* Posts by random119327

4 posts • joined 30 Jul 2021

Monero-mining botnet targets Windows, Linux web servers

random119327

"She listed more than two dozen Sysrv exploits that are useful against a range of software suites, including Jboss, Adobe ColdFusion, Atlassian Confluence and Jira, various Apache tools, and Oracle WebLogic."

Running those software, even with no known vulnerability defeat all security implemented on the system : most of them run with closed source code and require root access, giving any blind trust is a huge mistake... now add some vulnerability on the top of that...

Cryptomining groups fight fiercely for cloud resources

random119327

Re: Crypto is a waste of power

crypto use much less twh than the banking system (not included the power for all their trading tools)

The web itself is a waste of power, loading megabytes per pages when they could offer the exact similar content for few kilobytes, Greenpeace should definitively protesting against this.

Rusty Linux kernel draws closer with new patch adding support for Rust as second language

random119327

Re: Is it just me ?

[quote]Cyber Security (more precisely: a lack of) is a very real problem.[/quote]

True, which most of it is due to system misconfiguration, foolish or credulous trust phishing), poor security layer (few lines of iptables as firewall, default profiles appamor restricting nothing instead of allowing only what needed, password reuses... ) or using web based configuration tool and/or opening it to the net...

I mean, saying that implementing rust will reduce security incident is gag...

We can't believe people use browsers to manage their passwords, says maker of password management tools

random119327

I can

I can't believe keepassxc, is the default password manager of numerous of linux system, like tails, or recommended by the EFF and other "famous" organization : A fork from a perfectly working password manager to an unmanageable development software that facilitate transmission of password via network, internet browser, ssh... and other fancy options at the cost of a weaken security (and let's not forget new bugs reported on their git on a daily basis). They fail to provide the main goal of a password manager : keep the passwords in a secure place

https://www.passwordstore.org is a match better advise

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022