Language Selection

English French German Italian Portuguese Spanish

Security: WhatsApp, Flatpak and DNS

Filed under
Security
  • Hackers Can Take Control Of Your WhatsApp Just With A Video Call: Update Now

    Natalie Silvanovich, a Google Project Zero security researcher, has uncovered a critical security flaw in WhatsApp. The flaw could allow a notorious actor to make a video call and take complete control of your messaging application.

  • Just Answering A Video Call Could Compromise Your WhatsApp Account
  • New Website Claims Flatpak is a “Security Nightmare”

    A newly launched website is warning users about Flatpak, branding the tech a “security nightmare”.

    The ‘Flatkills.org’ web page takes aim at a number of security claims routinely associated with the fledgling Flatpak app packaging and distribution format.

  • DNS Security Still an Issue

    DNS security is a decades-old issue that shows no signs of being fully resolved. Here's a quick overview of some of the problems with proposed solutions and the best way to move forward.

    ...After many years of availability, DNSSEC has yet to attain significant adoption, even though any security expert you might ask recognizes its value. As with any public key infrastructure, DNSSEC is complicated. You must follow a lot of rules carefully, although some network services providers are trying to make things easier.

    But DNSSEC does not encrypt the communications between the DNS client and server. Using the information in your DNS requests, an attacker between you and your DNS server could determine which sites you are attempting to communicate with just by reading packets on the network.

    So despite best efforts of various Internet groups, DNS remains insecure. Too many roadblocks exist that prevent the Internet-wide adoption of a DNS security solution. But it is time to revisit the concerns.

More in Tux Machines

OSS Leftovers

  • Financial Services Embracing Open Source to Gain Edge in Innovation
    By now, it’s pretty much a cliché to say that all companies should be technology companies. But in the case of banks and financial services these days, it's true. Many finance companies are early adopters of new technologies such as blockchain, AI and Kubernetes as well as leaders in open source development. And as they seek an edge to retain customers and win new ones, they are not afraid to try new things. At the Linux Foundation's inaugural Open FinTech Forum here last week, attendees got a chance to discuss the latest state of open source adoption and the extent that open source strategies are changing financial service businesses. The fact is, banks really do have tech businesses inside of them. Capital One's DevExchange boasts several products that it has developed for internal use and also made available as open source, including the Cloud Custodian DevOps engine and the Hydrograph big data ETL tool.
  • Why the Open Source Enterprise Search Trend Will Only Accelerate
    Enterprise search has been going through a dramatic shift as of late. We've watched as some of the leaders in search, those platforms usually found in the upper right quadrant on Gartner reports, have fallen off through acquisition or from simply not keeping up with the market. But behind the scenes an even bigger shift is taking place: from proprietary kernels to core technologies based on open source projects. Some, like Lucidworks, have always been based on the open source Apache Solr project. Others, like Coveo, have joined the open source movement by offering the choice of using its traditional proprietary kernel or licensing the Coveo user experience built on top of the Elastic kernel.
  • Bentley Systems Releases Open-Source Library: iModel.js
  • Bentley Releases iModel.js Open-Source Library
    Bentley Systems, Inc., the leading global provider of comprehensive software solutions for advancing the design, construction, and operations of infrastructure, today announced the initial release of its iModel.js library, an open-source initiative to improve the accessibility, for both visualization and analytical visibility, of infrastructure digital twins. iModel.js can be used by developers and IT professionals to quickly and easily create immersive applications that connect their infrastructure digital twins with the rest of their digital world. iModel.js is the cornerstone of Bentley’s just-announced iTwin Services that combine iModelHub, reality modeling, and web-enabling software technologies within a Connected Data Environment (CDE) for infrastructure engineering.
  • Software Heritage Foundation Update

    I first wrote about the Software Heritage Foundation two years ago. It is four months since their Archive officially went live. Now Roberto di Cosmo and his collaborators have an article, and a video, entitled Building the Universal Archive of Source Code in Communications of the ACM describing their three challenges, of collection, preservation and sharing, and setting out their current status: [...]

Android Leftovers

The case for open source classifiers in AI algorithms

Dr. Carol Reiley's achievements are too long to list. She co-founded Drive.ai, a self-driving car startup that raised $50 million in its second round of funding last year. Forbes magazine named her one of "20 Incredible Women in AI," and she built intelligent robot systems as a PhD candidate at Johns Hopkins University. But when she built a voice-activated human-robot interface, her own creation couldn't recognize her voice. Dr. Reiley used Microsoft's speech recognition API to build her interface. But since the API was built mostly by young men, it hadn't been exposed to enough voice variations. After some failed attempts to lower her voice so the system would recognize her, Dr. Reiley enlisted a male graduate to lead demonstrations of her work. Read more

4 open source alternatives to Microsoft Access

When small businesses, community organizations, and similar-sized groups realize they need software to manage their data, they think first of Microsoft Access. That may be the right choice if you're already paying for a Microsoft Office subscription or don't care that it's proprietary. But it's far from your only option—whether you prefer to use open source alternatives from a philosophical standpoint or you don't have the big budget for a Microsoft Office subscription—there are several open source database applications that are worthy alternatives to proprietary software like Microsoft Access or Apple FileMaker. If that sounds like you, here are four open source database tools for your consideration. Read more