Language Selection

English French German Italian Portuguese Spanish

Proprietary Software and Security Issues

Filed under
Security
  • SolarWinds [Attack] Reached 27 U.S. Attorneys’ Offices, Justice Says

    The attack compromised Microsoft 365 accounts of at least 80% of the department’s employees working in offices located in the Eastern, Northern, Southern and Western Districts of New York. Also affected to a lesser degree were employees in U.S. Attorneys’ offices in 14 other states, including California, Florida, Maryland, Texas and Virginia, as well as the District of Columbia.

  • Safari isn't protecting the web, it's killing it

    There's been a lot of discussion recently about how "Safari is the new IE" (1, 2, 3, 4, 5).

    I don't want to rehash the basics of that, but I have seen some interesting rebuttals, most commonly: Safari is actually protecting the web, by resisting adding unnecessary and experimental features that create security/privacy/bloat problems.

    That is worth further discussion, because it's widespread, and wrong.

    More specifically, Safari's approach isn't protecting the web from bloat & evil Google influence, because: [...]

  • Hasta la Vista Gmail

    I’ve been a Gmail user pretty much since day 1, when it was still an invite-only service in 2004.1 Not anymore. Over the past month I’ve migrated most of my email to Fastmail and I’m extremely happy with the result.

    Why bother? Well, I guess it won’t come to you as a shock that I’ve felt progressively more uncomfortable with how Google (and the like) are handling my personal data. I’ve also been getting quite frustrated with attempts to make email/my inbox “smarter”. I never needed a “priority inbox”, auto-categorization of email, etc. Simple is good. Just put the newest emails on the top and I’ll sort it out from there.

  • Google dodges regulation, hits advertisers with “regulatory” charges: What’s the Scam?

    We are not familiar with what draconian regulatory schemes exist for Google in Austria and Turkey, but here in Australia we know what it is – which is not much at all. And they paid no tax on their 2020 revenue of $5.2 billion.

  • Storing Encrypted Photos in Google’s Cloud

    Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices. As users store more and more photos in the cloud, significant privacy concerns arise because even a single compromise of a user’s credentials give attackers unfettered access to all of the user’s photos. We have created Easy Secure Photos (ESP) to enable users to protect their photos on cloud photo services such as Google Photos. [...]

  • Spyware revelations are a crucial moment for Indian democracy
  • Joint Open Letter: States Must Implement Moratorium on Surveillance Technology - PEN America

    We the undersigned civil society organizations and independent experts are alarmed at the media revelations that NSO Group’s spyware has been used to facilitate human rights violations around the world on a massive scale.

    These revelations are a result of the Pegasus Project and are based on the leak of 50,000 phone numbers of potential surveillance targets. The project is a collaboration of more than 80 journalists from 16 media organizations in 10 countries coordinated by Forbidden Stories, a Paris-based media non-profit, with the technical support of Amnesty International, who conducted forensic tests on mobile phones to identify traces of the Pegasus spyware.

  • Canonicalization Attacks Against MACs and Signatures

    Canonicalization Attacks occur when a protocol that feeds data into a hash function used in a Message Authentication Code (MAC) or Digital Signature calculation fails to ensure some property that’s expected of the overall protocol.

    The textbook example of a canonicalization attack is the length-extension attack against hash functions such as MD5–which famously broke the security of Flickr’s API signatures.

    But there’s a more interesting attack to think about, which affects the design of security token/envelope formats (PASETO, DSSE, etc.) and comes up often when folks try to extend basic notions of authenticated encryption (AE) to include additional authenticated (but unencrypted) data (thus yielding an AEAD mode).

More in Tux Machines

Games: Proton, Neptune 15 v2, and VR

  • What is Proton? | TechRadar

    You may have seen lots of mentions of Proton with the upcoming launch of the Steam Deck handheld game console, but what is it, and how does it work? Proton is a piece of software created by Valve and CodeWeavers that acts as a compatibility layer that allows games designed for the Windows 10 and Windows 11 operating systems to run in Linux with a minimal impact on performance. Proton is based on the existing WINE tool, which allowed Windows applications to run in Linux, with Valve and CodeWeavers taking the tech and using it to specifically run games. This is incredibly useful, as the vast majority of games are coded for Windows, due to the sheer popularity of Microsoft’s operating system. Linux, a free and open-source operating system, is relatively niche, which meant that many game developers couldn’t – or wouldn’t – spend resources on making a port of their games to run natively on Linux.

  • Neptune 15 v2 from Juno is a Linux Gaming Laptop with 240 Hz Display

    The Neptune 15″ V2 from Juno Computers is powered by Intel’s 10th-gen Comet Lake chipsets, and can be configured with up to 64GB of RAM. Nowadays, it is a little difficult to choose a perfect Linux gaming laptop, but it is not impossible to get it. As well as, these laptops are prepaid with full advantages like an additional graphic card with a brilliant CPU. In fact, some of the best Linux gaming laptops offer up the same durability and premium design as their Windows counterparts. They’ll also cost less since there’s no Windows license included with the laptop.

  • Humble has a nice looking VR bundle if you need some more games | GamingOnLinux

    Do you have a VR kit that's begging to be played? Check out the Fall VR Emporium Bundle over on Humble Bundle. Sadly, there's not many native / supported Linux VR games and so you're going to need Steam Play Proton to enjoy this set of games.

Plasma 5.23 Anniversary Edition Beta available for testing

Are you using Kubuntu 21.04 Hirsute Hippo, our current Stable release? Or are you already running our development builds of the upcoming 21.10 Impish Indri? We currently have Plasma 5.22.90 (Plasma 5.23 Anniversary Edition Beta) available in our Beta PPA for Kubuntu 21.04, and 21.10 development series. However this is a beta release, and we should re-iterate the disclaimer from the upstream release announcement... Read more Also: Using KNotifications in QML

Top 20 Open-source solutions for Photographers

In today world, editing photos is a critical component in the overall photography process, and it was taken a new level of importance. As demand continues to rise and the market is filled with plenty of capable options, we will suggest top 20 apps to enhance your photography workflow. We take many free high-quality photo editors without having to pay for an expensive program to edit your image like a pro. Read more

LibreOffice 8.0 New tabbed interface layout available

Muttakin Rizal ( Rizal Muttaqin ), one of the designers LibreOffice office suite, has published in his blog, the user interface possible development plan LibreOffice 8.0. The most notable innovation is the built-in support for tabs, through which you can quickly switch between different documents, similar to how switching between sites is carried out in modern browsers. If necessary, each tab can be unpinned in the form of a separate window, or vice versa, convert the window into a tab. It is also possible to collapse all tabs into a drop-down list accessible by pressing the “^” button. The header also shows a LibreOffice button to launch the initial interface, which was previously shown when starting or closing all documents, to open a file, visually evaluate recently opened documents, or create a new document based on a template. Read more