Security Leftovers
-
Security Experts Ask UK Government To Roll Back Old Computer Abuse Law That Harms Security Research
The US government passed the Computer Fraud and Abuse Act in 1986, years before computers became something everyone had at home and carried around in their pockets every day. The CFAA had a purpose, but its value declined as computing advanced. The abuse it was written to address tended to take a backseat to abuses of the law by prosecutors and private companies to punish people for discovering security flaws or using technology in ways some people never expected.
-
Security updates for Wednesday [LWN.net]
Security updates have been issued by Fedora (libconfuse, moodle, rizin, and thunderbird), Oracle (ELS kernel, gnupg2, ruby, and webkit2gtk3), Red Hat (booth, dbus-broker, gnupg2, kernel, kernel-rt, kpatch-patch, mysql, nodejs, nodejs-nodemon, ruby, and webkit2gtk3), Slackware (expat and mozilla), SUSE (kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container and vsftpd), and Ubuntu (bind9, ghostscript, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-kvm, linux-lowlatency, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, lnux-hwe, inux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux-hwe-5.15, linux-lowlatency-hwe-5.15, and mako).
-
'I Don't Care About Cookies' extension sold to Avast
The lone developer of anti-cookie-warning browser add-on "I Don't Care About Cookies" has sold it to Avast, resulting in both concern – and new forks.
Web users the world over have been suffering under the well-intentioned but ill-advised EU cookie law for a decade now. As a result, websites pester with warnings to get us to consent to cookies, and if you don't consent, they have no way to record that fact and so pester you every visit.
Enter I don't care about cookies, a handy browser extension by Croatian developer Daniel Kladnik. IDCAC, available for pretty much every web browser out there, automatically dismisses cookie warnings. You can tweak its settings if you want, but it automatically accepts the minimal cookies for the site to work.
-
Shikitega: New Malware Program Targeting Linux - The New Stack
Of course, you may not even know there’s such a minute file hiding inside a larger package. So, just like with Windows, be sure you know what’s in every package and where it came from before installing it.
[...]
So, how do you keep from getting a base case of Shikitega? Simple. Just to the basics, of installing security patches, keeping backups, and never installing unknown programs.