• 1 Votes
    1 Posts
    14 Views

    Security experts have urged Android users to delete five apps from their phones immediately over fears they are infected with malware.

    Samsung Galaxy phones are particularly at risk from the nasty bug called Anatsa, which is a banking trojan.

    It is capable of performing actions on a victim’s phone without them knowing, including taking money from their bank account.

    The apps, which had been available on the Google Play Store, are:

    Phone Cleaner – File Explorer PDF Viewer – File Explorer PDF Reader – Viewer & Editor Phone Cleaner: File Explorer PDF Reader: File Manager

    Article courtesy of Life Hacker

    https://lifehacker.com/tech/delete-these-android-malware-apps-asap

  • 2 Votes
    1 Posts
    106 Views

    I came across this news article this morning

    https://news.sky.com/story/e3-cancelled-gamings-most-famous-event-killed-off-for-good-13028802

    This really is the end of an era, and it’s abundantly clear that the pandemic had a large part to play in its demise. From the article:

    It comes after plans for its return earlier this year were scrapped, with the likes of PlayStation maker Sony and Assassin’s Creed developer Ubisoft among the companies that planned to skip it.

    When big players such as Sony and Ubisoft do not plan on attending, the writing is on the wall. During the pandemic, various organisations were forced to adopt new ways of promoting their products, with live streams becoming the new normal - and by order of magnitude, a much cheaper alternative that has the same impact.

    This clearly demonstrates that technology is continually evolving, and there doesn’t seem to be any signs of a return to previous pre-pandemic forms on multiple fronts. Just look at how the work from home model has dramatically changed, with virtually every organisation having some form or remote working program they never considered before.

    Along the same lines, companies that were relatively minor before the pandemic have enjoyed a meteoric rise since being in a unique position to fill the void created by the pandemic. Out of the many is Zoom - take a look at the revenue graph below for an example

    b486247b-8af4-4b6a-b180-c27838d2c59f-image.png

    Source - https://www.businessofapps.com/data/zoom-statistics/

    At the peak of pandemic. Zoom reported 200m connections per day, and whilst that figure may have dropped of late, Zoom is still considered the #1 video conferencing tool and used in day-to-day life to facilitate meetings across the globe - even for people sitting in the same office space.

    However, you look at it, most of these pandemic “rising stars” are now here to stay and considered part of everyday life.

  • 0 Votes
    1 Posts
    200 Views

    Lower grade VPS instances, whilst cheap, do have the inherent issue in the fact that they only have 1Gb of RAM. In most cases, this is enough for relatively small or minor projects, but when you need more RAM that you actually have, you’ll quickly find that instance exhausted, and your applications crashing as a result.

    This is where the swap file comes into play. Adding a swap can significantly improve performance on low budget hosts, but without direct root access, this is not going to be possible. If you own a VPS that has root level access and need to add a swap, follow the below guide.

    First, what exactly is a Swap?

    swap is a section of hard disk space that has been set reserved for the operating system to temporarily store data that it is unable to hold in RAM. This step allows you increase the amount of information that your server can keep in its working memory (but not without with some caveats, which I’ll explain below). The swap space on the hard disk will be used mostly when there is no more sufficient space in RAM to host any in-use application data.

    The information written to disk will be far slower than information kept in RAM (RAM is superior in terms of speed owing to its architecture), but the operating system will prefer to keep running application data in memory and only use the swap for the older data. Essentially, having swap space as a failsafe for when your system’s physical memory is depleted can be a good safety net against crashes on systems with non-SSD storage available.

    Determine the size of the Swap we actually need.

    This process is made so much easier by using the below calculator

    https://pickwicksoft.github.io/swapcalc/

    Admittedly, if you only had 1Gb RAM, the SWAP would be default at 1Gb. You can play with the various configurations here to get the results you need, but be honest - don’t make your system out to be something it isn’t, because otherwise, you’ll create more problems than you set out to resolve.

    Swap space refers to a designated portion of hard drive storage that’s reserved for temporary data storage by the operating system when the RAM can’t accommodate it any longer. This allows for an expansion of the data that your server can hold in its active memory, though with certain conditions. The swap area on the hard drive comes into play primarily when there isn’t enough room left in the RAM to hold active application data.

    The data that gets written to the disk is notably slower than the data stored in RAM. Nevertheless, the operating system prioritizes keeping currently used application data in memory and employs swap for older data. Having swap space as a fallback when your system’s RAM is exhausted can serve as a valuable safeguard against out-of-memory errors, especially on systems with traditional non-SSD storage.

    Verifying the System for Swap Information

    Before proceeding, it’s advisable to confirm whether your system already has existing swap space. While it’s possible to have multiple swap files or swap partitions, typically one should suffice.

    You can check if your system has any configured swap by executing:

    sudo swapon --show

    If you receive no output, it means your system presently lacks swap space.

    You can also confirm the absence of active swap using the free utility:

    free -h

    As evident in the output, there is no active swap on the system, as shown in the Swap row.

    total used free shared buff/cache available Mem: 981Mi 122Mi 647Mi 0.0Ki 211Mi 714Mi SWAP: 0B 0B 0B Assessing Available Space on the Hard Drive Partition

    Before creating a swap file, it’s essential to check the current disk usage to ensure you have enough available space. This can be done by entering

    df -h Filesystem Size Used Avail Use% Mounted on tmpfs 1.6G 876K 1.6G 1% /run /dev/sda1 150G 65G 80G 45% / tmpfs 7.7G 0 7.7G 0% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock /dev/sda15 253M 6.1M 246M 3% /boot/efi tmpfs 1.6G 0 1.6G 0% /run/user/1009

    The device with / in the Mounted on column is our disk in this case. We have sufficient remaining space available - 65G used. Your availability will obviously be different.

    The appropriate size of a swap space can vary according to personal preferences and application requirements. Typically, an amount equivalent to or double the system’s RAM is a good starting point. For a simple RAM fallback, anything over 4G of swap is usually deemed unnecessary.

    Creating a Swap File

    Now that you’ve determined the available hard drive space, you can generate a swap file on your file system. A file of your desired size, named ‘swapfile,’ will be allocated in your root directory (/).

    The recommended method for creating a swap file is by using the fallocate program, which instantly generates a file of the specified size. For instance, if your server has 1G of RAM, you can create a 1G file as follows:

    sudo fallocate -l 1G /swapfile

    You can confirm the correct space allocation by running:

    ls -lh /swapfile

    The file will be created with the appropriate space allocation.

    Activating the Swap File

    Now that you have a correctly sized file, it’s time to turn it into swap space. Initially, you must restrict file access to only root users, enhancing security. To achieve this, execute:

    sudo chmod 600 /swapfile

    You can verify the permission change with:

    ls -lh /swapfile

    As seen in the output, only the root user has read and write permissions.

    Next, mark the file as swap space with:

    sudo mkswap /swapfile

    Afterward, enable the swap file to allow your system to utilize it:

    sudo swapon /swapfile

    You can verify the availability of swap by executing:

    sudo swapon --show

    Finally, recheck the output of the free utility to confirm the setup:

    free -h Making the Swap File Permanent

    The changes made enable the swap file for the current session, but they won’t persist through a system reboot. To ensure your swap settings remain, you can add the swap file information to your /etc/fstab file. Here’s how you can do it:

    Back up the /etc/fstab file as a precaution:

    sudo cp /etc/fstab /etc/fstab.bak

    Add the swap file information to the end of your /etc/fstab file with:

    echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab Adjusting Swap Settings

    There are several settings you can configure to influence your system’s performance with swap. Two key settings are the swappiness property and the cache pressure setting:

    Swappiness Property: This parameter determines how often data is swapped from RAM to the swap space. A value between 0 and 100 represents a percentage. Lower values (close to 0) mean less frequent swapping, while higher values (closer to 100) encourage more swapping. You can check the current swappiness value with:

    cat /proc/sys/vm/swappiness

    You can set a different value using the sysctl command. For example, to set the swappiness to 10:

    sudo sysctl vm.swappiness=10

    This setting persists until the next reboot, but you can make it permanent by adding it to your /etc/sysctl.conf file.

    Cache Pressure Setting: This setting affects how the system caches inode and dentry information over other data. Lower values, like 50, make the system cache this information more conservatively. You can check the current cache pressure value with:

    cat /proc/sys/vm/vfs_cache_pressure

    To set a different value, use the sysctl command and update your /etc/sysctl.conf file as you did with the swappiness setting.

  • 2 Votes
    1 Posts
    103 Views

    Just seen this post pop up on Sky News

    https://news.sky.com/story/elon-musks-brain-chip-firm-given-all-clear-to-recruit-for-human-trials-12965469

    He has claimed the devices are so safe he would happily use his children as test subjects.

    Is this guy completely insane? You’d seriously use your kids as Guinea Pigs in human trials?? This guy clearly has easily more money than sense, and anyone who’d put their children in danger in the name of technology “advances” should seriously question their own ethics - and I’m honestly shocked that nobody else seems to have a comment about this.

    This entire “experiment” is dangerous to say the least in my view as there is huge potential for error. However, reading the below article where a paralyzed man was able to walk again thanks to a neuro “bridge” is truly ground breaking and life changing for that individual.

    https://news.sky.com/story/paralysed-man-walks-again-thanks-to-digital-bridge-that-wirelessly-reconnects-brain-and-spinal-cord-12888128

    However, this is reputable Swiss technology at it’s finest - Switzerland’s Lausanne University Hospital, the University of Lausanne, and the Swiss Federal Institute of Technology Lausanne were all involved in this process and the implants themselves were developed by the French Atomic Energy Commission.

    Musk’s “off the cuff” remark makes the entire process sound “cavalier” in my view and the brain isn’t something that can be manipulated without dire consequences for the patient if you get it wrong.

    I daresay there are going to agreements composed by lawyers which each recipient of this technology will need to sign so that it exonerates Neuralink and it’s executives of all responsibility should anything go wrong.

    I must admit, I’m torn here (in the sense of the Swiss experiment) - part of me finds it morally wrong to interfere with the human brain like this because of the potential for irreversible damage, although the benefits are huge, obviously life changing for the recipient, and in most cases may outweigh the risk (at what level I cannot comment not being a neurosurgeon of course).

    Interested in other views - would you offer yourself as a test subject for this? If I were in a wheelchair and couldn’t move, I probably would I think, but would need assurance that such technology and it’s associated procedure is safe, which at this stage, I’m not convinced it’s a guarantee that can be given. There are of course no real guarantees with anything these days, but this is a leap of faith that once taken, cannot be reversed if it goes wrong.

  • 1 Votes
    1 Posts
    97 Views

    This is nuts. Not only did a bunch of teenagers hack into some of the best defended networks in the world, but the UK authorities allowed one individual to do this three times - despite arresting him in the first instance then bailing him - for him to do the same again - TWICE.

    The legal system in the UK is a joke. The computer misuse act alone should have been enough to detain him pending trial, and yet, they released him and allowed him to continue??

    https://www.bbc.com/news/technology-66549159

    Now, admittedly, there is an art form here that should be leveraged and understood in order for organizations to better arm themselves against future attacks. If juveniles are able to break their way into high profile organizations, then this would literally be kindergarten for an experienced nefarious actor.

    It seems that high profile companies will continue to remain targets while they focus more effort on profits than user vulnerability. According to the article, the attackers bombarded employees with access requests and some approved this access as a way of making it stop!

    There are several extremely valuable lessons that can be learned from these events - one of them being able to determine the level of risk posed by an individual - which it seems that the UK authorities completely failed to do.

    More on the recently updated Computer Misuse Act can be found below

    https://www.gov.uk/government/consultations/review-of-the-computer-misuse-act-1990/review-of-the-computer-misuse-act-1990-consultation-and-response-to-call-for-information-accessible

  • 1 Votes
    1 Posts
    82 Views

    It’s not often that I post anything on LinkedIn, but the post below caught my eye, and raised an eyebrow (to say the least) when I read it.

    Screenshot_2023-08-24-20-39-47-54_254de13a4bc8758c9908fff1f73e3725.jpg

    I typically remain impassive and neutral to most of these types of post as they are usually aimed at selling you something. However, the frankly absurd security advice here being offered was so bad, I found it hard to ignore and posted the below response

    Forgive me if I decide not to take any of your cyber security advice as all of the points you’ve raised are the entire point of phishing exercises. Do you really think a nefarious actor isn’t going to send emails that look just like this (mostly because they have succeeded elsewhere as others have highlighted)?

    Your profile states that you are the leader of a world class cyber security team, yet you offer really bad advice like this? This is exactly how all cyber security campaigns work and their effectiveness is blatantly obvious by the screenshot you posted.

    “Hurt feelings” are irrelevant when you are measuring the effectiveness of your cyber security program. As the primary defense in any organization, the security department needs to be in a position to detect and repel as many attacks as possible. The paradigm here being that an organization needs to stop thousands of these attacks getting through per day (probably way more) yet an attacker only needs one link to be clicked for their campaign to succeed.

    Employee security awareness should in fact be everything that the original poster claims it shouldn’t be. Just look at the success rate of previous campaigns which any decent training program is based on.

    The bottom line here is that I really don’t understand the reasoning for the original post. This guy claims to be the leader of a world class cyber security team, yet he decides to give poor advice like this?

    Speechless. And this is a so called professional?? We’re all doomed 😱

  • 1 Votes
    1 Posts
    98 Views

    I got hit with this today. As I have a Pro subscription to Font Awesome, this allows me to use a much wider range of fonts. Unfortunately, NodeBB only seems to list the free fonts, so in order to use the Pro icons, you have to manually type the font name you want (leave the fa- part off, as it’s not needed).

    No issues, so I went ahead and typed in the name. Below is the result

    9afecc8c-6a32-4e5d-882c-f72df65db513-image.png

    Now, despite the icon not showing here, it does once you save and reload the site. Great - problem solved then?

    Yes - until you want to change the icon back…

    Highlight over an unchanged icon, and you’ll see the mouse pointer change meaning there is a link behind it

    51d117f6-8359-4136-8f04-9be892a589f7-image.png

    However, hover over one you’ve changed by typing in the value manually, and you’ll see the link is gone

    2e69e0bf-baa0-4dc3-b653-2e14d55fdf5d-image.png

    Panic stations… headless chicken… major cussing session… No - there is a way out

    Fire up the dev tools (F12 for console), and press the select tool. Now select the element with the missing link

    b1a30da5-d878-4fab-9083-c9dcb3affa4a-image.png

    In the resultant element list, follow the HTML until you reach

    2eedea09-2675-4fe0-a28d-a89ff29dc4f3-image.png

    change-icon-link hidden

    Now delete the hidden part, so you are left with just change-icon-link and press enter

    You’ll see that the alt text appears for the image, which is enough for you to be able to click the anchor, and change the icon

    c59af52d-9d23-4f00-839e-0d43eee4c6e1-image.png

    4005c5bb-27a3-41a9-8c19-436e9d1501ab-image.png

    There you go. Now enjoy how smug you feel that you’ve sorted this problem yourself 🙂

  • 1 Votes
    1 Posts
    262 Views

    I thought I had already created a dedicated thread for this elsewhere, but clearly not - it was probably bundled in with another topic.

    If you want to create an “Author” badge on each post that looks like the below, you can do this using pure CSS

    d983d994-c4b6-4063-ae1e-74bba88d75b5-image.png

    Required CSS

    .topic-owner-post [itemprop=name]:after { border: 2px solid var(--bs-border-color); border-radius: 0.25rem !important; color: var(--bs-body-color); content: "Author"; margin-left: 5px; padding: 2px 10px; display: inline-block; }

    However, things get slightly more complicated if you want to add an icon in the same element, like the below

    a81318a0-a15c-45f1-94f7-ee17a1931433-image.png

    As the above example makes use of the :after pseudo element, it’s not possible to have two font-family statements when using content: ""

    To facilitate this, you’d need a jQuery function that looks like the below

    $(document).ready(function() { $(window).on('action:ajaxify.end', function(data) { $(".topic-owner-post [itemprop=name]").append("<span class='author'><span class='author-icon'><i class='fa-light fa-bullhorn'></i>Author</span>"); }); });

    Here, you use span tags to insert both the icon, and text 🙂

    Obviously, you need to ensure that the css for .author and .author-icon exist.

    Here’s an example

    span.author { border: 2px solid var(--bs-border-color); border-radius: 0.25rem !important; color: var(--bs-body-color); content: "Author"; margin-left: 5px; padding: 2px 10px; display: inline-block; } span.author-icon i { margin-right: 5px; }
  • 0 Votes
    1 Posts
    72 Views

    Announced in the news today is the intention for two of the UK’s largest mobile operators (Vodafone and Three) to merge, forming a £15Bn entity

    https://news.sky.com/story/vodafone-and-three-agree-uk-merger-to-create-biggest-mobile-player-worth-15bn-12899033

    It will be interesting to see how this plays out - and if it will be approved by the anti-competition regulator. Thje new entity promises an £11Bn investment in 5g networks, which if approved, would create one of the most superior 5g networks in the world.

    An interesting topic indeed, and one I will watch closely. Ultimately, it looks as though CK Hutchinson will disappear (Three’s parent company) and will leave the branding solely as Vodafone.

    As is typical of M & A, there will be fallout from the staffing perspective. However, Vodafone has been stagnant in terms of development, and lacklustre in terms of performance, so this has been on the cards for some time.

  • 2 Votes
    1 Posts
    68 Views

    In the news today

    https://news.sky.com/story/briton-pleads-guilty-to-hacking-stars-twitter-accounts-to-steal-bitcoin-12877404

    If proof was ever needed that social engineering attacks are incredibly effective, yet usually very simplistic in nature, then here it is. And the mount of money extorted for a low effort ratio is truly astonishing.

  • 0 Votes
    1 Posts
    116 Views

    Hi all,

    If you’re coming back here after a short hiatus, then you’ll notice that sudonix has now been upgraded to v3. There’s a lot of things that have changed - including new swatches, and a smart “drawer like” categories selector.

    I’ve also developed new code which has been running in dev for what seemed like a lifetime, but is now actively running here.

    Feel free to wander around and explore the new layout. I hope you enjoy using it as much as I already do.

    Thanks

  • 1 Votes
    1 Posts
    87 Views

    Released, who is using and pls share with us your experincess 🙂