Developers of the Gentoo Linux distribution warned users on Thursday that one of the organization’s GitHub accounts was compromised and that malicious code had been planted by the attackers.
“Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there. We are still working to determine the exact extent and to regain control of the organization and its repositories. All Gentoo code hosted on GitHub should for the moment be considered compromised,” Gentoo said on its website.
According to Gentoo developer Francisco Blas Izquierdo Riera, the attacker replaced the portage and musl-dev trees with malicious ebuilds designed to remove all files from a system. However, the developer says the code doesn’t actually work as intended in its current form.
Ebuilds are bash scripts used by Gentoo Linux for its Portage software management system.
Gentoo pointed out that code hosted on its own infrastructure is not impacted and the Gentoo repository mirrors are hosted in a separate GitHub account that does not appear to be affected by the breach.
“Since the master Gentoo ebuild repository is hosted on our own infrastructure and since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org,” users have been told.
Gentoo users have been advised not to utilize any ebuilds obtained from the compromised GitHub account prior to 18:00 GMT on June 28, 2018. GitHub has suspended the hacked account.
“All Gentoo commits are signed, and you should verify the integrity of the signatures when using git,” Gentoo said.
) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
In the world of technology, things are always moving at an extremely fast pace and there is always a new and exciting project just around the corner. While this is, of course, a great problem to have, it can be quite stressful at times trying to keep track of your business workflow and the speed at which everyone is working at.
However, if you are looking to run a successful business, this is vital information that you will need to know. In the technology industry, there are lots of different methods and tools for you to choose from that will help you get things done and help keep your team on track but by far the most popular tool is the Kanban board. You will most likely have heard of the Kanban board or you may even have used it in a previous job role. This work management tool has been around for a very long time, proving it is definitely not a fad and that it is here to stay. It will help you to prioritise your workflow and simply help to get things done.
As we live in a world now overrun with technology, there is no escaping it. However, it has given us the opportunity to be more creative and productive than ever before. Kanban boards allows us to manage work and life visually and here we are taking you through five reasons why Kanban works well in the technology industry and exactly what is a Kanban board.
Works Well Within Agile Teams
Does your company operate as an agile team? An agile team is simply a team that empowers each other, speaks with customers, involves stakeholders and the people who are doing the work are also the ones who are planning it. Agile teams absolutely love Kanban as it allows the team to visualise their work flow and provides transparency across all aspects of the business.
Works Well in the Lean Approach
Across the technology industry, and software development in particular, the Lean work approach is usually taken and Kanban fits in extremely well with this. When we speak about Lean, what we are referring to is the Lean manufacturing and product development process. With this process, you can create a scheduling process and this also shows you how much you need to produce. A Kanban board will allow you to visually see your scheduling process and the areas where production is going well, as well as the areas which may need more investment.
Be Smart in Your Workplace
In the technology industry, there will be certain expectations of you. This will include being smart, reliable, a team player and productive. Not only, that managers and organisations will face similar pressures to be as productive as they possibly can, while maintaining a competitive edge. This is why Kanban boards are great for the technology industry!
With these boards, you will be able to provide visual management to all levels of the team and give up-to-date information about the progress of projects. This will give you an idea of where there are bottlenecks in the system so you can solve this and make your workflow more efficient. This board makes it easier for you focus on the right tasks, prioritise work and become a more efficient team.
With Kanban Boards, they will help your team to engage with each other better and promote better communication. Part of the Kanban concept is that this also helps managers to effectively keep control of their teams. Using this method allows you to successfully optimise resources and improve communication so that you can better accomplish business goals with the resources you have. Your team should feel empowered by a Kanban board and will help them to get the job done, so to speak. As managers are being more engaging with the tech team, this promotes a much better working environment.
Furthermore, Kanban is especially helpful when you are managing a mobile workforce. You need trustworthy tools that provide real-time collaboration and it is perfect for those situations where people are working remotely.
Being Tech Savvy
As you are working in the tech industry, you should have absolutely no problems trying to use a Kanban board. Smart phones make it incredibly easy for us to access this information and you can access your Kanban boards anytime, anywhere. Rather than having lots of different spreadsheets filled with information, why not compile it all into one place to make the whole process easier.
Technology is an industry that is driven by productivity and collaboration, making it perfect for Kanban board management software. Try it out in your tech business today.
Security researchers have been warning of a new trick that cybercriminals are leveraging to hide their malicious code designed to re-introduce the infection to steal confidential information from Magento based online e-commerce websites.
So, if you have already cleaned up your hacked Magento website, there are chances your website is still leaking login credentials and credit card details of your customers to hackers.
More than 250,000 online stores use open-source Magento e-commerce platform, which makes them an enticing target for hackers, and therefore the security of both your data and your customer data is of the utmost importance.
campaigns in the wild, cybercriminals are currently using a simple yet effective method to ensure that their malicious code is added back to a hacked website after it has been removed.
To achieve this, criminals are hiding their ‘credit card stealer reinfector’ code inside the default configuration file (config.php) of Magento website, which gets included on the main index.php and loads with every page view, eventually re-injecting the stealer code into multiple files of the website.
Since config.php file gets automatically configured while installing Magento CMS, usually it is not recommended for administrators or website owners to change the content of this file directly.
Here’s How Magento’s Reinfector Code Works
The reinfector code spotted by researchers is quite interesting as it has been written in a way that no security scanner can easily identify and detect it, as well as it hardly looks malicious for an untrained eye.
Hackers have added 54 extra lines of code in the default configuration file. Here below, I have explained the malicious reinfector code line-by-line, shown in the screenshots, written inside the default config.php file.
At line no. 27, attackers set error_reporting() function to false in an attempt to hide errors messages that could reveal the path of the malicious module to site admins.
From line no. 31 to 44, there’s a function called patch() that has been programmed to append the malicious code for stealing confidential information into legitimate Magento files.
This patch() function uses 4 arguments, values of which defines the path of a folder, name of a specific file resides in that path needs to be infected, file size required to check if it is necessary to reinfect the given file, a new file name to be created, and a remote URL from where the malicious code will be downloaded in real-time and injected into the targeted file.
From line 50 to 51, attackers have smartly split up the base64_decode() function in multiple parts in order to evade detection from security scanners.
The line 52 includes a base64 encoded value that converts to “http://bit.ly/2tnNgYJ” after getting decoded using the function defined in line 50-51.
The next four sets of variables from line 54 to 76 define the four values required to pass arguments to the patch() function mentioned above.
The last line of each set includes a random eight character value that concatenated with the link variable encoded in line 52, which eventually generates the final URL from where the patch() function will download the malicious code hosted on remote Pastebin website.
From line 78 to 81, attacker finally executes patch() function four times with different values defined in line 54-76 to reinfect website with the credit card stealer.
“As a rule of thumb, on every Magento installation where a compromise is suspected to have taken place, the /includes/config.php should be verified quickly,” researchers advise.
It should be noted that similar technique can also be used against websites based on other content management system platforms such as Joomla and WordPress to hide malicious code.
Since attackers mostly exploit known vulnerabilities to compromise websites at the very first place, users are always recommended to keep their website software and servers updated with the latest security patches.
Maybe one day I’ll try an e-scooter, but for now, after spending weeks reading about their sudden emergence in cities across the U.S., with writers everywhere gushing about how, actually they’re cool, and that they could develop into a viable business and ease congestion, I’ve concluded that I absolutely hate them. Fuck scooters.
Maybe it is, for you. I’m content with my perspective.
For me, it boils down to championing new-age tech ideas, like ride-hailing, bike-sharing, fucking scooters as a solution for public transportation failures. Time and again, ever since Uber barged into the room but probably before that, Silicon Valley has trotted out some form of the argument that so-called “mobility” options will be more environmental-friendly than transportation systems of yesterday, and, more notably, rein in soul-sucking congestion.
None of this, to date, has been proven true. And now with e-scooters barreling into the public limelight, scooter-renting startups are offering up the same ham-fisted official line. Instead of adequately funding public transportation, they’re effectively saying, try this shiny new toy.
In a recent piece about his transformation into a scooter devotee, Kevin Roose, a writer for TheNew York Times, tossed in this line (emphasis mine):
They’re lightweight and emission-free. They don’t require bulky docks or parking lots, and they’re perfect for trips that are too long to walk but too short to justify driving or hailing a car. If they take off, they could alleviate congestion and become a low-cost way of getting around cities without robust public transportation systems.
Holy shit, do I ever disagree. It reminded me of a story I heard a couple years back while I was living in Detroit.
In the general election that year, voters headed to the polls to cast ballots not just for the president, but a measure that would’ve created Metro Detroit’s first ever regional transit authority. If passed, it would’ve commenced the creation of a robust Bus Rapid Transit network, established more cohesion between the city and suburban bus systems, and, finally, put the region on some sort of path to beefing up its historically god-awful public transit system.
Voters shot it down. A friend shared their story about a voter in an outer-lying community who explained why they rejected it: It’s not just a waste of taxes, this person said. Low-income folks could just use Uber, they said.
Mind you, a bus pass there costs roughly $50 per month, and while Detroit’s transit system is a disaster, that’s a more affordable fare than daily roundtrips via Uber. Hell, you could hit $50 in a day or two taking Ubers and cabs. And I find it highly doubtful that subsidies for Uber and Lyft could lower the price enough for a low-income resident.
That’s the thing: Scooters cannot beef up transit options in places like Detroit. No Detroit resident’s going to pick up an electric scooter to get to their job in the suburbs. (Though imagining David Tracy picking up a scooter at the airport and riding along the I-75 service drive for two hours, backpack full of Jeep parts, to his home in the suburbs, is funny to consider.)
I’m not offering this up as some lame Luddite response to a new mode of transportation—there shouldbe a platter of options to get around town. But my chief concern is that mobility solutions, like e-scooters, are being used and championed as an excuse to not adequately fund public transportation, which can actually move a mass of people at a high rate of speed.
Maybe that’s a very basic criticism, but the implicit premise of Mobility, certainly as Silicon Valley has been using it, is anything but actual public transit. Tech is the savior, the solution, the gospel, but when it comes down to it, if public transportation was adequately funded, a robust network of trains and buses could actually alleviate congestion and cost issues.
And here’s the thing. I can’t find a reasonable argument one way or another if e-scooters will one day turn a profit—which is a common criticism levied against the idea of governments funding the operations of public transit systems. Instead of the government, now we have rich venture capitalists bankrolling, controlling and subsidizing Mobility, and I’m not sure how to view that as being anything but a detriment to, uh, a much, much larger swath of the population.
Can e-scooters make money? Typically that’s something a business takes into consideration as a long-term goal. So I posed the question on Twitter yesterday, after news broke that e-scooter renter Bird reached a valuation of $2 billion, about whether it has the ability to eventually make a profit. The answers I got in return were all over the place.
If you figure that Bird might make around $2.50 per ride in revenue, there are some estimates that Bird might make $14 million a year. But after paying for maintenance, charging and overhead, there might only be $1 million left.
Not such a pretty picture!
Here’s another response:
All over the goddamn board. Everyone can put together a model, but the upshot is, it’s a total guess, just like Uber guessed it could artificially suppress the prices of taxi rides with its massive amount of funding, and snap up enough market share to start turning a profit. But nearly a decade after launching, it’s still just bleeding cash.
Could scooters work inside a wealthy Bay Area city like San Francisco? Maybe; I’m not arguing against that. But it’s so tiresome to see Silicon Valley ideas placed on a pedestal, when in reality, you could fund a standard set of public transit options—trains, buses, subways—and benefit more of the living, breathing public.
I’m sure someone’s winding up right now to point to New York City’s subway and all the bitching we do about it, but the complaints stem from the fact that an objectively sound, effective, good public transit system is falling apart from poor funding and management. When it works (and it does work!), it’s a marvelous achievement to behold. Other countries can do it. There is no reason America cannot.
Rather than float solid proposals to beef up and improve existing public transit systems, though, policymakers and the tech-adoring public flock to the possibilities of our mobility future. So, we get scooters—or, another example, projects like Elon Musk’s new hyper-speed train for Chicago, which won an actual contract to build a system that’ll be able to move as many people in total in a single hour as one train on the New York subway train. Musk has never built or operated a public transit system in his career.
Are scooters fun? That’s what everyone seems to think. That’s cool. Is it an actual solution to ease congestion and provide more affordable modes of transportation to people across the U.S.? No.
Sony’s E3 2018 press conference is hardly under way, but it’s already brought us one of our favorite moments of the whole event thus far. And it was just a simple, lovely kiss.
The event opened up with a gameplay trailer for The Last of Us Part 2, which looked bloody and beautiful and a whole mess of other things. All well and good, but the cutscene that preceded and succeeded all the action is what really did it for us, because Ellie shared a loving kiss rarely seen in game trailers.
The scene features Ellie standing at a party, looking slightly awkward, hanging by the wall. But a woman — her partner, presumably — pulls her onto the dancefloor. They chat, they swirl, they look into each other’s eyes … and then they kiss.
It’s a sweet kiss, even a realistic one; and it’s between two women, which we hardly ever see highlighted in games as major as The Last of Us Part 2. And as the opening of an E3 press conference, no less!
It’s a kiss that literally transports Ellie somewhere else. The trailer then cuts away into gameplay, and the romance is shattered by a whole bunch of death. By the end of it, though, we’re back in that kiss.
We hope to see many more of those kisses in the otherwise brutal, bleak The Last of Us Part 2. And if you want to rewatch Ellie enjoying one of those rare tender moments, Dorkly’s Tristan Cooper threaded both scenes together without that depressing cutaway. That’s below.
At the VivaTech conference in Paris, Alphabet CEO Eric Schmidt was asked about Elon Musk’s warnings about AI. He responded by saying: "I think Elon is exactly wrong. He doesn’t understand the benefits that this technology will provide to making every human being smarter. The fact of the matter is that AI and machine learning are so fundamentally good for humanity." TechCrunch reports: He acknowledged that there are risks around how the technology might be misused, but he said they’re outweighed by the benefits: "The example I would offer is, would you not invent the telephone because of the possible misuse of the telephone by evil people? No, you would build the telephone and you would try to find a way to police the misuse of the telephone."
After wryly observing that Schmidt had just given the journalists in the audience their headlines, interviewer (and former Publicis CEO) Maurice Levy asked how AI and public policy can be developed so that some groups aren’t "left behind." Schmidt replied that government should fund research and education around these technologies. "As [these new solutions] emerge, they will benefit all of us, and I mean the people who think they’re in trouble, too," he said. He added that data shows "workers who work in jobs where the job gets more complicated get higher wages — if they can be helped to do it." Schmidt also argued that contrary to concerns that automation and technology will eliminate jobs, "The embracement of AI is net positive for jobs." In fact, he said there will be "too many jobs" — because as society ages, there won’t be enough people working and paying taxes to fund crucial services. So AI is "the best way to make them more productive, to make them smarter, more scalable, quicker and so forth."
If you can’t imagine your life without social media, that’s a sign that you’ve fallen a victim to the evil power of social networking. It also means that you’ve experienced one (or more) of the negative effects of social media on society.
Let’s explore the darker side of social media and exactly how (and why) it’s bad for you. You’ll be surprised to learn the negative effects of social media are both physical and mental. It can change your perception of the world and yourself, and not always for the better.
Don’t believe us? Then read on to find out some of the negative effects of social media. And if you recognize any of them as your own symptoms it may be time to consider stop using social media altogether.
1. Depression and Anxiety
Do you spend more than two hours per day on social media? Spending too long on social networking sites could be adversely affecting your mood. In fact, you’re more likely to report poor mental health, including symptoms of anxiety and depression.
? If you turn to the same research (and common sense), the recommended amount of time you should spend on social networks is half an hour per day. So, as with so many things in life, it’s all about moderation.
Before social media, bullying was something only done face-to-face. However, now, someone can be bullied online anonymously. Today everyone knows what cyberbullying is, and most of us have seen what it can do to a person.
While social media made making friends easier, it also made it easier for predators to find victims. The anonymity that social networks provide can be used by the perpetrators to gain people’s trust and then terrorize them in front of their peers.
These online attacks often leave deep mental scars and even drive people to suicide in some cases. You’ll be surprised to find out that cyberbullying isn’t just affecting kids, but also full grown adults.
Fear of Missing Out (FOMO) is a phenomenon that was born at the same time as Facebook—and it’s one of the most common negative effects of social media. FOMO is basically a form of anxiety that you get when you’re scared of missing out on a positive experience or emotions that someone else is getting.
This fear is constantly fueled by your social media engagement. The more you use social networks, the more likely you are to see that someone is having more fun that you are right now. And that’s exactly what causes FOMO.
4. Unrealistic Expectations
This one probably comes as no surprise, but social media helps you to form unrealistic expectations of life and friendships. The networks that do it most are Facebook, Instagram, and Snapchat. Those are the social media platforms that severely lack online authenticity.
Today, body image is an issue for many people of both sexes. Of course, seeing those perfect in accordance with the society standards people on a daily basis makes you conscious about how different you look from those pictures. And not everyone comes to the right conclusions in this situation.
6. Unhealthy Sleep Patterns
On top of increased rates of anxiety and depression, spending too much time on social media can lead to poor sleep. Numerous studies have shown that increased use of social media has a negative effect on your sleep quality.
Social media is often described as being more addictive than cigarettes and alcohol. With the worst social media apps being Facebook, Instagram, and Snapchat when it comes to addiction.
Don’t know if you’re addicted to your social networks? Think when was the last time you went a full day without checking your social media accounts? What if your favorite social networks completely disappeared tomorrow; would it make you feel empty and depressed?
If you just realized you’re addicted to social media, don’t worry, as most of us are there with you in varying degrees. And it’s not necessarily a reason to go and wipe yourself off all those social networking platforms.