Sindoni Says

  Trust But Verify...

Blog

Sindoni Says will be a place where I will share my observations. Looking forward to creating a place of truth where Kool-Aid isn't served.

view:  full / summary

Intel patches seven-year remote hijacking bug revealed

Posted on July 8, 2017 at 5:10 PM Comments comments (0)


Intel patches seven-year remote hijacking bug revealed


Serious security flaw is patched. Intel has long been considered one of the premier chip manufacturers on the market, with security playing a vital part in the firm’s overall success.


However, it seems that one element had slipped through the net. Recently conducted research found that Intel processors shipped since 2010 contained remote management features. While from the outset this may not seem like a really big deal, the issue was found to give attackers full control over any computer that was connected to the same network through a firewall, Wi-Fi connection or a bluetooth devise. An official report from Intel explained the flaw further: There is an escalation of privilege vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology versions firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.x, 11.5 and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. Can the consumer trust the Intel company statement that the flaw does not exist on Intel-based consumer PCs?”


The flaw is noted to have affected many core Intel manageability firmwares, covering both early variants of the firmware. Due to the flaw going unnoticed for several years, it is unknown just how many machines have been affected. However, the ease of access an attacker ex.. Israeli Mossad hacker (Mr. Goldstien) would have to the network would be alarming. How many of you reading this post would have the knowledge to be able to identify the hacker and get them out of your computer?


Due to the research, Intel delivered a patch in record-quick time. The patch. which resides in Intel’s Active Management Technology, is automatically downloaded onto affected machines, but will be unnoticeable to many users. It’s important, however, to note that Intel has rated the vulnerability as critical, and so users should look to perform a system scan of their desktop to eliminate any external issues.


In the same advisory posted by Intel, a second flaw is said to have been discovered Although much less of a threat than the issue mentioned earlier, the second flaw is said to give attackers an alternative way to attack your desktop. Again, Intel has been quick to release all necessary patches. For those worried about whether their desktop could be at risk, it’s worthwhile checking out the official Intel Newsroom (https://newsroom.intel.com) for more information.


So, what can we do to better safeguard our personal privacy? I’ll begin by using an analogy, “Trust But Verify.” If I were going out today to buy a pair of pants, I would also buy a belt and a pair of suspenders  for my pants. I am not going to trust my pants and belt (Microsoft & Apple) with my money, therefore the need for the suspenders (Linux Live DVD or USB Flash Drive). You can never be sure if a covert keylogger has been installed on your computer.


From my own personal experience, I have found using a Linux live DVD or carrying around a USB stick with a ready-to-go bootable distro, example Linux Mint means that you can run the operating system independent of any host OS and be aware of exactly what you are running. For those of you who are not computer savvy, just go to http://osdisc.com and purchase a USB Flash Drive with many choices of Open Source Software to surf the internet. For less than twenty dollars you will have a secure Linux Operating System and be free from prying eyes.

 

Comments welcome.


Respectfully,


Stephen Sindoni



50 Top Linux Distributions

Posted on June 20, 2017 at 2:35 PM Comments comments (3)

50 Top Linux Distributions

The 50 most well-known versions of the Linux operating system.

Posted May 10, 2011

By Cynthia Harvey

We sometimes talk about Linux as if it were one, single operating system, but of course, it really comes in hundreds of different flavors. In fact, one of the strengths of open source software is that developers can (and do) customize the code to meet a variety of unique needs.


In this article, we'll take a look at 50 of the most well-known distributions of the Linux OS. If you've been using Linux for a while, you're probably familiar with the major distributions, but you might find some others you haven't encountered that are worth checking out.

 

The list is organized into several different categories. The "major" distributions come first, followed by distros based on Ubuntu, Debian, Red/Hat Fedora, Mandriva, Slackware, Arch and Gentoo. Next come some distros that are optimized for cloud computing, some very lightweight distributions, some that are designed to look as much like Windows as possible and finally, some notable distros that didn't seem to fit into any other category. Of course, some distributions could fit into more than one category, but we tried to place them where they seemed to fit most naturally.


Also, in limiting ourselves to the fifty, we undoubtedly left off some noteworthy Linux distributions. If you'd like to nominate one

1. Ubuntu


Canonical's Ubuntu is probably the most popular Linux distribution in the world for desktop computers. Recently released version 11.04 offers a new Unity interface. It's available in desktop, server and cloud editions, as well as in several variations that are included lower on this list.

2. Red Hat

The Red Hat company calls itself "the world's open source leader," and its server version of Linux is a particular favorite with enterprises. It's available only with a paid subscription, but does have a community version--Fedora.


3. Debian

This community-owned project provides the code base for a lot of other Linux distros, including Ubuntu, DSL, MEPIS and many others. It can be used for desktops or servers and all versions are completely free.


4. SUSE

Novell's version of Linux for enterprises is available only with a paid subscription (although you can download the very similar openSUSE for free). It claims to be "the most interoperable platform for mission-critical computing–across physical, virtual and cloud environments."

 

5. Linux Mint

Linux Mint boasts that it is the fourth most popular operating system for home users, behind Windows, OS X, and Ubuntu. It has a reputation for being very easy to use and it includes about 30,000 packages.


6. Slackware

First released in 1993, Slackware is one of the oldest Linux distributions. Popular with the geekiest of geeks, it relies heavily on command-line tools and is very similar to UNIX.


7. Gentoo

First released in 2002, Gentoo boasts "extreme configurability, performance and a top-notch user and developer community." It

8. <"http://www.archlinux.org/">Arch Linux


Arch is definitely not for Linux newbies, but its simple design makes it a favorite among long-time Linux users who are comfortable with the command line. By default, it installs a minimal base system but provides plenty of options for customization.


9. Fedora

Fedora is the free, community version of RedHat's popular Linux distribution, and it's been called "the best place to track what's on the leading edge of Linux and open source software." In addition to the standard desktop download, it's available in a number of specialized versions, which it calls "spins."


10. openSUSE


The free, community version of Novell's SUSE distro, openSUSE calls itself "Linux for open minds." It can be used on a desktop, laptop or server and can be installed or run live from a CD or USB drive.


Linux Distros Based on Ubuntu


11. Kubuntu

 

As the name suggests, Kubuntu is a Ubuntu fork that uses the KDE desktop instead of the Unity desktop. It's an excellent choice

12. Lubuntu


Lubuntu is lighter, faster, and uses less energy than its namesake, making it a good choice for mobile devices, including netbooks. It uses the LXDE desktop instead of the Unity desktop.


13. Xubuntu


And this is the version of Ubuntu that uses the Xfce desktop environment. It's available in both desktop and server versions.

 

14. Edubuntu


This version of Ubuntu has been tailored for the needs of schools. Like Ubuntu, Kubuntu and Xubuntu, it's sponsored by Canonical.


15. Easy Peasy


Designed for use on netbooks, EasyPeasy boasts millions of users in more than 166 countries. It was built to support social networking and cloud computing, and it offers very low power consumption for longer battery life on mobile devices.


16. Zentyal

Zentyal is a Ubuntu-based small business server that can act as a gateway, infrastructure manager, unified threat manager, office server and/or unified communication server. It's available as a free download or in paid, supported versions.

 

17. gNewSense


Supported by the Free Software Foundation, gNewSense is based on Ubuntu with a few changes, like the removal of non-free firmware. The name started as a pun on "Gnu" and "nuisance" and is pronounced guh-NEW-sense.


18. Pinguy OS


Built for new Linux users who need something that's even easier to use than Ubuntu, Pinguy OS makes it easy to find and use the programs average users need most often. It's also available in a DVD version for $5.99.

19. Bodhi Linux

 

Bodhi puts the focus on user choice and minimalism. It uses the Enlightenment desktop environment and a "software store" that makes it easy to find and install the open source applications you want to use.

 

20. MoonOS


Developed in Cambodia (English is supported), MoonOS is based on Ubuntu, but has a different file hierarchy system and appshell framework. It's designed for speed, great looks and low memory use.


Linux Distros Based on Debian


21. MEPIS


Debian-based MEPIS (also known as simplyMEPIS) is particularly popular with those new to Linux. It's available in free downloadable versions, or you can purchase a CD which makes trying or installing the software easy.

 

22. CrunchBang


Sometimes written #!, CrunchBang is a lightweight distribution based on Debian. It's a popular option for netbooks like the Asus Eee.

 

23. Knoppix


Suitable for beginners, Knoppix is an easy-to-use distribution based on Debian. It runs from a live CD, and if you don't want to go to the trouble to burn your own (or you don't know how), you can buy one for less than two bucks.

24. DreamLinux


This distro can be installed on your desktop or run easily from a USB drive. DreamLinux installs the Xfce desktop environment by default, but it also supports Gnome.


Linux Distros Based on Red Hat/Fedora


25. Mandriva

 

Owned by a publicly traded French company, Mandriva claims more than 3 million users worldwide. It's available in several editions, desktop and server, paid and unpaid, including a unique Instant On version that boots up with minimal functionality in less than 10 seconds.


26. CentOS


Short for "Community ENTerprise Operating System," CentOS is based primarily on Red Hat code. It's the most popular version of Linux for Web servers, accounting for about 30 percent of Linux-based Web servers.


27. Scientific Linux

Created by the folks at the Fermi National Accelerator Laboratory and the European Organization for Nuclear Research (CERN), as well as various scientists and universities, Scientific Linux (SL) aims to prevent scientists at each of these different institutions from having to recreate a Linux distribution that meets their needs. It's basically the same as Red Hat Enterprise Linux with a few slight modifications.

28. Fusion


Fusion describes itself as a "pimp my ride" version of Fedora. It offers good multimedia support and an interesting look and feel. It's best for more advanced Linux users who are looking for cutting edge, experimental applications.

Linux Distros Based on Mandriva


29. Unity

 

Instead of being built for end users, Unity is built to give developers or advanced Linux users some modular pieces they can use to create a customized distribution. Despite its name, it has nothing to do with the Unity desktop used by Ubuntu; instead, the Unity OS uses the OpenBox graphical environment.

30. Mageia


In 2010, a group of Mandriva developers began this community-driven fork following some ownership changes at the company that owns the Mandriva project. It's currently in beta, but the first official release is due in a few weeks.

Distros Based on Slackware


31. ZenWalk


Originally based on Slackware and called "Minislack," ZenWalk has evolved to become a modern, fast, lightweight distribution that's easy to use. It's available in five versions: standard, core, live, Gnome and Openbox.


32. Vector Linux


VectorLinux's credo is "keep it simple, keep it small and let the end user decide what their operating system is going to be." In addition to the free download, it's also available in a supported "deluxe" edition.


33. Frugalware


Like Slackware, Frugalware is best for users who aren't afraid of the command line, although it does have some graphical tools. It's designed with simplicity in mind.


34. Salix OS


Salix compares itself to a bonsai tree in that it is "small, light and the product of infinite care." It comes in four different versions for the Xfce, LXDE, Fluxbox and KDE desktop environments.

Linux Distros Based on Arch Linux


35. Chakra

 

Based on ArchLinux, Chakra uses the KDE desktop. It uses a unique "bundles" system to let users access Gtk apps without actually installing them on the system.


36. ArchBang


This Arch variant uses the Openbox Window Manager. It's fast and lightweight, and offers many of the same customization capabilities as Arch.

Linux Distros Based on Gentoo

 

37. Sabayon


Named after an Italian dessert, Sabayon aims to be the "cutest" Linux distribution — "as easy as an abacus, as fast as a Segway." It's based on Gentoo, and it supports the KDE, Gnome, LXDE and Xfce desktop environments.

Cloud Computing Distros


38. Joli OS

 

Joli installs in just ten minutes and is optimized for cloud computing applicatons. Use it to breathe new life into an old PC, or you can run it alongside Windows.


39. Peppermint


A good choice for netbooks or older PCs, Peppermint is designed to work with cloud and Web apps. The name might make you think it's based on Mint, but it's not. It's actually based on Lubuntu, which of course, is based on Ubuntu.


Lightweight Distros


40. aLinux


Formerly known as Peanut Linux, aLinux is designed to be both fast and multimedia-friendly. Its graphic interface provides an easy transition for former Windows users.


41. DSL


At just 50MB, this distro lives up to its name – Damn Small Linux (DSL). As you might expect, it's very fast and runs on older PCs, as well as fitting onto small USB drives and business card CDs.


42. Tiny Core Linux


One of the smallest Linux distros available, Tiny Core weighs in at just 10MB in its GUI version. The command line version, Micro Core, is even smaller – just 6MB.


43. Puppy Linux


Small and fast, Puppy is designed to be installed on a USB thumb drive that users can take with them and boot from any PC. It takes up about 100 MB, boots in less than a minute, and runs from RAM for maximum speed.

Windows-Like Distros


44. Zorin OS


Unlike most Linux distributions, Zorin was designed to look and feel as much like Windows as possible – only faster and without as many bugs. It's available in both free and paid verions.


45. Ylmf OS


Like Zorin, Ylmf's interface looks a lot like Windows, in this case the Windows XP classic look. Created by Chinese developers, it's available in either Chinese or English, and it's based on Ubuntu.


Other Distros


46. GoboLinux


GoboLinux's claim to fame is that is doesn't use the Unix Filesystem Hierarchy Standard, but instead stores each program in its own sub-directory in the Program directory. That means that it's a little bit easier to use for Linux newbies or experienced Linux users who like to install applications from the original source code.


47. PCLinuxOS


Designed to be easy to use, PCLinuxOS can be run on a Live CD or installed on a desktop or laptop. It supports seven different desktops, including KDE, Gnome, Enlightenment, XFCE, LXDE, and others.


48. MeeGo

 

Based on Intel's Moblin and Nokia's Maemo, MeeGo is known as a smartphone OS, but it can also be used on netbooks and other mobile devices. With Nokia moving to Windows Phone 7 for future headsets, MeeGo's future is uncertain.


49. Chrome OS/Chromium OS

 

Google's operating system goes by two names, which can make things confusing. Officially, "Chromium OS" is the open source version used primarily by developers, and "Chrome OS" is the name for the version of the operating system Google plans to include on netbooks for end users. And just to make things even more confusing, both projects share a name with Google's Web browser. For now, Chromium OS (the only version available for download) is really only suitable for advanced users and developers.


50. Musix GNU+Linux


As its name implies, Musix is geared for multi-media enthusiasts, particularly those involved in audio editing. It can boot from a live disk or be installed on a system.


Please comment...


Stockton and Lemuria: Case Closed

Posted on June 16, 2017 at 8:50 PM Comments comments (1)

Stockton and Lemuria: Case Closed


Record columnist

Mike Fitzgerald

Posted Jun 3, 2017 at 1:30 PM


A New York paranormal researcher and filmmaker says he’s finally cracked the case of a mysterious man who pulled off the most outlandish flimflam in Stockton history.


Stephen Sindoni says after years of sleuthing he’s discovered the true identity of a ‘J.C. Brown’ who in 1934 tricked scores of Stocktonians into believing in a fabled place called Lemuria.


“The information below will connect the dots,” Sindoni writes. “American folklore and legend has now one less mystery.”

Come with me down the rabbit hole as I explain. And remember, I don’t make ’em up. I just report ’em.


The Stockton Record of June 9, 1934, reported that 80 Stocktonians were found that morning at the inner harbor waiting in vain for boats. When questioned, the people said they had signed onto an archeological expedition. One supposed to take them north to Mount Shasta and deep inside the mountain.


There, these people believed, recently had been discovered remains of a race of higher beings, the Lemurians. Lemuria is a legend, “the Atlantis of the Pacific.” Many Stocktonians had sold their houses and quit jobs, expecting to become rich and famous, like Lord Carnavon had done a decade earlier by discovering the treasure-filled tomb of Tutankhamen.



Except the boats didn’t come. It was all bullpucky. The Record ran a jubilant, top-of-the fold, page 1 headline: 80 Stocktonians Left Behind in Search for ’Lost Continent.′ When the reporter got around to the “who” and “why,” the victims said they had been attending daily lectures on Lemuria held in a house on the 1700 block of North San Joaquin Street. The lecturer, a mining engineer who claimed to have discovered it, called himself J.C. Brown.


Cultured, white-haired, Brown, 79, said he had stumbled onto a hidden door on Mount Shasta while doing geological research. The door opened onto a tunnel. In spellbinding detail, Brown described descending 11 miles to what he called “the Village” and finding among its dwellings, streets and ornate altars 27 skeletons of beings up to 10 feet in height; an embalmed king and queen; and a fortune in gold, radium and copper.


Brown was supposed to lead the expedition. But on departure day the boats (which had unbreakable Lemurian glass bottoms, Brown said) Brown did a royal Houdini. He was never heard from again.


Reporters investigating found he wasn’t who he said he was. But they never established Brown’s true identity. Or why he’d run such an elaborate ruse — he never took a penny from anybody.


I reported this delightful, baffling tale 10 years ago. Sindoni plucked it off the web. Sindoni became — I won’t say obsessed — determined to unravel the mystery of J.C. Brown.


The twist (as if this saga needs another one) is that Sindoni is one of those New Age/ufologist-types who really believes in Lemuria and other paranormal things.


He’s traveled to Stockton with a film crew to film locations (and me, sheepishly). He’s scoured the side of Mt. Shasta for the hidden door. For a decade he’s burrowed into archives in America and the United Kingdom to find who J.C. Brown really was.


“It is my strong belief that that J.C. Brown was really a man named John Benjamin Body,” Sindoni said. J.B. Body really was a (retired) mining engineer who had worked in Mexico and elsewhere for the Lord Cowdray Mining Company of England.



Sindoni unearthed records that show Body’s in-laws lived in a house right across San Joaquin Street from the one in which he lectured about Lemuria.


So it appears the man who pulled off the biggest prank in Stockton history was really a visiting retiree named J.B. Body.

But why? Who does that? Powered, perhaps, by energy from the vortex surrounding Mount Shasta we’ll find answers one day.


Comments welcome...

FBI Refuses to Release the Tool Used to Hack Terrorist's iPhone

Posted on June 2, 2017 at 3:40 PM Comments comments (0)

Feds believe that tools can still be used to unlock devises for investigations. The FBI has refused to disclose information about the tool it used to hack into the iPhone of San Bernadino shooter Syed Farook.


Initially, the FBI asked Apple to create a back door so they could access the content of Farook's iPhone. Apple refused to create the backdoor, statint that once there, it can be used over and over.


Now it's clear that Apple's concerns were correct. According to ZDNet, "Justice Department officials say that details of a hacking That contradicts the statement made by FBI director James Comey where he tried to downplay the scope of the tool. Last year Comey said that the tool affects only the iPhone 5c running IOS 9. Despite initial considerations to share the vulnerability it exploited to unlock the iPhone with Apple, the FBI later refused to disclose any such information with the company.



The FBI reportedly wasted more than $1 million dollars to crack the iPhone in question, even though they did not extract any valuable information from the device. Last year the FBI was sued by three news organizations to disclose more information about the hack.

 


On March 13, 2017, David Hardy, section chief of the FBI's records management division, said in a court filing, "Disclosure of this information could reasonably be expected to cause serious damage to national security as it would allow hostileentities to discover the current intelligence gathering methods used, as well as the capabilities and limitations of these methods."


The FBI's refusal to share the flaw with Apple and the public is a double-edged sword. It's not just government agencies exploiting such flaws; there are security organizations whose primary business it is to find such flaws and sell them to criminals and repressive governments. By not disclosing information about the tool, the FBI is apparently putting every iPhone 5c user out there at risk of being hacked.


So, what is the solution? Get a Tracphone or communicate with a bongo drum... But if use Linux all of these situations will instantly disappear. Now we all know why President Trump fired the FBI director.. Comments please..


Microsoft's Patch Tuesday Is Back

Posted on June 2, 2017 at 3:35 PM Comments comments (0)

Microsoft missed the entire month of February, leaving Windows users exposed to attacks. After missing Patch Tuesday in February, Microsoft has released security updates for March. The latest updates fix more than a dozen vulnerabilities.


According to Wccftech, "Among the patches, Microsoft has also fixed a 'critical' flaw, which was publicly disclosed earlier last month following Microsoft missing February's Patch Tuesday. The exploit code related to a Windows SMB bug was made available by Laurent Gaffie, but Microsoft hasn't credited Gaffie in the bulletin."

 

One of the most severe vulnerabilities was in Microsoft SMB Server, which, according to the Microsoft security bulletin, "could allow remote code execution if an attacker sends specifically crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server."

 

You can read more about all of the vulnerabilities that were patched in this update online. What's not still clear is why Microsoft delayed February's patches, especially in times when government agencies and cybercriminals are rigorously finding and exploiting any such vulnerabilities. It's also unknown why Microsoft didn't patch many serious vulnerabilities for more than three months that were discovered by Google researchers .

 

Isn't it time you learned Linux? Comments please.

DoubleAgent: Unpatchable Windows Vulnerability Discovered

Posted on June 2, 2017 at 3:25 PM Comments comments (0)

Researchers at Cybellum, an Israeli zero-day prevention firm, have discovered a vulnerability in Windows that allows attackers to take complete control of the system. Named DoubleAgent, the vulnerability affects all the versions between Windows 10 and Windows XP.


According to Cybellum, "DoubleAgent gives the attacker the ability to inject and DLL into any process. The code injection occurs extremely early during the victim's process boot, giving the attacker full control over the process and no way for the process to protect itself. The code injection technique is so unique that it is not detected or blocked by any antivirus."

 

Cybellum said in its report that because DoubleAgent exploits a 15-year old legitimate feature of Windows, it cannot be patched. What makes things worse is that DoubleAgent continues to inject code after reboots, which enables it to survive reboots,

updates, reinstalls, and patches. Cybellum said that once the attacker decides to inject a dynamic-link library (DLL) into a process, they are "forcefully bounded forever. Even if the victim would completely uninstall and reinstall its program, the attacker's DLL would still be injected every time the process executes."


Even antivirus programs can't prevent attacks because DoubleAgent takes complete control of any antivirus program by "injecting code into it while bypassing all of its self-protection mechanisms. The attack has been verified and works on all major antiviruses including but not limited to: Avast, AVG, Bitdefender, Comodo, ESET, F-Secure, Kaspersky,Malwarebytes, McAfee, Norton, Panda, Quick Heal and Trend Micro" said Cybellum.


So What is the solution? For starters, you a LIVE Linux DVD. Then copy all of your files to an external hard drive if necessary. Then uninstall Windows and reinstall a new Linux Operating System. The problem will be solved. Please comment....

Hackers Threaten to Wipe More Than 300 Million Apple Devises Remotely

Posted on June 2, 2017 at 3:25 PM Comments comments (0)

A group of hackers that call themselves the "Turkish Crime Family" claim that they have access to more than 300 Million accounts of Apple users, including @icloud and @me domains. The group is demanding a ransom of $75,000 in Bitcoin or Ethereum or $100,000 in iTunes gift cards.


The news was first reported by Motherboard. In an email exchange with Motherboard, the hacker said "I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing."


In a comment to Motherboard, an Apple spokesperson downplayed the attack, saying "There have not been any breaches in any of Apple's systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have many bugs.


The spokseperson added that the company is actively monitoring to prevent unauthorized access to user accounts and is working with law enforcement to identify the criminals involved.


At first, the claims did not seem credible because the ransom was so low, the number of stolen passwords were too high,and the hackers kept escalating their numbers (from 300 to 559 to 627 million accounts.) Recent investigations with about 

70,000 purported iCloud accounts released by the hackers to journalists for verification, however, indicate that a number of the stolen accounts are valid.

 

The best way to avoid falling prey to such cybercriminals is to use strong passwords, and to quickly learn a Linux Operating System with a LIve DVD. Looking forward to your comments....


Windows Helping The Spread of loT Malware

Posted on May 30, 2017 at 1:40 PM Comments comments (0)

Dr. Web, a cyber firm, has found a Windows trojan that helps spread the infamous

Mirai botnet across LoT (Internet of Things) devises. The newly found trojan targets

Windows systems, and once installed, the trojan scans the network for connected LoT

devises. If it finds a vulnerable devise, it compromises the devise and uses it in later

attacks. Last year in October, Mirai brought down a huge chunk of the Internet by

launching a DDoS (Distributed Denial of Service attack on the DYN managed DNS

service.


The Windows trojan doesn’t stop at compromising the LoT devises; it continues to

spread itself to other Windows devises to further find and exploit more LoT devises.


Researchers noted that the malware could also identify and compromise database

services running on various ports, including MySQL and Microsoft SQL, to create

a new admin phpminds with the password phpgodwith, allowing attackers to steal

the database.


At this time, it is not known who created the trojan, but the attack design demonstrates

that LoT devises that are not directly accessible from the Internet can also get hacked

to join the Mirai botnet army.


LoT devises are already vulnerable to infection, so why are malware writers targeting

Windows? Primarily because Windows still dominate the market and it gives the

malware writer’s another platform to spread the botnet.


This is not the only security hole plaguing Microsoft’s products. Earlier, Google disclosed

flaws in Microsoft’s GDI library that affects every Window version all the way back to

Windows Vista. Another unpatched flaw that effects the SMB protocol, allowing attackers

to crash the system.


In a previous blog post, I have cited the preceding paragraph of information. Isn’t is time

you the reader switch to a Linux Operating System? Comments welcome.


Google Discloses Serious Security Flaws In Microsoft Products

Posted on May 29, 2017 at 2:15 PM Comments comments (0)

Google disclosed an unpatched vulnerability in Internet Explore and Microsoft Edge web browsers. After giving Microsoft 90 days to fix the problem, Google researchers have published the details of the vulnerability along with proof-of-concept code. The security hole affects all supported Windows versions, including Windows 7, 8, 8.1, and 10.


According to The Hackers News, “The vulnerability (CVE-2017-0037) discoveredand disclosed by Google Project Zero’s team’s researcher Ivan Fratric, is a so-called ‘type confusion flaw’ in a module in Microsoft Edge and Internet Explorer thatpotentially leads to arbitrary code execution.”


Google discovered the vulnerability in November 2016 and reported it to Microsofton November 25, but for unknown reasons, This is not the only hole plaguing Microsoft’s products. Earlier, Google discovered flaws in Microsoft’s GDI library that affects every Window version all the way back to Windows Vista. Another unpatched flaw affects the SMB protocol, allowing attackers to crash the system.


Isn’t it time you tried a Linux Operating System? Comments appreciated...


God's Chosen People

Posted on May 27, 2017 at 12:10 AM Comments comments (0)

BY

Lisa Riordan Seville

SPECIAL TO THE NEW YORK DAILY NEWS

Tuesday, May 17, 2016, 4:00 AM

Little boys in yarmulkes peer from apartment balconies, watching the men below toss bread into a bonfire.

The annual spring ritual marks the first day of Passover in the Hasidic Jewish enclave of South Williamsburg, Brooklyn, where daily life is built on ancient laws and religious devotion. But the insular community depends on outside money to survive — federal subsidies to help many low-income Hasidic families cover the rent.

New York City’s 123,000 vouchers make this the largest Section 8 voucher program in the country. Reluctant landlords and rising rents are making vouchers nearly impossible to use in many areas of the city. Tenants, especially larger families, are

The neighborhood is home to one of the highest concentrations of Section 8 housing vouchers in the city, according to federal data analyzed by WNYC and the Daily News. In several of its census tracts, Section 8 tenants compose more than 30% of

SPECIAL REPORT: NYC Section 8 residents talk fears of being forced out

The difference: In Brooklyn, the Section 8 tenants live smack in the middle of one of the city’s hottest real estate market.

The juxtaposition happened over years, not overnight. Leaders leveraged longstanding political connections to win favorable zoning changes. Local developers bought and built to meet the need. Residents organized to get in line for rental subsidies. Block by block, the community created a de facto free market, affordable housing plan.

It’s only possible in a tight-knit community where the haves help the have-nots, said Rabbi David Niederman, a community leader and local power broker.

“We have people keeping the price lower,” said Niederman, executive director of United Jewish Organizations of Williamsburg. “Even a person living on Section 8 can pay the monthly rentals.”

Brooklyn tenants fuming over landlord's inaction following blaze.

Skeptics suggest an off-the-books economy has underpinned development within this community. Many residents bank informally and property is regularly swapped between family members and holding companies.

“There’s a cash economy and things are not done strictly according to law,” said Marty Needleman, executive director of Brooklyn Legal Services and a community advocate who has clashed with the Hasidim for years over fair-housing issues.

All sides agree the community is clamoring for affordable housing, a demand fueled by one of the highest birthrates in the city. Ultra-Orthodox Jewish couples typically marry in their late teens and have many children.

A sliver of the community makes money in diamonds, real estate and trading. But many men favor religious study over work, and most women stay at home, so money can be tight. Those who work are often relegated to low-wage jobs due to a lack of secular education.

Old-timers recall the days when kids slept in bathtubs or on fire escapes.


Comments please...


Rss_feed