Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • EAP-pwd security issues – SAE (Simultaneous Authentication of Equals) WPA3-Personal – potential full password recovery with weak passwords – CVE-2019-9495, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499

    it might sound strange… and even if it sucks, but if you are concerned about security, call me paranoid but:

    your company’s critical infrastructure SHALL NOT BE REACHABLE BY WIFI! (especially not if you are running a nuclear power plant, just saying… nobody wants meltdown vulnerability of CPUs to actually be able to cause a meltdown)

  • RIP Fernando “Corby” Corbató, inventor of the password (1926-2019)

    Last Friday, legendary MIT computer scientist Fernando “Corby” Corbató passed away at his home in Newton, Massachusetts. He was 93.

    The Oakland-born researcher was responsible for several pivotal advances in the computer science space, most notably the password, which he invented during his pioneering work in computer time sharing.

  • GE Aviation Passwords, Source Code Exposed in Open Jenkins Server [Ed: 'Windows shop' GE needs to hire actual FOSS and GNU/Linux people who know how to properly set up and maintain things. This one is a shot in one's foot.]

    A DNS misconfiguration resulted in an open Jenkins server being available to all.

    A public Jenkins server owned by GE Aviation has exposed source code, plaintext passwords, global system configuration details and private keys from the company’s internal commercial infrastructure.

    GE Aviation, a subsidiary of General Electrics, is among the top commercial aircraft engine suppliers, and offers various airplane components. The server also contained a ReadMe file, outlining all the files it contained and their sensitivity.

  • Open Source Genomic Analysis Software Flaw Patched

    A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.

Security Leftovers

Filed under
Security
  • France Says Ransomware Attacks on Big Companies Are on the Rise [iophk: Windows TCO]

    Attackers changed strategy in the second half of 2018, ditching smaller companies to go after big corporations, sometimes strategic or vital to the nation’s economy, the ministry said on Tuesday in its 2019 cyber threats report. The trend accelerated this year.

  • New Elections Systems Vulnerable to Hacks, AP Analysis Shows

    An Associated Press analysis has found that like many counties in Pennsylvania, the vast majority of 10,000 election jurisdictions nationwide use Windows 7 or an older operating system to create ballots, program voting machines, tally votes and report counts.

    That’s significant because Windows 7 reaches its “end of life” on Jan. 14, meaning Microsoft stops providing technical support and producing “patches” to fix software vulnerabilities, which hackers can exploit. In a statement to the AP, Microsoft said Friday it would offer continued Windows 7 security updates for a fee through 2023.

  • Unusual Linux Ransomware Targets NAS Servers [Ed: Does not explain how the malware/ransomware gets onto there in the first place and whether it has anything at all to do with "Linux" rather than reckless people who install malware ot very weak passwords. They use a Tux logo/mascot anyway.]

    As for the decision to target NAS, Chris Morales, head of security analytics at Vectra, told Threatpost that it isn’t as common to deploy endpoint monitoring to a Linux dedicated network file server — thus, the QNAPCrypt malware represents the evolution and adaptation of an attack to bypass security controls.

  • Why Trump Caved to China and Huawei

    Everything about the trade war between the United States and China is bewildering. The world’s two largest economies entered a titanic struggle with harsh words and high tariffs, sending shudders through the global economy. Hundreds of billions of dollars of goods on either side stood before tariff walls that seemed unbreachable. Truces would come out of nowhere—as at the 2018 G20 meeting in Buenos Aires—but then they would be set aside by U.S. President Donald Trump in a stream of tweets at odd hours.

    In May, Trump went after Huawei, one of the world’s largest technology firms. The attack this time was not on economic grounds. Trump accused Huawei of being an espionage arm of the Chinese government. Firms from the United States that supplied Huawei with software and chips would no longer be permitted to do so. Trump’s diplomats went on the road to strongarm U.S. allies into no longer using Huawei technology in their countries. Pressure on China resulted in the arrest of Meng Wanzhou, Huawei’s chief financial officer, on charges of bank and wire fraud in relation to U.S. sanctions against Iran. Meng Wanzhou is the daughter of Huawei’s founder, Ren Zhengfei.

Security Leftovers

Filed under
Security
  • Microsoft Discreetly Drops ‘Telemetry’ As Part Of Larger ‘Security Cumulative Update’ Without First Informing Windows 7 Users? [Ed: Microsoft being Microsoft and backporting surveillance; With Windows Update any piece of software can become more malicious overnight.]

    Microsoft appears to have once again attempted to sneak telemetry components. The company released security updates for all supported operating systems on the July 2019 Patch Day. However, this month’s cumulative updates, which were supposed to contain only security-related components, contain an unexpected compatibility/telemetry component.

    The suspicious components were hidden in plain sight. Incidentally, this is the second time Microsoft has attempted to insert telemetry components. However, during the first attempt the Windows OS maker had openly mentioned the inclusion of the telemetry components, whereas this time, the company didn’t offer any indication. This methodology appears to an attempt to garner more accurate data about usage and installation patterns of the Windows operating system as Microsoft will soon phase out Windows 7.

    Windows Update delivered several packages of security and reliability fixes for Windows 7 earlier this week. The packages are different for each of the Windows operating system’s versions that Microsoft officially supports. However, the ‘cumulative update’ package contained a rather suspicious component. The security update in question was intended for Microsoft Windows 7 Operating System (OS) which was released as part of the July 2019 Patch Day.

  • Swimlane research team open sources pyattack

    As security teams adopt the Mitre ATT&CK Framework to help them identify gaps in their defenses, having a way to identify what malware and tools are being used by specific actors or groups becomes more critical. Additionally, having a way to identify these relationships programatically is even more critical.

    Today, we are excited to announce the Swimlane research team has released pyattck—a Python package to interact with the Mitre ATT&CK Framework. There are many different open-source projects being released on a daily basis, but we wanted to provide a straightforward Python package that allows the user to identify known relationships between all verticals of the Mitre ATT&CK Framework.

  • Strongbox Password Safe is a free, open-source KeePass client for iOS [Ed: iOS from Apple has back doors (see Vault 7 from Wikileaks for instance), so you should not put any passwords in it]
  • Research Finds Loads of Container Vulnerabilities

    Docker containers are great in that it’s easy to get started building an application using frameworks and components that others have made available via open source projects. The challenge, however, is not all those projects are current in terms of their cybersecurity patches. In fact, a developer of a framework may not even be actively supporting it anymore.

    A new report from vulnerability management platform vendor Kenna Security highlights the extent of the problem in the Docker community. Via the VulnerabilitiesContainer.org site, Kenna Security is sharing the results of analyses of containers being reused widely that find some of these open source projects have hundreds of unresolved Common Vulnerabilities and Exposure (CVE) issues.

  • A World of Infinite Choice in Open Source Software

    We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ever. Our goal? To qualify and quantify how exemplary development teams operate.

    As part of the research we identified the top 3% of DevOps teams using exemplary practices. (Take the quiz to see how your team stacks up.)

    Before we could truly understand these practice, we had to have the right context. The report’s first goal was to compare the use of open source in 2019 - to that of years past - and understand the broader environment developers are working in. As anticipated, open source component use continues to rocket upward.

  • In memoriam – Corby Corbató, MIT computer science pioneer, dies at 93

    Almost everyone’s heard of Linux – it’s the operating system kernel that’s behind a significant proportion of servers on the internet, including most of Google, Facebook, Amazon and many other contemporary online juggernauts.

    In its Android flavour, Linux powers the majority of smartphones out there, and in one form or another it’s also the kernel of choice for many so-called IoT devices such as bike computers, home Wi-Fi routers, webcams, baby monitors and even doorlocks.

    Most people who use Linux know that the name is a sort-of pun on Unix, the operating system that Linux most resembles.

    And Unix, of course, is the operating system behind a significant proportion of the devices out there that don’t run Linux, being at the heart of Apple’s macOS and iOS systems, as well as the various and widely-used open source BSD distributions.

Confirmed: Microsoft Windows Zero-Day Exploit Used In Government Espionage Operation

Filed under
Microsoft
Security

It has been revealed that a threat actor once best known for cyber bank robbery in Russia has made a move to espionage. The highly targeted attacks against government institutions in Eastern Europe, which took place during June 2019, employed the use of a Microsoft Windows zero-day exploit. In and of itself this isn't unusual as there have been plenty of Windows zero-days discovered. However, this is the first time that researchers had seen the Buhtrap group using a zero-day attack, although the group has been involved in the cyber-spying business for some years now across Eastern Europe and Central Asia.

Anton Cherepanov, a senior malware researcher at security vendor ESET, explained how the zero-day exploit abused a local privilege escalation vulnerability in Microsoft Windows in order to run arbitrary code and install applications, and view or change data on the compromised systems. As soon as the researchers had properly analyzed the exploit, it was reported to the Microsoft Security Response Center, and a fix was included in the July 9 "Patch Tuesday" update.

The vulnerability itself only impacted older versions of Windows, specifically variations of Windows and Windows Server 2008. This is because, as Cherepanov explained, "since Windows 8 a user process is not allowed to map the NULL page. Microsoft back-ported this mitigation to Windows 7 for x64-based systems." The advice, predictably, is to upgrade to a newer version of the operating system if possible. Especially as critical security updates will disappear soon when extended support for Windows 7 Service Pack 1 ends in January 2020. Gavin Millard, vice-president of intelligence at Tenable, warns users not to be complacent seeing as the vulnerability is "now being actively exploited in the wild," advising that "patches should be deployed as soon as possible."

Read more

Security Leftovers

Filed under
Security
  • Adjusting the Scope of our Security Vulnerability Disclosure Program

    At EFF we put security and privacy first. That's why over three years ago we launched EFF's Security Vulnerability Disclosure Program. The Disclosure Program is a set of guidelines on how security researchers can tell EFF about bugs in the software we develop, like HTTPS Everywhere or Certbot. When we launched the program, it was a bit of an experiment. After all, as a lean, member-driven nonprofit, we can't give out the tremendous cash rewards that large corporations can provide for zero days. Instead, all we can offer security researchers in return for their hard work is recognition on our EFF Security Hall of Fame page and other non-cash rewards like EFF gear or complimentary EFF memberships.

    Despite the limited rewards, the program has been a tremendous success. As of June 1, 2019, we've had over seventy different security researchers report valid security vulnerabilities to us, as you can see on our Security Hall of Fame page.

  • Court: Computer Experts May Examine Georgia Voting Systems

    A federal court in Georgia has ruled that Georgia election officials must allow the Coalition for Good Governance to review the state's election management databases. The Coalition argued that the databases "provide the roadmap that needs to be analyzed to identify flaws" in the state election system.

  • Hackers breach Canonical GitHub account [Ed: They breached a Microsoft GitHub account, but never blame Microsoft for anything...]

    Hackers compromised credentials to break into a Canonical Ltd. GitHub account...

Linux May Gain Protection Against Hyper-Threading Attacks

Filed under
Linux
Security

Oracle security researchers have been working on security feature for Linux kernels that could protect Linux-based systems against attacks that affect Intel’s Hyper-Threading (HT) feature. Multiple side-channel threats the feature's vulnerable against, including L1TF/Foreshadow and the MDS attacks, have been revealed over the past few months.

The Oracle developers didn't specify whether or not the recent MDS attacks against Intel’s HT would also be mitigated through its Kernel Address Space Isolation (KASI), only that it will protect against L1TF/Foreshadow. Other side-channel attacks seem to be up for debate, as any extra isolation being introduced into the kernel could potentially impact the performance of Linux systems.

Read more

Security: Microsoft Windows Strikes Again

Filed under
Microsoft
Security
  • U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack

    The U.S. Coast Guard has issued an official warning to owners of ships that cybersecurity at sea needs updating, and updating urgently. In the Marine Safety Alert published June 8, the Coast Guard "strongly encourages" that cybersecurity assessments are conducted to "better understand the extent of their cyber vulnerabilities." This follows an interagency investigation, led by the Coast Guard, into a "significant cyber incident" that had exposed critical control systems of a deep draft vessel bound for the Port of New York in February 2019 to what it called "significant vulnerabilities."

  • Malware on the High Seas: US Coast Guard Issues Alert [iophk: Windows TCO is not a laughing matter. Get rid of it.]

    The ship's network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard, according to the report.

  • Eurofins Scientific: Forensic services firm paid ransom after cyber-attack [iophk: Windows TCO]

    BBC News has not been told how much money was involved in the ransom payment or when it was paid.

    The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid.

  • Eurofins Scientific Paid Up in Response to Ransomware Attack: Report [iophk: Windows TCO]

    Luxembourg-based laboratory testing services giant Eurofins Scientific reportedly paid the ransom demanded by cybercriminals following a successful ransomware attack that led to the company taking offline many of its systems and servers.

  • Eurofins Scientific forensics firm pays after hit with ransomware [iophk: Windows TCO]

    Eurofins didn’t disclose how much it paid to retrieve its information but the money was likely paid between June 10, when Eurofins issued a statement about the attack, and June 24 when it published an update saying it had “identified the variant of the malware used” in the attack and had strengthened its cybersecurity.

  • [Old] Combating WannaCry and Other Ransomware with OpenZFS Snapshots [iophk: use FreeBSD, OpenBSD, or GNU/Linux on the desktop to avoid ransomware and servers to avoid ransomware damage]

    OpenZFS is the powerful file system at the heart of every storage system that iXsystems sells and of its many features, snapshots can provide fast and effective recovery from ransomware attacks at both the individual user and enterprise level as I talked about in 2015. As a copy-on-write file system, OpenZFS provides efficient and consistent snapshots of your data at any given point in time. Each snapshot only includes the precise delta of changes between any two points in time and can be cloned to provide writable copies of any previous state without losing the original copy. Snapshots also provide the basis of OpenZFS replication or backing up of your data to local and remote systems. Because an OpenZFS snapshot takes place at the block level of the file system, it is immune to any file-level encryption by ransomware that occurs over it. A carefully-planned snapshot, replication, retention, and restoration strategy can provide the low-level isolation you need to enable your storage infrastructure to quickly recover from ransomware attacks.

Proprietary Software and Security Failures

Filed under
Security
  • Apple has pushed a silent Mac update to remove hidden Zoom web server

    Apple has released a silent update for Mac users removing a vulnerable component in Zoom, the popular video conferencing app, which allowed websites to automatically add a user to a video call without their permission.

    The Cupertino, Calif.-based tech giant told TechCrunch that the update — now released — removes the hidden web server, which Zoom quietly installed on users’ Macs when they installed the app.

  • Microsoft denies it will move production out of China

    Nikkei had also previously reported in June that Apple is similarly considering moving between 15% and 30% of all iPhone production out of China and has asked its major suppliers to weigh up the costs.

  • Microsoft's reseller chief explains why it's angering some of its partners by taking away a key perk: 'We can't afford to run every single partner's organization for free anymore'

    Gavriella Schuster, corporate vice president and One Commercial Partner channel chief at Microsoft, says that while it cost the company practically nothing to provide partners with traditional software, it would be a significant expense for the company to provide cloud services like Office 365 for free.

  • KRP: At least 1,000 devices compromised in data breach in Lahti

    KRP on Tuesday revealed that its pre-trial investigation shows that the unauthorised access detected in the city’s data systems earlier this summer was an organised attack rather than an error by an individual user.

    The attacker or attackers managed to cause damage by actively spreading a malware, compromising at least a thousand devices.

  • GnuPG 2.2.17 released to mitigate attacks on keyservers

    gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. [#4607]

  • Security updates for Thursday

    Security updates have been issued by Debian (dosbox and openjpeg2), Oracle (dbus and kernel), Scientific Linux (dbus), Slackware (mozilla), and SUSE (fence-agents, libqb, postgresql10, and sqlite3).

  • What Is Zero Trust Architecture?

    Zero Trust architecture might be popular now, but that doesn’t necessarily mean it’s for you. If you find your needs are met by your current security, you may not want to switch. That said, keep in mind that waiting until you have a security breach isn’t an ideal way to evaluate your security.

  • OpenPGP certificate flooding

    A problem with the way that OpenPGP public-key certificates are handled by key servers and applications is wreaking some havoc, but not just for those who own the certificates (and keys)—anyone who has those keys on their keyring and does regular updates will be affected. It is effectively a denial of service attack, but one that propagates differently than most others. The mechanism of this "certificate flooding" is one that is normally used to add attestations to the key owner's identity (also known as "signing the key"), but because of the way most key servers work, it can be used to fill a certificate with "spam"—with far-reaching effects.

    The problems have been known for many years, but they were graphically illustrated by attacks on the keys of two well-known members of the OpenPGP community, Daniel Kahn Gillmor ("dkg") and Robert J. Hansen ("rjh"), in late June. Gillmor first reported the attack on his blog. It turned out that someone had added multiple bogus certifications (or attestations) to his public key in the SKS key server pool; an additional 55,000 certifications were added, bloating his key to 17MB in size. Hansen's key got spammed even worse, with nearly 150,000 certifications—the maximum number that the OpenPGP protocol will support.

    The idea behind these certifications is to support the "web of trust". If user Alice believes that a particular key for user Bob is valid (because, for example, they sat down over beers and verified that), Alice can so attest by adding a certification to Bob's key. Now if other users who trust Alice come across Bob's key, they can be reasonably sure that the key is Bob's because Alice (cryptographically) said so. That is the essence of the web of trust, though in practice, it is often not really used to do that kind of verification outside of highly technical communities. In addition, anyone can add a certification, whether they know the identity of the key holder or not.

  • FinSpy Malware ‘Returns’ To Steal Data On Both Android And iOS

    As per the researchers, the spyware was again active in 2018 and the latest activity was spotted in Myanmar in June 2019. These implants are capable of collecting personal information such as SMS, Emails, Calendars, Device Locations, Multimedia and even messages from some popular social media apps.

    If you are an iOS user, then the implant is only observed to work on jailbroken devices. If an iOS device is already jailbroken then this spyware can be remotely installed via different mediums like messaging, email, etc. However, the implants have not been observed on the latest version of iOS.

  • New FinSpy iOS and Android implants revealed ITW

    FinSpy is spyware made by the German company Gamma Group. Through its UK-based subsidiary Gamma International Gamma Group sells FinSpy to government and law enforcement organizations all over the world. FinSpy is used to collect a variety of private user information on various platforms. Its implants for desktop devices were first described in 2011 by Wikileaks and mobile implants were discovered in 2012. Since then Kaspersky has continuously monitored the development of this malware and the emergence of new versions in the wild. According to our telemetry, several dozen unique mobile devices have been infected over the past year, with recent activity recorded in Myanmar in June 2019. Late in 2018, experts at Kaspersky looked at the functionally latest versions of FinSpy implants for iOS and Android, built in mid-2018. Mobile implants for iOS and Android have almost the same functionality. They are capable of collecting personal information such as contacts, SMS/MMS messages, emails, calendars, GPS location, photos, files in memory, phone call recordings and data from the most popular messengers.

AMD Defects, Linux Affected Also

Filed under
Linux
Hardware
Security
  • AMD's SEV tech that protects cloud VMs from rogue servers may as well stand for... Still Extremely Vulnerable

    Five boffins from four US universities have explored AMD's Secure Encrypted Virtualization (SEV) technology – and found its defenses can be, in certain circumstances, bypassed with a bit of effort.

    In a paper [PDF] presented Tuesday at the ACM Asia Conference on Computer and Communications Security in Auckland, New Zealand, computer scientists Jan Werner (UNC Chapel Hill), Joshua Mason (University of Illinois), Manos Antonakakis (Georgia Tech), Michalis Polychronakis (Stony Brook University), and Fabian Monrose (UNC Chapel Hill) detail two novel attacks that can undo the privacy of protected processor enclaves.

    The paper, "The SEVerESt Of Them All: Inference Attacks Against Secure Virtual Enclaves," describes techniques that can be exploited by rogue cloud server administrators, or hypervisors hijacked by hackers, to figure out what applications are running within an SEV-protected guest virtual machine, even when its RAM is encrypted, and also extract or even inject data within those VMs.

  • AMD Ryzen 3000 is experiencing problems with some Linux distributions

    Ryzen 3000 seems to have boot problems with the most modern Linux distributions. The problem affects all operating systems using a 2019 Linux distribution with Linux 5.0/5.1/5.2 kernels.

    This problem is now known to be related to the RdRand command. Remember that the previous Ryzen processors were also not friendly when they used the RNG hardware command, which caused problems on the platform. However, now with Zen2, this is even worse supported, and AMD has not yet officially detected the problem.

  • AMD Posts New CPUFreq Driver For CPPC Support With Zen 2 CPUs

    AMD Zen 2 CPUs support ACPI's Collaborative Processor Performance Control (CPPC) for tuning the system to energy and/or performance requirements. AMD has now published a new CPUfreq driver for handling their CPPC implementation and the new controls found with their new processors.

    The AMD CPPC support with Zen 2 desktop/server/mobile CPUs can be optionally enabled and allows setting min/maximum performance along with desired performance and other knobs for tuning via sysfs.

Security: Patches, CVSS, DANE OPENPGPKEY for debian.org, and Windows Voting Machines

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by Debian (redis), Fedora (expat), Mageia (dosbox, irssi, microcode, and postgresql11), Red Hat (bind, dbus, openstack-ironic-inspector, openstack-tripleo-common, python-novajoin, and qemu-kvm-rhev), Scientific Linux (kernel), SUSE (kernel-firmware, libdlm, libqb, and libqb), and Ubuntu (apport).

  • Why CVSS does not equal risk: How to think about risk in your environment

    I’m going to come right out and say it: CVSS does NOT equal Risk (CVSS!=Risk). Anyone who thinks otherwise is mistaken and setting themselves up for more work, pain, and stress than they realistically should have to go through. A risk is a potential for loss or damage if a threat exploits a vulnerability (which is a weakness in hardware or software). We’ll talk more about all that momentarily.

    Common Vulnerability Scoring System (CVSS) is a toolset and methodology used by many of us in the industry (hardware/software manufacturers, maintainers, etc.) and security researchers to describe the relative severity of security vulnerabilities in a consistent, quantitative way. This data being represented results in a score ranging from lowest 0, to the highest of 10.

    Recently the FIRST CVSS SIG updated the released version 3.1 of the framework which is the point of reference for this post. I'd strongly encourage anyone that uses the framework, or is impacted by security flaws (typically documented with a Common Vulnerabilities and Exposures (CVE) entry) to read the updated procedures and guidance.

  • DANE OPENPGPKEY for debian.org

    I recently announced the publication of Web Key Directory for @debian.org e-mail addresses. This blog post announces another way to fetch OpenPGP certificates for @debian.org e-mail addresses, this time using only the DNS. These two mechanisms are complementary, not in competition. We want to make sure that whatever certificate lookup scheme your OpenPGP client supports, you will be able to find the appropriate certificate.

    The additional mechanism we're now supporting (since a few days ago) is DANE OPENPGPKEY, specified in RFC 7929.

  • Voting Machine Makers Claim The Names Of The Entities That Own Them Are Trade Secrets

    This seems like very basic information -- information the Board should know and should be able to pass on to the general public. After all, these are the makers of devices used by the public while electing their representatives. They should know who's running these companies and who their majority stakeholders are. If something goes wrong (and something always does), they should know who's ultimately responsible for the latest debacle.

    It's not like the state was asking the manufacturers to cough up code and machine schematics. All it wanted to know is the people behind the company nameplates. But the responses the board received indicate voting system manufacturers believe releasing any info about their companies' compositions will somehow compromise their market advantage.

    Hart Intercivic said letting the public know that the company is owned by H.I.G. Hart, LLC and Gregg L. Burt is a fact that would devalue the company if it were made public.

Syndicate content

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story Android Leftovers Rianne Schestowitz 15/07/2019 - 7:21pm
Story Octa-core MediaTek i700 SoC offers APU 2.0 for edge AI Rianne Schestowitz 15/07/2019 - 7:13pm
Story Quad-camera rig taps into Jetson AGX Xavier for deep learning Rianne Schestowitz 15/07/2019 - 4:38pm
Story Annual Report 2018: LibreOffice development Roy Schestowitz 15/07/2019 - 4:33pm
Story Programming Leftovers Roy Schestowitz 15/07/2019 - 4:28pm
Story Linux Kernel: Chrome OS, Direct Rendering Manger (DRM) and Char/Misc Roy Schestowitz 15/07/2019 - 4:24pm
Story today's howtos Roy Schestowitz 15/07/2019 - 4:10pm
Story Android Leftovers Rianne Schestowitz 15/07/2019 - 3:52pm
Story Spectre Mitigation Performance Impact Benchmarks On AMD Ryzen 3700X / 3900X Against Intel Rianne Schestowitz 15/07/2019 - 3:41pm
Story Q4OS 3.8 Centaurus, stable Rianne Schestowitz 15/07/2019 - 3:39pm