What’s more interesting is that this flaw can be exploited by an attacker to run commands as root just by specifying the user ID “-1” or “4294967295.”
That’s because the function which converts user id into its username incorrectly treats -1, or its unsigned equivalent 4294967295, as 0, which is always the user ID of root user..
Source: Sudo Flaw Lets Linux Users Run Commands As Root Even When They’re Restricted
One of the biggest games in the world has been unplayable since this afternoon. Ahead of its next season — or possible a completely new chapter — Fortnite has gone down in just about every way imaginable. It’s widely believed that when the game is back up and running it will be a rebooted version featuring a brand new map.
Source: Fortnite has been down for hours as millions of players stare at a black hole – The Verge
Dennis MacAlistair Ritchie’s was “dmac”, Bourne’s was “bourne”, Schmidt’s was “wendy!!!” (his wife’s name), Feldman’s was “axlotl”, and Kernighan’s was “/.,/.,”.
Source: Computer historians crack passwords of Unix’s early pioneers / Boing Boing
and Ken Thompson’s was “p/q2-q4!” (chess notation for a common opening move).
Widespread adoption of DoH would limit ISPs’ ability to both monitor and modify customer queries. It wouldn’t necessarily eliminate this ability, since ISPs could still use these techniques for customers who use the ISP’s own DNS servers. But if customers switched to third-party DNS servers—either from Google or one of its various competitors—then ISPs would no longer have an easy way to tell which sites customers were accessing.
Source: Why big ISPs aren’t happy about Google’s plans for encrypted DNS | Ars Technica
The RFID cards contain chips, that combined with readers in the poker table, transmit information about each player’s hole cards, so that viewers can see the cards on the broadcast (which is on a 30-minute delay to protect game integrity).
Source: Cheating allegations against poker player Mike Postle halt livestreamed games
While concrete figures on trading volumes are hard to come by in this often murky corner of finance, data from CoinMarketCap.com show that the token with the highest daily and monthly trading volume is Tether, whose market capitalization is more than 30 times smaller. Tether’s volume surpassed that of Bitcoin’s for the first time in April and has consistently exceeded it since early August at about $21 billion per day, the data provider says.
Source: Bitcoin Isn’t the World’s Most-Used Cryptocurrency – Bloomberg
CentOS offers a bit of a different take on installing and updating packages. First off, the default package manager has migrated from YUM to DNF. The command structure for each is quite similar, so instead of running a command like:
sudo yum install httpdYou’d issue the command:
sudo dnf install httpdFor more information on DNF, see How to use the DNF package manager.
When Joshipura is talking about edge computing, he means compute and storage resources that are five to 20 milliseconds away. He also means edge computing should be an open, interoperable framework. This framework should be independent of hardware, silicon, cloud, or operating system. Open-edge computing should also work with any edge-computing use case: Internet of Things (IoT) edge, a telecom edge, cloud edge, or enterprise edge, whatever, “Our goal here is to unify all of these.”
Source: Linux Foundation exec believes edge computing will be more important than cloud computing | ZDNet
To make this happen, Joshipura announced two more projects were being incorporated into LF Edge: Baetyl and Fledge.
Attackers could lure users on malicious pages and exploit the vulnerability to extract the credentials users had entered on previously-visited sites. According to Ormandy, this isn’t as hard as it sounds, as an attacker could easily disguise a malicious link behind a Google Translate URL, trick users into visiting the link, and then extract credentials from a previously visited site.
Source: LastPass bug leaks credentials from previous site | ZDNet
Under the 25-year deal with developer 8minute Solar Energy, the city would buy electricity from a sprawling complex of solar panels and lithium-ion batteries in the Mojave Desert of eastern Kern County, about two hours north of Los Angeles. The Eland project would meet 6% to 7% of L.A.’s annual electricity needs and would be capable of pumping clean energy into the grid for four hours each night.
Source: Los Angeles OKs a deal for record-cheap solar power and battery storage – Los Angeles Times