https://www.bleepingcomputer.com/news/security/browser-autofill-profiles-can-be-abused-for-phishing-attacks/ https://cloud.google.com/security/security-design/ http://betanews.com/2017/01/23/duckduckgo-10-billion-searches/ https://it.slashdot.org/story/17/02/28/2244206/severe-sql-injection-flaw-discovered-in-wordpress-plugin-with-over-1-million-installs How Threat Modeling Helps Discover Security Vulnerabilities https://access.redhat.com/blogs/766093/posts/2914051 SHA-1 ------ https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html Relação https://sites.google.com/site/itstheshappening/ http://crypto.stackexchange.com/questions/29695/what-is-a-freestart-collision https://lwn.net/Articles/715716/ https://lwn.net/Articles/715621/ https://plus.google.com/+LinusTorvalds/posts/7tp2gYWQugL https://bugs.webkit.org/show_bug.cgi?id=168774#c29 https://public-inbox.org/git/nycvar.QRO.7.75.62.1702240943540.6590@qynat-yncgbc/T/#me181023a3dfe30d4b76880f0c883c4f90a5a879d Isolamento ---------- https://lwn.net/Articles/712071/#Comments https://github.com/projectatomic/bubblewrap https://github.com/netblue30/firejail/tree/master/src/firejail Build ----- https://buckbuild.com/ https://bazel.build/ Bye Bye FTP - kernel.org ------------------------ https://kernel.org/shutting-down-ftp-services.html https://lwn.net/Articles/712896/#Comments Pacotes ------- Package managers all the way down https://lwn.net/Articles/712318/ Larsson: The flatpak security model – part 1: The basics https://lwn.net/Articles/712071 RANDOM GENERATOR ---------------- Linux Random Number Generator – A New Approach http://www.chronox.de/lrng/doc/lrng.pdf http://www.chronox.de/lrng.html --------------------------------------- Critical vulnerability under “massive” attack imperils high-impact sites (Ars Technica) https://lwn.net/Articles/716650 http://www.techrepublic.com/article/linux-foundation-chief-businesses-that-dont-use-open-source-will-fail/ Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware https://yro.slashdot.org/story/17/03/22/0535242/why-american-farmers-are-hacking-their-tractors-with-ukrainian-firmware Patents Are A Big Part Of Why We Can't Own Nice Things https://yro.slashdot.org/story/17/03/22/1438214/patents-are-a-big-part-of-why-we-cant-own-nice-things 28/03/17 -------- Ubuntu Hit By A Vulnerability In "Eject" http://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-Eject-Vulnerability 30/03/17 -------- Will VPNs Protect Your Privacy? It's Complicated https://politics.slashdot.org/story/17/03/30/1248252/will-vpns-protect-your-privacy-its-complicated Your Save Data Is Not Safe On the Nintendo Switch https://games.slashdot.org/story/17/03/30/2145223/your-save-data-is-not-safe-on-the-nintendo-switch Inline encryption support for block devices https://lwn.net/Articles/717754/ 31/03/17 -------- Millions of Websites Affected By Unpatched Flaw in Microsoft IIS 6 Web Server https://yro.slashdot.org/story/17/03/31/1516255/millions-of-websites-affected-by-unpatched-flaw-in-microsoft-iis-6-web-server Justificando a Pirataria? https://www.youtube.com/watch?v=M3qOniZZgmY Internet Revelada - um filme sobre a Internet e os Pontos de Troca de Tráfego (PTTs) https://www.youtube.com/watch?v=QXUpRg29iZQ 03/04/2017 ---------- GitHub Repository Owners Targeted By Data-Stealing Malware https://it.slashdot.org/story/17/04/03/0449250/github-repository-owners-targeted-by-data-stealing-malware Tor Browser Will Feature More Rust Code https://tech.slashdot.org/story/17/04/03/0337234/tor-browser-will-feature-more-rust-code 04/04/2017 ---------- Gigabyte Firmware Bugs Allow the Installation of BIOS/UEFI Ransomware https://it.slashdot.org/story/17/04/04/2027217/gigabyte-firmware-bugs-allow-the-installation-of-biosuefi-ransomware 05/04/2017 ----------- Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Project Zero) https://lwn.net/Articles/718886/ 07/04/2017 ---------- https://googleprojectzero.blogspot.com.br/2017/04/pandavirtualization-exploiting-xen.html https://googleprojectzero.blogspot.com/2017/04/pandavirtualization-exploiting-xen.html 10/04/2017 ---------- https://news.slashdot.org/story/17/04/10/0340232/american-farmers-are-still-fighting-tractor-software-locks https://news.slashdot.org/story/17/04/09/1829209/canonical-founder-criticizes-free-software-developers-who-hate-on-whatevers-mainstream https://yro.slashdot.org/story/17/04/09/1635219/a-huge-trove-of-patient-data-leaks-thanks-to-telemarketers-bad-security 17/04/2017 - Leitura da Pascoa ---------- VPN Providers Report Huge Increase In Downloads, Usage Since Privacy Rules Were Repealed https://yro.slashdot.org/story/17/04/12/2225255/vpn-providers-report-huge-increase-in-downloads-usage-since-privacy-rules-were-repealed Pirate Bay Founder: 'I Have Given Up' https://yro.slashdot.org/story/17/04/13/1424245/pirate-bay-founder-i-have-given-up New Processors Are Now Blocked From Receiving Updates On Old Windows https://hardware.slashdot.org/story/17/04/13/2021235/new-processors-are-now-blocked-from-receiving-updates-on-old-windows Virgin Media Starts Turning Customer Routers Into Public Wi-Fi Hotspots https://yro.slashdot.org/story/17/04/14/1526256/virgin-media-starts-turning-customer-routers-into-public-wi-fi-hotspots Unpatched Magento Zero Day Leaves 200,000 Merchants Vulnerable https://it.slashdot.org/story/17/04/15/1937255/unpatched-magento-zero-day-leaves-200000-merchants-vulnerable Should Burger King Be Prosecuted For Their Google Home-Triggering Ads? https://tech.slashdot.org/story/17/04/15/2329211/should-burger-king-be-prosecuted-for-their-google-home-triggering-ads North Korea Parades Hybrid 'Frankenmissile', Then Fails Yet Another Missile Launch Test https://news.slashdot.org/story/17/04/16/0147237/north-korea-parades-hybrid-frankenmissile-then-fails-yet-another-missile-launch-test Researchers Find 25,000 Domains Used In Tech Support Scams https://yro.slashdot.org/story/17/04/16/062210/researchers-find-25000-domains-used-in-tech-support-scams ICECAT https://www.gnu.org/software/gnuzilla/ Debian Issues Statement Over Arrested Russian Developer http://www.phoronix.com/scan.php?page=news_item&px=Debian-Dmitry-Bogatov 19/04/2017 ---------- Bose Headphones Secretly Collected User Data, Lawsuit Reveals https://yro.slashdot.org/story/17/04/19/1422208/bose-headphones-secretly-collected-user-data-lawsuit-reveals Baidu Announces New Open Platform To Help Speed Up Development of Self-Driving Cars https://hardware.slashdot.org/story/17/04/19/0521204/baidu-announces-new-open-platform-to-help-speed-up-development-of-self-driving-cars Online filesystem scrubbing and repair https://lwn.net/Articles/718800/ Cuidado com o seu cartão de embarque https://www.facebook.com/claudioleonardo.lucchesi/videos/1891451457735288/ 24/04/2017 ---------- Wall Street IT Engineer Hacks Employer To See If He'll Be Fired https://yro.slashdot.org/story/17/04/24/0425221/wall-street-it-engineer-hacks-employer-to-see-if-hell-be-fired 10/05/2017 ---------- Git 2.13 Released, Adds SHA-1 Collision Detection http://www.phoronix.com/scan.php?page=news_item&px=Git-2.13-Released Grsecurity goes private https://lwn.net/Articles/721848/ Intel's zero-day problem https://lwn.net/Articles/721586/ https://lwn.net/Articles/715817/ The rise of copyright trolls https://lwn.net/Articles/721458/ Spotify Used 'Pirate' MP3 Files In Its Early Days: Report https://yro.slashdot.org/story/17/05/09/1851240/spotify-used-pirate-mp3-files-in-its-early-days-report Canonical Founder Says Recent Changes In Ubuntu Were Necessary To Prepare the Company For an IPO https://linux.slashdot.org/story/17/05/09/1553255/canonical-founder-says-recent-changes-in-ubuntu-were-necessary-to-prepare-the-company-for-an-ipo Oracle And Cisco Both Support The FCC's Rollback Of Net Neutrality https://yro.slashdot.org/story/17/05/08/0047242/oracle-and-cisco-both-support-the-fccs-rollback-of-net-neutrality WikiLeaks Reveals A CIA LAN-Attacking Tool From 'Vault 7' https://it.slashdot.org/story/17/05/07/221257/wikileaks-reveals-a-cia-lan-attacking-tool-from-vault-7 Intel's Remote Hijacking Flaw Was 'Worse Than Anyone Thought' https://hardware.slashdot.org/story/17/05/07/2034245/intels-remote-hijacking-flaw-was-worse-than-anyone-thought "Richard Stallman" - Lunduke Hour - Apr 14, 2017 https://www.youtube.com/watch?v=S0y0oXU8YNk