"Security hardening for GitHub Actions"
You can watch it on #PeerTube thanks to @documentaries here:
Or just torrent it, as the GCBC creators suggest themselves.
One of the best moments is when an MPAA chief talks about how people won't share things for free, and you watch it in a film explicitly made to be shared on a FLOSS operating system using VLC.
We need #copyreform.
"The Surprising Impact of Medium-Size Texts on PostgreSQL Performance"
"GitHub Gist - Account takeover via open redirect"
"The Zerologon vulnerability has been reported to affect some versions of QTS.
If exploited, this elevation of privilege vulnerability allows remote attackers to bypass security measures via a compromised QTS device on the network. The NAS may be exposed to this vulnerability if users have configured the device as a domain controller..."
"Discord Desktop app RCE "
"Chrome exempts Google sites from user site data settings"
Is anyone surprised?
Three npm packages found opening shells on Linux, Windows systems:
The packages are plutov-slack-client, nodetest199, and nodetest1010.
npm security team: "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer."
"Not all attacks are equal: understanding and preventing DoS in web applications"
Plasma 5.20 is out 😊
A massive release, containing improvements to dozens of components, widgets, and the desktop behavior in general.
"Spotify: happy to let you move playlists to their service, unwilling to let you move them from their service."
🤷♂️ so open
"Google’s Android Security & Privacy team has launched the Android Partner Vulnerability Initiative (APVI) to manage security issues specific to Android OEMs."
Don't let the European Commission risk Internet users' rights in an untested experiment. https://www.eff.org/deeplinks/2020/09/eff-eu-commission-article-17-prioritize-users-rights-let-go-filters
"Typosquatting Is About More Than Typos"
"Gitter is joining the Matrix ecosystem and will become the first major existing chat platform to switch to natively speaking Matrix!"
"Samsung TV owners complain about increasingly obtrusive ads"
"On its webpage intended for business partners, Samsung boasts that is has 50 million Smart TVs in operation and that it has the industry’s largest ACR data set."
So ... we no longer own our things, apparently we just buy direct sales channels into our homes 🤔
Looking for something interesting to watch today? Catch-up on this week’s Dweb meetup about how we can build something better than the Big Techs of today. Featuring @email@example.com @firstname.lastname@example.org @email@example.com and @AmandineLePape@twitter.com
Spoiler: Matrix is incredibly well placed to help!
"What is the Value of Browser Diversity?"