@schlamar

7 Followers
50 Following
689 Posts
Pixelfedhttps://pixelfed.social/schlamar
schlamar3d ago
XKCD Bot3d ago
#3228 - Day Counter
schlamarMar 28
Stéphane GraberMar 28
Wrapping up the week with an #Incus release!
Incus 6.23 is out as our last 6.x release before Incus 7.0 LTS next month! This release includes quite a few security fixes as well as exciting features including dependent volumes, FreeBSD support and more!
https://discuss.linuxcontainers.org/t/incus-6-23-has-been-released/26447
Incus 6.23 has been released

Introduction The Incus team is pleased to announce the release of Incus 6.23! This release is going to be our last 6.x release before Incus 7.0 LTS which is due out on April 30th. It’s also quite a busy release with a good mix of security issues (mostly thanks to an ongoing analysis by 7asecurity), bug fixes and performance improvements and then a very good selection of features from expanding our OS support for VMs to adding more flexible instance storage with dependent volumes! As usual, ...

Linux Containers Forum
schlamarMar 26
Filippo ValsordaMar 26

Last year, my position was that we still had time to design PQ authentication mechanisms.

Now, based on the pace of progress and on statements like Google's, I believe:

1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or system

https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/

Quantum frontiers may be closer than they appear

An overview of how Google is accelerating its timeline for post-quantum cryptography migration.

Google
schlamarMar 23
Natascha Strobl Mar 22
Das Grundproblem der SPD ist nicht das Personal und auch keine Metaebene von links/rechts, sondern dass sie schon mit dem Kompromiss in die Verhandlungen geht. Sie traut sich nichts zu wollen oder zu fordern. Und wer nichts will bekommt auch nix. Niemand hat das Gefühl, dass sie für irgendwas steht.
schlamarMar 23
Theresa BäuerleinMar 23

Hast du dich in letzter Zeit auch gefragt, ob dein Gedächtnis nachlässt? Ich hatte dieses Gefühl zuletzt öfter. Und es gefiel mir gar nicht.

Dann habe ich herausgefunden, woran das liegt. Ein Thread. 🧵

schlamarMar 23
BrianKrebsMar 23

This is a crazy, developing story. And here you thought *your* organization's patch management routines were strict: From Christopher Kunz at Heise:

"A serious security vulnerability in the Windchill and FlexPLM products prompted a nationwide police response over the weekend. At the behest of the Federal Criminal Police Office (BKA), officers from across Germany were dispatched to alert affected companies – an unprecedented move. Administrators, whose weekends were disrupted, expressed their irritation – some of whom don't even use the compromised software."

"When the editorial team received a tip late Sunday morning about a critical security vulnerability in Windchill and FlexPLM , it sounded like a routine report: A deserialization vulnerability in specialized software, even with a CVSS score of 10, doesn't cause any alarm at heise security. The situation was apparently quite different at the Federal Criminal Police Office (BKA): By that time, they had already alerted the state criminal police offices (LKA) in various federal states, which dispatched police officers to affected companies during the night. As several readers reported to us in the forum , police officers were standing outside company and private premises in the dead of night."

https://www.heise.de/news/WTF-Polizei-rueckte-Samstagnacht-wegen-Zero-Day-aus-11221345.html

WTF: Polizei rückte Samstagnacht wegen Zero-Day aus

Wegen der Sicherheitslücke in Windchill und ZeroPLM schickten mehrere Landeskriminalämter Polizeibeamte zu betroffenen Unternehmen. Die sind irritiert.

heise online
schlamarMar 23
Mario Sixtus 🇭🇰馬六Mar 23
Wenn ich das Handlungskonzept der Ministerin Reiche richtig verstanden habe, wird sie auf die nun kommende Brennstoffkrise, gegen die der Ölschock 1973 ein Kindergeburtstag war, mit einem sofortigen Verbot von E-Autos, Solarzellen und Windkraftanlagen reagieren.
schlamarMar 15
Die FurieMar 13

Eigentlich könnten wir hier ne geile Community gegen Rechts sein, aber manche essen Fleisch, manche sind geschminkt oder posten ohne ALT-Text & wieder andere fahren noch Benziner.

Seufz! 🤷🏼‍♀️

schlamarMar 14
AndréMar 14

"Autofahrer ignorieren gesperrte Straße: Hunderte tote Feuersalamander in Wachenheim"

Wie war der Spruch, Menschen werden zu Arschlöchern, sobald sie ins Auto steigen?

(ja, ja, notall und so)

https://www.swr.de/swraktuell/rheinland-pfalz/ludwigshafen/hunderte-feuersalamander-tot-trotz-sperrung-auf-kreisstrasse-bei-wachenheim-100.html

schlamarMar 12
Show threadKevin BeaumontMar 11

So @xaitax has cracked Microsoft Recall, he's got access to the encrypted database and has automated dumping of screenshots and all text from screenshots.

I've looked at most recent Recall and yep, you can just read the database as a user process. The database also contains all manner of fields which aren't publicly disclosed for tracking the user's activity.

No AV or EDR alerts triggered, world's #1 in infostealer 😅

* you can just read it in plain text