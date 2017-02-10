Language Selection

Security Leftovers

Security
  • Mirai Botnet Spreads With Help From Infected Windows Computers
  • Lovely. Now someone's ported IoT-menacing Mirai to Windows boxes

    The Mirai malware that hijacked hundreds of thousands of IoT gadgets, routers and other devices is now capable of infecting Windows systems.

  • Finding Ticketbleed

    Ticketbleed (CVE-2016-9244) is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed.

  • Cybersecurity firms pilloried by GCHQ technical director over “witchcraft”

    “we are allowing massively incentivised companies to define the public perception of the problem”.

  • Wire’s independent security review

    Ever since Wire launched end-to-end encryption and open sourced its apps one question has consistently popped up: “Is there an independent security review available?” Well, there is now!

    Kudelski Security and X41 D-Sec published a joint review of Wire’s encrypted messaging protocol implementation. They found it to have “high security, thanks to state-of-the-art cryptographic protocols and algorithms, and software engineering practices mitigating the risk of software bugs.”

  • Practical Steps for Protecting IoT Devices

    The security of IoT devices is a high priority these days, as attackers can use Distributed Denial of Service (DDoS) attacks to target them and wreak havoc on a system.

    “Due to the sheer volume of unconnected devices, it can take hours and often days to mitigate such an attack,” says Adam Englander, who is a Senior Engineer of the LaunchKey product at iovation.

  • IoT Cybersecurity Alliance Will Collaborate on Standards, Education

    A new IoT Cybersecurity Alliance formed by AT&T, IBM, Palo Alto Networks, Symantec, and Trustonic promises to help solve one of the most critical elements of the Internet of Things (IoT) — security. The group says its goal is to work on IoT security standards as well as raise awareness about the topic.

    There are numerous IoT-related associations working to promote different segments of IoT and streamline the fragmentation that exists in the industry. However, this is the first group to focus solely on security. AT&T, which was an early advocate for IoT, said it has seen a 3,198 percent increase in attackers scanning for vulnerabilities in IoT devices.

Red Hat and Fedora

today's howtos

Android Leftovers

  • Oracle refuses to accept pro-Google “fair use” verdict in API battle
    Google successfully made its case to a jury last year that its use of Java APIs in Android was "fair use." A San Francisco federal jury rejected Oracle's claim that the mobile system infringed Oracle's copyrights. But Oracle isn't backing down. Late Friday, the company appealed the high-profile verdict to a federal appeals court. This is the latest stage of a seemingly never-ending legal battle over intellectual property that began in 2010. The conflict has meandered through two federal trials, in addition to multiple trips to the appellate courts and to the Supreme Court.
  • Most Successful Launch in History. Fastest Ever to 1 Billion Dollars. Fastest EVER. Mobile Is the Magical Money-Making Machine. I am talking about Pokemon Go of course
    Lets talk Pokemon Go. Mobile is the Magical Money-Making Machine. It is LITERALLY the fastest way to make money on the planet. The richest company in human history was on the brink of bankruptcy three decades ago. Then it discovered mobile. The second most valuable company in human history was a clueless internet search engine that said quite openly, we don't know how we'll make money but we'll figure it out. They found mobile. And the fastest ever company to become one of the 5 richest in the world, was also lost in its core business struggling to make money with social media. Then it discovered mobile. The secret sauce to why Apple, Google and Facebook are so filthy rich and profitable and valuable, they don't know what to do with their money - the secret is, Mobile. Mobile is the Magical Money-Making Machine! I should know, I literally wrote the book on how this industry makes its money (15 years ago, M-Profits, my second global bestseller, was translated and into multiple printings).
  • Google hints at Assistant coming to existing Android devices
  • Why You Shouldn’t Root Your Android Phone
  • Must read: top 10 Android stories

Linux 4.10-rc8

Hey, it's another week, and I could have released the final 4.10. It's not been all that busy, although we did have a number of small last-minute regression fixes (some just reverting stuff that caused problems and needed more thought, others fixing things). But nothing out of the ordinary, and I wouldn't have felt bad about just doing the final release today. But I decided that there's also no huge overriding reason to do so (other than getting back to the usual "rc7 is the last rc" schedule, which would have been nice), and with travel coming up, I decided that I didn't really need to open the merge window. I've done merge windows during travel before, but I just prefer not to. If it was the second week of the merge window when the big bulk of stuff had been merged, that would be one thing, but that's not how the schedule turned out. Read more Also: Linux 4.10-rc8 Kernel Released, Final Pushed Out By One Week Linux Kernel 4.10 Delayed by a Week, Last Release Candidate Is Now Available

