by Paul Arnote (parnote)
Wallpaper Image "Soft-Bricks" Android Phones
A seemingly innocuous, pretty, peaceful JPG image (above) has been circulating ... and it has been "soft-bricking" Android phones when users set it as the wallpaper on their mobile device. It was first reported on Twitter by Ice Universe, with a follow up here by Dylan Roussel, a contributor to 9to5Google.
No, the image doesn't contain a virus or anything like that. The image above uses RGB color space, when Android 10 (and below) is expecting images to use sRGB color space. Since it doesn't use the proper colorspace, it basically throws your Android mobile device into an endless loop, effectively bricking it.
Don't worry. I have already converted the above image so that it occupies/uses the proper color space (sRGB).
If users set the unaltered image as the wallpaper on their Android mobile device, there are only two ways to gain access to the mobile device. One way is to boot it in safe mode and remove the image once booted. The other way is to do a factory reset on your mobile device.
The upcoming Android 11 does not have this issue, since it converts wallpaper images to the proper sRGB color space.
Dark Web Hosting Provider Hacked, Account Info Leaked
Daniel's Hosting, the largest free web hosting provider for dark web services, had its database of email addresses, account passwords, and private keys leaked online by a hacker who goes by KingNull, all according to an article on ZDNet.
The breach occurred on March 10, 2020. On March 26, 2020, Daniel's Hosting closed up shop, urging all of its "customers" to seek new homes with new dark web hosting services. It resulted in 7,600 dark web websites to go down, which represented one-third of all dark web portals. The database was released on the web on March 31, 2020 on a file hosting portal.
It is hoped that the leaked data can tie or link owners of the leaked email addresses to dark web portal sites. Hopefully, police officials will be able to track down those who are running or taking part in illegal activities on at least some of these sites.
Daniel's Hosting had been hacked once before, in November, 2018. Then, a hacker breached the site's backend database server, and deleted all 6,500 sites. No data was hacked or released from that particular hacking.
Potentially BIG Power Savings Coming With Linux Kernel 5.8
As reported in an article on the Phoronix website, a 12 year old bug in the Linux kernel could be rectified by the deletion of 10 lines of code in the Linux kernel. Ok, well, it's four lines of comments and six actual lines of code.
As it turns out, PCIe-to-PCI (and PCI-X) bridges have not had ASPM (Active State Power Management) enabled. This, in turn, could keep the CPU in higher power states than is necessary. As a result, lots of power is potentially wasted by keeping the CPU in higher power states. Fixing this may mean that users will get longer battery life from laptops.
Back in 2008, the ASPM code merged into the Linux kernel disabled ASPM for PCI bridges. 12 years later, that code is simply being deleted, via a patch.
PCIe-to-PCI bridges can be commonly found on servers and workstations. There is a good possibility that the patch will be backported to other stable branches of the Linux kernel.
Google Sued For Tracking Users In Private Browsing Mode
Google was sued on June 2, 2020, in a proposed class action accusing the internet search company of illegally invading the privacy of millions of users by tracking their internet use from browsers set in "private" browsing mode, according to an article on Fox Business.
The lawsuit, which accuses Google's parent company Alphabet, Inc. of illegally collecting information about what users were viewing online and where they were going, all while using their browsers in private browsing mode. This included checking in via Google Analytics and Google Ad manager.
The lawsuit seeks a $5 billion award pool, where millions of users can claim either $5,000 or three times actual damages, whichever is greater.
Will Facebook Remorse Become A Thing Of The Past?
In an announcement widely reported on in the tech press, Facebook has introduced a "Manage Activity Tool." Through it, you can delete or archive old posts you don't want anyone to see ... or that you don't want to follow you around for the rest of time.
From the announcement:
"Whether you're entering the job market after college or moving on from an old relationship, we know things change in people's lives, and we want to make it easy for you to curate your presence on Facebook to more accurately reflect who you are today. That's why we're launching Manage Activity to help you archive or trash old posts, all in one place.
The archive feature is for content you no longer want others to see on Facebook, but that you still want to keep for yourself. For example, you could archive a post you made when you were in high school that you still find amusing but that you'd rather not be seen by anyone else on Facebook.
Manage Activity also allows you to move posts you no longer want to the trash. Posts sent to the trash will stay there for 30 days before being deleted unless you choose to manually delete or restore them before then. This gives you some wiggle room in case you change your mind about deleting old posts.
And to make it simpler to manage lots of posts at once, Manage Activity lets you view and manage your posts in bulk. We've also developed filters to help you sort and find what you're looking for, like posts with specific people or from a specific date range."
Finally, Facebook Remorse may be a thing of the past ... but only if you avail yourself of this opportunity.
The Manage Activity Tool will roll out first on Facebook's mobile apps, and should make it to desktop computers shortly after making its debut on the mobile apps.
Google Chrome Extensions Set Up Massive Spying Network
Awake Security informed Reuters that they uncovered a massive spyware effort that affects nearly 33 million users, via downloads of extensions in the Google Chrome web store. Google states that they removed over 70 of the extensions from the Chrome web store after being informed of their presence by the security firm.
Most of the extensions are free, and either warn users about questionable websites or convert files from one format to another. In the background, they siphoned off browsing history and data that provided credentials for access to internal business tools.
Due to the enormous number of downloads, this malware exploit makes it the largest Chrome campaign to date. The authors of the extensions used fake contact information when they submitted the extensions to Google.
According to the report from Awake Security (first link, above), all of the extensions conduct their criminal activity via a single Internet Domain Registrar: CommuniGal Communication Ltd. (GalComm). Of the over 26,000 reachable domains registered through GalComm, nearly 60% are malicious or suspicious. A tab separated list of the domains can be downloaded here.
In the past three months alone, Awake Security has "harvested 111 malicious or fake Chrome extensions using GalComm domains for attacker command and control infrastructure and/or as loader pages for the extensions. These extensions can take screenshots, read the clipboard, harvest credential tokens stored in cookies or parameters, grab user keystrokes (like passwords), etc."
New Linux Foundation FREE Training Course On edX
The Linux Foundation and Continuous Delivery Foundation are proud to announce the immediate availability of a new free training course on the edX platform, LFS167x -- Introduction to Jenkins. Jenkins is the leading open source automation server, providing hundreds of plugins to support building, deploying and automating any project.
The course covers the fundamentals of continuous integration/continuous delivery (CI/CD), and how they help transform the overall software delivery process. It is most useful for roles such as DevOps engineers, software developers and architects, and professionals focused on site reliability and quality assurance, though anyone involved in the software delivery process will benefit. It includes a detailed introduction to the Jenkins automation server, and also provides instructions on how to set up/use Jenkins for CI/CD workflows.
Upon completion, enrollees will have a solid understanding of the role that Jenkins plays in the software development lifecycle, how to install a Jenkins server, how to build software with it, how to manage third party integrations/plugins and how to scale and secure Jenkins. They will also get a glimpse of what they can do to further enhance their CI/CD skills.
Introduction to Jenkins was developed by Deepika Gautam, an author, speaker, trainer, DevOps evangelist with almost two decades of experience in the software industry. She specializes in implementing DevOps toolchains in multi cloud environments and is a co-founder of Aplima Solutions, a DevOps consulting and training company.
Start your journey to improving your software delivery processes -- enroll today!
Take A Virtual Tour Of The International Space Station
While most of us will NEVER get the chance to visit the International Space Station personally, there's nothing to stop you from taking a 360 degree virtual tour of it via Google Arts & Culture, online.
Now, you can explore the INSIDE of the ISS, and click and scroll your way through rooms full of equipment and go down the narrow tunnels that link modules of the ISS together. If you're looking to keep the kids entertained ... or even if you're curious yourself ... Google Arts & Culture also has an interactive article that features 10 outstanding (and out of this world) facts about the ISS.
If space travel is something you're interested in, Google Arts & Culture also features an inside look at the July 20, 1969 moon landing. Others feature historic images from space travel, information on Galileo and space travel, a day-in-the-life of a cosmonaut, and an exhibit on the Viking Mars Mission.
We Are Probably NOT Alone ...
Is there anyone out there? This is an age-old question that researchers have now shed new light on with a study that calculates there could be more than 30 intelligent civilizations throughout our Galaxy. This is an enormous advance over previous estimates which spanned from zero to billions.
One of the biggest and longest-standing questions in the history of human thought is whether there are other intelligent life forms within our Universe. Obtaining good estimates of the number of possible extraterrestrial civilizations has however been very challenging.
A new study led by the University of Nottingham and published today in The Astrophysical Journal has taken a new approach to this problem. Using the assumption that intelligent life forms on other planets in a similar way as it does on Earth, researchers have obtained an estimate for the number of intelligent communicating civilizations within our own galaxy -the Milky Way. They calculate that there could be over 30 active communicating intelligent civilizations in our home Galaxy.
Professor of Astrophysics at the University of Nottingham, Christopher Conselice who led the research, explains: "There should be at least a few dozen active civilizations in our Galaxy under the assumption that it takes 5 billion years for intelligent life to form on other planets, as on Earth." Conselice also explains that, "The idea is looking at evolution, but on a cosmic scale. We call this calculation the Astrobiological Copernican Limit."
First author Tom Westby explains: "The classic method for estimating the number of intelligent civilizations relies on making guesses of values relating to life, whereby opinions about such matters vary quite substantially. Our new study simplifies these assumptions using new data, giving us a solid estimate of the number of civilizations in our Galaxy.
The two Astrobiological Copernican limits are that intelligent life forms in less than 5 billion years, or after about 5 billion years -- similar to on Earth where a communicating civilization formed after 4.5 billion years. In the strong criteria, whereby a metal content equal to that of the Sun is needed (the Sun is, relatively speaking, quite metal rich), we calculate that there should be around 36 active civilizations in our Galaxy."
The research shows that the number of civilizations depends strongly on how long they are actively sending out signals of their existence into space, such as radio transmissions from satellites, television, etc. If other technological civilizations last as long as ours which is currently 100 years old, then there will be about 36 ongoing intelligent technical civilizations throughout our Galaxy.
However, the average distance to these civilizations would be 17,000 light-years away, making detection and communication very difficult with our present technology. It is also possible that we are the only civilization within our Galaxy unless the survival times of civilizations like our own are long.
Our new research suggests that searches for extraterrestrial intelligent civilizations not only reveals the existence of how life forms, but also gives us clues for how long our own civilization will last. If we find that intelligent life is common then this would reveal that our civilization could exist for much longer than a few hundred years, alternatively if we find that there are no active civilizations in our Galaxy it is a bad sign for our own long-term existence. By searching for extraterrestrial intelligent life -- even if we find nothing -- we are discovering our own future and fate. Professor Christopher Conselice