Proprietary and Security Leftovers

posted by Roy Schestowitz on Dec 23, 2022

• Linux fixes maximum-severity kernel vulnerability [Ed: Sensationalist trash from Linux-hostile media; "only systems with ksmbd enabled are vulnerable." Also not remote.]

  Most businesses running SMB servers are believed to be shielded but one expert likened potential exploits to Heartbleed

• Critical Microsoft Code-Execution Vulnerability

  But unlike EternalBlue, which could be exploited when using only the SMB, or server message block, a protocol for file and printer sharing and similar network activities, this latest vulnerability is present in a much broader range of network protocols, giving attackers more flexibility than they had when exploiting the older vulnerability.

• The Guardian newspaper [cracked] in suspected ransomware attack

  Details of the suspected ransomware attack were fittingly published today by The Guardian, which said that the “incident” began late Tuesday night U.K. time and had affected parts of the company’s technology infrastructure.

• The Guardian hit by ransomeware attack, staff told to work from home [iophk: Windows TCO]

  London, Leading UK-based newspaper The Guardian on Wednesday confirmed its systems have been hit by a "serious IT incident," which appears to be a ransomware attack.

  The publication said the cyber attack began late on Tuesday and affected parts of the company's IT infrastructure.

• How Apple could open its App Store without really opening its App Store

  Not at all. It just means that China was able to threaten Apple's shareholders in ways that the DoJ couldn't. Standing up to the Chinese government would threaten Apple's access to 350 million middle-class Chinese potential customers, and an equal number of Chinese low-waged workers who could be tapped to manufacture Apple devices under brutal labor conditions at rock-bottom prices.

• Complaint: Apple’s Part Pairing Powers Planned Obsolescence – The Week in Repair

  A complaint, brought by the French environmental group HOP (Halte à l’Obsolescence Programmé – or “Stop Planned Obsolescence) targets Apple’s practice of part serialization ( also known as “pairing”), which ties the serial numbers of discrete components and peripherals of a product to a specific phone using embedded micro-chips. The use of part pairing with frequently replace components like screens, batteries and cameras,” allows the manufacturer to limit the possibilities of repair, in particular for non-approved repairers,” HOP alleges.

• EU forces Apple to switch to USB-C by September 2024

  Apple has been using Lightning since the iPhone 5 which is quite a long while back. During that time, most Android and even Blackberry devices were using MicroUSB and later migrated to USB-C. Apple has been nothing but lightning. This is something that the EU is not happy with saying it’s inconveniencing consumers and contributing to e-waste.

• LED traffic sign in India tells drivers to ‘smoke weed everyday’

  Officials blamed the directive on a technical issue, the outlet reported, citing India Today.

• France slaps Microsoft with EUR 60m fine for placing ad cookies on users' devices "without their consent" | PC Gamer

  France's privacy watchdog has fined Microsoft 60 million euros for imposing advertising cookies on its users.

  As reported by France 24, the fine relates specifically to Microsoft's search engine Bing, which France's National Commission for Technology and Freedoms (CNIL) said was not set up to allow users to refuse cookies as simply as accepting them

  The French regulator of personal data said that when users visited Bing "cookies were deposited on their terminal without their consent, while these cookies were used, among others, for advertising purposes." CNIL added further that there was "no button allowing to refuse the deposit of cookies as easily as accepting it."