May 13, 2020
by sjvn01
0 comments
Sudo is one of the most powerful and dangerous tools in the Unix or Linux system administrator’s toolbox. With it, an ordinary user can run commands just as if he or she were the superuser or any other user. Now, One Identity, the company behind the utility, has released a new version of sudo, called sudo 1.9, which gives it better auditing, logging, and security than ever before.
May 12, 2020
by sjvn01
0 comments
Open source rules. Everyone from Apple to Microsoft to Zoom uses it. Don’t believe me? Synopsys, a software and silicon design company, which also covers intellectual property, reported in its 2020 Open Source Security and Risk Analysis (OSSRA) report that nearly all (99%) of audited codebases contained at least one open-source component. That’s good news. The bad news is 91% of the codebases containing components were either more than four years out of date or had seen no development activity in the last two years.
Out-of-date, insecure open-source software is everywhere More>
May 12, 2020
by sjvn01
0 comments
Ten years ago, Oracle, desperate to monetize its failed Sun purchase, sued Google to squeeze profits out of its use of Java APIs in Android. Oracle won its point — that application programming interfaces (APIs) were subject to copyright. More recently, Google got the Supreme Court of the US (SCOTUS) to reconsider Oracle’s court victory. But the case, which should have gone to court this spring, has been yet again delayed, but not because of the coronavirus. University of South Carolina Intellectual property (IP) law professor Ned Snow pointed out the federal circuit court’s ruling, which had awarded victory to Oracle, violated the Constitution’s Seventh Amendment.
May 11, 2020
by sjvn01
0 comments
We used to think of computer security troubles as being pretty much exclusively software problems. Things have changed. In 2014, Carnegie Mellon University students found that, in theory, just by reading and closing data stored on one row of memory cells over and over again at high speeds, you could alter data stored in nearby memory rows. Then, in 2015, Google Project Zero researchers showed not just one, but two ways this “rowhammer” attack could gain read-write access to a laptop’s memory.
May 8, 2020
by sjvn01
0 comments
According to a Bloomberg report, Sundar Pichai, Google’s CEO, told Google employees on Thursday to be ready to work remotely through October and possibly to the end of the year. Actually, a Google spokeswoman said most Google workers are expected to work from home until 2021.
So, life’s going back to normal? Not at this tech giant.
Google expects its staff to work from home until 2021 and it’s not alone More>
May 8, 2020
by sjvn01
0 comments
Recently, President Donald Trump signed an executive order to protect the US electricity grid from cyber attacks by blocking power-equipment imports from “foreign adversaries.” Presumably, that includes Russia, Iran, and — most important of all — China. There’s only one problem with that: The vast majority of high-end electrical equipment is built outside of the US.
The best way to protect the US electrical grid is with open source More>