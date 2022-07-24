Security and DRM: TLS, Ashley Madison Breach, Microsoft Fake Security, and DRM Against the Planet What is TLS encryption and how does it secure your [Internet] communication?

A Retrospective on the 2015 Ashley Madison Breach It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many Ashley Madison users, and to at least two suicides. To date, little is publicly known about the perpetrators or the true motivation for the attack. But a recent review of Ashley Madison mentions across Russian cybercrime forums and far-right websites in the months leading up to the hack revealed some previously unreported details that may deserve further scrutiny.

The dangers of Microsoft Pluton In upcoming Intel, Qualcomm, and AMD processors, there is going to be a new chip, built-in to the CPU/SoC silicon die, co-developed by Microsoft and AMD called the Pluton. Originally developed for the Xbox One as well as the Azure Sphere, the Pluton is a new security (cynical reader: DRM) chip that will soon be included in all new Windows PCs, and is already shipping in mobile Ryzen 6000 chips. This new chip was announced by Microsoft in 2020, however details of what it was actually capable of, and what it actually means for the Windows ecosystem were kept frustratingly vague. Now with Pluton rolling out in some AMD chips, it is possible to put together a cohesive story of what Pluton can do from several disparate sources. Because Microsoft’s details are sparse, this article will attempt to summarize all that we now know regarding Pluton. It may contain inaccuracies or speculation, but any potential inaccuracy or speculation will be called out where possible.

Climate ‘Leader’ Netflix Donated to Pro-Pipeline, Koch-Supported Think Tank Netflix gives every impression of being one of the world’s most climate friendly corporations. The streaming company responsible for the blockbuster climate movie “Don’t Look Up” starring Leonardo DiCaprio and Jennifer Lawrence plans to slash or offset all of its corporate greenhouse gas emissions by the end of 2022, a goal known as net-zero.

Security: Firmware Fake Security, FUD Campaign, VPS, and Buzzword Security Firmware Security Realizations - Part 1 - Secure Boot and DBX - Eclypsium One of the first findings brought to my attention was that Secure Boot was not enabled. After shaming myself, I remembered that in the past, installation instructions for most Linux distributions recommended disabling Secure Boot prior to installation. Not wanting to complicate installations any further I went into the BIOS/UEFI settings and disabled Secure Boot, then installed my Linux distribution of choice (sometimes that was POP_OS! And more recently Ubuntu). Once the installation was completed, I had not gone back and researched how to achieve better security using Secure Boot. This brought forth one of my first questions: Why did most Linux distributions state that Secure Boot should be disabled? It turns out Linux distributions had not completed the process to get all of the required binaries signed that allow a computer to boot securely. With there being so many Linux distributions this proved to be quite the challenge. It was only in the past 2-3 years that many distributions have moved to enable Secure Boot by default. Understanding what needs to be done in order to support Secure Boot leads us pretty deep down a rabbit hole, which begins with first understanding how Secure Boot works. A good starting point is to read some of the previous research on vulnerabilities related to Secure Boot. Eclypsium researchers have presented on Secure Boot dating as far back as 2013 at Black Hat USA in a talk titled “A Tale of One Software Bypass of Windows 8 Secure Boot” and again in 2014 at Defcon “Summary of Attacks Against BIOS and Secure Boot“.

Newly found Lightning Framework offers a plethora of Linux hacking capabilities [Ed: Microsoft propagandists still try to conflate malware with "backdoors", which is something Windows has by design; this is misleading, borderline defamatory. Unlike Windows, Linux does not have back doors and zero-days ignored by the vendor (Microsoft) for months, so for this malware to get to the system something dumb needs to happen. With Windows, there are back doors. With Linux, however, you need to first get in somehow. The media fails to mention this.]

New Very Powerful All in One Linux Malware [Ed: Anything to darken the brand "Linux", just because it is capable of running malicious programs too]

Should I Use Linux VPS Or Windows VPS | Technology For corporate and commercial projects, it is better to choose Linux, which confidently leads by the parameter "security".

SaaS security in Kubernetes environments: A layered approach | Red Hat Developer Security is especially critical for Software-as-a-Service (SaaS) environments, where the platform is used by many different people who need the confidence that their data is stored safely and kept private from unrelated users. This article focuses on security concerns for containers on your SaaS deployment running in Kubernetes environments such as Red Hat OpenShift. The article is the fifth in a series called the SaaS architecture checklist that covers the software and deployment considerations for SaaS applications.