Underscoring just how hard it is to design secure cryptographic software, academic researchers recently uncovered a potentially serious weakness in an early version of the code library protecting Amazon Web Services.
Ironically, s2n, as Amazon's transport layer security implementation is called, was intended to be a simpler, more secure way to encrypt and authenticate Web sessions. Where the OpenSSL library requires more than 70,000 lines of code to execute the highly complex TLS standard, s2n—short for signal to noise—has just 6,000 lines. Amazon hailed the brevity as a key security feature when unveiling s2n in June. What's more, Amazon said the new code had already passed three external security evaluations and penetration tests.
Social engineering is one of the most powerful tools in the hacker's arsenal and it generally plays a part in most of the major security breaches we hear about today. However, there is a common misconception around the role social engineering plays in attacks.
Malicious attacks on shoppers increased 40% on Cyber Monday in 2013 and 2014, according to EnigmaSoftware.com, an anti-malware and spyware company, compared to the average number of attacks on days during the month prior. Other cybersecurity software providers have identified the December holiday shopping season as the most dangerous time of year to make online purchases.
“The attackers know that there are more people online, so there will be more attacks,” said Christopher Budd, Trend Micro’s global threat communications manager. “Cyber Monday is not a one-day thing, it’s the beginning of a sustained focus on attacks that go after people in the holiday shopping season.”
At DockerCon EU 2015, VMware made available their Photon Controller as an open source product via the organisation’s GitHub account. Photon Controller is a component within VMware’s Photon platform, which is designed as an infrastructure stack optimised for ‘container and cloud’ workloads. The virtualisation platform offers an 'API-first' user experience, a scalable control plane, and native container support via frameworks such as Kubernetes, Docker Swarm or Mesos.
Android 4.1+: Doze is one of the best new features in Android Marshmallow, which stops apps from using the network when your phone is idle. But if your phone still doesn’t have Marhsmallow, this app will bring the feature to older phones.
Tracking and managing stock is one of the most important tasks of any business dealing with physical goods. Thankfully, today’s apps and mobile technology are making it much easier for small businesses to take control of their inventory. Plenty of inventory management software for Android is now available on the Google Play store, and the power of these apps is improving all the time.
It's Black Friday, the time of the year for the biggest deals in the US. We've found great deals for electronics you can get shipped, and some Indian e-commerce sites are also offering Thanksgiving deals, but you can get great deals on digital goods as well. If you're an Android user, then check out Google's Cyber Weekend deals, and you'll find great discounts on both apps and games.
Thanks for all the valuable feedback on the first public beta of my Slackware Live Edition. It allowed me to fix quite a few bugs in the Live scripts (thanks again!), add new functionality (requested by you or from my own TODO) and I took the opportunity to fix the packages in my Plasma 5 repository so that its Live Edition should actually work now.
There was still some work to do about my Plasma 5 package repository. The recent updates in slackware-current broke several packages that were still linking to older (and no longer present) libraries which were part of the icu4c and udev packages.