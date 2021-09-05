Throughout my time at University I was almost constantly dealing with burnout and today I thought it would be a helpful experience to talk about how I personally dealt with burnout and the strategies I used to try and avoid it in the first place.

Today, I'm going to be playing one of my favorite free and open source games--0 A.D! This is areal time strategy game that is similar to Age of Empires. 0 A.D. can be found in almost every Linux distro's repositories.

India's government has summoned the CEO of Infosys to explain why a tax portal built by the services giant remains a glitchy mess ten weeks after launch. The portal went live on June 8th but immediately proved so unreliable that the government was forced to revert to paper-based tax filing processes and to extend filing deadlines. Finance Minister Nirmala Sitharaman shamed Infosys with some mean tweets, then hauled execs in to explain themselves.

Privacy is a set of curtains drawn across the windows of our lives. And technology companies are moths that will chew through more of the fabric every year if we let them, and especially if we encourage them.

In a report released on Wednesday, the Tech Transparency Project contends that Apple "is failing to take even the most basic steps to protect children" in the App Store. Failures in age verification exposed children to pornography, gambling, and a host of other supposedly age-limited apps.

Bangkok Airways has revealed it was the victim of a cyberattack from ransomware group LockBit on August 23rd, resulting in the publishing of stolen data. Bangkok Airways' announcement about the matter came last Thursday, a day after LockBit posted a message on its dark web portal threatening the airline to pay a ransom or suffer a data leak. The airline was given five days to sort payment, but instead of coughing up it disclosed the breach. LockBit responded by publishing the lot. Competing claims about the resulting data dump rate it at 103GB and over 200GB.

Up until this year, dating app Bumble inadvertently provided a way to find the exact location of its internet lonely-hearts, much in the same way one could geo-locate Tinder users back in 2014. In a blog post on Wednesday, Robert Heaton, a security engineer at payments biz Stripe, explained how he managed to bypass Bumble's defenses and implement a system for finding the precise location of Bumblers.

In bug bounty program news this past month, a researcher has earned $15,000 for reporting a bug in Chromium that allowed code to be injected in embedded site pages, even if the target and destinations existed on separate domains. Two dating apps also displayed their vulnerabilities. Yan Zhu, security engineer at privacy-focused browser Brave, found, a vulnerability in OKCupid allowed attackers to trick users into ‘liking’ or messaging to other profiles – potentially gaming the system.

Computer scientists at TU Dresden in Germany have found that AMD's Zen processor family is vulnerable to a data-bothering Meltdown-like attack after all. Exploiting this weakness is an academic exercise, it seems; there are more practical and easier ways for malware and malicious users to interfere with systems. If anything, it reminds us that modern CPU architectures have all kinds of side-channels, with some probably still left to find.

F5 released patches of more than two dozen security vulnerabilities impacting BIG-IP and BIG-IQ products. Notably, is the F5 bug CVE-2021-23031 (CVSS 8.8) which is elevated to critical (CVSS 9.9) for “Appliance Mode” users because it could allow authenticated attackers to bypass restrictions in this state and escalate privileges resulting in complete system takeover.

Ulrike Uhlig & Debian, the $200,000 woman who quit From all those women and all that money, Debian only found one woman who became a Debian Developer, Ulrike Uhlig. Ulrike has quit Debian after just 4 years. Debian paid $200,000 to find this woman and she quit. Ulrike claims to be interested in human rights and mediation techniques. Yet she went to the online DebConf and gave a talk with the mafiosi Enrico Zini, this is the fascist who expels people on a whim without any due process or any other basics of human rights. Zini was complicit in expelling Dr Norbert Preining the week before Christmas and also fabricating the rape accusations against Jacob Appelbaum. For Ulrike to give a talk with a gangster like this suggests that she has no understanding of the principles she claims to stand for.