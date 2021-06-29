Security Leftovers
QNAP Advises to Mitigate Remote Hacking Flaws Until Patches are Available [Ed: Support for proprietary Apple file system]
Netatalk is an open-source implementation of the Apple Filing Protocol (AFP), allowing Unix-like operating systems to serve as file servers for Apple macOS computers.
Critical vulnerabilities open Synology, QNAP NAS devices to attack
QNAP warns users to disable AFP until it fixes critical bugs [Ed: Most households don't have "Macs" and other Apple stuff; this ought not be enabled by default]
QNAP warns users to disable AFP until it fixes critical bugs [Ed: Most households don't have "Macs" and other Apple stuff; this ought not be enabled by default]
Cybersecurity Platform CrowdSec Announces Compatibility With Windows, Synology, OPNSense And Magento
Why you need to keep your operating system up to date [Ed: There are more people still using Windows XP than users of Vista 11. They should migrate to GNU/Linux on the same hardware.]
These days the headlines are full of tech news articles urging you to update your operating system them moment companies push them out. But with many taking significant time to download and requiring you restart the machine, it’s all too easy to delay actually installing them. Here to explain why that’s a bad idea, we’ve created this easy to understand guide, detailing why you should always keep your operating system up to date.
[...]
Linux product lifecycle
GNU/Linux operating systems handle lifecycle in a variety of ways, from from “rolling release” distributions like Arch, which don’t have a formal release lifecycle but instead release small incremental updates, to “long-term support” (LTS) versions.
LTS releases are designed for stable deployments and guaranteed receive updates without a corresponding version upgrade for anywhere from anywhere from five years standard support and ten years of security updates in the case of Ubuntu LTS, to over a decade for Red Hat Enterprise Linux’s costly Extended Life Phase for enterprise support subscribers.
Like Windows, most non-rolling, non-LTS Linux distros release a major version update every six months or so, however.
Fortinet: 80% of Breaches Attributed to Cybersecurity Skills Gap [Ed: While the assertion here may be true, it's sad they quote a Microsoft proxy (Microsoft puts back doors in things and then uses this proxy to deflect/pass blame to "Open Source")]
The cybersecurity skills shortage not only continues to give C-level executives a migraine, but the gap can also be linked to many breaches, Fortinet’s recent report found.
For the report, Fortinet surveyed more than 1,200 IT and cybersecurity leaders from 29 different locations. The company found that 80% of surveyed organizations experienced at least one breach they could attribute to the cybersecurity skill gap, and 64% of those breaches resulted in revenue loss, recovery cost, and other financial damages.
Meteoric attack deploys Quantum ransomware in mere hours [Ed: Microsoft Windows TCO]
Maven, Gradle And More: How To Choose Between Package Managers
Dependencies are libraries that projects use but that the project’s developers don’t have to write themselves. Instead, developers can download those dependencies directly into projects and immediately use them without having to write the code within those libraries themselves. It’s certainly possible to write code without ever using libraries, but hardly anyone does that. That’s because so many useful libraries exist that provide helpful functionality and make the work of development much easier and faster for developers. Dependencies also help with code maintainability because the code for those dependencies can be managed and updated separately from projects that use them. Dependency managers are useful because projects today tend to have a large number of dependencies, and each dependency may also have a long list of their own dependencies. That can quickly become impossible for developers to manually download and maintain themselves. Dependency managers help developers more easily download and keep track of the dependencies in their projects.
Hands-On with Arch Linux’s New Menu-Based Installer
Earlier this week, the Arch Linux developers released Archinstall 2.4.1 (it has been updated to version 2.4.2 a day later to fix a few bugs), a release that introduces numerous new features and improvements, as well as a brand-new menu system to make installing Arch Linux even easier for newcomers. Now, the latest Archinstall version is shipped by default with the newest Arch Linux ISO snapshot for next-generation Arch Linux installations, and I was curious to find out how it works and how easy is to install this popular rolling-release distribution compared to the previous installation system.
today's leftovers
