The Linux operating system is seldom targeted, but it can happen, and whether to play it safe by using anti-virus and anti-malware software is a judgment call, Patrick Marshall writes. He also answers questions about emails that fail to arrive and Windows 10 installation.
This is yet another reason why sanitizing OpenAuth or other token urls to the minimal allowed to resolve (the hostname) is good practice.
So exactly what is the issue at hand?
Well LastPass as with most password managers that in some way connect to a sync or cloud mechanism, uses a cookie of sorts on all sites you setup with autofill ( no typing needed, great defense against keyloggers), however the issue is that the parser to determine if such a site is accessed / logged in leaves cleartext tokens in the url and takes a malformed url as username:password @ foo.tld i.e. firstname.lastname@example.org which allows an attacker on a machine that is logged in (without 2fa –more on this later) to spill the beans about all passwords in 2 ways.
The Aquaris M10 is very much a first attempt for BQ and you would expect future iterations to have some significant improvements. It’s also hard to find compelling reasons why iOS or Android fans would want to switch over to an Ubuntu tablet, but those familiar with the operating system should be excited to finally have their needs met in the tablet market.
One positive factor is that switching between tablet and desktop mode works very well for the most part, so can definitely fulfill professional needs as much as casual ones. This could be a viable option for someone who wants that flexibility and isn’t too fussed about some of the more superficial features.