Language Selection

English French German Italian Portuguese Spanish

Proprietary Software Abuse and Security Woes

Filed under
Software

  • [Attackers] eye students returning to virtual classes as easy targets

                 

                   

    Erik Decker, the chief security and privacy officer at University of Chicago Medicine, said during the Proofpoint event that individuals at his institution had been targeted by “weaponized” coronavirus-themed phishing emails, particularly those aimed at stealing credentials or installing malware.

  • Experian breach affects over 24 million customers and businesses in South Africa

    Consumer credit reporting agency Experian has suffered a data breach at their South African branch. The Experian data breach didn’t expose consumer credit or financial information, but other personal information which could be used in phishing attempts were definitely exposed. Experian noted in a statement that they fell victim to a social engineering attack where the attacker claimed to be a client and successfully received the information with a simple request. The statement detailed:

  • Apple Blocks WordPress Updates to Force IAP Support
  • Apple Blocked Updates to Free WordPress App Until It Added In-App Purchases: Matt Mullenweg

    WordPress for iOS finally received a new update yesterday (August 21) after a period of almost a month. Turns out, the Automattic team that runs the app as well as popular WordPress.com blogging service was blocked by Apple from pushing new app updates as it was not offering an in-app purchase option for WordPress.com’s paid plans and domain purchases, the company’s founder and CEO Matt Mullenweg has revealed. The presence of in-app purchases in the WordPress app would allow Apple to take up to 30 percent cut of all revenue that the app generates using the in-app purchases.

  • WordPress founder claims Apple cut off updates to his completely free app because it wants 30 percent

    Now, WordPress founding developer Matt Mullenweg is accusing Apple of cutting off the ability to update that app — until or unless he adds in-app purchases so the most valuable company in the world can extract its 30 percent cut of the money.

  • Apple tells court it "wants Epic on iOS" but Fortnite "hotfix" turned into Epic Games' "hot mess": response to motion for emergency relief

    With respect to Epic's claim of suffering irreparable harm unless the court grants its motion, Apple's opposition brief is consistent with a statement it provided to The Verge a few days ago. The term "status quo" plays a central role here. The purpose of temporary relief is to prevent a party from changing a situation to the moving party's detriment in the absence of an injunction (a TRO is the fastest injunction, even more preliminary than what is called a preliminary injunction). Apple explains to the court that Epic's perspective on the status quo is, in reality, something else: the status quo would be for Epic to simply comply with Apple's App Store terms and policies, and with its developer agreement, while its antitrust complaint challenging those terms is pending. If, however, the court granted Epic's motion, it would allow Epic to get away with a breach of its contractual obligations. The requested TRO would not preserve the status quo. It would force Apple to modify its long-standing App Store terms.

    Another key term--in connection with any type of injunction--is "irreparable harm." Epic's motion for a TRO argued that the unavailability of Fortnite on the App Store and, as a further consequence of Epic's non-compliance, the termination of its developer agreement (which would prevent Epic from using Apple's developer tools in the further development not only of Epic's games but also of its Unreal Engine) would constitute irreparable harm. Apple's opposition brief dismisses that theory and distinguishes between irreparable harm on the one hand and "self-inflicted wounds" on the other hand. The Ninth Circuit, which is the appeals court for (among many others) the Northern District of California, stated earlier this year that "self-inflicted wounds are not irreparable injury," quoting earlier decisions in this circuit and in the Seventh Circuit.

  • Apple says Epic is ‘putting the entire App Store model at risk’

    In a declaration to the court, Apple executive Phil Schiller wrote that Epic CEO Tim Sweeney asked for a “special deal with only Epic” that would “fundamentally change the way in which Epic offers apps on Apple’s iOS platform.” When Apple declined, Epic changed its policies to cut Apple out of in-app purchases. Now, the company argues that Epic’s ban is its own responsibility.

  • Xcode becomes vector for new Mac malware attack

    We’ve seen a similar attack before. The so-called "XCode Ghost" was a malware-infested version of Apple’s developer environment that was distributed outside of Apple’s channels. Apps built using the software were preinstalled with malware.

    While security researchers were rightly concerned about XCode Ghost, the problem was quickly curtailed as Apple used the moment to stress the need to download critical files only from bona fide App Stores. It is much easier to subvert systems via poorly secured third-party app stores, and security is part of what we pay for when we purchase an app.

  • Software Firms Gear Up to Reveal Books Ahead of Busy IPO Season

    Software listings remain a sweet spot within the technology sector, which has fared better than any other through the coronavirus pandemic this year. The 18 companies in the space that have gone public on U.S. exchanges this year have climbed about 91% since their debut on a weighted-average basis, according to data compiled by Bloomberg. Overall, newly listed companies excluding blank-check firms and real estate investment trusts have risen only 52% since their IPOs, the data show.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.