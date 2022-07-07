Proprietary Software and Security
Software sold by market leaders tend to be primary purchases for regular consumers. Brand comfort is important but so too is affordability, especially when pirate copies are available for free. Some find a middle ground with purchases of discounted activation keys but, as a new Microsoft lawsuit shows, that can amount to copyright infringement for buyers and sellers alike.
For more than a decade I have been thundering against a lot of the bad practices that have permeated the software development industry, one such practice is to blindly trust code when using third party libraries, frameworks or packages. For about the same amount of time I have listened to all the reasons why time is money and we need to build something quickly, and we haven't got the time to do security or X, Y and Z. But alas, now such companies are beginning to pay the price, a very costly and extremely damaging price!
Security gaps in older, unprotected Windows desktop versions of Boeing’s Onboard Performance Tool (OPT) could make certain Electronic Flight Bags (EFB) more susceptible to attack. In particular, OPT’s use of plain text configuration files and SQLite databases, means an attacker with physical access to an EFB could modify files directly on the device.
While the likelihood of exploiting such gaps is low given existing regulations governing the use and employment of EFBs and Crew Resource Management procedures, if data modification occurs, and the resulting miscalculations are not detected during the crew’s required cross check or verification process, an aircraft could land on a runway too short or take off at incorrect speeds potentially resulting in a tail strike or runway excursion.
Boeing released OPT version 4.70 and issued a service bulletin to operators to enhance the application’s security features and minimize the potential for manipulating OPT data. It is important that operators employing EFB solutions, including those that contain OPT, harden their devices and implement physical access controls in accordance with relevant aviation regulations.
The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System — a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop to be held this weekend at the DEFCON security conference in Las Vegas, where a security researcher is slated to demonstrate multiple weaknesses in the nationwide alert system.
Israel’s foremost purveyor of malware, NSO Group, has undergone nearly a yearlong reckoning. A leak last summer appeared to show NSO customers were routinely targeting journalists, activists, members of opposition parties, and, in one case, the ex-wife of a Dubai ruler.
The removal of features from Autodesk products would appear to be turning into something of a routine at this point, with the announced removal of local simulations the latest in this series. Previously Autodesk had severely cut down the features available with a Personal Use license, but these latest changes (effective September 6) affect even paying customers, no matter which tier.
However, sometimes companies struggle with understanding or feeling fully protected by those policies. According to a recent study from Blackberry and Corvus Insurance, a high percentage of companies said they would hesitate to get into business with organizations that aren't covered by cyber insurance, recognizing its importance. However, just 14 percent of small and medium-size businesses have policies that cover over $600,000, restrictions that led more than half of respondents to say they hoped for more financial assistance from the government, particularly when attacked by a nation state. Many companies said there's a lack of transparency from some firms about what is actually covered by their policies, which are constantly getting more expensive.
For much of the last decade, Vladimir Putin has attempted to compensate for various shortcomings (like a less sophisticated real world military) by launching cyber and propaganda attacks on much of the world. And while this, for a while, resulted in a mythology that Russia was in a league of its own when it comes to hacking and cybersecurity, the reality isn’t nearly that exciting.
10 Great Linux websites for beginners and everyday users
Many websites related to Linux and open source software have high technical content and often have less attention for the actual use and the things you can do with this operating system. But some of us just have other expectations. As a beginner or every day user in the Linux and Open Source world, you have different information needs than an experienced, highly skilled Linux user or developer. But also Linux users who use their computer for example for content creation, are less interested in the technical backgrounds, and have mostly different needs. In this artcle I give my thoughts on 10 great Linux websites for beginners and everyday users.
Sparky 6.4
The 4rd update of Sparky 6 – 6.4 is out.
It is a quarterly updated point release of Sparky 6 “Po Tolo” of the stable line. Sparky 6 is based on and fully compatible with Debian 11 “Bullseye”.
Calibre is known for being a very efficient eBook manager and with important features to be ranked as one of the best. We can also deploy Calibre Server on Ubuntu 22.04 and thus have a more private management and accessible from anywhere.
One of the main advantages of deploying our eBook server with Calibre is that it will be accessible using the Internet. This will also allow you to share it with family and friends without problems, and finally, you can read your eBooks from the web.
So let’s get started.
PDB i.e. Pod Disruption Budget is a method to make sure the minimum number of Pods are always available for a certain application in the Kubernetes cluster. That is a kind of one-liner for explaining PDB. Let’s dive deeper and understand what is PDB. What does PDB offer? Should I define PDB for my applications? etc.
Opera is a freeware, cross-platform web browser developed by Opera Software. As a Chromium-based browser, Opera offers a clean, modern web browser that is an alternative to the other major players in the Browser race. Opera has created a sleek and lightweight browsing experience using the Blink layout engine. In addition, Opera has built-in features such as an ad blocker, battery saver, and free VPN. With these features, Opera provides users with an efficient browsing experience that is both fast and private. As more and more people are looking for alternatives to the major browsers, Opera is poised to become a leading player in the browser market.
In the following tutorial, you will learn how to install Opera Browser on Linux Mint 21 LTS series that includes the stable, beta, and development (nightly) branch with steps to install, update and remove the browser using the command line terminal.
MySQL is a relational database management system based on SQL (Structured Query Language). It is one of the most widely used database software for several well-known applications. MySQL is used for data warehousing, e-commerce, and logging applications, but web database storage and management is the most commonly used feature. MySQL has been in production use for over 20 years and is considered one of the most secure and reliable database systems. Despite this, it has several drawbacks that should be considered before using it for any mission-critical applications. One such drawback is that it does not support transactions across multiple tables, which can lead to data inconsistency in the event of a failure. Additionally, MySQL does not support some of the more advanced features in other database systems, such as stored procedures and triggers. MySQL is an excellent choice for many applications, but it must be aware of its limitations before using it in a production environment.
In the latest release of MySQL 8.0, the database management system brings new features and security updates. This new release of MySQL adds support for joins with larger data sets, better performance when importing large files, and various improvements to InnoDB, SQL mode, named ‘strict sql_mode,’ which will make MySQL more compliant with the SQL standard. In addition, there are performance enhancements for DML statements and replication and several new security features. With these improvements, MySQL 8.0 provides a more robust and secure platform for managing data.
In the following tutorial, you will learn how to install MySQL 8.0 on Rocky Linux 9 using the command line terminal with instructions on how to secure the MySQL service, update, and, if necessary, remove.
If you wish to install Akaunting for a demo on a local server or for permanent use on a cloud/hosting VPS server, this article will walk you through the procedures for installing Akaunitng on Ubuntu, Debian, and other comparable Linux distributions.
Akaunting is a free and open-source accounting software accessible on GitHub that runs on PHP and MySQL. As a result, there is no need to utilize any client or install accounting software on every device in a business or household. Once installed, any user who wants to use the Akaunting for a small and medium company or for personal use may access it locally or remotely through the internet and browser.
It has a web interface, comparable to certain WordPress-based websites, and the setup method is likewise similar. As a result, it is not only user-friendly but also a gadget. Yes, it is also compatible with cellphones and tablets.
We will show you how to install Akaunting, a free open-source accounting software, on Ubuntu 22.04/20.04 LTS.
Darkstat is an easy to use, low-resource, cross-platform, web-based network traffic analyzer application. For managing Linux servers, this is a great tool. It can analyze network traffic, calculates statistics concerning usage, and serves these reports over the HTTPS.
This tool has an integrated web server. Darkstat also supports IPv6 protocol and asynchronous DNS resolution. Because of low-resource usage, it can keep running in the background and collect data and then present that data in a comprehensible format in its integrated web server.
Let’s take a look at how to install Darkstat and then we will get into its uses.
