Android Leftovers
Security Leftovers
-
Linux Security Pros, are you happy with the state of Linux Server security? Can you reliably secure your server and container workloads across multiple distributions with real-time visibility into suspicious and malicious activity? Do Linux security tools tend to “break” whenever you upgrade your operating system? And finally, can you query for incidents and alerts across your estate, with IOCs aligned to the MITRE ATT&CK Framework for Linux?
-
Windows 10 users woke up to borked printers following the monthly Microsoft bugfix party, Patch Tuesday.
The issues appear connected to KB4557957 and KB4560960 for Windows 10 2004 and 1903/1909 respectively.
"KB4560960" was "stopping users from printing to [the] locally attached Brother printer," according one Reg reader. The resolution was to remove the offending cumulative patch. Those connected to a network printer, he reported, continued rocking along as normal.
-
This weekend we reported on how injecting ACPI tables could lead to bypassing Linux's lockdown / UEFI Secure Boot protections and let attackers load unsigned kernel modules. That earlier issue was found on a patched version of the Ubuntu 18.04 LTS kernel while now a similar attack vector has been discovered on the mainline Linux kernel.
WireGuard lead developer Jason Donenfeld discovered both of these vulnerabilities in recent days. This newest discovery is more pressing in that it works on a current mainline Linux kernel rather than just Ubuntu's heavily patched older kernel code-base. Fortunately, Donenfeld has already sent off a patch to the mailing list for addressing this issue.
-
Nordic Semi nRF52 are popular wireless Cortex-M4 SoCs with Bluetooth 5.0 and 802.15.4 radios. APProtect (Access Port Protection) is a new security feature of nRF52 MCUs designed to enable readback protection and disable the debug interface. This is supposed to prevent an attacker to obtain a copy of the firmware that would allow him/her to start the reverse engineering process or access some sensitive data such as keys and passwords.
It’s all good, except “LimitedResults” managed to bypass APProtect and permanently resurrect the debug interface on nRF52840-DK and a Bluetooth mouse. This requires physical access to the hardware and relies on a fault injection technique.
Red Hat/Fedora Leftovers
-
Recommendation engines are among the most well-known, widely used, and highest-value use cases for applying machine learning. Despite this, while there are many resources available for the basics of training a recommendation model, there are relatively few that explain how to actually deploy these models to create a large-scale recommender system.
The IBM Developer code pattern Build a recommender with Apache Spark and Elasticsearch illustrates how to build and deploy just such a recommender system.
-
The Quarkus community is excited to announce the Supersonic, Subatomic Java Hackathon for developers to create Kubernetes-native applications for a chance to win $30,000 in prizes. This hackathon is a great opportunity to learn about the future of cloud-native Java development and showcase your coding skills.
-
In this two-part series, I demonstrate two approaches to multitenancy with the Jakarta Persistence API (JPA) running on WildFly. In the first half of this series, you will learn how to implement multitenancy using a database. In the second half, I will introduce you to multitenancy using a schema. I based both examples on JPA and Hibernate.
Because I have focused on implementation examples, I won’t go deeply into the details of multitenancy, though I will start with a brief overview. Note, too, that I assume you are familiar with Java persistence using JPA and Hibernate.
-
Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 221.
[...]
This pre-compiled stylesheet will be dropped in the future in favor of projects shipping their own CSS. This API is not maintainable, as Cockpit cannot offer a PatternFly 3 API forever, and PatternFly 4 also changes quickly enough that one style sheet for all projects is not robust enough.
The Cockpit plugins that are using only PatternFly 4 should follow the example from starter-kit on how to import PatternFly 4 stylesheets. g The Cockpit plugins which are still relying on PatternFly 3 should follow the migration from the deprecated API to the new PatternFly stylesheet import approach as implemented in this cockpit-podman commit.
-
In just a matter of weeks, the world that we knew changed forever. The COVID-19 pandemic came swiftly and caused massive disruption to our healthcare systems and local businesses, throwing the world’s economies into chaos. The coronavirus quickly became a crisis that affected everyone. As researchers and scientists rushed to make sense of it, and find ways to eliminate or slow the rate of infection, countries started gathering statistics such as the number of confirmed cases, reported deaths, and so on. Johns Hopkins University researchers have since aggregated the statistics from many countries and made them available.
In this article, we demonstrate how to build a website that shows a series of COVID-19 graphs. These graphs reflect the accumulated number of cases and deaths over a given time period for each country. We use the Red Hat build of Quarkus, Apache Camel K, and Red Hat AMQ Streams to get the Johns Hopkins University data and populate a MongoDB database with it. The deployment is built on the Red Hat OpenShift Container Platform (OCP).
Programming Leftovers
-
Eight members of the Debian Perl team met online between May 15 and May 17 2020, in lieu of a planned physical sprint meeting. Work focussed on preparations for bullseye, and continued maintenance of the large number of perl modules maintained by the team.
-
I have sent two emails now to the public email address listed in his public github profile and have received no bounce or response.
-
This is the launch interview of a monthly series of interviews I’ll publish on perl.com. I can promise you, fun and entertaining interviews every month. So please watch this space. If you’d like me to interview you, or know someone you’d like me to interview, let me know. Take the same set of questions and send me your answers!
Gabor Szabo is a long time Perl developer and DevOps trainer and the author of the Perl tutorial and of Perl Maven and on Code Maven. He received a White Camel Award in 2008. He teaches training courses in Israel and around the world. He wears the hat of the chief editor of Perl Weekly newsletter, and is always happy to receive notable Perl news items for inclusion in its next issue.
-
JetBrains makes the popular IntelliJ IDEA Java IDE, which is also the foundation for Google's Android Studio, as well as Kotlin, a programming language that Google officially supports for Android development, and the widely used PyCharm IDE.
JetBrains' survey of almost 20,000 developers found on the other hand that JavaScript is the most used overall programming language.
JetBrains asked developers to pick up to three languages they consider their primary programming language. In this context, JavaScript comes out on top (39%), followed Java (37%), and Python (31%).
JetBrains analyst Sichkarenko Anastassiya explained the apparent discrepancy by saying each languages' position – first, second or third – was assigned a weighting to produce an overall popularity ranking.
The company also told The Register that Java's superior ranking as a primary language comes down to lots of developers using JavaScript as part of a project, but its use falls when considering where developers spend most of their time.
-
GitHub will drop the term "master" as the default branch name from its hosted repositories in response to protests about ingrained racism.
Activists in the software community have long campaigned to replace the terms “master” and “slave” with terms that don't invoke actual human slavery. They argue that continuing to use such terms isn't inclusive, is insensitive, and highlights the tech industry's problems with diversity.
Nat Friedman, the GitHub's chief exec, confirmed the upcoming change in a Twitter post saying that the Microsoft-owned outfit would change the default branch name from "master" to "main", or perhaps something similar.
Recent comments
52 min 3 sec ago
52 min 25 sec ago
56 min 9 sec ago
1 hour 41 min ago
2 hours 3 min ago
2 hours 5 min ago
2 hours 27 min ago
10 hours 38 min ago
16 hours 22 min ago
17 hours 36 min ago