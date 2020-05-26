Security and FUD
Security updates for Tuesday
Security updates have been issued by Debian (sqlite3), Fedora (libarchive and netdata), openSUSE (dom4j, dovecot23, gcc9, and memcached), Red Hat (devtoolset-9-gcc, httpd24-httpd and httpd24-mod_md, ipmitool, kernel, kpatch-patch, openvswitch, openvswitch2.11, openvswitch2.13, rh-haproxy18-haproxy, and ruby), and SUSE (freetds, jasper, libxslt, and sysstat).
Patterns of Compromise: The EasyJet Data Breach
It has been a withering time for the airlines, whose unused planes moulder in a gruelling waiting game of survival. The receivers are smacking their lips; administration has become a reality for many. Governments across the globe dispute what measures to ease in response to the coronavirus pandemic; travel has been largely suspended; and the hope is that some viable form will resume at some point soon.
Google Authenticator enables device-transfers, no back up/export options
You’ve probably seen calls to “secure your account” with a second-factor authentication (2FA) app all over the web. Online services promote it as a way to improve the security of your online account. After you’ve enabled 2FA, you need to know your username and password as well as a one-time use token (a four–six digit code) generated by your 2FA app.
When you enable 2FA with an online service, it “installs” a secret into your 2FA app — often by scanning a QR-variety matrix barcode. The client app can then generate a one-time use login token derived from the shared secret. You type in that token when you log in to the service. The service can generate its own token following the same process and compare the two login tokens. If a bad actor intercepts the token, it can only be used once and will be worthless in the future.
Smart cars vulnerable to hack that could enable 'remote control'
New fuzzing tool finds 26 USB bugs in Linux, Windows, macOS, and FreeBSD [Ed: It's clear that ZDNet is still hyping up and propping up this false narrative wherein Linux is worst at security and Microsoft has no back doors.]
This allowed the research team to test USBFuzz not only on Linux, where most fuzzer programs work, but also other operating systems.
OSS Leftovers
Cinnamon 4.6 Arrives with Fractional Scaling, Nemo Improvements, and More
Announced earlier this year in January, the Cinnamon 4.6 desktop environment saw the light of day a couple of weeks ago. While there’s no official announcement for this major release, I did some digging to highlight the most important changes. Probably the biggest new feature of Cinnamon 4.6 is support for fractional scaling on HiDPI/4K displays. The feature was finally implemented in the Display Settings panel under the Zoom Level drop-down. Users will be able to choose values between 100% and 200%, such as 125%, 150%, 175%, for each of the connected monitors. Also in the Display Settings panel there’s now the ability to change the frequency of monitors.
Open Source YouTube Alternative PeerTube Needs Your Support to Launch Version 3
PeerTube (developed by Framasoft) is a free and open-source decentralized alternative to YouTube somewhat like LBRY. As the name suggests, it relies on peer-to-peer connections to operate the video hosting services. You can also choose to self-host your instance and also have access to videos from other instances (a federated network, just like Mastodon). It is being actively developed for a few years now. And, to take it up a notch, they have decided to launch a crowdfunding campaign for the next major release.
GNOME Devs Make Major Improvements to the Apps Grid
Since GNOME 3.38 is on house to ship in Ubuntu 20.10 (barring any tradition-flattening calamities …Which, given how things are going atm, is a distinct possibility) these are changes which you and I, as Ubuntu users, will likely benefit from come October. So what’s cooking? First up: the Applications screen drops the “Frequents” button that sira at the bottom of the grid. The apps grid is now just a single, vertically scrolling pane of application icons arranged in alphabetical order by default.
