Collaborate Disseminate
Have there ever been any vulnerabilities of the following kind, especially recently, and if so, how many or how common they have been?
The vulnerability:
Must be present in the OS/distro in its default configuration and default software. … Continue reading Have there been remotely exploitable, zero-click, wormable vulnerabilities in popular Linux distros? [closed]
Two part question:
1-How do memory resident viruses stay in memory after the program which loaded them is finalized? If all memory is automatically deallocated by the OS once a program is finished, how could then the malicious code surviv… Continue reading How do memory resident viruses work?
I recently read this article by a security researcher on Linux security shortcomings. It covers things like sandboxing, root privileges, exploit mitigations, the kernel itself, etc. They seem pretty serious, but for years I’ve been told Li… Continue reading Is Linux actually insecure? [closed]
There may be billions of IoT devices in use today, but the tooling around building (and updating) the software for them still leaves a lot to be desired. Esper, which today announced that it has raised a $30 million Series B round, builds the tools to enable developers and engineers to deploy and manage fleets […] Continue reading Esper raises $30M Series B for its IoT DevOps platform
Apple just patched a MacOS vulnerability that bypassed malware checks.
The flaw is akin to a front entrance that’s barred and bolted effectively, but with a cat door at the bottom that you can easily toss a bomb through. Apple mistakenly assumed that applications will always have certain specific attributes. Owens discovered that if he made an application that was really just a script—code that tells another program what do rather than doing it itself—and didn’t include a standard application metadata file called “info.plist,” he could silently run the app on any Mac. The operating system wouldn’t even give its most basic prompt: “This is an application downloaded from the Internet. Are you sure you want to open it?”…
A lot of trust on computer systems rely on the CA certificates used to verify the authenticity of websites (typically HTTPS), so it is of utmost importance that these certificates are valid and not tampered with by suspect third parties
No… Continue reading Tools to monitor and validate locally installed CA certificates [closed]
From the earliest days of the pandemic, it was no secret that video chat was about to become a very hot space. Over the past several months investors have bankrolled a handful of video startups with specific niches, ranging from always-on office surveillance to platforms that encouraged plenty of mini calls to avoid the need […] Continue reading PingPong is a video chat app for product teams working across multiple time zones
(excluding toy, academic-only, and unmaintained)
My use-case is getting nontechnical people to have servers deployed for them, and for neither me nor them to worry about [attended] maintenance and security. Maximum of 3 binaries deployed, … Continue reading Are there any kernel’s which can upgrade without reboot? [migrated]
(excluding toy, academic-only, and unmaintained)
My use-case is getting nontechnical people to have servers deployed for them, and for neither me nor them to worry about [attended] maintenance and security. Maximum of 3 binaries deployed, … Continue reading Are there any kernel’s which can upgrade without reboot? [migrated]
Google today announced that its Chrome browser is moving to a faster release cycle by shipping a new milestone every four weeks instead of the current six-week cycle (with a bi-weekly security patch). That’s one way to hasten the singularity, I guess, but it’s worth noting that Mozilla also moved to a four-week cycle for […] Continue reading Google speeds up its release cycle for Chrome