Proprietary Software and Classic FUD
Germany's Constitutional Court Ponders Whether Government Users Of Zero-Day Surveillance Malware Have A Duty To Tell Software Developers About The Flaws
As Techdirt has reported previously, the use of malware to spy on suspects -- or even innocent citizens -- has long been regarded as legitimate by the German authorities. The recent leak of thousands of telephone numbers that may or may not be victims of the Pegasus spyware has suddenly brought this surveillance technique out of the shadows and into the limelight. People are finally starting to ask questions about the legitimacy of this approach when used by governments, given how easily the software can be -- and apparently has been -- abused. An interesting decision from Germany's constitutional court shows that even one of the biggest fans of legal malware is trying to work out how such programs based on zero-days can be deployed in a way that's compatible with fundamental rights. The court's press release explains:
The Life Cycle of a Breached Database
Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.
The Women on the Other End of the Phone
For almost a decade, ProPublica has been reporting on the ways TurboTax has fought efforts to make tax prep easier and less costly. As part of that series, we published a story about how to get your money back from TurboTax if you were charged for a service that should have been free.
People flooded the TurboTax customer service line — maybe you were even one of the callers. Some of them told us all they had to do was mention ProPublica to get a refund.
Boeing's six-year deal with Dell will eliminate 600 jobs
Boeing will transition a significant part of its engineering centre capabilities in Bengaluru to select IT services companies. The US aircraft manufacturer is outsourcing infrastructure services to Dell. This could involve some employees at the Boeing India Engineering and Technology Centre (BIETC) in Bengaluru moving to Dell, sources told TOI.
This is part of the global move, announced earlier this year by Boeing, wherein it will outsource cloud services and databases to Dell in a six-year deal that would eliminate 600 jobs.
Researchers Track Linux Intrusions to Cryptojacking Gang [Ed: This typical FUD is about bad passwords, not Linux]
Arduino and Chips
Node.js, curl update in Tumbleweed
Among the updated packages that landed this week in the rolling release were curl, GNU Compiler Collection, Node.js, redis and LibreOffice. The office suite package LibreOffice came in snapshot 20210728. The update to version 7.1.5.2 provided bugfixes addressing some regressions and a few fixes were made to prevent crashes in Writer. Linux Kernel firmware was updated in the snapshot and PDF rendering library poppler 21.07.0 provided some minor code improvements for build systems while also fixing a memory leak on broken files. The 2.32.3 webkit2gtk3 fixed several crashes and rendering issues and addressed a dozen Common Vulnerabilities and Exposures. The 20210727 snapshot provided just a single package update to gcc11. The update of the head branch included the 11.2 release candidate and a corrected adjustment to the General Public License version 3.0. The package update also provided a libc-bootstrap cross compiler for AArch64 and RISC-V.
Today in Techrights
Server: Kubernetes 1.21 and Rackspace Outsourcing
