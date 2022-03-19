Language Selection

Proprietary Software, Openwashing, and Microsoft Monopoly Abuse

Friday 18th of March 2022 01:38:03 PM
Microsoft

  • Emotet Malware Sending Emails Disguised as IRS [Ed: Microsoft Windows TCO]

    Emotet is malware that infects computers by hiding in malicious emails. The malware is hidden in Microsoft Word and Excel files.

  • Nextcloud gains Rocket.chat support to further elevate the platform into business heights

    Now, here’s the caveat. This integration is very much in the early stages of development. I’ve kicked the tires and found it to be far from ready for production environments. In fact, I’ve been unable to get the Nextcloud Rocket.chat app to connect to my in-house Rocket.chat server (which I can connect to with the Rocket.chat desktop app–so I know the server is working properly).

  • Supreme Court orders re-vote after iVote crash in NSW local government elections

    In delivering his judgement on Thursday afternoon, Justice Robert Beech-Jones declared the results in the three council areas void.

    "The primary consideration is the interest of the electorate," Justice Beech-Jones said.

    "The cost, stress and inconvenience to the elected cannot be elevated above the electorates' interest in having a council elected in accordance with the Local Government Act."

  • Three NSW council election results scrapped due to digital voting issues

    The New South Wales Electoral Commission (NSWEC) applied to the Supreme Court for the results in three councils – Kempsey, Singleton and Shellharbour Ward A – to be scrapped due to this issue, and a judge agreed to void the votes on Thursday.

  • False advertising to call software open source when it's not, says court

    The Graph Foundation agreed [PDF] it would no longer claim specific versions of ONgDB, its Neo4j Enterprise Edition fork, are a "100 percent free and open source version" of Neo4J EE. And last month, two other companies challenged by Neo4j – PureThink and iGov – were also required by a court ruling to make similar concessions.

  • Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

    Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

  • Microsoft faces EU antitrust complaint about its cloud computing business | Reuters

    U.S. tech giant Microsoft (MSFT.O) is facing an antitrust complaint filed by three European rivals in the booming cloud computing business, one the plaintiffs said on Thursday.

    The complaint, filed with the European Union's competition watchdog months ago, alleges that Microsoft's contractual and business practices make it costly and difficult for users of its cloud computing services to opt for those of a competitor, a source close to the matter said.

    French cloud computing services provider OVHcloud (OVH.PA) confirmed in a statement that it had joined the complaint against Microsoft. A spokesperson for the company declined to give the names of the two other European plaintiffs.

SUSE/OpenSUSE Leftovers

  • Why Nvidia Should Acquire SUSE [Ed: Truly bizarre idea from an IBM-funded shill, Timothy Prickett Morgan]

    Here we are, on the Friday before the flagship GPU Technology Conference hosted by Nvidia is set to kick off. And we are without a doubt excited in anticipation of what we conjecture will be a deluge of compute and networking hardware and puzzling over what this Omniverse really means (like many of you). But for some reason, out thoughts keep coming back to software, and how Nvidia is building out an increasingly complete and ornate set of systems software to run HPC, AI, data analytics, visualization, and now world-simulating applications.

  • openSUSE Tumbleweed – Review of the week 2022/11 – Dominique a.k.a. DimStar (Dim*)

    Another week filled with 7 snapshots, and this despite of one snapshot being discarded. We have published 0310, 0311, 0312, 0313, 0314, 0316, and 0317 (0315 was skipped due to some elevated risk of braking systems with a dracut update; maintainers are looking into this)

  • SUSE Reports Strong Revenue Growth In Q1 2022

Jasem's Ekosphere: KStars v3.5.8 Released

KStars v3.5.8 is released on 2022.03.19 for MacOS, Linux, and Windows. This is a mostly bugfix release with a couple of exciting new features. Read more

4 CLI based Linux Performance Monitoring Tools: top, htop, ps and vmstat

Linux is a very stable operating system with strong security features. On several occasions, we may need to observe the performance of our system, maybe because of some technical glitch or as a part of a routine health checkup. Performance measurement gives us a quick insight into how our system is doing, e.g. performance logs can tell us what processes are running, how much memory is in use, how much CPU is being used etc. This information also helps us in making decisions related to effective resource planning, debugging system issues etc. Most Linux distros provide command-line tools and graphical ones to accomplish this task. Some of these come pre-shipped with the OS and some may need to be installed. These tools are classified as either real-time monitoring tools or log-based tools. Read more

Security: Patches, New RNG, and More

  • Security updates for Friday

    Security updates have been issued by Debian (python-treq), Fedora (openvpn, pesign, rust-regex, and thunderbird), Oracle (expat), Red Hat (kpatch-patch-4_18_0-147_58_1), Slackware (bind and openssl), SUSE (python-lxml), and Ubuntu (apache2).

  • Donenfeld: Random number generator enhancements for Linux 5.17 and 5.18

    Jason Donenfeld has published a lengthy look at the changes to the Linux random-number generator (RNG) for Linux 5.17 and the upcoming 5.18 kernel. It covers his efforts "to modernize both the code and the cryptography used" and also peers into the future for changes that may be coming.

  • Random number generator enhancements for Linux 5.17 and 5.18

    The random number generator has undergone a few important changes for Linux 5.17 and 5.18, in an attempt to modernize both the code and the cryptography used. The smaller part of these will be released with 5.17 on Sunday, while the larger part will be merged into 5.18 on Monday, which should receive its first release candidate in a few weeks and a release in a few months. As I wrote to Linus in the 5.18-rc1 pull request yesterday, the goal has been to shore up the RNG’s existing design with as much incremental rigor as possible, without, for now, changing anything fundamental to how the RNG behaves. It still counts entropy bits and has the same set of entropy sources as before. But, the underlying algorithms that turn those entropy sources into cryptographically secure random numbers have been overhauled. This is very much an incremental approach toward modernization. There’s a wide array of things that can be tackled in the RNG, but for the first steps, accomplished in 5.17 and 5.18, the focus has been on evolutionarily improving the existing RNG design.

  • CRI-O Security Update for Kubernetes | CISA

    CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers.

  • This Week In Security: More Protestware, Another Linux Vuln, And TLStorm | Hackaday

    Up next is the announcement of another Linux Kernel vulnerability, CVE-2022-25636, this one an out-of-bounds write in the Linux firewall code. If you’re suddenly having heart palpitations at the thought of Remote Code Execution, try to relax. This flaw is serious, but just like DirtyPipe we covered last week, it’s entirely limited to a local user account that can run shell commands. A pair of tricks allows any user the ability to trigger the flaw with any hardware, meaning that it’s a straightforward elevation of privileges.

