Programming Leftovers

• 15 Open-source Physics Simulation Engine

  A physics simulation engine is a custom software engine that grants developers add visual effetcs, simulate and tweak objects and enviroments accroding to the law of physics in 2D, 3D or both. With physics engine software, developers and artists apply real-world physical properties, such as gravity and momentum, to their 2D and 3D objects rather than designing them from scratch.

• FLOSS 2.0 Has Been Released [Ed: The acronym "FLOSS" is being hijacked]

  When you have to deal with malware in your day job, for research purposes, or just for fun, one of the key points is to have a lab ready to be launched. Your sandbox must be properly protected and isolated to detonate your samples in a safe way but it must also be fulfilled with tools, and scripts. This toolbox is yours and will be based on your preferred tools but starting from zero is hard, that's why there are specific Linux distributions built for this purpose. The one that I use in FOR610 and for my daily investigations is REMnux[1], created and maintained by Lenny Zeltser[2]. This environment offers tons of tools that help to perform all the malware analysis steps from static analysis up to code reversing and debugging.

• How to Use SSL in a Create-React-App Application

  HTTPS is a must for modern applications, especially those that deal with user data. Set up HTTPS for React in just a couple of steps.

• Innovation Center Visits SparkFun - News - SparkFun Electronics

  The Innovation Center of St. Vrain Valley Schools seeks to transcend the traditional classroom and provides experiential opportunities that are developing today’s students into tomorrow’s leaders, innovators, and change-makers. As a part of these efforts, the Innovation Center hosts dozens of “project teams” across several focus areas that seek to complete real projects for real people alongside industry partners who provide incredible mentorship opportunities for students.

• AMD Xilinx Makes Machine Vision AI Development Quick, Easy And Affordable

  A host of software tools, code samples, an app store, and pre-configured Linux images make getting started surprisingly simple.

• Matthias Kirschner's Web log - fsfe: Recent Readings of Ada & Zangemann [Ed: "At this reading, I also for the first time met the people from O'Reilly"... so FSFE, which uses "FSF" in the name in violation of an agreement with FSF, liaises with O'Reilly, which helped attack Free software with the "Open Source" canard]

Security Leftovers

• odcast: Why there were 56 OT vulnerabilities this week

  This week we cover the Ericsson mobility report that offers some stats on cellular IoT connections, including the surprising nugget that we won’t see 4G/5G connections surpass 2G/3G connections until some time next year. Then we hit another report. This one is from NPR and covers the state of audio and smart speakers. It proves that growth is slowing for smart speakers and that we may not do as many things with voice as we think. In dystopian news we cover China using COVID tracking apps to lock down protesters, and Microsoft stopping sales of some facial recognition tools. In new product news we talk about the latest Philips Hue gear, a new material that could generate electricity for wearables, and new MCUs from NXP. We also address the closure of SmartDry and explain how Google’s update on the Nest Max Hub may break your Nest x Yale lock. We end by answering a listener question about more accurate motion sensors.

• Cortex XSOAR Tips & Tricks – Creating indicator relationships in automations

  In Cortex XSOAR, indicators are a key part of the platform as they visualize the Indicators Of Compromise (IOC) of a security alert in the incident to the SOC analyst and can be used in automated analysis workflows to determine the incident outcome. If you have a Cortex XSOAR Threat Intelligence Management (TIM) license, it is possible to create predefined relationships between indicators to describe how they relate to each other. This enables the SOC analyst to do a more efficient incident analysis based on the indicators associated to the incident.

• Social Engineering Kill–Chain: Predicting, Minimizing & Disrupting Attack Verticals

  It was a Friday afternoon when Bill was on his way back home from work when he received a call that made him take the next U-turn back to his office. It was one of these calls that he was dedicating all of his working hours to avoid. He was not given much detail through the phone, but it seems that Andre, someone working in the account payments department, had just fallen victim to a scam and had proceeded to a hefty payment. A scam? Bill recalled all the training videos he had put this department through. What went wrong?

• Daycare apps are insecure surveillance dumpster-fires

  Apps are like software, only worse.

• 12 best patch management software and tools for 2022

  These 12 tools approach patching from different perspectives. Understanding their various approaches can help you find the right product for your needs.

Windows vs Linux: What's the best operating system?

The way you utilise your PC can often depend on the operating system you use as well as your level of technical knowledge. Even though most people will turn to macOS or Windows when deciding on an OS, if you want something you can customise, there's nothing better than Linux. Despite the fact that it isn’t as popular as Windows, Linux offers far more avenues for customisation than any other OS as it's built on an open source foundation. It's certainly more intimidating to the average user as a result, but it can be incredibly powerful, and rewarding, if you possess the skills to fully take advantage of it. Obviously, there are advantages and disadvantages with both systems that are useful to know before making the decision on which is best for you.

today's howtos

• FreeBSD Quick Guide: Audio on FreeBSD

  Whether for music, communication, or notifications, audio is an important feature of many personal computer systems. In a new FreeBSD system, an audio card will need to be configured to process audio files and send them to the connected speakers. Our newest FreeBSD quick guide will walk through setting up and configuring audio, connecting a pair of headphones (including pairing Bluetooth models), and testing the system’s sound, all in under 10 minutes!

• Speeding up autoconf with caching - Julio Merino (jmmv.dev)

  In the recent Remembering Buildtool post, I described how setting up a cache of configuration checks was an important step in Buildtool’s installation process. The goal was to avoid pointless repetitive work on every build by performing such common checks once. Episode 457 of BSD Now featured my post and Allan Jude wondered how much time would be saved in a bulk build of all FreeBSD packages if we could just do that same kind of caching with GNU Autoconf. And, you know what? It is indeed possible to do so. I had mentioned it en passing in my post but I guess I wasn’t clear enough, so let’s elaborate!

• How To Put Linux On A Laptop

  Linux is an operating system that comes with different distributions like Ubuntu, Debian, and Arch Linux. Just like macOS and Windows, Linux is also a popular operating system that is installed on computers and laptops to manage the hardware of the respective machine and perform the different tasks requested by the users. In this guide, different ways of installing or putting the Linux operating system on a laptop have been discussed.

• What Is cURL Command and How to Use It (With Examples)

  This article explains the curl command in Linux and how to use it with examples based on best practices.