Agregátor RSS

Které aplikace nebo weby pro počasí používáte nejraději?

Živě.cz - 4 Listopad, 2024 - 20:15
Které aplikace, případně rovnou zdroje dat, vám připadají nejspolehlivější? Které dokážou informace co nejsrozumitelněji podat? A které mají nejvíce funkcí? Protože na tyto otázky neexistuje jedna odpověď, dnešní anketa bude bez hlasování. Budeme řešit pouze to, které aplikace (či weby) používáte ...
Kategorie: IT News

Windows Server 2025 released—here are the new features

Bleeping Computer - 4 Listopad, 2024 - 19:31
​Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st. [...]
Kategorie: Hacking & Security

Europe plans to check Apple’s iPad for DMA compliance

Computerworld.com [Hacking News] - 4 Listopad, 2024 - 19:13

It’s been a few weeks since EU regulators put pressure on Apple, but that brief reprieve is over as they begin an investigation that might affect Apple’s iPad in Europe. 

On the surface, it’s relatively straightforward. Apple’s iPad OS was declared to be a “gatekeeper” under Europe’s Digital Market Act earlier this year. The significance of this is that Apple is required to open up aspects of its operating system in order to foster the chimera of open competition, which might or might not benefit users.

“Apple must, among others, allow users to set the default web browser of their choice on iPadOS, allow alternative app stores on its operating system, and allow accessory devices, like headphones and smart pens, to effectively access iPadOS features,” the Commission said. 

Failure to meet those DMA requirements means the European Commission can fine Apple up to 10% of its annual global revenue (or 20% for repeat infringements), so the company is under serious pressure to get its response right.

What Apple has done is explained in a document

With that in mind, Apple has made or is making multiple changes to its tablet operating system, just as it has with iOS. The company has explained those changes in a compliance report it was forced to publish under European law. That 12-page document was released Nov. 1 and is available for review here.

In it, Apple stresses that some of the changes to the system bring greater risks to customers. Those risks include exposure to potential malware, fraud, malicious apps, and lack of support if a user is impacted by issues with apps downloaded outside of the App Store.

The company has attempted to protect against such problems by insisting that developers, including those selling apps outside the store, notarize their apps to provide some degree of protection. The report explains how it supports third-party stores, some of the limitations in that support, the tools it provides, and more, including some discussion around cost.

The report also confirms upcoming changes, some of which may be less well known, for example (most verbatim from Apple’s report):

  • In an update later in 2024, iOS and iPadOS will include the following updates to app deletion: the App Store, Messages, Camera, Photos, and Safari apps will be deletable for users in the EU. Only Settings and (on iOS) Phone will not be deletable. 
  • By the end of the year, Apple intends to introduce a secure solution for users to authorize developers to access data related to their users’ personal data (to the extent it is available to Apple and users have consented to their personal data being shared with the developer). 
  • Also scheduled for introduction by the end of the year, Apple is building a browser switching solution for exporting and importing relevant browser data into another browser on the same device. 
  • Apple is also developing a solution that helps mobile operating system providers develop more user-friendly solutions to transfer data from an iPhone or iPad to a non-Apple phone or tablet. Apple aims to make this solution available by fall 2025.
  • The company also suggests it will allow users in the EU to set default navigation and translation apps beginning in the spring of 2025.

Apple’s report confirms it has put a DMA Compliance team together to help maintain compliance with European law, and created a mediation process that’s independent and free of charge to developers following the company’s newly introduced appeals process for DMA compliance.

Now, Europe plans to check Apple’s homework

Now that Apple has shared its approach to compliance, EU antitrust regulators will take a look to make sure that approach meets the demands of the Digital Markets Act. While it sounds alarming, this also feels like a relatively normal step — Apple published its approach, and regulators will now assess it

In a statement, the European Commission said: “The Commission will now carefully assess whether the measures adopted for iPad OS are effective in complying with the DMA obligations.”  It will also consider input from third parties about Apple’s approach.

Hopefully during the review, regulators will work with Apple to rectify any identified lacks, but the Commission does warn that if it decides the solutions Apple has put forward are not compliant it will take “formal enforcement action as foreseen in the DMA.”

The way that is articulated somewhat suggests that the time for negotiation may be over, but, as Apple’s own report observes, “Apple has already announced changes to its compliance plan to address stated concerns which are being implemented across iOS and iPadOS.”

Apple has also hinted that Apple Intelligence will be introduced in Europe next year, which itself suggests some ongoing dialog. All the same, the kiss of death will be if Europe’s regulators choose to use the power they have to reduce the value of Apple’s platforms to end users, who already have a choice of platform to use.

Unfortunately, it seems the Apple-versus-regulation game will run and run.

Please follow me on LinkedInMastodon, or join me in the AppleHolic’s bar & grill group on MeWe.

Kategorie: Hacking & Security

Custom "Pygmy Goat" malware used in Sophos Firewall hack on govt network

Bleeping Computer - 4 Listopad, 2024 - 18:46
UK's National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named "Pigmy Goat" created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors. [...]
Kategorie: Hacking & Security

Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack

The Register - Anti-Virus - 4 Listopad, 2024 - 18:01
Victims were placed in serious danger following highly sensitive data dump

The City of Columbus, Ohio, has confirmed half a million people's data was accessed and potentially stolen when Rhysida's ransomware raided its systems over the summer.…

Kategorie: Viry a Červi

Používání telefonu za volantem zpomaluje vaše reakce. Tento simulátor ukáže, jak výrazně

Zive.cz - bezpečnost - 4 Listopad, 2024 - 17:15
** Používání smartphonů je při řízení auta zakázáno ** Zpomaluje vaše reakce na to, co se děje na cestě před vámi** V tomto simulátoru si vyzkoušíte, o kolik pomalejší budete vy...
Kategorie: Hacking & Security

Používání telefonu za volantem zpomaluje vaše reakce. Tento simulátor ukáže, jak výrazně

Živě.cz - 4 Listopad, 2024 - 17:15
** Používání smartphonů je při řízení auta zakázáno ** Zpomaluje vaše reakce na to, co se děje na cestě před vámi** V tomto simulátoru si vyzkoušíte, o kolik pomalejší budete vy...
Kategorie: IT News

Windows infected with backdoored Linux VMs in new phishing attacks

Bleeping Computer - 4 Listopad, 2024 - 16:53
A new phishing campaign dubbed 'CRON#TRAP' infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. [...]
Kategorie: Hacking & Security

Solving the painful password problem with better policies

Bleeping Computer - 4 Listopad, 2024 - 16:01
Weak and reused credentials continue to plague users and organizations. Learn from Specops software about why passwords are so easy to hack and how organizations can fortify their security efforts. [...]
Kategorie: Hacking & Security

City of Columbus: Data of 500,000 stolen in July ransomware attack

Bleeping Computer - 4 Listopad, 2024 - 15:52
​The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial information in a July 2024 cyberattack. [...]
Kategorie: Hacking & Security

Cybersecurity Regulations and Compliance for Linux Users

LinuxSecurity.com - 27 Září, 2024 - 13:59
Security is an essential consideration when using computers and other technological devices. Linux admins and organizations must be informed about applicable legal measures related to the safety of their systems to ensure compliance and protect against possible risks.
Kategorie: Hacking & Security

Critical CUPS Vulnerability Exposes Linux Systems to Remote Hijacking

LinuxSecurity.com - 27 Září, 2024 - 12:00
CUPS, or the Common Unix Printing System , is an open-source printing system widely utilized on Unix-like operating systems such as Linux, BSDs, and macOS. CUPS acts as an open-source print server, allowing a computer to become an effective print server while managing print jobs and queues and providing a standardized interface for printing services.
Kategorie: Hacking & Security

Essential Server Security Security Strategies for Administrators

LinuxSecurity.com - 26 Září, 2024 - 20:12
In the current threat landscape, Linux servers have emerged as a dominant force, underpinning approximately 81% of all websites globally. Despite the prevalence of Windows in personal computing, Linux's resilience to various threats is a significant factor behind its extensive adoption, particularly in web hosting and enterprise environments.
Kategorie: Hacking & Security

Google Chooses Passkeys Over Passwords: Examining the Security Benefits for Linux Users

LinuxSecurity.com - 26 Září, 2024 - 14:53
In a bold move towards a future without traditional passwords, Google has introduced secure passkey sign-ins across almost all devices, including Windows, macOS, Linux, and Android. This change will revolutionize how users authenticate their identity online, providing a more secure and seamless experience.
Kategorie: Hacking & Security

The Risks of Default Router Security Settings for Home Users: A Comprehensive Analysis

LinuxSecurity.com - 25 Září, 2024 - 22:18
In 2024, the connected world requires our homes to serve as hubs for various devices, from computers and smartphones to smart fridges and security cameras. Still, many home users remain unaware of the risk posed by default router security settings, as revealed in Broadband Genie's 2024 Router Security Survey results .
Kategorie: Hacking & Security

Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO

LinuxSecurity.com - 25 Září, 2024 - 15:54
Linux has long been celebrated for its versatility, robustness, and vast array of security features it offers. A key aspect of maintaining and improving Linux security is using Linux Security Modules (LSMs) to manage access control policies.
Kategorie: Hacking & Security

Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security

LinuxSecurity.com - 25 Září, 2024 - 13:32
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense popularity has made it a focal point for malicious actors, and any security flaw in this widely used browser can have significant repercussions for users worldwide.
Kategorie: Hacking & Security

Defending Against Malicious Web Shells: Lessons from the Apache AXIS Server Attack

LinuxSecurity.com - 24 Září, 2024 - 19:31
Hackers have recently been observed actively targeting the Apache AXIS server to deploy malicious web shells, exposing significant vulnerabilities and risks for organizations and demanding immediate and comprehensive security measures.
Kategorie: Hacking & Security

Emerging Mallox Ransomware Variant Targets Linux Using Kryptina Code

LinuxSecurity.com - 24 Září, 2024 - 12:00
A new variant of the Mallox ransomware, which traditionally targeted Windows systems, has been observed targeting Linux environments. This ransomware strain is based on the leaked source code of the Kryptina ransomware.
Kategorie: Hacking & Security
Syndikovat obsah