It was earlier this month when a report suggested that OnePlus is working on a new variant of its flagship device – the OnePlus 3. Even while earlier reports suggested that the phone might be called the OnePlus 3 Plus or the OnePlus 3s, but a recent post made by a OnePlus designer on Weibo suggests that the phone might be called the OnePlus 3T.
There has been no official information that OnePlus is even working on a new variant of the phone. OnePlus has said in the past that they will be launching just one flagship device in a year, but according to a GizmoChina report, the company is facing a huge backlog of OnePlus 3 orders that they have been unable to fulfill because of a shortage in supply of AMOLED displays. The report had added that the new version of the phone might feature an LCD panel display instead.
Technology experts warned for years that the millions of Internet-connected "smart" devices we use every day are weak, easily hijacked and could be turned against us.
The massive siege on Dyn, a New Hampshire-based company that monitors and routes Internet traffic, shows those ominous predictions are now a reality.
An unknown attacker intermittently knocked many popular websites offline for hours Friday, from Amazon to Twitter and Netflix to Etsy. How the breach occurred is a cautionary tale of the how the rush to make humdrum devices “smart” while sometimes leaving out crucial security can have major consequences.
Security experts have been warning for years that the growing number of unsecured Internet of Things devices would bring a wave of unprecedented and catastrophic cyber attacks. Just last month, a hacker publicly released malware code used in a record-breaking attack that hijacked 1.5 million internet-connected security cameras, refrigerators, and other so-called “smart” devices that were using default usernames and passwords.
On Friday, the shit finally hit the fan.
Fingerprints aren’t authentication.
Fingerprints are identity. They are usernames.
Fingerprints are something public, which is why it should really bother nobody with a sense of security that the FBI used them to unlock seized phones. You’re literally leaving your fingerprints on every object you touch. That makes for an abysmally awful authentication token.
Using open source software is a viable and proven method of combatting cyber-crime
It’s encouraging to read that the government understands the seriousness of the loss of $81 million dollars via the hacking of Bangladesh Bank, and that a cyber-security agency is going to be formed to prevent further disasters. Currently, information security in each government department is up to the internal IT staff of that department.
Canonical, the company behind the Ubuntu GNU/Linux distribution, has announced that it will provide a live kernel patching services for version 16.04 which was released in April.
If I asked everyone to tell me what security is, what do you do about it, and why you do it. I wouldn't get two answers that were the same. I probably wouldn't even get two that are similar. Why is this? After recording Episode 9 of the Open Source Security Podcast I co-host, I started thinking about measuring a lot. It came up in the podcast in the context of bug bounties, which get exactly what they measure. But do they measure the right things? I don't know the answer, nor does it really matter. It's just important to keep this in mind as in any system, you will get exactly what you measure.
If you have 2000 employees, 200 systems, 4 million lines of code, and 2 security people, that's clearly a disaster waiting to happen. If you have 20, there may be hope. I have no idea what the proper ratios should be, if you're willing to share ratios with me I'd love to start collecting data. As I said, I don't have scientific proof behind this, it's just something I suspect is true.
Reading Matthew Garret’s exposés of home automation IoT devices makes most engineers think “hell no!” or “over my dead body!”. However, there’s also the siren lure that the ability to program your home, or update its settings from anywhere in the world is phenomenally useful: for instance, the outside lights in my house used to depend on two timers (located about 50m from each other). They were old, loud (to the point the neighbours used to wonder what the buzzing was when they visited) and almost always wrongly set for turning the lights on at sunset. The final precipitating factor for me was the need to replace our thermostat, whose thermistor got so eccentric it started cooling in winter; so away went all the timers and their loud noises and in came a z-wave based home automation system, and the guilty pleasure of having an IoT based home automation system. Now the lights precisely and quietly turn on at sunset and off at 23:00 (adjusting themselves for daylight savings); the thermostat is accessible from my phone, meaning I can adjust it from wherever I happen to be (including Hong Kong airport when I realised I’d forgotten to set it to energy saving mode before we went on holiday). Finally, there’s waking up at 3am to realise your wife has fallen asleep over her book again and being able to turn off her reading light from your alarm clock without having to get out of bed … Automation bliss!
Microsoft Corruption, Rejections, and Struggles
This scandal covers buying Microsoft licensees for Romanian administration from 2004 to 2012 for total 228 millions USD.
During the investigation was found that more than 100 people, former ministers, mayor of Bucuresti and businessman are involved in this corruption scandal and more than 20 millions euro are paid as bribes.
Ranting about Microsoft’s unreliable, sideline tablets is not a top priority for 49ers coach Chip Kelly and quarterback Colin Kaepernick, not with a five-game losing streak in tow for Sunday’s game against the Tampa Bay Buccaneers.
But both Kelly and Kaepernick confirmed this week that they’ve experienced problems with the Microsoft Surface tablets. They’re just not as fed up with them as New England Patriots coach Bill Belichick, who’s lambasted the imperfect technology for years and finally declared this week: “I’m done with the tablets.”
Research firms like IDC and Gartner have continued to forecast contraction, not expansion, in the PC business. Only when enterprise migrations to Windows 10 kick into gear do analysts see a reversal of the industry’s historic slump. That isn’t expected to happen until next year.
Parsix GNU/Linux 8.10 "Erik" & 8.15 "Nev" Receive Latest Debian Security Updates
After releasing the first Test build of the upcoming Parsix GNU/Linux 8.15 "Nev" operating system a couple of days ago, today, October 23, 2016, the Parsix GNU/Linux development team announced the availability of new security updates for all supported Parsix GNU/Linux releases.
Parsix GNU/Linux 8.10 "Erik" is the current stable release of the Debian-based operating system, and it relies on the Debian Stable (Debian GNU/Linux 8 "Jessie") software repositories. On the other hand Parsix GNU/Linux 8.15 "Nev" is the next major version, which right now is in development, but receives the same updates as the former.