Many open source projects attain a level of "maturity" where no one really needs any new features and there aren't a lot of new bugs being found, and the contributors to these projects dwindle, often to a single maintainer who is generally grateful for developers who take an interest in these older projects and offer to share the choresome, intermittent work of keeping the projects alive.
Ironically, these are often projects with millions of users, who trust them specifically because of their stolid, unexciting maturity.
This presents a scary social-engineering vector for malware: A malicious person volunteers to help maintain the project, makes some small, positive contributions, gets commit access to the project, and releases a malicious patch, infecting millions of users and apps.
This is apparently what happened to event-stream, a widely used tool that was compromised by a crypto-currency stealing attacker who gained commit access, poisoned an update, and then locked the project's owner out.
I don't know what to say. #116 [Dominic Tarr/Github]
A coalition of shipping industry associations has published The Guidelines on Cyber Security Onboard Ships, laying out best practices for the giant ships that ply the seas, and revealing that these behemoths are routinely infected with worms, ransomware, and malware spread by infected USB devices.
Taylor Swift used facial recognition technology at her live performances so that technicians running the system could then check those face scans against a private database of her stalkers.
Remember when Malcolm Turnbull, the goddamned idiot who was briefly Prime Minister of Australia, was told that the laws of mathematics mean that there was no way to make a cryptography system that was weak enough that the cops could use to spy on bad guys, but strong enough that the bad guys couldn't use […]
For the true audio enthusiast, there’s a lot of difference between putting on some songs “for background music” and a true listening experience. For the latter, there’s nothing like a pair of sturdy headphones and the powerful speakers that come with them. And the wireless variety doesn’t get much more powerful than the TREBLAB Z2 […]
Digital or analog, there’s a path of least resistance for any project. Finding that path is what the Agile methodology is all about, which is why proficiency in it is a must for any project management position – and the paycheck that comes with it. And the quickest path to learning Agile? The Agile Project […]
Everybody’s flown a paper airplane. But what if you could fly on a paper airplane? Until we invent shrink-ray technology, the PowerUp X FPV Video Paper Airplane Kit will have to do – but it’s as fun as that sounds and more. The original version of this creative toy added drone tech to the old, […]