Language Selection

English French German Italian Portuguese Spanish

Security and Microsoft FUD

Filed under
Microsoft
Security
  • Security updates for Monday [LWN.net]

    Security updates have been issued by Debian (chromium, firefox-esr, ghostscript, libreswan, prosody, sphinxsearch, thunderbird, and uriparser), Fedora (cryptsetup, flatpak, kernel, mingw-uriparser, python-celery, python-kombu, and uriparser), Mageia (htmldoc, mbedtls, openexr, perl-CPAN, systemd, thunderbird, and vim), openSUSE (chromium and prosody), Red Hat (httpd, kernel, and samba), Scientific Linux (kernel), Slackware (expat), SUSE (ghostscript), and Ubuntu (pillow).

  • Domestic CCTV and audio recording | Pen Test Partners

    Last week, we had BBC Morning Live in to film a piece on the legalities and challenges of domestic CCTV systems. You can watch it on iPlayer here, starting at 10:30.

    It was sparked by a conversation we had with Radio 4 before Xmas, where a journalist had taken an interest in CCTV systems exposed on insecam.org.

    We had helped the journalist identify the homeowner with an exposed CCTV stream & they went to speak to them about it. Unsurprisingly, the homeowner had installed the system & left it exposed with default credentials. Whilst they could review their CCTV footage remotely on a mobile app, so could anyone else…

    It ended well though, as the homeowner took the system offline and secured it. One less exposed CCTV camera! The radio piece is here.

    As a reminder, if you don’t set a good, strong password for your CCTV system that you don’t use elsewhere, you run the risk of it being exposed and/or accessed remotely by nefarious parties.

  • Data & Society — Bounty Everything: Hackers and the Making of the Global Bug Marketplace

    In Bounty Everything: Hackers and the Making of the Global Bug Marketplace, researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs—programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems.
    Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty platforms​​—the new intermediaries that now structure the vast majority of bounty work. The report draws directly from interviews with hackers, who recount that bounty programs seem willing to integrate a diverse workforce in their practices, but only on terms that deny them the job security and access enjoyed by core security workforces. These inequities go far beyond the difference experienced by temporary and permanent employees at companies such as Google and Apple, contend the authors. The global bug bounty workforce is doing piecework—they are paid for each bug, and the conditions under which a bug is paid vary greatly from one company to the next.
    Bounty Everything offers to reimagine how bounty programs can better serve the interests of both computer security and the workers that protect our digital world. Ellis & Stevens argue that if bounty programs are not designed and implemented properly, “this model can ironically perpetuate a world full of bugs that uses a global pool of insecure workers to prop up a business model centered on rapid iteration and perpetual beta.”

  • An Examination of the Bug Bounty Marketplace
  • Freexian’s report about Debian Long Term Support, December 2021

    Every month we review the work funded by Freexian’s Debian LTS offering. Please find the report for December below.

  • Malware targeting Linux systems hit a new high in 2021 [Ed: Microsoft-connected Crowdstrike spreading lots of anti-Linux FUD at the moment to sell its proprietary products and to help Microsoft]
  • New year brings bad news for Linux as 2021 saw up to 10 times more malware samples
  • Linux malware is on the rise. Here are three top threats right now [Ed: Microsoft operatives inside the media use Microsoft-connected Crowdstrike to smear Linux right now; nobody bothers to check their Microsoft connections (words taken at face value)]

Once again, Microsoft-connected firm smears "Linux"

  • Why Linux Saw A Massive Rise In Malware Attacks Last Year

    Crowdstrike actually expects...

  • Linux malware rises

    The number of malware infections targeting Linux devices rose by 35 per cent in 2021, and it looks lie the writers want to recruit IoT devices for DDoS (distributed denial of service) attacks.

    According to a Crowdstrike report in 2021 XorDDoS, Mirai, and Mozi were the most prevalent families, accounting for 22 per cent of Linux-targeting malware attacks observed in 2021.

    Mozi saw an explosive growth in its activity, with ten times more samples circulating in the wild the year that passed compared to the previous one. XorDDoS use increased by123 per cent.

Slashdot is giving a megaphone to Microsofters against Linux

  • Linux Malware Sees 35% Growth During 2021

    The number of malware infections targeting Linux devices rose by 35% in 2021, most commonly to recruit IoT devices for DDoS (distributed denial of service) attacks

Microsofters

More FUD

Bruce Schneier has become megaphone of Microsoft proxy, FUD

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's howtos

  • 5 Things to Do After Upgrading to Ubuntu 22.04 LTS
  • How to Dual Boot Ubuntu 22.04 LTS and Windows 11

    Hey guys, in this guide we will demonstrate how to configure a dual-boot setup of Ubuntu 22.04 LTS (Jammy Jellyfish) alongside Windows 11.

    For this to work, you need to have Windows 11 already installed on your PC.  You will then need to create a separate partition on your hard drive on which Ubuntu 22.04 will be installed. We will go over all this, so don’t worry.

  • Using SSH Keys

    SSH supports authenticating users with keys. Although they require more setup ahead of time, they’re generally more secure than typing in passwords. They’re also more convenient in the long run. In this article, I am going to cover using key-based authentication in OpenSSH.

  • How To Install Anaconda on Ubuntu 22.04

    Anaconda is a distribution of the Python and R programming languages for scientific computing (data science, machine learning applications, large-scale data processing, predictive analytics, etc.), that aims to simplify package management and deployment. The distribution includes data-science packages suitable for Windows, Linux, and macOS. It is developed and maintained by Anaconda, Inc.,

  • How To Install Anaconda on Fedora 36

    Anaconda is a popular Python/R data science and machine learning platform, used for large-scale data processing, predictive analytics, and scientific computing. Anaconda distribution ships with 250 open-source data packages, and more than 7,500 additional packages can be installed from the Anaconda repositories. It also includes the conda command-line tool and a desktop graphical user interface called Anaconda Navigator.

  • How to install Brave Web browser on CentOS 9 Stream

    Hello, friends. In this post, you will learn how to install Brave Web browser on CentOS 9 Stream. This is one of the best alternative web browsers you can use.

  • Install phpMyAdmin on Ubuntu 22.04 with Apache

    phpMyAdmin is a web-based application for interacting with MySQL database server. This tool provides you with a user interface to make MySQL operations so you don’t have to use the command line interface. In this guide you are going to learn how to install phpMyAdmin with Apache on Ubuntu 22.04 and secure it.

  • How to Install GNU Octave on Linux Mint 20

    Linux Mint is an ideal operating system for many kinds of users, such as enthusiasts and developers. That’s why it has become one of the most popular in all of Linux, thanks to its ease of use and robustness. In it, we can install all kinds of tools such as programming languages and thus be useful to professional developers. An example of this is that we can install GNU Octave on Linux Mint without too many problems. This is the aim of our post.

Linux 5.18-rc7

	
From	Linus Torvalds 
Date	Sun, 15 May 2022 18:15:42 -0700
Subject	Linux 5.18-rc7
share 0
So things continue to be fairly calm, and as such this is likely the
last rc before 5.18 unless something bad happens next week.

All the stats here look normal, with the bulk of it being random
driver updates (network drivers, gpu, usb, etc).

There's a few filesystem fixes, some core networking, and some code
kernel stuff. And some selftest updates.

Sortlog appended, nothing really stands out (the most exciting thing
last week was literally that Andrew has started using git, which will
make my life easier, but that doesn't affect the *code*)

Please give it one last week of testing, so that we'll have a nice
solid 5.18 release.

                 Linus

Read more

today's howtos

  1. Finding files in Ubuntu 22.04

    In computing, file placement is an important activity to perform as you may forget the file location. Ubuntu 22.04 supports various built-in commands to trace down your files. However, the graphical user interface may also be used to find files.

  2. How to Convert SVG or PDF File to Base64?

    Apart from simple text, the image files or documents can also be converted to the Base64 format. These entities can then be stored securely anywhere you want. In this article, we would like to share the methods of converting the SVG files and PDF files to Base64 using the Python programming language in Ubuntu 20.04. First, we will introduce you briefly to these file formats, followed by the procedure of converting them to Base64.

  3. How to install DataGrip 2022 on a Chromebook

    Today we are looking at how to install DataGrip 2022 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  4. GDISK Command-Line Options

    The GDISK command in Linux is used to partition the drives of your system. Moreover, it can also be used to list down the existing partitions and display relevant information about them. In this guide, we will be talking about the different command-line options that are available with the GDISK command on a Linux Mint 20.3 system.

  5. Mapfile Bash Linux Command

    The bash shell Mapfile command is often known as a reading array. The primary purpose is to read standard input lines and store them in an indexed array variable. Mapfile must also read from substitution (<<) rather than a pipe. In addition, as compared to a read loop, bash Mapfile is a much faster and more convenient solution. It returns 1 if the execution of the command gets successful and 0 in case it is not successful. If we don’t specify an array name, the bash Mapfile variable will be targeting the array variable by default. Thus, we have decided to cover some examples using the mapfile instruction on the bash.

  6. Resolve Issue: Bash Bad Substitution

    You may have received the Bad substitution syntax problem while developing Bash scripts. After browsing through forums, you may discover that you are not alone; other individuals are encountering the same mistake. It’s a typographical fault that happens when you run your Shell script, and it can happen for a variety of reasons. The wrong use of instruction substitution and erroneous characters appended to the program are two major reasons for this. Let’s see how we can make our shell script cause this error and how to resolve it. Get started with the new bash file created with Ubuntu’s “touch” query and open it within the “GNU Nano” editor.

  7. Resolve Issue: Bash Unary Operator Expected

    Errors have a diverse number of types and reasons when it comes to bash programming. One of those errors is the “unary operator expected” error in bash programming. When evaluating expressions in conditional declarations, you may run into the “unary operator expected” issue. The reasons for this error “bash unary operator expected” might be diverse. We’ll start by talking about what’s creating the problem. Following that, we’ll go over a couple of options for resolving this problem. Let’s get started with today’s article by creating a new bash file in Ubuntu 20.04 system. For this, we need to utilize the “touch” instruction within the shell terminal and name the file “unary.sh”.

today's leftovers

  • Linux Weekly Roundup #182

    Welcome to this week's Linux weekly roundup. We had another full week in the world of Linux releases with Fedora 36, Bluestar Linux 5.17.7, ALT Linux 10.0, and LXLE Focal beta. I hope you have a wonderful week and enjoy every moment!

  • libiconv - News: libiconv 1.17 released [Savannah]

    GNU libiconv 1.17 is released.

  • PS4 9.60 and PS5 5.10 Firmware updates released, do not update if possible - Wololo.net

    So as always, we (and several prominent members of the hacking scene) recommend you do not update your console, if you can, and if you’re expecting to Jailbreak it eventually.

  • Best PlayStation 2 (PS2) Emulators for Android in 2022

    The Google Play Store is packed with interesting games, but most of them pale in comparison with the best PlayStation 2 titles, such as Silent Hill 2, Ico, Shadow of the Colossus, the Ratchet and Clank series, Final Fantasy X, Kingdom Hearts 1 & 2, Wild Arms, or Persona 4, just to give some examples. These and many other games are still fun to play, even though it’s been more than two decades since Sony released the PlayStation 2 console to great success. You can play them even if you don’t own the console or any of its successors’ thanks to PlayStation 2 emulators for Android.

  • Best Roblox Anime Games

    Roblox is a unique gaming platform with a library that has millions of games created by a community of millions of developers, allowing endless hours of gameplay. If you are a fan of anime and looking for games that resemble them then we have mentioned some of the top anime games in this article.

  • Did you know Twitter has an open-source arm? This is what it's been up to [Ed: Openwashing of a truly sinister and manipulative entity]
  • KlipperScreen: All You Need to Know [Ed: Not about KDE per se. This could be a trademark problem because of KDE. Klipper started in the 1990s.]

    KlipperScreen is a program that runs on Klipper firmware and provides a GUI to control your printer. Read on to learn more about it!