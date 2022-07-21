Proprietary Windows Problems
Ransomware is indiscriminatory – prepare for everything to fail [iophk: Windows TCO]
This indiscriminate nature is compounded by the fact cyber-attacks are generally difficult to contain. For example, cyber warfare between nation states is a threat to every organisation – not just those deemed to be in the firing line. We saw this with the NotPetya attack in 2017 – an attack on a specific utility company – which impacted multiple unrelated organisations through an entirely organic spread of the chaos. Attack types also continue to evolve. For example, the LokiLocker attack was one of the first reported strains of ransomware to include a disk wiper functionality. This means organisations are not only held to ransom by having services suspended and threats of data extortion. Now they are being threatened with losing vast swathes of data completely if they do not pay up.
Cyberthreats impacting Australian and New Zealand businesses: Fortinet [iophk: Windows TCO]
Glenn Maiden, director of threat intelligence, Australia and New Zealand, Fortinet, said, “While cybercriminals are becoming more creative with their approaches, the risk to businesses from the likes of ransomware, for example, goes beyond mere disruption. The biggest risk is data access and exposure, further driving the need for leaders to bring security into the very base levels of the organisation. There’s never a guarantee that cybercriminals will safeguard data once its accessed, even if ransoms are paid, so it’s essential that business leaders invest in greater data protection at every level.”
Kaspersky puts spotlight on malicious ransomware group Luna [iophk: Windows TCO]
Kaspersky states that Luna underlines the recent trend for cross-platform ransomware, with languages like Golang and Rust being heavily implemented by modern ransomware gangs in the past year.
A notable example includes BlackCat and Hive, the latter using both Go and Rust. These languages are platform independent, so the ransomware written using them can be easily ported from one platform to another.
How Google got to rolling Linux releases for Desktops
More than 15 years ago, Ubuntu was chosen as the base for the internal Linux distribution, as it was user-friendly, easy to use, and had lots of fancy extras. The Long Term Support (LTS) releases were picked as it was valued that Canonical provided 2+ years of security updates.
However, this two year release cycle for LTS releases also meant that we had to upgrade every machine in our fleet of over 100.000 devices before the end-of-life date of the OS. The complex nature of workloads run on corporate machines meant that reinstalling and fully customizing machines could be a difficult and time consuming operation. The productivity hit of having all engineers configure their workspace from scratch every two years was not a financially responsible option.
[...]
When we designed gLinux Rodete (Rolling Debian Testing), we aimed at removing the two year upgrade cycle and instead spread out the load on the team throughout time. The general move to CI/CD in the industry has shown that smaller incremental changes are easier to control and rollback. Rolling releases with Linux distributions today are getting more common (Arch Linux, NixOS).
RISC-V based ESP32-C3 DevKit and Arduino
FSF, 'Linux' Foundation, and Software Freedom Conservancy
Sweden refers to EUPL and JLA
Regarding computer programs (source code and object code) the policy refers to the European Union Public Licence (EUPL, Swedish version) and refers to the Joinup Licensing Assistant (JLA) for providing information about the open source licences content and compatibility.
