Language Selection

English French German Italian Portuguese Spanish

Security: Updates, WordPress 5.1.1 in Debian, Threats in Devices and Facebook Downtime

Filed under
Security
  • Security updates for Thursday
  • WordPress 5.1.1

    The Debian packages for WordPress version 5.1.1 are being updated as I write this. This is a security fix for WordPress that stops comments causing a cross-site scripting bug. It’s an important one to update.

  • 25 Most Common IoT Security Threats in an Increasingly Connected World

    The Internet of Things (IoT) is growing rapidly. IoT is the connectivity of devices over the internet. It’s like a social network or an email service, but instead of connecting people, IoT actually connects smart devices which include, but not limited to your computers, smartphones, smart home appliances, automation tools, and more.

    However, similar to all types of technologies out there, IoT is a double-edged sword as well. It has its upsides, but there are serious threats that accompany this technology. As manufacturers are racing against each other to bring the latest device in the market, not many of them are thinking about the security issues associated with their IoT devices.

  • Facebook Suffers Global Outage, Claims DDoS Not the Cause

    Facebook users around the world had a singular question for much of March 13: Is Facebook down?

    As it turns out, the global social media giant and its related Instagram and WhatsApp services were in fact unavailable and down for much of the day. Some service was restored by March 14, though full global availability across all Facebook services is still intermittent. With Facebook down, the company ironically had to resort to using rival social media service Twitter to keep many of its users informed.

    "We’re aware that some people are currently having trouble accessing the Facebook family of apps," Facebook wrote in a Twitter message. "We’re working to resolve the issue as soon as possible."

    Facebook also provided minimal updates via its platform status dashboard for developers, with the first indication of trouble reported at 10:32 a.m. PT on March 13.

    "We are currently experiencing issues that may cause some API requests to take longer or fail unexpectedly," the status page reports. "We are investigating the issue and working on a resolution."

More in Tux Machines

New features in OpenStack Neutron

OpenStack is the open source cloud infrastructure software project that provides compute, storage, and networking services for bare-metal, container, and VM workloads. To get a sense of the core functionality and additional services, check out the OpenStack map. The platform has a modular architecture that works across industry segments because infrastructure operators can choose the components they need to manage their infrastructure in the way that best supports their application workloads. The modules are also pluggable to provide further flexibility and make sure they can be used with a specific storage backend or software-defined networking (SDN) controller. Neutron is an OpenStack project to provide a de-facto standard REST API to manage and configure networking services and make them available to other components such as Nova. Read more

today's leftovers

  • Full Circle Weekly News #125
  • Why Open19 Designs Matter for Edge Computing [Ed: Openwashing Microsoft without even any source code]
    On the opening day of this year's Data Center World in Phoenix, Yuval Bachar, LinkedIn's principal engineer of data center architecture, was on hand to explain why the social network's Open19 Project will be an important part of data centers' move to the edge.
  • Course Review: Applied Hardware Attacks: Rapid Prototying & Hardware Implants
    Everyone learns in different ways. While Joe is happy to provide as much help as a student needs, his general approach probably caters most to those who learn by doing. Lecture is light and most of the learning happens during the lab segments. He gives enough space that you will make mistakes and fail, but not so badly that you never accomplish your objective. If you read the lab manual carefully, you will find adequate hints to get you in the right direction. On the other hand, if you’re a student that wants to site in a classroom and listen to an instructor lecture for the entire time, you are definitely in the wrong place. If you do not work on the labs, you will get very, very, little out of the course. The rapid prototyping course is a good introduction to using the 3D printer and pcb mill for hardware purposes, and would be valuable even for those building hardware instead of breaking it. It really opened my eyes to the possibilities of these technologies. On the other hand, I suspect that the hardware implants course has limited application. It’s useful to learn what is possible, but unless you work in secure hardware design or offensive security that would use hardware implants, it’s probably not something directly applicable to your day to day.
  • Nulloy – Music Player with Waveform Progress Bar
    I’ve written a lot about multimedia software including a wide range of music players, some built with web-technologies, others using popular widget toolkits like Qt and GTK. I want to look at another music player today. You may not have heard of this one, as development stalled for a few years. But it’s still under development, and it offers some interesting features. It’s called Nulloy. The software is written in the C++ programming language, with the user interface using the Qt widget toolkit. It’s first release was back in 2011.
  • A Complete List of Google Drive Clients for Linux

Security Leftovers

SmartArt and Contributors to LibreOffice

  • SmartArt improvements in LibreOffice, part 4
    I recently dived into the SmartArt support of LibreOffice, which is the component responsible for displaying complex diagrams from PPTX. I focus on the case when only the document model and the layout constraints are given, not a pre-rendered result. First, thanks to our partner SUSE for working with Collabora to make this possible.
  • Things to know if you are a new contributor to LibreOffice code
    When I began contributing code to LibreOffice, I faced some issues because I didn't know several facts that the other active contributors knew. This blog post summarizes some of those facts, and I hope it will be useful for other new contributors!