fidzu : geeks

A Skype call and a gullible employee was all it took for North Korean hackers to infiltrate the computer network of Redbanc, the company that interconnects the ATM infrastructure of all Chilean banks. From a report: Prime suspects behind the hack are a hacker group known as Lazarus Group (or Hidden Cobra), known to have associations to the Pyongyang regime, is one of the most active and dangerous hacking groups around, and known to have targeted banks, financial institutions, and cryptocurrency exchanges in the past years. Lazarus' most recent attack took place at the end of December last year but only came to the public's attention after Chilean Senator Felipe Harboe called out Redbanc on Twitter last week for not disclosing its security breach. The company, which has direct lines into the networks of all Chilean banks, formally admitted to the hack a day later in a message posted on its website, but that announcement didn't include any details about the intrusion. However, a day after Redbanc's admission, an investigation conducted by Chilean tech news site trendTIC revealed that the financial firm was the victim of a serious cyber-attack, and not something that could be easily dismissed. According to reporters, the source of the hack was identified as a LinkedIn ad for a developer position at another company to which one of the Redbanc employees applied.

Read more of this story at Slashdot.

17 Jan 2019 4:52pm GMT

Room contained unreleased items that have filtered into the in-game economy.

17 Jan 2019 4:33pm GMT

China may be slowing iPhone sales worldwide, but Chinese people are driving Apple's App Store business. From a report: China accounted for nearly 50 percent of all app downloads in 2018, pushing the global downloads count to reach a record 194 billion, according to research firm App Annie. China, which is the world's largest smartphone market, also accounted for nearly 40 percent of worldwide consumer spend in apps in 2018, App Annie said in its yearly "State of Mobile" report. (Note: Google Play Store is not available in China.) Global consumer spend in apps reached $101 billion last year, up 75 percent since 2016. And 74 percent of all money spent on apps last year came from games. The battle between Silicon Valley companies and Chinese tech giants generated more than half of total consumer spend in the top 300 parent companies in 2018, the report said. The top company for global consumer spend was China's Tencent, which owns stake in several startups, companies, and games -- including last year's sleeper hits PUBG and Fortnite.

Read more of this story at Slashdot.

17 Jan 2019 4:05pm GMT

"The government is not the enemy, they're our friend."

17 Jan 2019 4:00pm GMT

Tourism operators in Australia claim inaccuracies in Google Maps are deterring potential visitors, by making remote attractions appear further away than they actually are. From a report: The Queensland government in north-east Australia has complained to Google, which says it will look into the issue. Firms looking to promote their small towns as remote tourist destinations say Google Maps inflates travel times. Outback businesses say errors in the map app can add hours to a journey. "People aren't coming to places because they think it takes too long, or they're missing opportunities to refuel and they're getting sent off on another road that has no fuel [outlets]," Robyn Mackenzie, of the Eromanga Natural History Museum, told national broadcaster ABC. "People will get frightened of travelling in the outback, because they don't have any confidence in the mapping," the general manager of the small town museum added.

Read more of this story at Slashdot.

17 Jan 2019 3:22pm GMT

Widely circulated "Collection #1" was used in automated credential stuffing attacks.

17 Jan 2019 12:55pm GMT

Well, it's hanging on in there, but why didn't it conquer the world?

Analysis Does European Commissioner for Competition Margrethe Vestager's team pay close attention to the tech news? If not, perhaps they should.…

19 Oct 2016 10:24am GMT

Linus Torvalds teaches devs a lesson with early rc1 release

Google may have killed off its modular smartphone Project Ara idea, but some of the code that would have made it happen looks like coming to the Linux Kernel.…

17 Oct 2016 6:58am GMT

Your weekly Windows entertainment large and small

This week's worldwide BSOD roundup starts with what looks to your writer like a virtualisation launch bug. Submitter Alexander tells us it came from Peterborough Station, in Cambridgeshire.…

17 Oct 2016 6:28am GMT

To anyone who has been reading anything on the web over the past few months, this shouldn't come as a surprise. Barnes & Noble is currently embroiled in a patent lawsuit started by Microsoft, after the bookseller/tablet maker refused to pay protection money to Redmond. Barnes & Noble has now openly said what we already knew, and has filed an official complaint at the US Department of Justice: Microsoft is engaging in anticompetitive practices.

09 Nov 2011 4:13pm GMT

"Sources close to Adobe that have been briefed on the company's future development plans have revealed this forthcoming announcement to ZDNet: Our future work with Flash on mobile devices will be focused on enabling Flash developers to package native apps with Adobe AIR for all the major app stores. We will no longer adapt Flash Player for mobile devices to new browser, OS version or device configurations.. . ."

09 Nov 2011 6:34am GMT

"The following are major features for Fedora 16: enhanced cloud support including Aeolus Conductor, Condor Cloud, HekaFS, OpenStack and pacemaker-cloud; KDE Plasma workspaces 4.7; GNOME 3.2; a number of core system improvements including GRUB 2 and the removal of HAL; an updated libvirtd, trusted boot, guest inspection, virtual lock manager and a pvops based kernel for Xen all improve virtualization support."

08 Nov 2011 10:45pm GMT

Tyrs is a microblogging client, supporting Twitter and Status.net (identi.ca), it's based on console using the NCurses module from Python. The release of the 0.5.0 version is a good excuse to introduce Tyrs. Tyrs aims to get a good interaction with a fairly intuitive interface that can provide support ncurses. Tyrs tries also not to [...]

06 Nov 2011 9:43pm GMT

After one year of managing a network of 10 servers with Cfengine I'm currently building two clusters of 50 servers with Puppet (which I'm using for the first time), and have various notes to share. With my experience I had a feeling Cfengine just isn't right for this project, and didn't consider it seriously. These servers are all running Debian GNU/Linux and Puppet felt natural because of the good Debian integration, and the number of users whom also produced a lot of resources. Chef was out of the picture soon because of the scary architecture; CouchDB, Solr and RabbitMQ... coming from Cfengine this seemed like a bad joke. You probably need to hire a Ruby developer when it breaks. Puppet is somewhat better in this regard.

Puppet master needs Ruby, and has a built-in file server using WEBrick. My first disappointment with Puppet was WEBrick. Though PuppetLabs claim you can scale it up to 20 servers, that proved way off, the built-in server has problems serving as little as 5 agents/servers, and you get to see many dropped connections and failed catalog transfers. I was forced to switch to Mongrel and Nginx as frontend very early in the project, on both clusters. This method works much better (even though Apache+Passenger is the recommended method now from PuppetLabs), and it's not a huge complication compared to WEBrick (and Cfengine which doesn't make you jump through any hoops). Part of the reason for this failure is my pull interval, which is 5 minutes with a random sleep time of up to 3 minutes to avoid harmonics (which is still a high occurrence with these intervals and WEBrick fails miserably). In production a customer can not wait on 30/45 minute pull intervals to get his IP address whitelisted for a service, or some other mundane task, it must happen within 10 minutes... but I'll come to these kind of unrealistic ideas a little later.

Unlike the Cfengine article I have no bootstrapping notes, and no code/modules to share. By default the fresh started puppet agent will look for a host called "puppet" and pull in what ever you defined to bootstrap servers in your manifests. As for modules, I wrote a ton of code and though I'd like to share it, my employer owns it. But unlike Cfengine v3 there's a lot of resources out there for Puppet which can teach you everything you need to know, so I don't feel obligated to even ask.

Interesting enough, published modules would not help you get your job done. You will have to write your own, and your team members will have to learn how to use your modules, which also means writing a lot of documentation. Maybe my biggest disappointment is getting disillusioned by most Puppet advocates and DevOps prophets. I found articles and modules most of them write, and experiences they share have nothing to do with the real world. It's like they host servers in a magical land where everything is done in one way and all servers are identical. Hosting big websites and their apps is a much, much different affair.

Every customer does things differently, and I had to write custom modules for each of them. Just between these two clusters a module managing Apache is different, and you can abstract your code a lot but you reach a point where you simply can't push it any more. Or if you can, you create a mess that is unusable by your team members, and I'm trying to make their jobs better not make them miserable. One customer uses an Isilon NAS, the other has a content distribution network, one uses Nginx as a frontend, other has chrooted web servers, one writes logs to a NFS, other to a Syslog cluster... Now imagine this on a scale with 2,000 customers and 3 times the servers and most of the published infrastructure design guidelines become laughable. Instead you find your self implementing custom solutions, and inventing your own rules, best that you can...

I'm ultimately here to tell you that the projects are in a better state then they would be with the usual cluster management policy. My best moment was an e-mail from a team member saying "I read the code, I now understand it [Puppet]. This is fucking awesome!". I knew at that moment I managed to build something good (or good enough), despite the shortcomings I found, and with nothing more than using PuppetLabs resources. Actually, that is not completely honest. Because I did buy and read the book Pro Puppet which contains an excellent chapter on using Git for collaboration on modules between sysadmins and developers, with proper implementation of development, testing and production (Puppet)environments.

05 Nov 2011 11:17pm GMT

Creating json is now ten times easier.

05 Nov 2011 3:10am GMT

Many of you have commented that our NewsVac section hasn't been refreshed since the middle of last month. Others have noticed that our story volume has dropped off. Changes are coming to Linux.com, and until they arrive, you won't see any new stories on the site.

01 Jan 2009 2:00pm GMT

The free and open source software community has been waiting for the G1 cell phone since it was first announced in July. Source code for Google's Android mobile platform has been available, but the G1 marks its commercial debut. It's clearly a good device, but is it what Linux boosters and FOSS advocates have long been anticipating?

31 Dec 2008 2:00pm GMT

Many public administrations already use open source Geographic Information Systems (GIS) to let citizens look at public geographic data trough dedicated Web sites. Others use the same software to partially open the data gathering process: they let citizens directly add geographic information to the official, high-quality GIS databases by drawing or clicking on digital maps.

30 Dec 2008 2:00pm GMT