178250776
submission
rastos1 writes:
U.S. Embassies in countries around the world, have following on their website:
Notice: Effective immediately, all individuals applying for an F, M, or J nonimmigrant visa are requested to adjust the privacy settings on all of their social media accounts to ‘public’ to facilitate vetting necessary to establish their identity and admissibility to the United States under U.S. law.
177033951
submission
rastos1 writes:
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry.
175669959
submission
rastos1 writes:
Executive Director of Let's encrypt:
Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before — short-lived certificates. Specifically, certificates with a lifetime of six days. This is a big upgrade for the security of the TLS ecosystem because it minimizes exposure time during a key compromise event.
146557038
submission
rastos1 writes:
As it is now known, the freenode IRC network has been taken over by a Trumpian wannabe korean royalty bitcoins millionaire. To make a long story short, the former freenode head of staff secretly "sold" the network to this person even if it was not hers to sell, and our lawyers have advised us that there is not much that we can do about it without some of us risking financial ruin. Fuck you Christel, lilo's life work did not deserve this.
What you knew as freenode after 12:00 UTC of May 19 will be managed by different people.
136822178
submission
rastos1 writes:
The UK health secretary Matt Hancock has said a technical glitch that saw nearly 16,000 Covid-19 cases go unreported in England "should never have happened". The error meant that although those who tested positive were told about their results, their close contacts were not traced.
The technical error was caused by some Microsoft Excel data files exceeding the maximum size, and issues in the transfer of data between NHS Test and Trace and Public Health England.
135970754
submission
rastos1 writes:
Starting with Windows Insiders preview build 20211, WSL 2 will be offering a new feature: wsl --mount. This new parameter allows a physical disk to be attached and mounted inside WSL 2, which enables you to access filesystems that aren’t natively supported by Windows (such as ext4).
125278764
submission
rastos1 writes:
The 40th Root Key Signing Key Ceremony, originally scheduled for 12 February 2020 at 2100 UTC in El Segundo, California, is being postponed.
During routine administrative maintenance of our Key Management Facility on 11 February, we identified an equipment malfunction that will prevent us from successfully conducting the ceremony as originally scheduled. The issue disables access to one of the secure safes that contains material for the ceremony.
109831348
submission
rastos1 writes:
I work for a mid-size software company that develops CAD-CAM software for textile industry for many decades. Last weekend Sectigo (formerly known as COMODO until late 2018) revoked code signing certificate that our company bought in the beginning of 2018 from Sectigo reseller and used to sign all our SW products. On Monday morning we woke up to phones ringing from confused customers unable to launch our software. This has hit mostly Java applications launched from a web page because JRE checks the signature by default using OCSP. But also traditional executables and shared libraries would report invalid signature upon checking. We reached to Sectigo but for half a day we could not get any feedback. Later we got information that some malware was signed with our certificate. 2 days, many e-mails and phone calls later we understand that this is what happened: someone submitted one of our executables to virustotal.com — site that runs ~70 antivirus programs on submitted files and reports back whether they flag the uploaded file. 5 of antivirus packages flagged our executable. We tracked down the version and we positively know it was a false positive. There is random guy that wrote a tool that creates a monthly report of files flagged at Virustotal. Sectigo found the report, and, according to their statement, revoked all certificates used to sign executables flagged by some antivirus causing major disruption to us and downtime for our customers. We buy certificates from COMODO/Sectigo for more than a decade, but there was no attempt to contact us and clarify the situation.
How do you prepare and deal with such scenario? Did you know how little it takes to get your certificate revoked?
93969909
submission
rastos1 writes:
Oracle today announced the general availability of Java SE 9 (JDK 9), Java Platform Enterprise Edition 8 (Java EE 8) and the Java EE 8 Software Development Kit (SDK). JDK 9 is a production-ready implementation of the Java SE 9 Platform Specification, which was recently approved together with Java EE 8 in the Java Community Process (JCP). Java SE 9 provides more than 150 new features, including a new module system and improvements that bring more scalability, improved security, better performance management and easier development to the world’s most popular programming platform.
85922967
submission
rastos1 writes:
British Airways told customers that some flights were cancelled on Monday "due to operational reasons". The airline apologized to customers, saying its IT teams were "working to resolve this issue". ... a professional poker player from London, told the BBC she had queued for a flight in Las Vegas for two and a half hours. "My boarding pass was filled out by hand. Even had a hand-written hand baggage label. Staff were updating us well — The staff... were excellent. The pilot said the delays were due to a computer glitch and apologized profusely."
82353481
submission
rastos1 writes:
Romania’s high court of cessation and justice on Thursday jailed the former telecommunications minister, Gabriel Sandu, for two years for money laundering, abuse of office and bribery involving the lease of Microsoft IT licenses for schools. Prosecutors said there was manifest corruption in the contract worth 105 million US dollars, which was to supply Microsoft Office licenses to schools and other public institutions between 2004 and 2009.
The anticorruption prosecutors said the four men got millions of euros in bribes from representatives of a company that was distributing Microsoft licenses. This firm was controlled by Claudiu Florica. He had got a 65 percent discount for the licenses from Microsoft, but the state paid full the full price. The price difference was used to pay various public sector officials.
74260381
submission
rastos1 writes:
It started as a passion project in April for 18-year-old James Yoder, an alum of FIRST Robotics, the high school robotics competition. He wanted to learn more about 3D graphics programming and WebGL, a JavaScript API. It’s stuffin.space, a real-time, 3D-visualized map of all objects looping around Earth, from satellites to orbital trash. In total, stuffin.space tracks 150,000 objects. Type in a satellite name to scope out its altitude, figure out its age, group satellites by type, and so on.
66900815
submission
rastos1 writes:
Four years ago Jim Sanborn, the sculptor who created the wavy metal pane called Kryptos that sits in front of the CIA in Langley revealed a clue for breaking the last remaining part of the encrypted message on Kryptos. The clue was: BERLIN.
But the puzzle resisted all all decryption efforts and is still unsolved.
To honor the 25th anniversary of the Wall’s demise and the artist’s 69th birthday this year, Sanborn has decided to reveal a new clue to help solve his iconic and enigmatic artwork. It’s only the second hint he’s released since the sculpture was unveiled in 1990 and may finally help unlock the fourth and final section of the encrypted sculpture, which frustrated sleuths have been struggling to crack for more than two decades. The next word in the sequence is: “clock”.
65333939
submission
rastos1 writes:
In a recent blog, software developer Bruce Dawson pointed out some issues with the way the FSIN instruction is described in the “Intel® 64 and IA-32 Architectures Software Developer’s Manual.”, noting that the result of FSIN can be very inaccurate in some cases, if compared to the exact mathematical value of the sine function.
Bruce Dawson says: I was shocked when I discovered this. Both the fsin instruction and Intel’s documentation are hugely inaccurate, and the inaccurate documentation has led to poor decisions being made. ... Intel has known for years that these instructions are not as accurate as promised. They are now making updates to their documentation. Updating the instruction is not a realistic option.
Intel processors had a problem with math in past
65108029
submission
rastos1 writes:
A law has come into effect that permits UK citizens to make copies of CDs, MP3s, DVDs, Blu-rays and e-books. Consumers are allowed to keep the duplicates on local storage or in the cloud.
While it is legal to make back-ups for personal use, it remains an offence to share the data with friends or family. Users are not allowed to make recordings of streamed music or video from Spotify and Netflix, even if they subscribe to the services.
Thirteen years after iTunes launched, it is now legal to use it to rip CDs in the UK.
