Miscellaneous Tech News
-
https://www.itnews.com.au/news/aussie-broadband-pauses-ipv6-trial-due-to-cisco-bug-534851
The internet provider said it had been forced to pause the trial after a patch released by Cisco for the bug contained a new bug that then caused an unrelated issue.
...the ASRs are currently impacted by a firmware bug that “causes the DHCP [Dynamic Host Configuration Protocol] process on the routers to crash, so customers are not able to reauthenticate,” Aussie Broadband said in a customer advisory.
...
The bug has official recognition from Cisco - and is one of five that Aussie Broadband has uncovered in Cisco code over the past 18 months “that have not been discovered previously”. -
New crypto-cracking record reached, with less help than usual from Moore’s Law
795-bit factoring and discrete logarithms achieved using more efficient algorithms.
Researchers have reached a new milestone in the annals of cryptography with the factoring of the largest RSA key size ever computed and a matching computation of the largest-ever integer discrete logarithm. New records of this type occur regularly as the performance of computer hardware increases over time. The records announced on Monday evening are more significant because they were achieved considerably faster than hardware improvements alone would predict, thanks to enhancements in software used and the algorithms it implemented. Many public-key encryption algorithms rely on extremely large numbers that are the product of two prime numbers. Other encryption algorithms base their security on the difficulty of solving certain discrete logarithm problems. With sufficiently big enough key sizes, there is no known way to crack the encryption they provide. The factoring of the large numbers and the computing of a discrete logarithm defeat the cryptographic assurances for a given key size and force users to ratchet up the number of bits of entropy it uses. -
Elementary OS 5.1 Hera
https://www.omgubuntu.co.uk/2019/12/elementary-os-5-1-hera-release -
HackerOne breach lets outside hacker read customers’ private bug reports
Company security analyst sent session cookie allowing account take-over.
As a leading vulnerability reporting platform, HackerOne has paid hackers more than $23 million on behalf of more than 100 customers, including Twitter, Slack, and the US Pentagon. The company’s position also gives it access to unimaginable amounts of sensitive data. Now, the company has paid a $20,000 bounty out of its own pocket after accidentally giving an outside hacker the ability to read and modify some customer bug reports. The outsider—a HackerOne community member who had a proven track record of finding and privately reporting vulnerabilities through the platform—had been communicating late last month with one of the company’s security analysts. In one message, the HackerOne analyst sent the community member parts of a cURL command that mistakenly included a valid session cookie that gave anyone with possession of it the ability to read and partially modify data the analyst had access to. -
5G on the horizon: here’s what it is and what’s coming
5G is many things—but the most interesting part is what it will eventually become.
The long-touted fifth generation of wireless communications is not magic. We’re sorry if unending hype over the world-changing possibilities of 5G has led you to expect otherwise. But the next generation in mobile broadband will still have to obey the current generation of the laws of physics that govern how far a signal can travel when sent in particular wavelengths of the radio spectrum and how much data it can carry. For some of us, the results will yield the billions of bits per second in throughput that figure in many 5G sales pitches, going back to early specifications for this standard. For everybody else, 5G will more likely deliver a pleasant and appreciated upgrade rather than a bandwidth renaissance. -
-
-
@Danp said in Miscellaneous Tech News:
That article keeps jumping between them being web hosts or VPS hosts. They might be both, but the author is acting like the two are the same thing, which they are not at all.
-
@scottalanmiller said in Miscellaneous Tech News:
@Danp said in Miscellaneous Tech News:
That article keeps jumping between them being web hosts or VPS hosts. They might be both, but the author is acting like the two are the same thing, which they are not at all.
Sounds like both. I mean if you are going to run a scam, why limit yourself?
Related Note: This is why you don't scrape the bottom of the price barrel when looking at providers.
-
@JaredBusch said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@Danp said in Miscellaneous Tech News:
That article keeps jumping between them being web hosts or VPS hosts. They might be both, but the author is acting like the two are the same thing, which they are not at all.
Sounds like both. I mean if you are going to run a scam, why limit yourself?
Related Note: This is why you don't scrape the bottom of the price barrel when looking at providers.
And use ones no one has ever heard of.
-
For those on the beta channel, NextCloud 18 is available!
-
@scottalanmiller said in Miscellaneous Tech News:
For those on the beta channel, NextCloud 18 is available!
What are the highlight features for Nextcloud 18?
-
@black3dynamite said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
For those on the beta channel, NextCloud 18 is available!
What are the highlight features for Nextcloud 18?
Haven't been able to find them yet.
-
Amazon: Trump used “improper pressure” to block AWS from DOD cloud contract
Trump said "screw Amazon" and used contract as political weapon against Bezos, suit claims.
In a redacted filing released today by the US Federal Court of Claims, attorneys for Amazon asserted that Amazon Web Service's loss of the Department of Defense Joint Enterprise Defense Infrastructure (JEDI) cloud computing contract to Microsoft's Azure was the result of "improper pressure from President Donald J. Trump, who launched repeated public and behind-the-scenes attacks to steer the JEDI Contract away from AWS to harm his perceived political enemy—Jeffrey P. Bezos, founder and CEO of AWS' parent company, Amazon.com, Inc. ("Amazon"), and owner of the Washington Post." -
Phishing, pyramid schemes and more: 4 scams to avoid this holiday shopping season
Pyramid schemes disguised as gift exchanges, virtual card skimmers and other digital traps are set and waiting for you when you shop online.
Between Thanksgiving and the New Year, consumers are estimated to spend a staggering $143 billion, according to Adobe Analytics. All that money changing hands means that, now more than ever, cybercriminals will be targeting both you and the online retailers you trust. Some hackers, like those who struck Macy's in October, infect merchants' websites directly with identity-stealing malware. Far more scams, however, try to lure you away from legitimate sellers to malicious sites or apps that often spoof familiar retailers like Amazon, Best Buy or Walmart. Recent research from RiskIQ lists nearly 1,000 apps using holiday-related terms that the security company deemed malicious, as well as over 6,000 apps infringing on copyrighted names and slogans from popular retailers to fool you into giving up your credit card number. RiskIQ also identified 65 fraudulent websites posing as popular retailers. -
https://fpn.firefox.com/
Take the next step to protect your privacy inside FireFox.How you connect to the internet is as important to your privacy as your choice of browser. Secure your network connection with Firefox Private Network.
-
@Dashrender said in Miscellaneous Tech News:
https://fpn.firefox.com/
Take the next step to protect your privacy inside FireFox.How you connect to the internet is as important to your privacy as your choice of browser. Secure your network connection with Firefox Private Network.
Useless.
-
Just because there is a paid option, doesn't make it useless, just less useful.
And the current free version is only good for 12 hours per month.
/sigh... if only we had protections to make carriers be carriers only, and not data brokers as well.
-
@Dashrender said in Miscellaneous Tech News:
Just because there is a paid option, doesn't make it useless, just less useful.
And the current free version is only good for 12 hours per month.
/sigh... if only we had protections to make carriers be carriers only, and not data brokers as well.
I pay for a service now. That is not the issue. The issue is it is all or nothing.
I do not want that. That is why I use the service I use now. When I want it, I enable it.
They also offer SOCKS proxy so I can have specific things using that instead of my entire PC or network.
-
@JaredBusch said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
Just because there is a paid option, doesn't make it useless, just less useful.
And the current free version is only good for 12 hours per month.
/sigh... if only we had protections to make carriers be carriers only, and not data brokers as well.
I pay for a service now. That is not the issue. The issue is it is all or nothing.
I do not want that. That is why I use the service I use now. When I want it, I enable it.
They also offer SOCKS proxy so I can have specific things using that instead of my entire PC or network.
Ok, perhaps for you it's closer or fully useless, but for the average person - OMG who am I kidding, the average person will never use this or even know about it.