Oddbean new post about | logout

Notes by TechBites | export

 A severe vulnerability, CVE-2023-4911, has been discovered in the GNU C Library (glibc), affecting various Linux distributions, including Fedora, Ubuntu, Debian, Red Hat Enterprise Linux (RHEL), and Red Hat Virtualization. The vulnerability allows a local attacker to elevate limited local privileges to full root when launching binaries with SUID permission. While it has been fixed in upstream glibc, many downstream systems require updates to address the issue. Cybersecurity firm Qualys, which identified the vulnerability, warns that it poses a significant threat due to its ubiquity in Linux environments and ease of exploitation.

Detailed Advisory: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt

#Linux #vulnerability #Security #Ubuntu #Fedora #Redhat #Glibc #Qualys #Privacy #CVE #RHEL #TechBites #Tech 
 Anna's Archive, a meta-search engine for book piracy sources and shadow libraries, has announced a significant milestone. It has been secretly scraping WorldCat, the world's largest book metadata database, to further its mission of preserving all available books in the world, even if that means being at odds with copyright law. The dataset obtained from WorldCat includes 1.3 billion unique IDs, and Anna's Archive believes this data will help in its goal to map out all the books in the world and create a list of books that still need preservation. This move has not gone unnoticed, and the site has over 12 million monthly visits. However, it also faces legal risks and has stated its mission is worth the potential consequences.

#AnnasArchive #Archive #Book #Booktodon #Piracy #Zlibrary #WorldCat #ShadowLibrary #OpenSource #Tech #Techbites

https://cdn.buddyverse.xyz/media_attachments/files/111/176/044/423/682/355/original/894ca71fa3d9fc17.jpg 
 This is not a bot account 🙄 

Seriously.. 🙂

#Spam #Bot #Fediverse #Mastodon #buddyverse #Report 
 GitHub has partnered with the funding platform Patreon to support open-source developers. The collaboration between the two platforms allows individuals and organizations to link their GitHub and Patreon accounts, so sponsors can handle funding through Patreon while receiving recognition for their sponsorships on their GitHub profiles. Open-source software development is often a labor of love, and funding can be challenging, as most contributors are unpaid or underpaid. This partnership aims to help these developers gain financial support for their work. According to Tidelift, over 60% of open-source maintainers describe themselves as "unpaid hobbyists."

#FOSS #Opensource #Patreon #Github #Hobby #Progrqmming #Software #Tech #TechBites #Donation 
 A viral TikTok account was using facial recognition technology to expose the identities of ordinary people on the internet without their consent. The account, with 90,000 followers, targeted individuals from viral videos and revealed their personal information to millions of viewers. Despite concerns, TikTok chose not to remove the account, citing a lack of policy violation. The incident highlights privacy concerns in public spaces and raises questions about the cultural acceptance of such practices. The account later deleted its doxing videos.

Full Story: https://www.404media.co/the-end-of-privacy-is-a-taylor-swift-fan-tiktok-account-armed-with-facial-recognition-tech/

#Privacy #PrivacyMatters #Security #Tiktok #FaceRecognition #Moderation #Public #Fediverse #News #TechBites #Tech #Technews 
 VeraCrypt has released a long-awaited update, version 1.26.7, bringing new features, improvements, and bug fixes for Windows, macOS, and Linux. Notably, Windows 7, 8, and 8.1 are no longer officially supported, with focus shifting to Windows 10 and 11. The update includes enhancements related to memory encryption, UAC (User Account Control), Secure Desktop, Quick Format, file systems (NTFS, ReFS, and exFAT), and more. The update also addresses various issues, improves memory protection, and enhances performance, making VeraCrypt a more robust and secure encryption option for users.

Release notes: https://www.veracrypt.fr/en/Release%20Notes.html

#Security #Windows #Linux #Veracrypt #Privacy #Encryption