped free and open source technology become a worldwide phenomenon," said G. Matthew Rice, Executive Director of the Linux Professional Institute. "It is our mission to promote the use of free and open source by elevating the people who work with it. FOSSlife fits perfectly into this mission, as it helps us share, bundle, and disseminate knowledge about free and open source software and inspire people who are searching for their own approach in gaining this expertise.” Read more Also: LPI Launches FOSSlife Website

Foliate Makes Finding Free eBooks Easier, Adds Support for Comics

Finding free ebooks to read in Foliate, a GTK ebook reader for Linux desktops, just got a whole lot easier. The new Foliate 2.2.0 release comes with several enhancements, one of which is better eBook discovery via OPDS. OPDS is the “feed” protocol used by free ebook services like the Gutenberg Project, Standard Ebooks, and Feedbooks to share free works with the wider wold. Having the works available from this repos accessible within the app is a nice touch. The new “Catalog” feature (to give it its proper name) is accessible as a tab on the new Library view. You can manually add additional OPDS feeds (e.g., the Internet Archive) as well as edit or remove the ones which are there by default. Read more Also: Tartube – Watch And Download Videos from YouTube and more

Router Freedom challenged by new European rules

From 21 June a new set of rules will guide the implementation of Router Freedom in Europe. The internalisation of the rules by the 27 EU member states will face challenges with negative consequences for Router Freedom. The FSFE contributed to several improvements of the guidelines and will monitor compliance with them. The COVID-19 pandemic shows how dependent people are on the Internet for their work and personal life. In times of lockdown, when people need to stay home and work remotely, the whole internet traffic, encryption, business and work interaction are transferred through personal routers. Since 2013, the FSFE has been advocating for Router Freedom in Europe with outstanding results in Germany and effects beyond its borders. Now, a new set of rules, for which the FSFE contributed to improve, will guide the implementation of Router Freedom in Europe. We summarise the positive outcomes as well as the challenges ahead. Read more