Language Selection

English French German Italian Portuguese Spanish

Proprietary Software and Security

Filed under
Microsoft
Security

  • Microsoft Sues Activation Key & Token Sellers For Enabling Customers' Piracy

    Software sold by market leaders tend to be primary purchases for regular consumers. Brand comfort is important but so too is affordability, especially when pirate copies are available for free. Some find a middle ground with purchases of discounted activation keys but, as a new Microsoft lawsuit shows, that can amount to copyright infringement for buyers and sellers alike.

  • No, you cannot trust third party code without reading it first

    For more than a decade I have been thundering against a lot of the bad practices that have permeated the software development industry, one such practice is to blindly trust code when using third party libraries, frameworks or packages. For about the same amount of time I have listened to all the reasons why time is money and we need to build something quickly, and we haven't got the time to do security or X, Y and Z. But alas, now such companies are beginning to pay the price, a very costly and extremely damaging price!

  • Database Integrity Vulnerabilities in Boeing’s Onboard Performance Tool | Pen Test Partners

    Security gaps in older, unprotected Windows desktop versions of Boeing’s Onboard Performance Tool (OPT) could make certain Electronic Flight Bags (EFB) more susceptible to attack. In particular, OPT’s use of plain text configuration files and SQLite databases, means an attacker with physical access to an EFB could modify files directly on the device.

    While the likelihood of exploiting such gaps is low given existing regulations governing the use and employment of EFBs and Crew Resource Management procedures, if data modification occurs, and the resulting miscalculations are not detected during the crew’s required cross check or verification process, an aircraft could land on a runway too short or take off at incorrect speeds potentially resulting in a tail strike or runway excursion.

    Boeing released OPT version 4.70 and issued a service bulletin to operators to enhance the application’s security features and minimize the potential for manipulating OPT data. It is important that operators employing EFB solutions, including those that contain OPT, harden their devices and implement physical access controls in accordance with relevant aviation regulations.

  • Sounding the Alarm on Emergency Alert System Flaws

    The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System — a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop to be held this weekend at the DEFCON security conference in Las Vegas, where a security researcher is slated to demonstrate multiple weaknesses in the nationwide alert system.

  • Leaked NSO Group Presentation Details Malware’s Ability To Turn On Cameras, Mics To Surveil Targets

    Israel’s foremost purveyor of malware, NSO Group, has undergone nearly a yearlong reckoning. A leak last summer appeared to show NSO customers were routinely targeting journalists, activists, members of opposition parties, and, in one case, the ex-wife of a Dubai ruler.

  • Local Simulation Feature To Be Removed From All Autodesk Fusion 360 Versions

    The removal of features from Autodesk products would appear to be turning into something of a routine at this point, with the announced removal of local simulations the latest in this series. Previously Autodesk had severely cut down the features available with a Personal Use license, but these latest changes (effective September 6) affect even paying customers, no matter which tier.

  • Ransomware attacks are hitting small businesses. These are experts' top defense tips [iophk: Windows TCO]

    However, sometimes companies struggle with understanding or feeling fully protected by those policies. According to a recent study from Blackberry and Corvus Insurance, a high percentage of companies said they would hesitate to get into business with organizations that aren't covered by cyber insurance, recognizing its importance. However, just 14 percent of small and medium-size businesses have policies that cover over $600,000, restrictions that led more than half of respondents to say they hoped for more financial assistance from the government, particularly when attacked by a nation state. Many companies said there's a lack of transparency from some firms about what is actually covered by their policies, which are constantly getting more expensive.

  • Researcher Finds Russian Cybersecurity Far Shittier Than The Mythology Suggests

    For much of the last decade, Vladimir Putin has attempted to compensate for various shortcomings (like a less sophisticated real world military) by launching cyber and propaganda attacks on much of the world. And while this, for a while, resulted in a mythology that Russia was in a league of its own when it comes to hacking and cybersecurity, the reality isn’t nearly that exciting.

More in Tux Machines

today's howtos

  • How to Change Comment Color in Vim – Fix Unreadable Blue Color

    Are you annoyed about the comment color in vim? The dark blue color of the comment is often hard to read. In this tutorial, we learn how to change the comment color in Vim. There are few methods we can use to look vim comment very readable.

  • How to Add Repository to Debian

    APT checks the health of all the packages, and dependencies of the package before installing it. APT fetches packages from one or more repositories. A repository (package source) is basically a network server. The term "package" refers to an individual file with a .deb extension that contains either all or part of an application. The normal installation comes with default repositories configured, but these contain only a few packages out of an ocean of free software available. In this tutorial, we learn how to add the package repository to Debian.

  • Making a Video of a Single Window

    I recently wanted to send someone a video of a program doing some interesting things in a single X11 window. Recording the whole desktop is easy (some readers may remember my post on Aeschylus which does just that) but it will include irrelevant (and possibly unwanted) parts of the screen, leading to unnecessarily large files. I couldn't immediately find a tool which did what I wanted on OpenBSD [1] but through a combination of xwininfo, FFmpeg, and hk I was able to put together exactly what I needed in short order. Even better, I was able to easily post-process the video to shrink its file size, speed it up, and contort it to the dimension requirements of various platforms. Here's a video straight out of the little script I put together: [...]

  • Things You Can And Can’t Do

    And it got me thinking about what you can and can’t do — what you do and don’t have control over.

  • allow-new-zones in BIND 9.16 on CentOS 8 Stream under SELinux

    We run these training systems with SELinux enabled (I wouldn’t, but my colleague likes it :-), and that’s the reason I aborted the lab: I couldn’t tell students how to solve the cause other than by disabling SELinux entirely, but there wasn’t enough time for that.

  • Will the IndieWeb Ever Become Mainstream?

    This is an interesting question, thanks for asking it, Jeremy. I do have some history with the IndieWeb, and some opinions, so let’s dive in.

    The short answer to the question is a resounding no, and it all boils down to the fact that the IndieWeb is really complicated to implement, so it will only ever appeal to developers.

  • How to Install CUPS Print Server on Ubuntu 22.04

    If your business has multiple personal computers in the network which need to print, then we need a device called a print server. Print server act intermediate between PC and printers which accept print jobs from PC and send them to respective printers. CUPS is the primary mechanism in the Unix-like operating system for printing and print services. It can allow a computer to act as a Print server. In this tutorial, we learn how to set up CUPS print server on Ubuntu 22.04.

Open Hardware: XON/XOFF and Raspberry Pi Pico

  • From XON/XOFF to Forward Incremental Search

    In the olden days of computing, software flow control with control codes XON and XOFF was a necessary feature that dumb terminals needed to support. When a terminal received more data than it could display, there needed to be a way for the terminal to tell the remote host to pause sending more data. The control code 19 was chosen for this. The control code 17 was chosen to tell the remote host to resume transmission of data.

  • Raspberry Pi Pico Used in Plug and Play System Monitor | Tom's Hardware

    Dmytro Panin is at it again, creating a teeny system monitor for his MacBook from scratch with help from our favorite microcontroller, the Raspberry Pi Pico. This plug-and-play system monitor (opens in new tab) lets him keep a close eye on resource usage without having to close any windows or launch any third-party programs. The device is Pico-powered and plugs right into the MacBook to function. It has a display screen that showcases a custom GUI featuring four bar graphs that update in real-time to show the performance of different components, including the CPU, GPU, memory, and SSD usage. It makes it possible to see how hard your PC is running at a glance.

Security Leftovers

How to Apply Accent Colour in Ubuntu Desktop

A step-by-step tutorial on how to apply accent colour in Ubuntu desktop (GNOME) with tips for Kubuntu and others. Read more