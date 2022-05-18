Moving from physical networks using switches, routers, and ethernet cables to virtual networks using software-defined networks (SDN) and virtual interfaces involves a slight learning curve. Of course, the principles remain the same, but there are different specifications and best practices. Kubernetes has its own set of rules, and if you're dealing with containers and the cloud, it helps to understand how Kubernetes networking works.

This feature is intended primarily for use on VMs, where system administrators need to restrain interception of the outgoing traffic down to a few applications instead of intercepting all outgoing traffic. By default, as before, the Istio Sidecar will intercept outgoing traffic from all processes, no matter what user groups they are running under.

When you upgrade from Istio 1.13.x to Istio 1.14.0, you need to consider the changes on this page. These notes detail the changes which purposefully break backwards compatibility with Istio 1.14.0. The notes also mention changes which preserve backwards compatibility while introducing new behavior. Changes are only included if the new behavior would be unexpected to a user of Istio 1.13.x. Users upgrading from 1.12.x to Istio 1.14.0 should also reference the 1.13.0 change logs.

This is the second Istio release of 2022. We would like to thank the entire Istio community for helping to get Istio 1.14.0 published. Special thanks are due to the release managers Lei Tang (Google) and Greg Hanson (Solo.io), and to Test & Release WG lead Eric Van Norman (IBM) for his help and guidance.

Today we are looking at LXLE Focal. It comes with Linux Kernel 5.4, based on Ubuntu 20.04, LXDE, and uses about 500MB of ram when idling. Enjoy!

Not much is happening with AppImages, nobody likes Snaps, but flatpaks are gaining are lot of traction as of late especially with release of the Steam Deck which is the primary method to install software.

Dr. Andre Kudra, who plays "retro geek jazz" with Aaron Newcomb (himself a retro master) and host Doc Searls in this fact and fun-filled episode about retro computing and Demoscene. Nothing in computing gets more open, real, and truly deep—close to the metal—in a fun way, than retro computing and the Demoscene. And nobody is more involved in all of it than Dr. Kudra.

Security Leftovers Cops' Killer Bee stings credential-stealing scammer [Ed: Microsoft Windows TCO] "It will also exfiltrate credentials from multiple software programs like Google Chrome, Mozilla Firefox, and Microsoft Outlook — making its potential impact truly catastrophic," Qualys Principal Research Engineer Ghanshyam More wrote in a technical analysis earlier this year.

Global tech industry objects to India’s new infosec reporting regime Eleven significant tech-aligned industry associations from around the world have reportedly written to India’s Computer Emergency Response Team (CERT-In) to call for revision of the nation’s new infosec reporting and data retention rules, which they criticise as inconsistent, onerous, unlikely to improve security within India, and possibly harmful to the nations economy. The rules were introduced in late April and are extraordinarily broad. For example, operators of datacenters, clouds, and VPNs, are required to register customers’ names, dates on which services were used, and even customer IP addresses, and store that data for five years. Another requirement is to report over 20 types of infosec incident, even port scanning or attempted phishing, within six hours of detection. Among the reportable incidents are “malicious/suspicious activities” directed towards almost any type of IT infrastructure or equipment, without explanation of where to draw the line between malicious and suspicious activity. The new rules attracted plenty of local criticism on grounds that a six-hour reporting window is too short, the requirement to record VPN users’ details is an attack on privacy, and that the requirements are too broad and therefore represent an onerous compliance burden.

Clever — and Exploitable — Windows Zero-Day Researchers have reported a still-unpatched Windows zero-day that is currently being exploited in the wild.

Code execution 0-day in Windows has been under active exploit for 7 weeks | Ars Technica A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering Windows Defender and a roster of other endpoint protection products. The Microsoft Support Diagnostic Tool vulnerability was reported to Microsoft on April 12 as a zero-day that was already being exploited in the wild, researchers from Shadow Chaser Group said on Twitter. A response dated April 21, however, informed the researchers that the Microsoft Security Response Center team didn't consider the reported behavior a security vulnerability because, supposedly, the MSDT diagnostic tool required a password before it would execute payloads.