Code & Design News Aggregator of Code, Security and Design news sites. Wed, 14 Nov 2018 09:12:03 +0000 Black & Dark mode for the Tink app Wed, 14 Nov 2018 08:48:22 +0000 2018-11-14T08:48:22+00:00 Spring Boot in a Container [x-post from r/springsource] Wed, 14 Nov 2018 08:46:52 +0000 2018-11-14T08:46:52+00:00 FBGraphics : Lightweight graphics library with parallelism and custom rendering backend support (graphics API agnostic). Wed, 14 Nov 2018 08:34:53 +0000 2018-11-14T08:34:53+00:00 Unlike the JVM Elixir does not do stop the world garbage collection Wed, 14 Nov 2018 07:30:08 +0000 2018-11-14T07:30:08+00:00 A powerful All-in-one API management and testing platform, we devote to making APIs Management easier! Wed, 14 Nov 2018 07:29:33 +0000 2018-11-14T07:29:33+00:00 DHH - It doesn't have to be crazy at work book opinion Wed, 14 Nov 2018 07:09:08 +0000 2018-11-14T07:09:08+00:00 Private by Design: How we built Firefox Sync Wed, 14 Nov 2018 07:08:10 +0000 2018-11-14T07:08:10+00:00 K Framework Wed, 14 Nov 2018 06:49:33 +0000 2018-11-14T06:49:33+00:00 Retool (YC W17) is hiring a first engineer in SF <a href="">Comments</a> Wed, 14 Nov 2018 06:24:26 +0000 2018-11-14T06:24:26+00:00 Gods and Robots: Myths, Machines, and Ancient Dreams of Technology <a href="">Comments</a> Wed, 14 Nov 2018 04:56:38 +0000 2018-11-14T04:56:38+00:00 Chinese Tokamak reaches over 100M degrees <a href="">Comments</a> Wed, 14 Nov 2018 04:51:39 +0000 2018-11-14T04:51:39+00:00 Spectre, Meltdown researchers unveil 7 more speculative execution attacks Wed, 14 Nov 2018 04:33:46 +0000 2018-11-14T04:33:46+00:00 Compile-time Mandelbrot in pure C. Outputs a PGM image file to stdout. Wed, 14 Nov 2018 03:42:55 +0000 2018-11-14T03:42:55+00:00 Snap Says DOJ and SEC Are Investigating IPO Disclosures <a href="">Comments</a> Wed, 14 Nov 2018 03:15:40 +0000 2018-11-14T03:15:40+00:00 Winds of Change: The Case for New Digital Currency <a href="">Comments</a> Wed, 14 Nov 2018 03:06:51 +0000 2018-11-14T03:06:51+00:00 iOS Developers Ship Fewer Apps as Non-Native Frameworks Suffer Wed, 14 Nov 2018 02:41:18 +0000 2018-11-14T02:41:18+00:00 Spectre, Meltdown researchers unveil 7 more speculative execution attacks Systematic analysis reveals a range of new issues and a need for new mitigations. Wed, 14 Nov 2018 01:50:54 +0000 2018-11-14T01:50:54+00:00 Five Things About Software Engineering I Wish I Knew When I Started Wed, 14 Nov 2018 01:28:47 +0000 2018-11-14T01:28:47+00:00 Destruction of evidence charges filed for remotely wiping iPhone <a href="">Comments</a> Wed, 14 Nov 2018 01:11:53 +0000 2018-11-14T01:11:53+00:00 Understanding Asynchronous JavaScript — the Event Loop Wed, 14 Nov 2018 01:10:58 +0000 2018-11-14T01:10:58+00:00 Blue Apron lays off more workers <a href="">Comments</a> Wed, 14 Nov 2018 01:01:49 +0000 2018-11-14T01:01:49+00:00 Private by Design: How We Built Firefox Sync <a href="">Comments</a> Wed, 14 Nov 2018 00:36:46 +0000 2018-11-14T00:36:46+00:00 DrawKit - collection of beautiful, customisable MIT licensed illustrations Tue, 13 Nov 2018 23:25:33 +0000 2018-11-13T23:25:33+00:00 Show HN: Squally – A Game to Teach Low Level Computer Science <a href="">Comments</a> Tue, 13 Nov 2018 23:05:38 +0000 2018-11-13T23:05:38+00:00 Waymo CEO Says Alphabet Unit Plans to Launch Driverless Car Service <a href="">Comments</a> Tue, 13 Nov 2018 22:59:53 +0000 2018-11-13T22:59:53+00:00 Abusing C macros to render the Mandelbrot Set at compile-time <a href="">Comments</a> Tue, 13 Nov 2018 22:55:16 +0000 2018-11-13T22:55:16+00:00 Build a do-it-yourself home air purifier for about $25 <a href="">Comments</a> Tue, 13 Nov 2018 22:50:16 +0000 2018-11-13T22:50:16+00:00 Ask HN: I've been a programmer for 6 years, and I can't solve basic CS problems <a href="">Comments</a> Tue, 13 Nov 2018 22:41:35 +0000 2018-11-13T22:41:35+00:00 The History of Web Development - How We Got Here by Richard Campbell Tue, 13 Nov 2018 22:35:30 +0000 2018-11-13T22:35:30+00:00 Food taste 'not protected by copyright' rules EU court <a href="">Comments</a> Tue, 13 Nov 2018 22:31:29 +0000 2018-11-13T22:31:29+00:00 Designing 2D graphics in the Japanese industry Tue, 13 Nov 2018 21:44:12 +0000 2018-11-13T21:44:12+00:00 Trip report: Fall ISO C++ standards meeting <a href="">Comments</a> Tue, 13 Nov 2018 21:43:58 +0000 2018-11-13T21:43:58+00:00 Tensorflow 2.0: models migration and new design <a href="">Comments</a> Tue, 13 Nov 2018 19:33:26 +0000 2018-11-13T19:33:26+00:00 User Defenders podcast – Radical Empathy with Seth Godin ###Seth Godin shows us what radical empathy looks like. He reminds us to do work that matters, for people who care by focusing on serving a minimum viable audience. He teaches us that the way to stay indispensable in our work is to do work where you can’t write down the steps. He also reveals how faked empathy is just as good as real empathy for the true professional acting ‘as if’. [Listen now] ( Tue, 13 Nov 2018 19:26:31 +0000 2018-11-13T19:26:31+00:00 Infinite procedurally-generated city with the Wave Function Collapse algorithm Tue, 13 Nov 2018 19:05:40 +0000 2018-11-13T19:05:40+00:00 Another Facebook Bug Could Have Exposed Your Private Information Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world's most popular social network at risk. Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 13 Nov 2018 18:45:45 +0000 2018-11-13T18:45:45+00:00 Memory-level parallelism: Intel Skylake versus Apple A12/A12X Tue, 13 Nov 2018 18:44:34 +0000 2018-11-13T18:44:34+00:00 Infinite procedurally-generated city with the Wave Function Collapse algorithm <a href="">Comments</a> Tue, 13 Nov 2018 18:21:46 +0000 2018-11-13T18:21:46+00:00 Windows 10 October 2018 Update is back, this time without deleting your data Microsoft is opening up about some of its testing procedures, too. Tue, 13 Nov 2018 18:21:06 +0000 2018-11-13T18:21:06+00:00 How Multi-Beam Flash Lidar Works <a href="">Comments</a> Tue, 13 Nov 2018 17:28:39 +0000 2018-11-13T17:28:39+00:00 Sponsor: Live Now: UX / UI design with Olha Uzhykova, Marvin Schwaibold, and Melody Sabouri Tue, 13 Nov 2018 17:15:56 +0000 2018-11-13T17:15:56+00:00 Ask HN: What's the largest amount of bad code you have ever seen work? <a href="">Comments</a> Tue, 13 Nov 2018 17:14:06 +0000 2018-11-13T17:14:06+00:00 GitLab's Secret to Multi-Million-Dollar Success: All 350 Employees Work Remotely Tue, 13 Nov 2018 16:10:25 +0000 2018-11-13T16:10:25+00:00 How to Keep Your Job as Your Company Grows <a href="">Comments</a> Tue, 13 Nov 2018 15:46:39 +0000 2018-11-13T15:46:39+00:00 Zippers for non-inductive types <a href="">Comments</a> Tue, 13 Nov 2018 15:41:57 +0000 2018-11-13T15:41:57+00:00 Story behind a redesign of Paperform V2 Tue, 13 Nov 2018 15:28:57 +0000 2018-11-13T15:28:57+00:00 WebTTY – Share a terminal session over WebRTC Tue, 13 Nov 2018 15:25:38 +0000 2018-11-13T15:25:38+00:00 Overcoming the fear of specializing a web design agency Tue, 13 Nov 2018 13:35:13 +0000 2018-11-13T13:35:13+00:00 List articles on DN So does this guideline actually apply? "Unwelcome Stories - List-format articles, especially those intended for SEO purposes" As of this writing, there are currently five list articles on the recent page. Is the content here actively moderated by the mods, or do they simply rely on stuff to be reported first before taking action? Tue, 13 Nov 2018 13:24:06 +0000 2018-11-13T13:24:06+00:00 How do you guys handle multiple variants of a component in a design system? I'm struggling with this at my current place. I'm kind of reverse engineering a design library in place based on existing designs. The issue I have is for example a modal overlay will have loads of variations and states based on the context of the flow/process the user is in. So, do I create a unique component based on the process its being used in or do I create an overall modal component with sub options based on those scenarios. Really interested on how you guys deal with this. Tue, 13 Nov 2018 13:14:17 +0000 2018-11-13T13:14:17+00:00 C2x – Next revision of C language Tue, 13 Nov 2018 13:14:12 +0000 2018-11-13T13:14:12+00:00 Web High Level Shading Language Tue, 13 Nov 2018 13:11:41 +0000 2018-11-13T13:11:41+00:00 by Google ( Tue, 13 Nov 2018 12:58:36 +0000 2018-11-13T12:58:36+00:00 Cynet Review: Simplify Security with a True Security Platform In 1999, Bruce Schneier wrote, "Complexity is the worst enemy of security." That was 19 years ago (!) and since then, cyber security has only become more complex. Today, controls dramatically outnumber staff available to support them. The Bank of America has a $400-million cyber budget to hire security staff and implement a broad array of products. But what if your budget and<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 13 Nov 2018 12:34:45 +0000 2018-11-13T12:34:45+00:00 Compelled Decryption and the Privilege Against Self-Incrimination <a href="">Comments</a> Tue, 13 Nov 2018 12:18:55 +0000 2018-11-13T12:18:55+00:00 How Podcasts Became a Seductive and Sometimes Slippery Mode of Storytelling <a href="">Comments</a> Tue, 13 Nov 2018 10:24:52 +0000 2018-11-13T10:24:52+00:00 TSM Website Concept [Case Study + Video] Tue, 13 Nov 2018 10:23:08 +0000 2018-11-13T10:23:08+00:00 Xbox 360 Emulation is here on the PC. The story of Xenia Tue, 13 Nov 2018 09:53:57 +0000 2018-11-13T09:53:57+00:00 Non cogito, ergo sum <a href="">Comments</a> Tue, 13 Nov 2018 08:42:46 +0000 2018-11-13T08:42:46+00:00 HTTP-over-QUIC to be renamed HTTP/3 Tue, 13 Nov 2018 08:40:31 +0000 2018-11-13T08:40:31+00:00 C library system-call wrappers, or the lack thereof <a href="">Comments</a> Tue, 13 Nov 2018 06:36:03 +0000 2018-11-13T06:36:03+00:00 Did you know Noto Serif and Noto Serif JP, KR are different? ![Noto Serifs]( Does anyone know why they are different? I really want to use the serif from Noto Serif JP or KR, but obviously they're bigger because they include Japanese or Korean letters. Is there a way to use only English types out of Noto Serif JP or KR? Tue, 13 Nov 2018 04:53:26 +0000 2018-11-13T04:53:26+00:00 Building C# 8.0 Tue, 13 Nov 2018 01:45:13 +0000 2018-11-13T01:45:13+00:00 Fun with NFL Stats, Bokeh, and Pandas <a href="">Comments</a> Tue, 13 Nov 2018 01:36:34 +0000 2018-11-13T01:36:34+00:00 Google's new Web.Dev portal Mon, 12 Nov 2018 21:45:22 +0000 2018-11-12T21:45:22+00:00 Get the most from your work hours and boost your team productivity. Mon, 12 Nov 2018 21:37:04 +0000 2018-11-12T21:37:04+00:00 Why We Need Difficult Books <a href="">Comments</a> Mon, 12 Nov 2018 20:50:12 +0000 2018-11-12T20:50:12+00:00 UX Pattern: Unsaved File Affordance in Visual Studio Code Mon, 12 Nov 2018 20:26:15 +0000 2018-11-12T20:26:15+00:00 The rise of multivector DDoS attacks <a href="">Comments</a> Mon, 12 Nov 2018 19:13:35 +0000 2018-11-12T19:13:35+00:00 Introducing Pantheon: A modern agency network Mon, 12 Nov 2018 17:20:53 +0000 2018-11-12T17:20:53+00:00 Why Computers Can't Count Sometimes Mon, 12 Nov 2018 16:10:44 +0000 2018-11-12T16:10:44+00:00 Collection of tools for web designers that you've probably missed during October Mon, 12 Nov 2018 13:54:10 +0000 2018-11-12T13:54:10+00:00 Top 5 Factors That Increase Cyber Security Salary The Most Our partner Springboard, which provides online courses to help you advance your cybersecurity career with personalized mentorship from industry experts, recently researched current cybersecurity salaries and future earning potential in order to trace a path to how much money you can make. Here's what they found were the most important factors for making sure you earn as much as possible: 1<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 12 Nov 2018 13:12:12 +0000 2018-11-12T13:12:12+00:00 New APIs Suggest WPA3 Wi-Fi Security Support Coming Soon to Windows 10 Windows 10 users don't have to wait much longer for the support of latest WPA3 Wi-Fi security standard, a new blog post from Microsoft apparently revealed. The third version of Wi-Fi Protected Access, in-short WPA3, is the next generation of the wireless security protocol that has been designed to make it harder for attackers to hack WiFi password. WPA3 was officially launched earlier this<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 12 Nov 2018 12:55:14 +0000 2018-11-12T12:55:14+00:00 Best and Worst Cities for Nursing Homes in the US <a href="">Comments</a> Mon, 12 Nov 2018 12:54:29 +0000 2018-11-12T12:54:29+00:00 Crater believed to be formed by asteroid impact 66M years ago <a href="">Comments</a> Mon, 12 Nov 2018 12:11:01 +0000 2018-11-12T12:11:01+00:00 Page Flip Layout Mon, 12 Nov 2018 12:05:26 +0000 2018-11-12T12:05:26+00:00 What tool did you used in your company to share a Design System internally? I designed the Design System of my current company with Sketch and I'm using Zeplin to share it to others, but Zeplin needs invitation and Sketch a program license, so they're not enough. We don't have a pattern library yet (the code side of the design system), so people who are not designers can't really make use of the design system. Which tool would you recommend to share a design system internally, so that people can refer to it? Mon, 12 Nov 2018 09:32:07 +0000 2018-11-12T09:32:07+00:00 Gestalt-Driven UX: The Patterns That Drive Our World Mon, 12 Nov 2018 07:24:33 +0000 2018-11-12T07:24:33+00:00 What has been your experience with WebFlow? I plan on moving towards web flow to handle most of my client web designs - I was highly impressed with the kind of features they hold. What are you opinions on using WebFlow for a basic to a complex animation / a functional form to an Ecommerce website experience? Mon, 12 Nov 2018 06:17:57 +0000 2018-11-12T06:17:57+00:00 The Art Institute of Chicago Has Put 50,000 High-Res Images from Their Collection Online Mon, 12 Nov 2018 00:53:09 +0000 2018-11-12T00:53:09+00:00 Any website that curates helpful books for designers? I'm looking to find some books to help me out. A few topics I'd like too improve on are 'being a better design leader' how to be more organised running an agency' and other leadership / management / self improvement books for designers? Sun, 11 Nov 2018 16:50:56 +0000 2018-11-11T16:50:56+00:00 Show DN - Personal Site Hello everyone! I'm super excited to get my new site live. I was hoping to get some final feedback from designers outside my network in order to put the finishing touches on this project. At this point, I've got a small list of tasks I'm crossing off but looking for some that I may have missed. URL: []( Thanks for your time and look forward to some feedback! -T Sat, 10 Nov 2018 17:47:15 +0000 2018-11-10T17:47:15+00:00 New iPad Pro website from Apple Sat, 10 Nov 2018 17:43:45 +0000 2018-11-10T17:43:45+00:00 iOS app designers using figma, how? (vector asset question) Hey guys, currently my teams work flow is Sketch>Abstract/Zeplin and repeat. We've been looking into using figma and dropping both zeplin and abstract but one main issue i've run into, you CANT export assets to pdf on figma?! I've seen sites/plugins used to export contents of an artboard into a pdf but that would require each symbol or element I needed exported as pdf would need their own artboard. I know that the Figma team has said its on their roadmap but until then, how are you guys designing for iOS and handing off to dev? Thanks! Fri, 09 Nov 2018 21:25:58 +0000 2018-11-09T21:25:58+00:00 Hacker Who DDoSed Sony, EA and Steam Gaming Servers Pleads Guilty A 23-year-old hacker from Utah pleaded guilty this week to launching a series of denial-of-service (DoS) attacks against multiple online services, websites, and online gaming companies between 2013 and 2014. According to a Justice Department (DoJ) press release, Austin Thompson, a.k.a. "DerpTroll," took down servers of several major gaming platforms including Electronic Arts' Origin service,<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 09 Nov 2018 08:22:25 +0000 2018-11-09T08:22:25+00:00 Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data We all have something to hide, something to protect. But if you are also relying on self-encrypting drives for that, then you should read this news carefully. Security researchers have discovered multiple critical vulnerabilities in some of the popular self-encrypting solid state drives (SSD) that could allow an attacker to decrypt disk encryption and recover protected data without knowing<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 08 Nov 2018 19:09:53 +0000 2018-11-08T19:09:53+00:00 Here's How Hackers Could Have Spied On Your DJI Drone Account Cybersecurity researchers at Check Point today revealed details of a potential dangerous vulnerability in DJI Drone web app that could have allowed attackers access user accounts and synced sensitive information within it, including flight records, location, live video camera feed, and photos taken during a flight. Thought the vulnerability was discovered and responsibly reported by the<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 08 Nov 2018 19:08:18 +0000 2018-11-08T19:08:18+00:00 New Android API Lets Developers Push Updates Within their Apps You might have read somewhere online today that Google is granting Android app developers powers to forcefully install app updates…but it is not true. Instead, the tech giant is providing a new feature that will help users to have up-to-date Android apps all the time and yes, it's optional. Along with the launch of a number of new tools and features at its Android Dev Summit 2018, Google has<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 08 Nov 2018 15:21:35 +0000 2018-11-08T15:21:35+00:00 StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users Late last week an unknown hacker or a group of hackers successfully targeted a cryptocurrency exchange with an aim to steal Bitcoins by compromising the web analytics service it was using. ESET malware researcher Matthieu Faou this weekend spotted malicious JavaScript code on up to 700,000 websites that were bundled with the traffic tracking code from the leading web analytics platform<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 08 Nov 2018 11:13:02 +0000 2018-11-08T11:13:02+00:00 Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox—a popular open source virtualization software developed by Oracle—that could allow a malicious program to escape virtual machine (guest OS) and execute code on the operating system of the host machine. The vulnerability occurs due to memory corruption issues and affects<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 08 Nov 2018 09:25:37 +0000 2018-11-08T09:25:37+00:00 Popular WooCommerce WordPress Plugin Patches Critical Vulnerability If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file deletion vulnerability in the popular WooCommerce plugin that could allow a malicious or compromised privileged user to gain full control over the<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Wed, 07 Nov 2018 09:01:06 +0000 2018-11-07T09:01:06+00:00 Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed Apple introduces a new privacy feature for all new MacBooks that "at some extent" will prevent hackers and malicious applications from eavesdropping on your conversations. Apple's custom T2 security chip in the latest MacBooks includes a new hardware feature that physically disconnects the MacBook's built-in microphone whenever the user closes the lid, the company revealed yesterday at its event<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Sun, 04 Nov 2018 17:51:37 +0000 2018-11-04T17:51:37+00:00 New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled. The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Sun, 04 Nov 2018 09:24:03 +0000 2018-11-04T09:24:03+00:00 Accused CIA Leaker Faces New Charges of Leaking Information From Prison Joshua Adam Schulte, a 30-year-old former CIA computer programmer who was indicted over four months ago for masterminding the largest leak of classified information in the agency's history, has now been issued three new charges. The news comes just hours after Schulte wrote a letter to the federal judge presiding over his case, accusing officials at Manhattan Metropolitan Correctional Center of<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 02 Nov 2018 09:16:51 +0000 2018-11-02T09:16:51+00:00 Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of access points and networking devices used by enterprises around the world. Dubbed BleedingBit, the set of two vulnerabilities could allow remote attackers to execute arbitrary code and take full control of vulnerable devices without authentication, including<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 01 Nov 2018 18:48:15 +0000 2018-11-01T18:48:15+00:00 Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker to embed malicious code inside a document file, tricking users into running malware onto their computers. Discovered by researchers at Cymulate, the bug abuses the 'Online Video' option in Word documents, a feature that allows users to embedded an online<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Wed, 31 Oct 2018 08:50:25 +0000 2018-10-31T08:50:25+00:00 New iPhone Passcode Bypass Found Hours After Apple Releases iOS 12.1 It's only been a few hours since Apple releases iOS 12.1 and an iPhone enthusiast has managed to find a passcode bypass hack, once again, that could allow anyone to see all contacts' private information on a locked iPhone. Jose Rodriguez, a Spanish security researcher, contacted The Hacker News and confirmed that he discovered an iPhone passcode bypass bug in the latest version of its iOS<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 30 Oct 2018 20:01:32 +0000 2018-10-30T20:01:32+00:00 Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft Store apps with extensive file system permission to access all files on users' computers without their consent. With Windows 10, Microsoft introduced a common platform, called Universal Windows Platform (UWP), that allows apps to run on any device running<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 30 Oct 2018 14:58:47 +0000 2018-10-30T14:58:47+00:00 Signal Secure Messaging App Now Encrypts Sender's Identity As Well Signal, the popular end-to-end encrypted messaging app, is planning to roll out a new feature that aims to hide the sender's identity from potential attackers trying to intercept the communication. Although messages send via secure messaging services, like Signal, WhatsApp, and Telegram, are fully end-to-end encrypted as they transmit across their servers, each message leaves behind some of<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 30 Oct 2018 08:18:56 +0000 2018-10-30T08:18:56+00:00 IBM Buys "Red Hat" Open-Source Software Company for $34 Billion It's been quite a year for the open source platforms. Earlier this year, Microsoft acquired popular code repository hosting service GitHub for $7.5 billion, and now IBM has just announced the biggest open-source business deal ever. IBM today confirmed that it would be acquiring open source Linux firm Red Hat for $190 per share in cash, working out to a total value of approximately $34<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 29 Oct 2018 15:03:10 +0000 2018-10-29T15:03:10+00:00 Windows Built-in Antivirus Gets Secure Sandbox Mode – Turn It ON Microsoft Windows built-in anti-malware tool, Windows Defender, has become the very first antivirus software to have the ability to run inside a sandbox environment. Sandboxing is a process that runs an application in a safe environment isolated from the rest of the operating system and applications on a computer. So that if a sandboxed application gets compromised, the technique prevents its<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 29 Oct 2018 14:51:28 +0000 2018-10-29T14:51:28+00:00 New Privilege Escalation Flaw Affects Most Linux Distributions An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora. Xorg X server is a popular open-source implementation of the X11 system (display server) that offers a graphical environment to a wider range of hardware and OS platforms. It serves as an<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 26 Oct 2018 13:59:32 +0000 2018-10-26T13:59:32+00:00 Facebook Fined £500,000 for Cambridge Analytica Data Scandal Facebook has finally been slapped with its first fine of £500,000 for allowing political consultancy firm Cambridge Analytica to improperly gather and misuse data of 87 million users. The fine has been imposed by the UK's Information Commissioner's Office (ICO) and was calculated using the UK's old Data Protection Act 1998 which can levy a maximum penalty of £500,000 — ironically that’s<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 25 Oct 2018 13:26:01 +0000 2018-10-25T13:26:01+00:00 Google Makes 2 Years of Android Security Updates Mandatory for Device Makers When it comes to security updates, Android is a real mess. Even after Google timely rolls out security patches for its Android platform, a major part of the Android ecosystem remains exposed to hackers because device manufacturers do not deliver patches regularly and on a timely basis to their customers. To deal with this issue, Google at its I/O Developer Conference May 2018 revealed the<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 25 Oct 2018 09:57:49 +0000 2018-10-25T09:57:49+00:00 Another Windows 0-day flaw has been published on Twitter And on GitHub there's a proof-of-concept that'll render your system unbootable. Wed, 24 Oct 2018 15:50:29 +0000 2018-10-24T15:50:29+00:00 How to make elections secure in the age of digital operatives Former Facebook CSO Alex Stamos tells us what he learned in 2016 and what comes next. Wed, 24 Oct 2018 13:10:38 +0000 2018-10-24T13:10:38+00:00 FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia. TRITON, also known as Trisis, is a piece of ICS malware designed to target the Triconex Safety<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Wed, 24 Oct 2018 11:32:21 +0000 2018-10-24T11:32:21+00:00 Meet Helm, the startup taking on Gmail with a server that runs in your home Fee-based service couples the security of a private server with the reliability of the cloud. Wed, 17 Oct 2018 17:52:29 +0000 2018-10-17T17:52:29+00:00 Apple, Google, Microsoft, and Mozilla come together to end TLS 1.0 Almost everyone has now migrated to TLS 1.2, and a few have moved to TLS 1.3. Tue, 16 Oct 2018 22:00:32 +0000 2018-10-16T22:00:32+00:00 Already facing an uphill misinformation fight, Facebook loses to scammers, too Facebook's focus on misinformation is leaving an opening for another type of scam. Tue, 16 Oct 2018 00:42:37 +0000 2018-10-16T00:42:37+00:00 Apple to Congress: Chinese spy-chip story is “simply wrong” "Our internal investigations directly contradict every consequential assertion." Mon, 08 Oct 2018 18:25:11 +0000 2018-10-08T18:25:11+00:00 Bloomberg: Super Micro motherboards used by Apple, Amazon contained Chinese spy chips Super Micro, Amazon, and Apple deny everything in the report. Thu, 04 Oct 2018 16:08:56 +0000 2018-10-04T16:08:56+00:00 Google taking new steps to prevent malicious Chrome extensions Company plans stricter rules for developers and greater control for users. Tue, 02 Oct 2018 17:10:45 +0000 2018-10-02T17:10:45+00:00 Google backtracks—a bit—on controversial Chrome sign-in feature Privacy-conscious users were unhappy at being signed in to browser without consent. Thu, 27 Sep 2018 21:26:10 +0000 2018-09-27T21:26:10+00:00 Microsoft offers completely passwordless authentication for online apps Phone-based authentication is the way forward instead. Mon, 24 Sep 2018 13:00:08 +0000 2018-09-24T13:00:08+00:00 New modification of the old cold boot attack leaves most systems vulnerable The defenses put in place to thwart the 2008 attack turn out to be very weak. Thu, 13 Sep 2018 20:26:02 +0000 2018-09-13T20:26:02+00:00 Georgia says switching back to all-paper voting is logistically impossible In <em>Curling v. Kemp</em>, both sides are set to duke it out in court on Wednesday. Wed, 12 Sep 2018 08:30:35 +0000 2018-09-12T08:30:35+00:00 Windows 10 support extended again: September releases now get 30 months And Microsoft is offering enterprises dedicated app compatibility support. Thu, 06 Sep 2018 15:55:06 +0000 2018-09-06T15:55:06+00:00 Google wants to get rid of URLs but doesn’t know what to use instead Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible. Wed, 05 Sep 2018 14:04:02 +0000 2018-09-05T14:04:02+00:00 Microsoft obliquely acknowledges Windows 0-day bug published on Twitter Flaw allows a local user to obtain System privileges. Wed, 29 Aug 2018 16:18:32 +0000 2018-08-29T16:18:32+00:00 The adventures of lab ED011—“Nobody would be able to duplicate what happened there” One Romanian campus computer lab both pentested the world and eventually helped protect it. Mon, 27 Aug 2018 13:00:56 +0000 2018-08-27T13:00:56+00:00 Chrome 69 will take the next step to killing Flash, roll out new design Flash will have to be enabled every time a site tries to use it. Tue, 21 Aug 2018 17:26:03 +0000 2018-08-21T17:26:03+00:00 Intel’s SGX blown wide open by, you guessed it, a speculative execution attack Speculative execution attacks truly are the gift that keeps on giving. Tue, 14 Aug 2018 19:18:31 +0000 2018-08-14T19:18:31+00:00