An anonymous reader writes: Facebook Live was launched last year, allowing public figures and celebrities to live stream to their timeline. Today, Facebook has released a host of new features to its live broadcasting tool, which lets anyone post live streams of themselves to their timeline. Not only can users add filters to their videos, but they can also draw and add doodles as well. “Live Reactions” lets people react in a similar way to live videos as they do to posts, and it will also allow people to replay the comments they receive during their stream. The site has also added new ways of finding videos, either by location or by inviting friends. It also features a new button for people to ask their friends to watch a live video alongside them, for example. The live streaming features are limited to people in the U.S. right now, with new features rolling out to iOS and Android devices “in the coming weeks, ” the company said. Read more of this story at Slashdot.
Tag: linkedin
Outdated and Vulnerable WordPress, Drupal Versions Contributed To Panama Papers Breach
An anonymous reader quotes a report from WordPress Tavern: Authorities have not yet identified the hacker behind the Panama Papers breach, nor have they isolated the exact attack vector. It is clear that Mossack Fonseca, the Panamanian law firm that protected the assets of the rich and powerful by setting up shell companies, had employed a dangerously loose policy towards web security and communications. The firm ran its unencrypted emails through an outdated (2009) version of Microsoft’s Outlook Web Access. Outdated open source software running the frontend of the firm’s websites is also now suspected to have provided a vector for the compromise. Forbes has identified outdated WordPress and Drupal installations as security holes that may have led to the data leak. [WordPress Tavern Editor Sarah Gooding] found that the firm’s WordPress-powered site is currently running on version 4.1 (released in December 2014), based on its version of autosave.js, which is identical to the autosave.js file shipped in 4.1. The main site is also loading a number of outdated scripts and plugins. Its active theme is a three-year-old version of Twenty Eleven (1.5), which oddly resides in a directory labeled for /twentyten/. The Mossack Fonseca client portal changelog.txt file is public, showing that its Drupal installation hasn’t been updated for three years. Since the release of version 7.23, the software has received 25 security updates, which means that the version it is running includes highly critical known vulnerabilities that could have given the hacker access to the server. Read more of this story at Slashdot.
More:
Outdated and Vulnerable WordPress, Drupal Versions Contributed To Panama Papers Breach
New Windows 10 Preview For PCs With Bash, Cross-Device Cortana Released
An anonymous reader writes: Microsoft has released a new Windows 10 preview for PCs. The preview, dubbed build 14316, comes with a range of features including support for Bash, which Microsoft had announced at its developer conference Build last week. Users interested in it can enable the feature by turning on Developer Mode (detailed instructions here), searching for “Windows Features, ” choosing “Turn Windows features on or off, ” and enable Windows Subsystem for Linux (Beta). To get Bash installed, open Command Prompt and type in “bash” (without the quotes.) Other features included in the new build include low battery notification, find my phone (ring my phone), and the ability to share map directions across devices. Additionally, the company has also released a new universal Skype app. Read more of this story at Slashdot.
See the article here:
New Windows 10 Preview For PCs With Bash, Cross-Device Cortana Released
TSA Paid $1.4 Million For Randomizer App That Chooses Left Or Right
An anonymous reader writes: For those of you who have traveled through U.S. airports in recent years, you may have noticed the Transport Security Administration (TSA) use a Randomizer app to randomly search travelers in the Pre-Check lane. The app randomly chooses whether travelers go left or right in the Pre-Check lane so they can’t predict which lane each person is assigned to and can’t figure out how to avoid the random checks. Developer Kevin Burke submitted a Freedom of Information Act request asking for details about the app. The documents he received reveals the TSA purchased the Randomizer iPad app for $336, 413.59. That’s $336, 413.59 for an app, which is incredibly simple to make as most programming languages of choice have a randomizing function available to use. What may be even more intriguing is that the contract for the TSA Randomizer app was won by IBM. The total amount paid for the project is actually $1.4 million, but the cost is not broken down in Burke’s documents. It’s possible IBM supplied all the iPads and training in addition to the app itself. Read more of this story at Slashdot.
Read More:
TSA Paid $1.4 Million For Randomizer App That Chooses Left Or Right
Free Wi-Fi Program in Los Angeles Fails to Provide Free Wi-Fi
The Los Angeles Time found no internet connectivity in 24 public locations, despite a three-year, $500, 000 grant to provide them with free Wi-Fi service. Investigations both last year and again in March found that none of the 18+ locations checked were able to successfully connect to the internet, prompting a PUC investigation that confirmed only two of the hotspots were working. The grant was part of a $315 million state-wide program using surcharges on utility bills to promote high-quality communication services, though in Los Angeles most of the money for “underserved” areas was being directed to outreach and education. The Wi-Fi company’s executive director said maintaining their networks had proved to be difficult, though one economist argued it would’ve been more productive to give net-access subsidies directly to the poor, a program the FCC recently voted to expand. Read more of this story at Slashdot.
View post:
Free Wi-Fi Program in Los Angeles Fails to Provide Free Wi-Fi
Patch Out For ‘Ridiculous’ Trend Micro Command Execution Vulnerability
An anonymous reader shares a report on The Register: A bug in its software meant that Trend Micro accidentally left a remote debugging server running on customer machines. The flaw, discovered by Google’s Project Zero researcher Tavis Ormandy, opened the door to command execution of vulnerable systems (running either Trend Micro Maximum Security, Trend Micro Premium Security or Trend Micro Password Manager). Ormandy — who previously discovered a somewhat similar flaw in Trend Micro’s technology — described the latest flaw as ‘ridiculous’. Trend Micro issued a patch for the flaw, a little over a week after Ormandy reported the bug to it on 22 March. The patch is not complete but does address the most critical issues at hand, according to the security firm. Read more of this story at Slashdot.
Continue reading here:
Patch Out For ‘Ridiculous’ Trend Micro Command Execution Vulnerability
ACLU map shows locations of 63 ongoing phone-unlocking cases
In case you thought the recently and abruptly terminated fracas in San Bernardino was an isolated incident, the ACLU has put together a handy map of cases around the country where the All Writs Act has been used to justify an order to unlock a smartphone. Read More
Taken from:
ACLU map shows locations of 63 ongoing phone-unlocking cases
Confirmed: Microsoft and Canonical Partner To Bring Ubuntu To Windows 10
Steven J. Vaughan-Nichols reports for ZDNet: According to sources at Canonical, Ubuntu Linux’s parent company, and Microsoft, you’ll soon be able to run Ubuntu on Windows 10. This will be more than just running the Bash shell on Windows 10. After all, thanks to programs such as Cygwin or MSYS utilities, hardcore Unix users have long been able to run the popular Bash command line interface (CLI) on Windows. With this new addition, Ubuntu users will be able to run Ubuntu simultaneously with Windows. This will not be in a virtual machine, but as an integrated part of Windows 10. Microsoft and Canonical will not, however, sources say, be integrating Linux per se into Windows. Instead, Ubuntu will primarily run on a foundation of native Windows libraries. Update: 03/30 16:16 GMT by M : At its developer conference Build 2016, Microsoft on Wednesday confirmed that it is bringing native support for Bash on Windows 10. Read more of this story at Slashdot.
Read more here:
Confirmed: Microsoft and Canonical Partner To Bring Ubuntu To Windows 10
Over 1,400 Vulnerabilities Found In Automated Medical Supply System
An anonymous reader writes: Security researchers have discovered 1, 418 vulnerabilities in CareFusion’s Pyxis SupplyStation system — automated cabinets used to dispense medical supplies — that are still being used in the healthcare and public health sectors in the US and around the world. The vulnerabilities can be exploited remotely by attackers with low skills, and exploits that target these vulnerabilities are publicly available. Things already seem to be getting out hands. Read more of this story at Slashdot.
View article:
Over 1,400 Vulnerabilities Found In Automated Medical Supply System
Sony’s Ultra 4K Streaming Service Launching On April 4; Titles Priced At $30
Janko Roettgers reports for Variety: Sony is launching its 4K movie streaming service called Ultra next month: Consumers will be able to buy movies from the service, and stream to supported Sony 4K TV sets, starting April 4. The new service will offer 4K HDR movies to stream, including extras that have previously been able only on physical discs. Ultra ties into UltraViolet, the cloud locker service backed by Sony. Consumers will be able to upgrade SD and HD quality movies from their UltraViolet cloud locker for $12 to $15, respectively. Read more of this story at Slashdot.
Excerpt from:
Sony’s Ultra 4K Streaming Service Launching On April 4; Titles Priced At $30