by Paul Arnote (parnote)
Monthly Update: Assault On Your Privacy
From the boy-am-I-glad-I-switched-from-LastPass-to-Bitwarden department, LastPass was recently the victim of hackers in another recent data breach towards the end of November. Customer data was accessed in the data breach, according to the company, using data previously obtained by another hack in August, 2022. You can read the LastPass blog about the hack here. Meanwhile, if you haven't already done so, you might want to think about following the guide we ran here in The PCLinuxOS Magazine and switch your password manager over to Bitwarden. Two data breaches in less than three months shouldn't be leaving anyone feeling too secure.
As we come up on the annual tax filing circus season in the U.S., this next news item will possibly send U.S. users into orbit. According to an article on The Verge, "major tax filing services such as H&R Block, TaxAct, and TaxSlayer have been quietly transmitting sensitive financial information to Facebook when Americans file their taxes online," The Markup has learned. The data, sent through widely used code called the Meta Pixel, includes not only information like names and email addresses but often even more detailed information, including data on users' income, filing status, refund amounts, and dependents' college scholarship amounts. The data is transmitted to Facebook regardless if you have a Facebook account or not. You can also read more on The Markup site, and see the images (proof) on The Markup's GitHub site where data is being sent to Facebook and Google.
Windows spyware traced to North Korean hacking groups has been caught scanning phones that connect to infected PCs, according to an article on PCWorld. Called "Dolphin," the malware is connected to multiple spyware and digital espionage groups believed to be working for the government of North Korea, primarily for the purposes of gathering information on South Korea and other Asian governments and industrial interests. It's being deployed to specific targets. The tool uses fairly standard Python-based methods of searching a victim's machine, then uploading sensitive information like passwords and other security credentials to a Google Drive account, where hackers can easily retrieve it. It also collects keystrokes for passwords, targeted extension files, and screenshots.
The National Security Agency said on Tuesday that Chinese state-backed hackers are exploiting a flaw in a widely used networking device that allows an attacker to carry out remote code execution, according to an article on CyberScoop. In its advisory, the NSA said it believes a Chinese hacking crew known as APT5 "has demonstrated capabilities" against an application delivery controller made by Citrix. Citrix released an emergency patch to fix the vulnerability on Monday and said that "exploits of this issue on unmitigated appliances in the wild have been reported."
According to an article on TechRadar, Xnspy stalker/tracker software has been surreptitiously installed thousands of times on unsuspecting Android and iOS user devices, despite having been banned in the Google Play store in 2020. To make matters even worse, the stalker/tracker software has more security holes than there are holes in Swiss cheese, exposing victim data to third parties, further adding insult to injury.
New Banana-Derived Therapy Is Effective Against All Known Coronaviruses and Flu Strains
According to an article on SciTechDaily, a compound from the banana fruit (H84T-BanLec) is an effective antiviral against all known strains of both the coronavirus and the influenza virus. The compound is from a protein that is isolated from banana fruit. It accomplishes its viral-blocking abilities by binding to high-mannose glycans, polysaccharides that are present on the surface of the viruses, but only very rarely on normal healthy human cells. After binding, the virus cannot enter cells to infect them.
The compound was being studied for use against the influenza virus back in 2020 when the pandemic hit. Their research included looking previously at the compound's effectiveness against the coronavirus, before studying its effectiveness against the influenza virus. The pandemic slowed the publication of the data.
You can read the full study on Cell Reports Medicine online. I'll caution you that the paper is quite technical and full of medical jargon and technobabble. I'm sure our readers here have the mental acumen to understand what they are reading, even if it is made to be quite a boring read.
"Pay Phones" Are Making A Comeback In Philadelphia, Thanks To Linux
Thanks to an amateur phone collective in Philadelphia, pay phones are mounting a comeback there. Behind it all is Linux, according to an article on Make Use Of.
Despite the proliferation of cell phones -- and particularly smartphones -- there are plenty of people who don't have them, either because they can't afford them, or because they value their privacy.
And the price to make a call from one of these "pay phones?" It's FREE, to any number in North America. From the Make Use Of article:
"The heart of PhilTel is a Linux-based virtual private server running the open-source PBX server Asterisk. This server connects the network of refurbished payphones to the public phone network via a VoIP service through some hardware that interfaces the analog phone to the digital network, and then to a router installed at the site which connects to the PBX server. The network traffic is encrypted with OpenVPN.
To ordinary callers, the phones will work the way they did in the analog era, minus the need to insert coins before making a call. There's a special circuit board that takes the place of the coin acceptor equipment. Making calls will be completely free of charge."
Scientists Discover Texts From an Ancient Astronomical Catalog
Fragments of a star catalog written by the Greek astronomer Hipparchus during the second century BC have recently been discovered by researchers from the French National Center for Scientific Research (CNRS), Sorbonne University, and Tyndale House (associated with the University of Cambridge), according to an article on SciTechDaily. These texts were discovered using multispectral imaging methods after being wiped from a manuscript during the medieval period in order to reuse the pages. The study of these extracts, which was published in the Journal for the History of Astronomy, sheds new light on ancient astronomy.
PCLinuxOS Magazine Short Topix Roundup
Users of touchscreen computers will be happy to note that Linux kernel 6.2 introduces several more touchscreen drivers, according to an article on Phoronix.
Using earth-based telescopes, astronomers spotted the largest galaxy ever, according to an article on Science Alert. The enormous galaxy measured 5 megaparsecs long, or 16.3 million light years long.
An article on Inverse highlights how your flatulence says more about your health than you think, and scientists are now listening.
Two minerals that have never been seen before on Earth have been discovered inside a massive meteorite in Somalia, according to an article on LiveScience. They could hold important clues to how asteroids form. The two brand new minerals were found inside a single 2.5 ounce (70 gram) slice taken from the 16.5 ton (15 metric tons) El Ali meteorite, which was found in 2020.
A recent Tel Aviv University study found that pressure chamber therapy greatly improved social skills and the condition of the autistic brain, according to an article on SciTechDaily. The research was carried out on autism animal models. The researchers discovered changes in the brain, including a decrease in neuroinflammation, which has been linked to autism. Furthermore, the social functioning of the animal models treated in the pressure chamber improved significantly. The success of the research has significant implications for the applicability and understanding of pressure chamber therapy as a treatment for autism.
Google is no longer considering turning off Manifest V2 Chrome extensions in January, as were their original plans in the transition to Manifest V3, according to an article on The Verge. The company is currently reviewing the timeline for the transition. This may have HUGE implications for users of ad block software, since Manifest V3 would render most ad blockers ineffective. They currently rely on Manifest V2 commands, which are inactivated under Manifest V3.
Microsoft announced that a future Microsoft Edge update would permanently disable the Internet Explorer 11 desktop web browser on some Windows 10 systems in February, according to an article from BleepingComputer.
For those relying on Microsoft's exFAT file-system for your SD cards or USB flash drives, the kernel driver with Linux 6.2 is capable of handling much faster file and directory creation than on prior versions, according to an article on Phoronix.
Transportation officials in multiple states are testing whether roads made from grocery bags, juice cartons, printer ink cartridges or other discarded plastic can make pavement last longer, save money and reduce the amount of waste that ends up in landfills, according to an article from The Detroit News.
The NTFS driver adds new mount options with Linux 6.2, according to an article on Phoronix.
|