Language Selection

English French German Italian Portuguese Spanish

Proprietary Software Pains and Security

Submitted by Roy Schestowitz on Saturday 27th of February 2021 08:26:57 PM Filed under
Security
  • Microsoft to cut perpetual Office support by 50%, raise price by 10%

    Reducing support for Office LTSC and 2021 to five years makes the software less attractive in any comparison with Office 365/Microsoft 365. Perpetual licensing's biggest advantage over subscriptions is cost, but that advantage relies on the customer upgrading relatively infrequently. By offering an upgrade every three years and limiting support to five years, Microsoft has forced customers who want or need perpetual licensing to deploy every version. There's no way to skip an upgrade because there's no overlap in support for versions n and n+2.

  • SolarWinds’s Security Practices Questioned by Lawmakers

    The cyber-attack was revealed in December after FireEye Inc. discovered it while investigating a breach of its own. The [attackers] implanted malicious code into SolarWinds’s popular Orion software, and as many as 18,000 customers received it while updating the software. Far fewer were actually targeted for secondary attacks -- about 100 companies and nine U.S. agencies, according to the White House.

    A persistent question has been how the [attackers] originally breached SolarWinds. At the hearing, SolarWinds CEO Sudhakar Ramakrishna said the company was still investigating but had narrowed it to three possible methods. The [attackers] may have used a technique called “password spraying,” where the attackers “spray” passwords at a large volume of usernames. A second possibility was that the [attackers] stole credentials, he said, while the third was a breach of a third-party application used by SolarWinds.

  • Reproducible Builds (diffoscope): diffoscope 168 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 168. This version includes the following changes:

    * Don't call difflib.Differ.compare with very large inputs; it is at least
  O(n^2) and makes diffoscope appear to hang.
  (Closes: reproducible-builds/diffoscope#240)
* Don't use "Inheriting PATH of X" in debug log message; use "PATH is X".
* Correct the capitalisation of jQuery.

  • Your old home router is probably vulnerable to hackers [Ed: 'New' Linux FUD from 'old' Microsoft partners]

    Linux is the most-used operating system on Internet routers, but a recent study from Fraunhofer FKIE has shown that these devices are running extremely old and potentially insecure versions of the Linux kernel.

    While the Fraunhofer report is more than six months old, information security expert Bruce Schneier shared it recently, noting that it has not been widely reported.

    According to the report, Linux powers more than 90% of broadband routers. However, these devices which act as our gateways to the Internet often run on Linux kernels that are more than ten years old.

»

More in Tux Machines

today's leftovers

     
  • What is Raspberry Pi 4 “Model B”? [Ed: I'm still waiting for them to formally apologise for going behind customers' backs, making secret deals with Microsoft to put Microsoft malware on all those devices]

    Raspberry Pi has conquered the world of SoC (System on a Chip). It has already garnered millions of followers since its release in 2012. Not only is it inexpensive, but it’s also versatile, modular, and multi-purpose. It has become popular not only as a credit-sized computer board but also as a controller in electronic, robotics, and IoT projects. The size, features, and price drive the popularity of the Pi, especially in the DIY community. To keep up with the current technological trends, the tiny board has undergone plenty of upgrades over the years, and there have been many varieties so it can cater to the needs and demands of its users. In 2019, the Raspberry Pi Foundation released the fourth generation of the multi-purpose board, the Raspberry Pi 4 B. It is the most powerful Pi to date, sporting huge upgrades from its predecessors. The compact board is touted to deliver a PC-level performance, and it didn’t disappoint.

  • Kentaro Hayashi: Grow your ideas for Debian Project

    There may be some "If it could be ..." ideas for Debian Project. If idea is concreate and worth to make things forward, it should make a proposal for Project Funding. [...] I'm not confident whether mechanism works, but Debian needs change.

  • Sam Thursfield: Calliope, slowly building steam

    There are some interesting complexities to this, and in 12 hours of hacking I didn’t solve them all. Firstly, Bandcamp artist and album names are not normalized. Some artist names have spurious “The”, some album names have “(EP)” or “(single)” appended, so they don’t match your tags. These details are of interest only to librarians, but how can software tell the difference? The simplest approach is use Musicbrainz, specifically cpe musicbrainz resolve-ids. By comparing ids where possible we get mostly good results. There are many albums not on Musicbrainz, though, which for now turn up as false positives. Resolving Musicbrainz IDs is a tricky process, too — how do we distinguish Multi-Love (album) from Multi-Love (single) if we only have an album name? If you want to try it out, great! It’s still aimed at hackers — you’ll have to install from source with Meson and probably fix some bugs along the way. Please share the fixes!

  • Neovide Is A Graphical Neovim Client Written In Rust

    Neovide is a really cool GUI client for Neovim. Although it essentially functions like Neovim in the terminal, Neovide does add some nice graphical improvements such as cursor animations and smooth scrolling. It even has me thinking about making it my new "vim" alias.

Linux 5.11.13, 5.10.29, 5.4.111, 4.19.186, 4.14.230, 4.9.266, and 4.4.266

Get involved with Mageia, become a Packager

With Mageia 8 just released and development for Mageia 9 getting underway in Cauldron, the unstable branch of Mageia, now is a great time to get involved with packaging. We are starting to look at the features that we want to include for Mageia 9, and as it is so early in the development cycle, now is the time for major developments, or big updates to key pieces of software. This is a great time to join the project as you can propose features you would like to see, help to implement large changes or see how a distribution evolves through development, stabilisation and then is released. If there is an application that you are interested in, if you want to help maintain part of the distribution, or if you want to learn something new, there are many opportunities to do so with the packaging team. Read more

Google does not want you to tell your players about your donation page

I recently updated Pixel Wheels banner image on Google Play. That triggered a review of the game: shortly after the update I received a message telling me Pixel Wheels was "not compliant with Google Play Policies". What nefarious activity does the game engage in? Sneak on users? Mine bitcoins? [...] Meanwhile you can still get the game from F-Droid or itch.io, since they do not have a problem with a link to a donation page. Read more

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6