"Ubuntu developers have fixed a series of vulnerabilities that made it easy for standard users to gain coveted root privileges," reports Ars Technica: "This blog post is about an astonishingly straightforward way to escalate privileges on Ubuntu," Kevin Backhouse, a researcher at GitHub, wrote in a post published on Tuesday. "With a few simple commands in the terminal, and a few mouse clicks, a standard user can create an administrator account for themselves."

The first series of commands triggered a denial-of-service bug in a daemon called accountsservice, which as its name suggests is used to manage user accounts on the computer... With the help of a few extra commands, Backhouse was able to set a timer that gave him just enough time to log out of the account before accountsservice crashed. When done correctly, Ubuntu would restart and open a window that allowed the user to create a new account that — you guessed it — had root privileges...

The second bug involved in the hack resided in the GNOME display manager, which among other things manages user sessions and the login screen. The display manager, which is often abbreviated as gdm3, also triggers the initial setup of the OS when it detects no users currently exist. "How does gdm3 check how many users there are on the system?" Backhouse asked rhetorically. "You probably already guessed it: by asking accounts-daemon! So what happens if accounts-daemon is unresponsive....?"

The vulnerabilities could be triggered only when someone had physical access to, and a valid account on, a vulnerable machine. It worked only on desktop versions of Ubuntu.
"This bug is now tracked as CVE-2020-16125 and rated with a high severity score of 7.2 out of 10. It affects Ubuntu 20.10, Ubuntu 20.04, and Ubuntu 18.04..." reports Bleeping Computer.

They add that the GitHub security research who discovered the bugs "reported them to Ubuntu and GNOME maintainers on October 17, and fixes are available in the latest code."

An anonymous reader quotes a report from IEEE Spectrum: While setting fire to an iron ingot is probably more trouble than it's worth, fine iron powder mixed with air is highly combustible. When you burn this mixture, you're oxidizing the iron. Whereas a carbon fuel oxidizes into CO2, an iron fuel oxidizes into Fe2O3, which is just rust. The nice thing about rust is that it's a solid which can be captured post-combustion. And that's the only byproduct of the entire business -- in goes the iron powder, and out comes energy in the form of heat and rust powder. Iron has an energy density of about 11.3 kWh/L, which is better than gasoline. Although its specific energy is a relatively poor 1.4 kWh/kg, meaning that for a given amount of energy, iron powder will take up a little bit less space than gasoline but it'll be almost ten times heavier. It might not be suitable for powering your car, in other words. It probably won't heat your house either. But it could be ideal for industry, which is where it's being tested right now.

Researchers from TU Eindhoven have been developing iron powder as a practical fuel for the past several years, and last month they installed an iron powder heating system at a brewery in the Netherlands, which is turning all that stored up energy into beer. Since electricity can't efficiently produce the kind of heat required for many industrial applications (brewing included), iron powder is a viable zero-carbon option, with only rust left over. So what happens to all that rust? This is where things get clever, because the iron isn't just a fuel that's consumed -- it's energy storage that can be recharged. And to recharge it, you take all that Fe2O3, strip out the oxygen, and turn it back into Fe, ready to be burned again. It's not easy to do this, but much of the energy and work that it takes to pry those Os away from the Fes get returned to you when you burn the Fe the next time. The idea is that you can use the same iron over and over again, discharging it and recharging it just like you would a battery.

To maintain the zero-carbon nature of the iron fuel, the recharging process has to be zero-carbon as well. There are a variety of different ways of using electricity to turn rust back into iron, and the TU/e researchers are exploring three different technologies based on hot hydrogen reduction (which turns iron oxide and hydrogen into iron and water). [...] Both production of the hydrogen and the heat necessary to run the furnace or the reactors require energy, of course, but it's grid energy that can come from renewable sources. [...] Philip de Goey, a professor of combustion technology at TU/e, told us that he hopes to be able to deploy 10 MW iron powder high-temperature heat systems for industry within the next four years, with 10 years to the first coal power plant conversion.

Yesterday, Apple released the latest version of macOS: macOS Big Sur (also known as macOS 11.0) and the rollout was anything but smooth. Many users have complained about Apple services such as iMessage, or even Apple Pay, not working for them. Personally, my 5K iMac (2013), which isn't even compatible with Big Sur, ground to a halt yesterday, as I was unable to open up Google Chrome or any of my Adobe Creative Cloud apps. Even navigating my system preferences was painfully slow.

According to developer Jeff Johnson, the reason apps were failing to launch was because a process called "trustd" failed to attempt to connect to Apple's Online Certificate Status Protocol website (oscp.apple.com). "[D]enying the connection between "trustd" and oscp.apple.com fixes the issue, as does disabling a Mac's connection to the internet," notes Apple Insider. Slashdot reader shanen shares their experience: The story is about different problems, so I'll just start with my own anecdote. The 12GB download was amazingly slow. I'm being charitable and willing to attribute that to high demand. Eventually it did finish. The installation process didn't seem to be too bad. Then I did something with the Mac and it immediately wanted another upgrade. Turned out to be a double upgrade of two slightly different versions of some tools, but another (slow) GB bites the dust. Meanwhile, it decided to do that double-upgrade again? One of those two must have succeeded, because the third attempt failed with the appropriate notice that it had succeeded.

Bottom line? Not reassuring, but it seems to be okay now. I should have made a note about what triggered the extra GB, but I don't think I did anything unusual that should have required an OS-level extension of the system. Ergo, whatever was going on, I think it belonged in the original 12 GB download... Disclaimer needed: I just had an extremely negative interaction with Apple about the battery swelling problem in the course of attempting to consider whether or not I should upgrade my old MacBook Pro. It started on the Apple website, which was amazingly unhelpful even after it dangled a trade-in offer of some kind. Then it continued with a long phone call to a very kind and friendly person who seemed to know not so much, though he eventually led me to the search that revealed "Optimized Battery Charging" as an option that my old Mac cannot use. By the way, new iPhones apparently have it, too. So right now I think Apple finally figured out how to stop the battery swelling, but I am still screwed. I regard the Mac as a sunk cost, and the second rule of sunk cost is to NOT throw good money after bad. The first rule is that no one wants to talk about their mistakes, eh?

So did your upgrade to Big Sur go better than mine? I really hope so. Why share the misery? We have plenty of that with "He whose name need not be mentioned" anymore.

Security researcher Jeffrey Paul, writes in a blog post: On modern versions of macOS, you simply can't power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored. It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn't realize this, because it's silent and invisible and it fails instantly and gracefully when you're offline, but today the server got really slow and it didn't hit the fail-fast code path, and everyone's apps failed to open if they were connected to the internet. Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings: Date, Time, Computer, ISP, City, State, Application Hash; Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.

This means that Apple knows when you're at home. When you're at work. What apps you open there, and how often. They know when you open Premiere over at a friend's house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city. "Who cares?" I hear you asking. Well, it's not just Apple. This information doesn't stay with them: These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables. These requests go to a third-party CDN run by another company, Akamai. Since October of 2012, Apple is a partner in the US military intelligence community's PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them. Now, it's been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple. The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don't permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

Apple on Thursday released the latest version of macOS: macOS Big Sur (also known as macOS 11.0), which is available to download now -- assuming you have a compatible Mac. From a report: Big Sur is one of the biggest updates to Apple's laptop and desktop software in years, featuring a top-to-bottom redesign of the interface, icons, and menu bar, a new control center UI borrowed from iOS, widgets (also borrowed from iOS), and a variety of other improvements (see here for the full list). It's such a big change that Apple is actually moving on from the OS X / OS 10 branding that it's been using for Macs for almost 20 years. Apple's also adding some new privacy-focused features, including better tracking information in Safari and new privacy data in the Mac App Store for any apps you download. ArsTechnica has published a comprehensive review of the new operating system. An excerpt from their conclusion: The Good
The bright, fresh visual style mostly looks pretty good.
The Control Center (and other changes to the upper-right section of the Menu Bar) are genuinely useful additions.
The Messages app finally catches up to its iOS/iPadOS counterpart, thanks to Catalyst.
The APFS version of Time Machine seems like an improvement, though we'll need to wait to see what its long-term reliability is like.
Aside from the old AFP file-sharing protocol and the Network Utility, Big Sur doesn't remove too many things or add many new security settings that will break apps. There may be some visual issues, but my experience has actually been that Apple breaks a lot fewer apps moving from Catalina to Big Sur than it did moving from Mojave to Catalina.

The Bad
A general reduction in contrast makes it harder to discern the difference between many buttons and controls at a glance.
If you want to fix any of these contrast issues in the Accessibility settings, it should be possible to increase contrast or reduce transparency in certain places without making it an all-or-nothing setting. Some of the new buttons and icons are nice. Some of them are less nice.
Big Sur on Apple Silicon Macs will give up the ability to run Windows in a virtual machine or on a separate partition, though Intel Macs can still do both things.

The Ugly
As usual, Apple is just a year or two more aggressive about dropping support for old Macs than I think they really need to be.

Google officially introduced its Android mobile operating system on November 5th, 2007, which just so happens to line up with today, so happy 13th birthday, Android. Ryne Hager from Android Police reports: On November 5th, 2007, the "Open Handset Alliance" was revealed after long speculation that Google would enter the smartphone market, following the purchase of a little startup named "Android." Rumors had swirled surrounding a potential "Gphone," but Google quashed them as it announced that Android would be an open platform for anyone. Companies including Motorola, Qualcomm, HTC, and T-Mobile were all on board to help deliver the hardware and partnerships the nascent platform would require.

Google promised that Android would change the status quo, and it definitely delivered, with it now claiming over 72% of the worldwide smartphone market share, according to some recent estimates (if not more). It's the primary vehicle that has allowed billions of people to get online in emerging markets, and it's the reason our site even exists.

According to Phoronix, a Dell privacy driver is is being prepared for the Linux kernel. From the report: Beginning in Dell's 2021 laptop models they are providing hardware-based "privacy buttons" to disable microphone and camera support. These new Dell privacy buttons are basically hardware kill switches for the microphone and web camera video stream. The Dell privacy driver sent out on Tuesday for the Linux kernel is about manipulating the relevant LEDs and tracking the status of the hardware-based controls where as the actual toggling of the audio/video support is handled by the hardware.

The Dell privacy driver in its current form is talked about for the camera and microphone support but the patch does also note a "PRIVACY_SCREEN_STATUS" bit as well. Presumably they will be extending this privacy driver as well for privacy screen handling around reducing the horizontal/vertical viewing angles of the display. The dell-privacy Linux driver in its initial form can be found via the kernel mailing list. It's great seeing Dell working on this driver punctually for Linux ahead of their next-gen laptops.

An anonymous reader quotes a report from BleepingComputer: The data analysts firm NetMarketShare revealed that Windows 10 has seen another uptake in users and it went up to 64.04% from 61.26% last month. Linux (multiple distros) went from 1.14% to 1.65% and Ubuntu now holds a market share of 0.51%. The market share of Windows 7 has also dropped, but many users are still actively using outdated Windows 7, which could be due to its huge number of enterprise users. According to NetMarketShare, Windows 7 saw a drop from 22.77% to 20.41% last month. The report shows that 20.41% of desktops still use Windows 7. Even worse, some are still using Windows XP, according to the report. As of October 2020, the market share of Windows XP is 0.87%.

In preparation for next year's Xe HPG graphics cards, Intel's open-source developers have begun publishing their patches enabling their "ANC" Vulkan Linux driver to support Vulkan ray-tracing. Phoronix reports: Jason Ekstrand as the lead developer originally on the Intel ANV driver has posted today the initial ray-tracing code for ANV in order to support VK_KHR_ray_tracing for their forthcoming hardware. Today is the first time Intel has approved of this open-source code being published and more is on the way. The code today isn't enough for Vulkan ray-tracing but more is on the way and based against the latest internal Khronos ray-tracing specification. At the moment they are not focusing on the former NVIDIA-specific ray-tracing extension but may handle it in the future if game vendors continue targeting it rather than the forthcoming finalized KHR version.

Among other big ticket items still to come in the near-term includes extending the ANV driver to support compiling and dispatching OpenCL kernels, new SPIR-V capabilities, and generic pointer support. Also needed is the actual support for compiling ray-tracing pipelines, managing acceleration structures, dispatching rays, and the platform support. The actual exposing of the support won't come until after The Khronos Group has firmed up their VK_KHR_ray_tracing extension. Some of this Intel-specific Vulkan ray-tracing code may prove useful to Mesa's Radeon Vulkan "RADV" driver as well. Intel engineers have been testing their latest ray-tracing support with ANV internally on Xe HPG.

Microsoft has released a Windows update that removes Adobe's Flash Player before it reaches end of support on December 31, 2020. ZDNet reports: Update KB4577586 is part of Microsoft's effort to follow through with plans it announced along with Adobe, Apple, Facebook, Google, and Mozilla in 2017 to end support for Flash by December 2020. The Flash-removing update is available for all supported versions of Windows 10 and Windows Server, as well as Windows 8.1.

This new update removes Flash Player from Windows devices and cannot be uninstalled, Microsoft says in a new support note. However, it isn't rolling out via Windows Server Update Service (WSUS) just yet, and the update needs to be downloaded and installed from the Microsoft Update Catalog. It will become available to WSUS in early 2021, but admins can import it to WSUS manually today. Microsoft is releasing the Flash-removing update ahead of the end of support so that enterprise customers can test the impact on business applications when Flash is removed from a Windows PC or server. But the company says it will continue to deliver Flash security updates until support ends.

Microsoft has also detailed two methods that users and admins can follow to continue using Flash Player after the update is installed. Users can reset a device to an earlier system restore point. However, users need to explicitly enable this feature and a system restore point must have been created on the Windows device before the update is applied. The other option is to reinstall Windows without applying the update.

Windows Central reports: Microsoft is preparing a major OS update for Windows 10 in 2021 that sources say will bring with it a significant design refresh to the Windows UI. I'm told that Microsoft is planning to update many top-level user interfaces such as the Start menu, Action Center, and even File Explorer, with refreshed modern designs, better animations, and new features. This UI project is codenamed "Sun Valley" internally and is expected to ship as part of the Windows 10 "Cobalt" release scheduled for the holiday 2021 season. Internal documentation describes the project as "reinvigorating" and modernizing the Windows desktop experience to keep up with customer expectation in a world driven by other modern and lightweight platforms.

Windows 10 has remained much the same these last few years, with little to no changes in its design or feature set. Many other platforms on the market have gone through entire redesigns or UI refreshes in the last five years, and while Windows 10 has gone through minor design iterations with the introduction of Fluent Design, we've not seen a significant refresh or rethinking of its UI. The Sun Valley project appears to be spearheaded by the Windows Devices and Experiences team, lead by Chief Product Officer Panos Panay, who took charge of said division back in February. Microsoft announced in May that the company would be "reinvesting" in Windows 10 in the 2021 timeframe, and my sources say that Sun Valley is the result of that reinvestment.

An anonymous reader quotes a report from IEEE Spectrum: In April, Guoping Feng and colleagues at MIT, along with [Karl Deisseroth, a neuroscientist and bioengineer at Stanford University] demonstrated a minimally invasive optogenetic system that required drilling a small hole in the skull, then being able to control opsin-expressing neurons six millimeters deep into the brain using blue light. This approach used of a type of opsin that slowly activates neurons in a step-wise manner. In the most recent study [published in the journal Nature Biotechnology], Deisseroth and colleagues sought to instead enable both deep and fast optogenetics without surgery. The Stanford team expressed in the brain cells of mice a powerful new opsin called ChRmine (pronounced like the deep-red color "carmine"), discovered by Deisseroth's group last year in a marine organism. Then, they shined a red light outside the skull and were able to activate neural circuits in the midbrain and brainstem at depths of up to 7 millimeters. With the technique, the scientists turned on and off brain circuits with millisecond precision. "It really worked well, far better than we even expected might be possible," says Deisseroth.

The team then tested the effectiveness of the system. In one instance, they used light to quickly and precisely stop seizures in epileptic mice, and in another to turn on serotonin-producing neurons to promote social behavior in mice. Most optogenetic techniques involve injecting viruses with an opsin gene of choice directly into the brain with a needle. To avoid this, the Stanford team used a type of PHP virus developed at CalTech that can be injected in the blood. The virus then crosses the blood-brain barrier to deliver its payload, an opsin gene, to brain cells. In this case, even the delivery of the gene is noninvasive -- no needle penetrates the brain. Deisseroth's team is now testing the non-invasive technique in fish and collaborating with others to apply it to non-human primates. They're also working with the Seattle-based Allen Institute to develop mouse lines bred with ChRmine in their cells.

New submitter andreavenezia shares a report from The Verge: Chrome OS may finally be getting a dark mode, but so far it's only been spotted in its experimental Canary channel, Android Central reported. Before you go tinkering with Canary just be advised: Canary is Google's "bleeding edge" Chrome OS path, which receives daily updates of features before they've been widely tested. It can only be accessed from Chromebooks switched into a special developer mode (not to be confused with the Chrome OS Developer channel). Google warns that Canary can be "unstable."

But at the moment, to activate dark mode on your Chromebook, you need to have the Canary channel installed. Once you've done that, Android Central says you just open Chrome and type in chrome://flags/#enable-force-dark and chrome://flags/#enable-webui-dark-mode into the URL bar. I should note I tried this on my older Chromebook and wasn't able to get it to work. But here's the view Android Police captured. Android Central says the dark mode has some bugs, but notes it seems to apply across the UI, not just as darker backgrounds.

emil (Slashdot reader #695) shares an article from Linux Journal re-visiting the saga of the btrfs file system (initially designed at Oracle in 2007): The btrfs filesystem has taunted the Linux community for years, offering a stunning array of features and capability, but never earning universal acclaim. Btrfs is perhaps more deserving of patience, as its promised capabilities dwarf all peers, earning it vocal proponents with great influence. Still, [while] none can argue that btrfs is unfinished, many features are very new, and stability concerns remain for common functions.

Most of the intended goals of btrfs have been met. However, Red Hat famously cut continued btrfs support from their 7.4 release, and has allowed the code to stagnate in their backported kernel since that time. The Fedora project announced their intention to adopt btrfs as the default filesystem for variants of their distribution, in a seeming juxtaposition. SUSE has maintained btrfs support for their own distribution and the greater community for many years.

For users, the most desirable features of btrfs are transparent compression and snapshots; these features are stable, and relatively easy to add as a veneer to stock CentOS (and its peers). Administrators are further compelled by adjustable checksums, scrubs, and the ability to enlarge as well as (surprisingly) shrink filesystem images, while some advanced btrfs topics (i.e. deduplication, RAID, ext4 conversion) aren't really germane for minimal loopback usage. The systemd init package also has dependencies upon btrfs, among them machinectl and systemd-nspawn . Despite these features, there are many usage patterns that are not directly appropriate for use with btrfs. It is hostile to most databases and many other programs with incompatible I/O, and should be approached with some care.
The original submission drew reactions from three disgruntled btrfs users. But the article goes on to explore providers of CentOS-compatible btrfs-enabled kernels, ultimately opining that "There are many 'rough edges' that are uncovered above with btrfs capabilities and implementations, especially with the measures taken to enable it for CentOS. Still, this is far better than ext2/3/4 and XFS, discarding all the desirable btrfs features, in that errors can be known because all filesystem content is checksummed." It would be helpful if the developers of btrfs and ZFS could work together to create a single kernel module, with maximal sharing of "cleanroom" code, that implemented both filesystems... Oracle is itself unwilling to settle these questions with either a GPL or BSD license release of ZFS. Oracle also delivers a btrfs implementation that is lacking in features, with inapplicable documentation, and out-of-date support tools (for CentOS 8 conversion). Oracle is the impediment, and a community effort to purge ZFS source of Oracle's contributions and unify it with btrfs seems the most straightforward option... It would also be helpful if other parties refrained from new filesystem efforts that lack the extensive btrfs functionality and feature set (i.e. Microsoft ReFS).

Until such a day that an advanced filesystem becomes a ubiquitous commodity as Linux is as an OS, the user community will continue to be torn between questionable support, lack of features, and workarounds in a fragmented btrfs community. This is an uncomfortable place to be, and we would do well to remember the parties responsible for keeping us here.
So how do Slashdot's readers feel about btrfs?

An anonymous reader quotes a report from IEEE Spectrum: New circuits can get printed directly on human skin to help monitor vital signs, a new study finds. In the new study, researchers developed a way to sinter nanoparticles of silver at room temperature. The key behind this advance is a so-called a sintering aid layer, consisting of a biodegradable polymer paste and additives such as titanium dioxide or calcium carbonate. Positive electrical charges in the sintering aid layer neutralized the negative electrical charges the silver nanoparticles could accumulate from other compounds in their ink. This meant it took less energy for the silver nanoparticles printed on top of the sintering aid layer to come together, says study senior author Huanyu Cheng, a mechanical engineer at Pennsylvania State University.

The sintering aid layer also created a smooth base for circuits printed on top of it. This in turn improved the performance of these circuits in the face of bending, folding, twisting and wrinkling. In experiments, the scientists placed the silver nanoparticle circuit designs and the sintering aid layer onto a wooden stamp, which they pressed onto the back of a human hand. They next used a hair dryer set to cool to evaporate the solvent in the ink. A hot shower could easily remove these circuits without damaging the underlying skin. After the circuits sintered, they could help the researchers measure body temperature, skin moisture, blood oxygen, heart rate, respiration rate, blood pressure and bodily electrical signals such as electrocardiogram (ECG or EKG) readings. The data from these sensors were comparable to or better than those measured using conventional commercial sensors that were simply stuck onto the skin, Cheng says. The findings have been published in the journal Applied Materials & Interfaces.

An anonymous reader shares a report: As stated earlier, new Ubuntu versions come April and October, and wouldn't you know it, we are at the end of the latter. With Halloween a bit more than a week away, Canonical today releases Ubuntu 20.10. Ubuntu's version numbering scheme is based on year (YY), a period, and the month (MM). For instance, the previous stable version was released this past April and it is numbered as 20.04. In addition, Canonical (the operating system's owner) assigns names -- sequentially and alphabetically. The alphanumeric code name is always based on two words starting with the same sequential letter -- an adjective followed by an animal name. The aforementioned 20.04 is named "Focal Fossa." This time, the operating system will be called Ubuntu 20.10 "Groovy Gorilla." This new version of the desktop operating system is loaded with fixes, new features, and a renewed focus on the now-iconic Raspberry Pi. Yes, folks, with a compatible Pi (models with 4GB or 8GB of RAM), you can now have the full Ubuntu desktop experience. More about the new features here.

TrickBot survived an initial takedown attempt, but Microsoft and its partners are countering TrickBot operators after every move, taking down any new infrastructure the group is attempting to bring up online. From a report: Last week, a coalition of cyber-security firms led by Microsoft orchestrated a global takedown against TrickBot, one of today's largest malware botnets and cybercrime operations. Even if Microsoft brought down TrickBot infrastructure in the first few days, the botnet survived, and TrickBot operators brought new command and control (C&C) servers online in the hopes of continuing their cybercrime spree. But as several sources in the cyber-security industry told ZDNet last week, everyone expected TrickBot to fight back, and Microsoft promised to continue cracking down against the group in the weeks to come. In an update posted today on its takedown efforts, Microsoft confirmed a second wave of takedown actions against TrickBot. The OS maker said it has slowly chipped away at TrickBot infrastructure over the past week and has taken down 94% of the botnet's C&C servers, including the original servers and new ones brought online after the first takedown.

An anonymous reader quotes a report from ZDNet: The writing was on the wall two years ago. The OpenStack Foundation was going to cover more than just the OpenStack Infrastructure-as-a-Service (IaaS) cloud. Today, that metamorphosis is complete. The Foundation now covers a wide variety of open-source cloud and container technologies as the Open Infrastructure Foundation. Why so long? COO Mark Collier said, "They wanted to be sure they did this right." One reason for this was to make sure they could differentiate their group from The Linux Foundation's Cloud Native Computing Foundation (CNCF), which covers much of the same ground.

The Open Infrastructure Foundation executive director Jonathan Bryce said that, "OpenStack is still one of the top three most active open source projects in the world. It's just the landscape of infrastructure and there are many new exciting trends with open becoming more and more ubiquitous." To make use of all these different ways the cloud has evolved requires new software programs and that's where the Open Infrastructure Foundation comes in. The new Foundation's mission is to establish new open-source communities to help bring into production new emerging use cases. This includes AI/ML; CI/CD; container infrastructure; edge computing; 5G; and public, private and hybrid clouds.

As part of the October 2020 Patch Tuesday security updates, Microsoft has added a new option to Windows to let system administrators disable the JScript component inside Internet Explorer. ZDNet reports: The JScript scripting engine is an old component that was initially included with Internet Explorer 3.0 in 1996 and was Microsoft's own dialect of the ECMAScript standard (the JavaScript language). Development on the JScript engine ended, and the component was deprecated with the release of Internet Explorer 8.0 in 2009, but the engine remained in all Windows OS versions as a legacy component inside IE. Across the years, threat actors realized they could attack the JScript engine, as Microsoft wasn't actively developing it and only rarely shipped security updates, usually only when attacked by threat actors. [...]

Now, 11 years after deprecating the component, Microsoft is finally giving system administrators a way to disable JScript execution by default. According to Microsoft, the October 2020 Patch Tuesday introduces new registry keys that system administrators can apply and block the jscript.dll file from executing code. Details on how this can be done are available below, as taken from Microsoft's documentation.

ArchieBunker writes: The OpenBSD project has turned 25 years old and is celebrating this with release 6.8.