Tech Tips Tuesday 29: npm Vulnerability, New Stuff from KDE, and Oracle VirtualBox 7.0 Released

2 years ago
59

JS API Vulnerability Found

Memesplanation

More KDE Goodies With KDE Gear 22.08.2

Free Your Internet

VirtualBox 7.0 Released

TTT 29-1: Uh oh, More trouble in Java-land?

This vulnerability has to do with search timings for npm, the package manager for JavaScript. Here’s what happens: An attacker could probe a system for files that do not exist multiple times in rapid succession, even if a 404 error is returned to the attacker. It causes 100s of ms lag to occur in the search timing, slowing all other requests down and comparing the results of those operations. This lag allows the attack to be automated.

Bottom line, as I understand it, this probably won’t or doesn’t affect you much, unless you are a developer who works with JaveScript.

https://www.esecurityplanet.com/threats/vulnerable-api-exposes-private-npm-packages/

#TTT #vulnerabilities #JavaScript #npm #timing #TechFreedom

Piggybacking on yesterday’s idea, Allow the Lord to fight for you today. Let Him be your Good, Good Father. He wants to step in and fight for you, if you’ll put your weapons down and rest in Him. He will avenge you. Quit getting in His way. Be blessed in the knowledge that He will fight for you, today. If He tells you to do something, do it. If not, step back and watch Him rectify the situation for you.

#Bible #exodus #God #rest #encouragement #memesplanation #TechFreedom

TTT 29-2: KDE Gear 22.08.2 Out NFixes and Tweaks

Here’s what’s new:

Samba 4.16, so that you can connect more easily with Windows Network Shares from Dolphin
Ark – restored compatibility with 7-zip
KDE Connect – Fix crash when no audio devices are detected
Falkon – User Agent Manager FireFox Version
Kdenlive – remember keyframe status, seek to item’s last fram on paste in timeline, allow effects overlay to scale when you zoom on your display
Many, many more, would be here all day reading them all off, but take a look at the changelog, lnked in the article, if you want to know more.

https://9to5linux.com/kde-gear-22-08-2-adds-7-zip-and-samba-4-16-or-later-compatibility-many-bug-fixes

#TTT #KDE #KDEGear #updates #goodstuff #lotsoffixes #TechFreedom

Free Your Internet
https://techfreedom.pro/product/free-your-internet/

One-stop shop for getting you and your business transitioned off of Big Tech online platforms and tools, so that you have control of your data once again. I will also help you to find better alternatives.

#TechFreedom #internetfreedom #nogoogle #nometa #noyahoo #nomicrosoft
#parallelEconomy #parallelSociety #shopongab #growwithgab #smallbusiness #gabsmallbusiness

TTT 29-3: Oracle Releases VirtualBox 7.0

What is new in this version?

Fully encrypted Virtual Machines via CLI
DXVK Support for Linux/BSD/ MacOS hosts
Secure Boot Support in EFI
IOMMU Support for Both Intel and AMD
Virtual TPM 1 & 2 Support

Better Theme Support for GUI App in Linux
“Top” type system manager utility to keep tabs on running VMs
Can now disable screen savers on Host Machine form VirtualBox
Better Audio Recording, with OGG Vorbis as the default format for webm containers
Lots, lots more…

https://9to5linux.com/virtualbox-7-0-released-with-dxvk-and-secure-boot-support-full-encryption-and-more
#TTT #Linux #VirtualBox #updates #version7 #goodstuff #TechFreedom

10 Things My Wife Thinks You Should Know about Tech Freedom.

https://rumble.com/v19elx6-10-things-about-tech-freedom.html?mref=2jfr3&mc=anr3y

#TechFreedom #wifeysauce #getfree #explainer

Loading comments...