Forwarded from Hacker News
IEEE Spectrum
Open-Source Software Is in Crisis
"The point of the open-source licenses we have is this permissionless sharing—that’s the blessing and the curse of open source. Everybody gets to use it, but it puts us precisely in this position of not being able to support that directly through the market.”
Forwarded from Hacker News
GitHub
GitHub - hengyoush/kyanos: Kyanos is a networking analysis tool using eBPF. It can visualize the time packets spend in the kernel…
Kyanos is a networking analysis tool using eBPF. It can visualize the time packets spend in the kernel, capture requests/responses, makes troubleshooting more efficient. - hengyoush/kyanos
Forwarded from Hacker News
Substack
Rich Holmes (@richholmes)
Europeans spend 575 million hours clicking on cookie banners a year.
According to a new piece of analysis at least.
The research piece also claims that clicking on cookie banners costs around 14.375 billion Euros in lost productivity.
Is privacy worth…
According to a new piece of analysis at least.
The research piece also claims that clicking on cookie banners costs around 14.375 billion Euros in lost productivity.
Is privacy worth…
Forwarded from Mishaal's Android News Feed
🔕Android 16’s notification cooldown feature will save you from notification spam
Android 16 DP1 finally brings that notification cooldown feature we first spotted in the Android 15 preview!
Here's how the new notification cooldown feature works.
Android 16 DP1 finally brings that notification cooldown feature we first spotted in the Android 15 preview!
Here's how the new notification cooldown feature works.
Android Authority
Android 16’s notification cooldown feature will save you from notification spam
Android 16 DP1 adds a feature called notification cooldown that gradually lowers the volume of successive notifications from the same app.
Forwarded from Treble GSI's | Privacy + Secure
Here's the VPN relationship map
https://embed.kumu.io/9ced55e897e74fd807be51990b26b415#vpn-company-relationships
https://embed.kumu.io/9ced55e897e74fd807be51990b26b415#vpn-company-relationships
Kumu
VPN Relationships
Mapping the relationships between VPN companies.
Brought to you by @windscribecom
Brought to you by @windscribecom
Forwarded from Treble GSI's | Privacy + Secure
■■■■■ 📹 Hackers can wirelessly watch your display by HDMI radiation.
Known side-channel attack called TEMPEST (Transient Electromagnetic Pulse Emanation Standard). It involves capturing electromagnetic signals emitted by electronic devices, including HDMI cables, and reconstructing the displayed content. https://www.pcworld.com/article/2413156/hackers-can-wirelessly-watch-your-screen-via-hdmi-radiation.html
Key points:
Poorly shielded HDMI cables can emit detectable radiation.
With specialized equipment, attackers can intercept these emissions wirelessly.
Shielded cables and secured environments significantly reduce this risk.
Forwarded from Treble GSI's | Privacy + Secure
Funded by Microsoft, Google, and Amazon, and with a mission to protect society…
https://freebsdfoundation.org/news-and-events/latest-news/freebsd-foundation-releases-bhyve-and-capsicum-security-audit-funded-by-alpha-omega-project/
“Establish an advisory committee
Ongoing support
The FreeBSD Foundation could help the FreeBSD Project with ongoing security-oriented support, operating as an advisory committee. With its ability to allocate resources outside of the typical product development processes of profit-oriented companies or beyond the inherent limitations of many contributions at the hobbyist level, this committee could build on the outcome presented by this report and push the initiative further. With the general FreeBSD community informed and aware of the importance of the security of the FreeBSD Operating System, the FreeBSD Foundation should be able to keep attracting the means necessary to sustain this effort from its own pool of donors and sponsors.
Guidance and resources
Regardless of its provenance, the advisory committee should provide the FreeBSD Project with an experienced group of developers with a security background. Their role could range from monitoring the state-of-the-art and corresponding security level of the FreeBSD Operating System and project infrastructure to disseminating the knowledge acquired to the FreeBSD developers and general community, including assistance in the auditing or development tasks relevant to the project.”
https://freebsdfoundation.org/wp-content/uploads/2024/11/2024_Code_Audit_Capsicum_Bhyve_FreeBSD_Foundation.pdf#page32
https://freebsdfoundation.org/news-and-events/latest-news/freebsd-foundation-releases-bhyve-and-capsicum-security-audit-funded-by-alpha-omega-project/
“Establish an advisory committee
Ongoing support
The FreeBSD Foundation could help the FreeBSD Project with ongoing security-oriented support, operating as an advisory committee. With its ability to allocate resources outside of the typical product development processes of profit-oriented companies or beyond the inherent limitations of many contributions at the hobbyist level, this committee could build on the outcome presented by this report and push the initiative further. With the general FreeBSD community informed and aware of the importance of the security of the FreeBSD Operating System, the FreeBSD Foundation should be able to keep attracting the means necessary to sustain this effort from its own pool of donors and sponsors.
Guidance and resources
Regardless of its provenance, the advisory committee should provide the FreeBSD Project with an experienced group of developers with a security background. Their role could range from monitoring the state-of-the-art and corresponding security level of the FreeBSD Operating System and project infrastructure to disseminating the knowledge acquired to the FreeBSD developers and general community, including assistance in the auditing or development tasks relevant to the project.”
https://freebsdfoundation.org/wp-content/uploads/2024/11/2024_Code_Audit_Capsicum_Bhyve_FreeBSD_Foundation.pdf#page32
FreeBSD Foundation | A non-profit organization dedicated to supporting and building the FreeBSD Project
FreeBSD Foundation Releases Bhyve and Capsicum Security Audit Funded by Alpha-Omega Project | FreeBSD Foundation
November 18, 2024 – Boulder, CO – The FreeBSD Foundation, in collaboration with the Alpha-Omega Project, has released the findings of a comprehensive security audit report conducted by offensive security firm Synacktiv. This audit, covering two critical FreeBSD…
Forwarded from It's FOSS
Looking to try Hyprland? Check out this easy guide to get started!
https://itsfoss.com/install-hyprland/
https://itsfoss.com/install-hyprland/
It's FOSS
Installing the Much Hyped Hyprland on Linux
Let's get on the "hyp" wagon by installing Hyprland on your Linux system.
Forwarded from It's FOSS
What is benchmarking in Linux? Discover why system performance checks matter.
https://itsfoss.com/benchmark-tools-linux/
https://itsfoss.com/benchmark-tools-linux/
It's FOSS
Benchmarking Your Linux System: What, Why and How
It is easy to benchmark your Linux system, you just need the right tools. We tell you about those here.
Forwarded from The Hacker News
🔒 Decade-old vulnerabilities in Ubuntu Server’s needrestart package allow local attackers to gain root privileges with no user interaction.
If you’re using Ubuntu Server, these vulnerabilities could give attackers complete control over your system.
Learn more about how these flaws work: https://thehackernews.com/2024/11/decades-old-security-vulnerabilities.html
If you’re using Ubuntu Server, these vulnerabilities could give attackers complete control over your system.
Learn more about how these flaws work: https://thehackernews.com/2024/11/decades-old-security-vulnerabilities.html
Forwarded from The Hacker News
The ANY.RUN sandbox now lets you automatically detonate the latest multi-stage malware and phishing attacks.
Stages may include email attachments, URLs in QRs, rewritten links, redirects, etc.
See how it works and try it yourself ⬇️ https://thn.news/automated-interactivity-stage-tel
Stages may include email attachments, URLs in QRs, rewritten links, redirects, etc.
See how it works and try it yourself ⬇️ https://thn.news/automated-interactivity-stage-tel
ANY.RUN's Cybersecurity Blog
Automated Interactivity: Stage 2 - ANY.RUN's Cybersecurity Blog
See how the ANYRUN sandbox automatically detonates common cyber attack chains without any user involvement, including via API.
Forwarded from The Hacker News
By 2025, Non-human identities (NHIs) will be the prime vector for cyberattacks.
As automation, AI, and IoT grow, so does the attack surface. Attackers exploit NHIs to breach systems before traditional defenses can react.
Discover how NHIDR can proactively detect and stop attacks in their tracks.
Read the full article: https://thehackernews.com/2024/11/nhis-are-future-of-cybersecurity-meet.html
As automation, AI, and IoT grow, so does the attack surface. Attackers exploit NHIs to breach systems before traditional defenses can react.
Discover how NHIDR can proactively detect and stop attacks in their tracks.
Read the full article: https://thehackernews.com/2024/11/nhis-are-future-of-cybersecurity-meet.html
Forwarded from The Hacker News
🚨 WATCH OUT! Cybercriminals have unlocked a terrifying new cash-out method, using NFC technology and exploiting Google Pay and Apple Pay to steal funds from your 💳 digital wallet – no phone required.
A new technique called Ghost Tap relays NFC traffic between devices, allowing criminals to cash out in different countries, undetected.
Learn how this attack works: https://thehackernews.com/2024/11/ghost-tap-hackers-exploiting-nfcgate-to.html
A new technique called Ghost Tap relays NFC traffic between devices, allowing criminals to cash out in different countries, undetected.
Learn how this attack works: https://thehackernews.com/2024/11/ghost-tap-hackers-exploiting-nfcgate-to.html