Security Leftovers
Security updates for Monday
Security updates have been issued by Debian (admesh, condor, firefox-esr, libpgjava, libxml2, rsyslog, and thunderbird), Fedora (dotnet6.0, libarchive, php-openpsa-universalfeedcreator, thunderbird, and vim), Mageia (ffmpeg, kernel, kernel-linus, microcode, netatalk, nvidia-current, nvidia390, opencontainers-runc, postgresql, and ruby-nokogiri), Slackware (mariadb and mozilla), and SUSE (curl, firefox, libarchive, librecad, libxls, openldap2, php7, and postgresql10).
Mozilla Releases Security Products for Multiple Firefox Products | CISA
Mozilla has released security updates to address vulnerabilities in Firefox 100.0.2, Firefox for Android 100.3.0, and Firefox ESR 91.9.1. An attacker could exploit these vulnerabilities to take control of an affected system.
Upgrading Mozilla’s Root Store Policy to Version 2.8 - Mozilla Security Blog
In accordance with the Mozilla Manifesto, which emphasizes the open development of policy that protects users’ privacy and security, we have worked with the Mozilla community over the past several months to improve the Mozilla Root Store Policy (MRSP) so that we can now announce version 2.8, effective June 1, 2022. These policy changes aim to improve the transparency of Certificate Authority (CA) operations and the certificates that they issue.
We need to talk about sex toys and cyber security | Pen Test Partners
We’ve written about the appalling security of smart sex toys over the years. Finally, an invite came to give a talk on the subject to a TEDx audience.
I debated whether to give the talk with colleagues, as we’ve never wanted to be pigeon-holed in this space! But we felt that public awareness of the lax security was one of the ways to encourage the toy manufacturers to improve.
Issues such as precise position leakage of LGBT+ people in countries where they were persecuted by authorities were simply too concerning.
7 pieces of Linux advice for beginners
My brother told me that Linux was like a "software erector set" (that's a dated reference to the old Erector sets that could be purchased in the 1950s and 1960s) which was a helpful metaphor. I was using Windows 3.1 and Windows NT at the time and was trying to build a useful and safe K-12 school district website. This was in 2001 and 2002 and there were very few texts or resources on the web that were helpful. One of the resources recommended was the "Root Users Guide," a very large book that had lots of printed information in it but was tough to decipher and know just how to proceed. One of the most useful resources for me was an online course that Mandrake Linux maintained. It was a step-by-step explanation of the nuances of using and administering a Linux computer or server. I used that along with a listserv that Red Hat maintained in those days, where you could pose questions and get answers.
Software Releases: Pgpool-II, pgmetrics, Systemd
The 8 Best Linux Apps for Photographers
Capture and create beautiful photographs on Linux using these eight apps specially developed for photographers. For photographers, Linux provides some of the most advanced and comprehensive image manipulation applications. Best of all, virtually all of them are free and open-source software. That means that no matter what you decide to do with them, it won’t cost you a dime. You can download some just to check them out or incorporate them into your regular workflow. It’s up to you.
