Kernel: HarmonyOS 3.0, OnePlus, and Brendan Gregg Quits Netflix
-
Huawei has pushed a new software update for the Nova 8 SE 4G that comes with HarmonyOS 2.0 version 2.0.0.155 in China. The new information reveals that the latest update brings March 2022 HarmonyOS security improvements for better system security.
-
The third major version of Huawei’s Harmony OS was announced in October of last year with the first Developer Preview coming out a few weeks later. However, development seems to have hit a bit of a snag, so the rollout schedule had to be pushed back.
-
After a delayed release, the OnePlus 10 Pro is now available in global markets for eager fans to snap up. For third-party ROM developers and tinkerers, we have good news with the release of the OnePlus 10 Pro kernel source code — which is now publicly available.
-
OnePlus finally took the wraps off the global variant of the OnePlus 10 Pro, but the company slacked off a bit and did not give us the kernel sources right after the launch. If you have already managed to score one for yourself for the sake of tinkering, we have good news for you. To facilitate custom development, the Chinese OEM has now released the kernel sources for the OnePlus 10 Pro.
-
Last time I quit a job, I wanted to share publicly the reasons why I left, but I ultimately did not. I've since been asked many times why I resigned that job (not unlike The Prisoner) along with much speculation (none true).
Games: Steam and More Proprietary Stuff
-
One of the most interesting things about covering Google's technologies and products is how communicative the company can be when explaining how things work. It recently kicked off the first part of a planned series illuminating how it finagled Steam on Chromebooks. In this first high-level overview of the technologies involved, one key fact has already been detailed: Modifying games (even just to tweak configuration files) might be pretty hard, if not impossible.
-
Hello, and welcome to Protocol Entertainment, your guide to the business of the gaming and media industries. This Tuesday, we’re chatting with Thatgamecompany co-founder Jenova Chen about ethical game design on mobile, as well as taking a closer look at Epic’s new $2 billion funding round and its metaverse ambitions with The Lego Group.
-
The Steam Deck is not the first attempt at a handheld for PC gaming, but it does come with a pedigree and a market-friendly price.
Since 1996, Valve has evolved from game developer (the Half-Life franchise) into being a major online market for PC games, into offering an open-hardware platform (Steam Engine) and now, fully into the console market after a flirtation with peripherals.
Openwashing and Free Software
-
Redis serves as a pipeline that connects the levels of TAG’s platform, a 100% IP 100% software open-source solution that monitors, aggregates, manages and utilizes data-driven viewer analytics. The foundation of the RMP is TAG’s Multi-Channel Monitoring (MCM) system, that monitors every type of signal from live production through OTT delivery, providing deep monitoring for critical analysis into signal health.
-
When we talk about “open sourcing” something, that’s a big part of it, right? We want to be able to run it ourselves. We want to be able to take the code and adapt it and tweak it to our needs, on our own servers. We want to collectively help out, fixing bugs and contributing to that codebase.
-
The book, The C Programming Language, by Bell Labs’ Brian Kernighan and Dennis Ritchie, played a defining role in the development and popularisation of C. The book, released in 1978, is still widely read.
-
A copyright gives a creator the legal right to own, distribute and profit from his or her creative work. Software, like any other technology has all shades of licences facilitating its use. On one end of the spectrum, there is proprietary software which is to be purchased as a one-time transaction or as yearly licences. A popular example is Microsoft Windows which is purchased along with the computer or Microsoft Office which typically has a yearly licence that has to be renewed upon payment.
On the other hand, there are different kinds of software licences that allow free use of software. There is the Creative Commons licence (CC) which is public domain: any software or work that is in CC can be used and distributed free of cost. For example, Wikipedia is under CC and hence its contents can be used freely with the condition that attribution is made to Wikipedia (this is called ‘Creative Commons – Attribution-ShareAlike).
-
SELKS is a Stamus Networks contribution to the open-source community and is released, at no cost, under the GNU GPLv3 license as ISO images, Docker package, or as source code.
-
Open source software and community advocate, OpenMetal, is increasing its commitment to open source, building upon an Open Infrastructure Foundation (OIF) membership.
-
By joining the Open Library Foundation, VuFind will benefit from infrastructure support including legal, operational, administrative, and financial resources. The foundation is also able to ensure that VuFind is owned by the VuFind community and is able to expand beyond the interests of any single entity.
-
The Qiling framework developed by the Shepherd Lab of JD Explore Academy has been accepted in GSoC (Google Summer of Code) 2022 after recommendation by The Honeynet Project.
Starting from 2005, GSoC has been devoted to helping contributors find open source projects. More than 18,000 students from 112 countries, who get help from 17,000 mentors of 746 open source organizations, have written more than 40M lines of code in fields they love.
-
FOSSEPS stands for Free and Open Source Solutions for European Public Services and is an initative by the EU Commission to identify the most critical open source software used by European Public Services.
Open Source Software powers everything, from modern servers, to IoT, to the desktops at work and is at the heart of the European Union systems too. It is so important that the European Commission's Open Source Programme Office has decided to offer bug bounties on popular open source software as described in "European Union Will Pay For Finding Bugs In Open Source Software".
The issue with the bug bounty was which apps were going to be labeled as critical or important in order to allocate resources to them. This is the same problem faced by the Open Source Security Foundation in its effort to make open source software sustainable and for which the Criticality Score Project was set up. This has already led to critical OSS projects being identified, most recently with the publication of "Census II of Free and Open Source Software - Application Libraries", as we reported last month.
Security Leftovers
-
A new botnet is targeting routers, Internet of Things (IoT) devices, and an array of server architectures.
-
There has been a land rush of sorts among threat groups trying to use the vulnerability discovered in the open-source Spring Framework last month, and now researchers at Trend Micro are saying it's being actively exploited to run the Mirai botnet.
Mirai is a long-running threat that has been around since 2016 and is used to pull smaller networked and Internet of Things (IoT) devices, such as IP cameras and routers, into a botnet that can then be used in such campaigns as distributed denial-of-service (DDoS) and phishing attacks.
The Trend Micro researchers wrote in a post that they observed the bad actors weaponizing and run Mirai malware on vulnerable servers in the Singapore region via the Spring4Shell vulnerability, tracked as CVE-2022-22965.
-
Hacking is the use of any tools or technology to obtain unauthorized access to or circumvent security measures of a computer system or network.
An ethical hacker is an independent security tester who checks computer systems, networks, and programs, looking for potential vulnerabilities that an attacker could exploit. Ethical hackers use the same tools and techniques as malicious hackers; however, they do it to improve system security and uphold privacy policies and standards instead of causing damage or stealing information. Examples include penetration testing and vulnerability scanning.
-
Throughout this week, we’ve heard from a variety of infosec professionals about what first drew them to security, from PwC’s Katherine Cancelado starting to learn RedHat and Debian Linux at age 12 to Nitro’s David Lenoe getting to grips with new tech during a third-party security review.
Elly Stritch studied business information systems at University College Cork and it was here that her interest in cybersecurity began.
-
Katherine Cancelado’s interest in cybersecurity was sparked when she was about 12 years old and she started learning RedHat and Debian Linux. This led her to a variety of tech communities where she learned more and shared her knowledge, and started engaging with cybersecurity without even realising it.
“I learned so much about how to create secure and optimal configurations for different systems and applications, and this was what caused me to move towards cybersecurity as a way to make things better and not to simply make things work,” she told SiliconRepublic.com.
-
Customized malware targeted not only Microsoft Corp. Windows-based systems, but also those running on common Unix platforms Linux or Solaris, Mr. Boutin said.
-
PlayStation pushed PS5 Firmware 22.01-05.02.00 (PS5 5.02) and PS4 Firmware 9.51 yesterday. Those are your typical “improves system performance” updates, but as always, we (and several prominent members of the hacking scene) recommend you do not update your console, if you can, and if you’re expecting to Jailbreak it eventually.
-
Cybersecurity experts and researchers have raised alarms around a vulnerability disclosed by Microsoft Tuesday concerning Windows hosts running the Remote Procedure Call Runtime (RPC).
-
Such lateral movements are often used to escalate privileges, for example, in Active Directory.
-
Cybercriminals are targeting APIs more aggressively than ever before, and businesses must take a proactive approach to API security to combat this new aggression.
-
The first three browser extensions in this list -- HTTPS Everywhere, Privacy Badger and uBlock Origin -- have enjoyed some long-standing recommendations from CNET reviewers.
The HTTPS Everywhere extension is available through a partnership between the Electronic Frontier Foundation and the TOR Project. Many websites use secure connections already, but some don't, leaving their visitors vulnerable to threats, like having malware delivered to their device. If you're visiting an unprotected website, HTTPS Everywhere checks to see if it offers a secure connection. If one is available, the add-on forces the site to use that connection.
-
INTERVIEW As CTO of The New York Times two decades ago, Andres Rodriguez became frustrated with the time-consuming and unreliable process of backing up massive amounts of data that was only tested when it failed.
-
New patch issued by VMware for Information Disclosure vulnerability CVE-2022-22948 discovered by Pentera Labs’ Yuval Lazar, Senior Security Researcher.
-
Microsoft's massive April Patch Tuesday includes one bug that has already been exploited in the wild and a second that has been publicly disclosed.
In total, the Redmond giant patched over 100 bugs today, including 10 critical remote code execution (RCE) vulnerabilities.
Recent comments
2 hours 28 min ago
3 hours 16 min ago
5 hours 27 min ago
6 hours 3 min ago
6 hours 7 min ago
13 hours 32 min ago
14 hours 7 min ago
22 hours 52 min ago
22 hours 55 min ago
1 day 1 hour ago