Researchers from antivirus provider Eset said "Stegano," as they've dubbed the campaign, dates back to 2014. Beginning in early October, its unusually stealthy operators scored a major coup by getting the ads displayed on a variety of unnamed reputable news sites, each with millions of daily visitors. Borrowing from the word steganography—the practice of concealing secret messages inside a larger document that dates back to at least 440 BC—Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. While the attack code alters the tone or color of the images, the changes are almost invisible to the untrained eye.
Many network security cameras made by Sony could be taken over by hackers and infected with botnet malware if their firmware is not updated to the latest version.
Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras, mainly used by companies and government agencies given their high price.
One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on the camera, the SEC Consult researchers said in an advisory Tuesday.
After years of wrestling GnuPG with varying levels of enthusiasm, I came to the conclusion that it's just not worth it, and I'm giving up. At least on the concept of long term PGP keys.
This is not about the gpg tool itself, or about tools at all. Many already wrote about that. It's about the long term PGP key model—be it secured by Web of Trust, fingerprints or Trust on First Use—and how it failed me.
OpenSUSE Ends Support For Binary AMD Graphics Driver
Bruno Friedmann has announced the end to AMD proprietary driver fglrx support in openSUSE while also announcing they don't plan to support the hybrid proprietary AMDGPU-PRO stack either.
Friedmann wrote, "Say goodbye fglrx!, repeat after me, goodbye fglrx... [In regards to the newer AMDGPU-PRO stack] I will certainly not help proprietary crap, if I don’t have a solid base to work with, and a bit of help from their side. I wish good luck to those who want to try those drivers, I’ve got a look inside, and got a blame face."
4 open source drone projects
Over the past few years, interest in both civilian and commercial use of drones has continued to grow rapidly, and drone hardware sits at the top of many people's holiday wish lists.
Even just within the civilian side of things, the list of unmanned aerial devices which fit the moniker of drone seems to be constantly expanding. These days, the term seems to encompass everything from what is essentially a cheap, multi-bladed toy helicopter, all the way up to custom-built soaring machines with incredibly adept artificial intelligence capabilities.
With Fedora 25 out the door a couple of weeks ago, Fedora is once again moving ahead towards Fedora 26. As usual after a new release, the Fedora Elections are getting into gear. There are a fair number of seats up for election this release, across both the Fedora Engineering Steering Committee (FESCo) and the Fedora Council. The elections are one of the ways you can have an impact on the future of Fedora by nominating and voting. Nominate other community members (or self-nominate) to run for a seat in either of these leadership bodies to help lead Fedora. For this election cycle, nominations are due on December 12th, 2016, at 23:59:59 UTC. It is important to get nominations in quickly before the window closes. This article helps explain both leadership bodies and how to cast a nomination.
Endless Sky is a 2D space trading and combat game similar to Escape Velocity. The game sets you as a beginning pilot, just having made a down payment on your very first starship. You’re given a choice between a shuttle, a freighter or a fighter. Depending on what ship you choose, you will need to figure out how to earn money to outfit and eventually upgrade your ship. You can transport passengers, run cargo, mine asteroids or even hunt pirates. It’s an open-ended game that blends the top-down action of a 2D space shooter with the depth and replayability of a 4X.
I’ve known of affinity mapping, and even tried to use sticky notes to figure out some of my data in the first UX project I did. Unfortunately, as I found out at the time, analysis of the data I get in UX research doesn’t really lend itself to being done alone. Much like statistics, I suspect. I’m not at all sure how UX consultants do their analyses, given this!
Hardware giant Lenovo is banking on a future where both public and private clouds are critical in driving IT innovation, and the glue binding those hybrid environments is mostly open source technologies.
Dan Harmon, Lenovo's group director of cloud and software-defined infrastructure, encouraged solution providers attending the NexGen Cloud Conference & Expo on Wednesday to explore opportunities to engage Lenovo as its products stock the next generation of cloud data centers.
Both public and private clouds are growing rapidly and will dominate the market by 2020, Harmon told attendees of the conference produced by CRN parent The Channel Company.
Recently, we've taken note of the many organizations offering free or low cost Hadoop and Big Data training. MIT and MapR are just a couple of the players making waves in this space. Recently, Cloudera announced a catalog of online, self-paced training classes covering the company's entire portfolio of industry-standard Apache Hadoop and Apache Spark training courses. The courses, according to Cloudera, allow you to learn about the latest big data technologies "in a searchable environment anytime, anywhere."
Now, Cloudera has announced an updated lineup of training courses and performance-based certification exams for data analysts, database administrators, and developers. The expanded training offerings address the skills gap around many top open source technologies, such as Apache Impala (incubating), Apache Spark, Apache Kudu, Apache Kafka and Apache Hive.
In December 2015, the COP21 Paris Agreement saw many countries commit to reducing greenhouse gas emissions through initiatives in the land sector. In this context, emissions estimation systems will be key in ensuring these targets are met. Such solutions would not only be capable of assessing past trends but also of supporting target setting, tracking progress and helping to develop scenarios to inform policy decisions.
Blender Institute, a platform for 3D design and animation, are collaborating with Lulzbot 3D printers. This project a continuation of Lulzbot and Blender Institute’s approach to open source and aimed at enhancing collaboration. The Blender Institute in Amsterdam, the Netherlands, is an important figure in the Free and Open Source Software community (FOSS). Providing open source design tool software for 3D movies, games, and visual effects. While Lulzbot, a product line of Aleph Objects take an open source approach to hardware through their 3D printers.
Ah, yes. I remember the good old days when you had to be a real man or woman to install Linux, and the first time you tried you ended up saying something like “Help!” or maybe “Mommmmyyyyy!” Really, kids, that’s how it was. Stacks of floppies that took about 7,000 hours to download over your 16 baud connection. Times sure have changed, haven’t they?
I remember Caldera advertising that their distribution autodetected 1,500 different monitors. I wrote an article titled “Monitor Number 1501,” because it didn’t detect my monitor. And sound. Getting sound going in Linux took mighty feats of systemic administsationish strength. Mere mortals could not do it. And that’s why we had installfests: so mighty Linux he-men and she-women could come down from the top of Slackware Mountain or the Red Hat Volcano and share their godlike wisdom with us. We gladly packed up our computers and took them to the installfest location (often at a college, since many Linux-skilled people were collegians) and walked away with Linuxized computers. Praise be!
What New Is Going To Be In Ubuntu 17.04 'Zesty Zapus'
Right on the heels of Ubuntu 16.10 'Yakkety Yak' is Ubuntu 17.04 Zesty Zapus. Ubuntu 17.04 is currently scheduled for release on April 13, 2017 but know that this is only an estimate. One thing to know is that all things being equal, it is going to be released in April 2017. Ubuntu Zesty Zapus will be supported for only 9 months until January 2018 as it is not a LTS (long term support) release.