Report: Hacking Crews Are All APT Now

Facebook helps companies detect rogue SSL certificates for domains

Facebook has launched a tool that allows domain name owners to discover TLS/SSL certificates that were issued without their knowledge.

The tool uses data collected from the many Certificate Transparency logs that are publicly accessible. Certificate Transparency (CT) is a new open standard requiring certificate authorities to disclose the certificate that they issue.

Until a few years ago, there was no way of tracking the certificates issued by every certificate authority (CA). At best, researchers could scan the entire web and collect those certificates being used on public servers. This made it very hard to discover cases where CAs issued certificates for domain names without the approval of those domains’ owners.

To read this article in full or to leave a comment, please click here

via http://www.computerworld.com/article/3149741/security/facebook-helps-companies-detect-rogue-ssl-certificates-for-domains.html#tk.rss_news and www.computechtechnologyservices.com

Let’s talk about Linux

Operating Systems come in many shapes and sizes. Probably the best known right now are OS X (by Apple) and Windows 7, 8, 10. These are not the only Operating Systems available though. In fact, they are not even close. So here is a brief introduction to Linux, an operating system far more varied and customizable than its purchasable counterparts.

Above are a few of the logos. The first is of the Linux Tux, the mascot for all of Linux. The rest are the logos of different versions of linux (referred to as distributions). So we know that Linux is an operating system, but why are there so many? How are they different? And if they are all different, then why are they all called Linux?

To start with the similarities, lets look at what Linux actually means. At its foundation, “Linux” just means “Unix-like operating system”. It is generally free and open source, and is based off of the Linux kernel, written in 1991 by Linus Torvalds.

So all the distributions of Linux are in the same category, but what makes them different? Above is a graphical history of Linux. Each split represents the birth of a new distribution, when a significant change was made to the distribution. Check out the full graphic here. Many of these splits were made because someone found that there wasn’t a distribution of Linux that worked exactly how they wanted it to, so they made a change to an existing one. The number of different versions may seem daunting, but the reality is that every single one was created by people just like you and me.

So where do you start?

Whether you want to jump in and install Linux as your primary distribution, dual-boot it alongside another Operating System, or just try it out on a bootable USB, there is a large community of Linux enthusiasts to help you through every bump in the road. If you have never used Linux before, pick a distribution with a very large community behind it, such as (but not limited to) Ubuntu, Debian, or Mint.

Happy Installing!

8 Things Autistic People Want You To Know

1. Autism is a fundamental part of who we are and how we experience the world and it cannot be separated from who we are as people. Autism is not something which is clearly separated from our identities and our personalities - it’s something which affects every aspect of how we think about, experience and interact with the world around us. Autism isn’t something we have or something we’re suffering from, it’s something we are. For the vast majority of autistic people, autism is a part of our identity which means that despite common belief most of us prefer to be called “autistic” as opposed to “people with autism.”  Do not tell us that we only have value if we can separate our identities and our personalities from autism.

2. The vast majority of autistic people do not want a cure, we want acceptance and accommodations. Do not put your time and money into researching how to cure autism and how to prevent it, put time and money into accommodating and accepting autistic people. We do not wish to become neurotypical, we wish to change society so that we can be accommodated, accepted and included as autistic people. Our goal isn’t to become as close to neurotypical as possible, it is to get the opportunity to live happy, fulfilling lives as autistic people. It is society that needs to chance, not us.

3. We do not support Autism Speaks or their campaign #LightItUpBlue and neither should you. If you want to support autistic people, check out ASAN or Autism Women’s Network instead. If you don’t know why autistic people don’t support Autism Speaks, check out the many resources linked in this post.

4. Functioning labels are at best inaccurate and at worst actively harmful.  Functioning labels (claiming that some autistic people are “high-functioning” while others are “low-functioning”) do more harm than good, not just because they aren’t able to give you an accurate impression of what supports an individual autistic person needs but because they’re mainly used to either silence or invalidate autistic people. Autistic people who speak up about the issues concerning them are labelled “high-functioning” to invalidate what they have to say as being inaccurate and irrelevant for other autistic people and so-called “low-functioning” autistic people are being silenced and spoken over because they are written off as too ‘low-functioning’ to have nuanced, relevant opinions or even communicate at all. Instead of forcing autistic people into one of two boxes, name the specific issues or strengths that you are referring to when you’re calling them low-functioning or high-functioning. Are they non-verbal? Say that instead of calling them low-functioning. Are they able to manage a job? Say that instead of calling them high-functioning.

5. Non-verbal autistic people can and do learn to communicate using other communication forms than verbal speech and they’re all individuals with their own thoughts, feelings, wants and opinions. You do not get to speak on behalf of non-verbal autistic people. You do not get to assume that you know exactly what they think, want and feel, especially not when you have never made any effort to communicate with any of them. Instead of assuming that you know what non-verbal autistic people think and feel, try listening to what they have to say by reading the words of some non-verbal autistic people such as @lysikan or Amy Sequenzia or Emma Zurcher-Long.

6. Applied Behavior Analysis, the most widespread and well-known therapy for autistic children, does more harm than good. The goal of ABA therapy is to train and force autistic people into hiding their autistic traits by all means possible as if passing for neurotypical should be the goal of all autistic people regardless of what consequences it might have for their general well-being and their mental health. If you don’t see why that is a problem, check out this masterpost by @neurowonderful.  

7. People diagnosed with Aspergers Syndrome are just as autistic as people diagnosed with other variants of Autism Spectrum Disorder. Aspergers is autism and to emphasize this, aspergers and other variants of autism have been united under a broader diagnosis called “autism spectrum disorder” in the DSM-5, Back when aspergers was a separate diagnosis, the only difference between whether you got diagnosed with aspergers or autism was whether you spoke before you were three years old - something which says approximately nothing about your struggles and abilities later in life.  The common misconception that aspergers and autism is two different things is just that - a misconception.

8. If you want to learn more about autism, listen to autistic people - not our parents, our siblings, our therapists our or caregivers. Autistic people are the ones who know the most about being autistic, so if you want to learn about autism we’re the ones you should ask. If you want to learn more about the different aspects of autism, @neurowonderful‘s youtube series “Ask An Autistic” is a good place to start. Here is an index over all the episodes so that you can easily find the topic you want to learn about.  You can also visit @askanautistic where autistic people are ready to answer whatever questions you may have about autism.  

Please reblog this post. It’s time tumblr starts listening to autistic people.

Power Macintosh 7100/80

Automating the Publish/Subscribe Pattern in JavaScript

The Publish/Subscribe pattern is one of the most used patterns in software, especially in User Interfaces with JavaScript. It is used whenever 2 pieces of a system need to communicate, but cannot or should not communicate directly. For example, a system receives data from a server at regular intervals that a bunch of components can use (which are added while the system runs):

var Publisher = function() { var self = { subscribers: [] }; self.subscribe = function(callback) { self.subscribers.push(callback); }; self.publish = function(data) { self.subscribers.forEach(function(callback) { callback(data); }); }; return self; } var publisher = Publisher(); // Simulate a set of data being returned over time var serverStream = function(callback) { Array.apply(null, { length: 5 }).forEach(function(unused, index) { var ms = index * 500 setTimeout(function() { callback('data-piece: ' + ms + ' ms'); }, ms); }); }; serverStream(publisher.publish); // Simulate components being registered over time. publisher.subscribe(function(data) { console.info('subscribe from part 1', data); }); setTimeout(function() { publisher.subscribe(function(data) { console.info('subscribe from part 2', data); }); }, 1000) // subscribe from part 1 data-piece: 0 ms // subscribe from part 1 data-piece: 500 ms // subscribe from part 1 data-piece: 1000 ms // subscribe from part 1 data-piece: 1500 ms // subscribe from part 2 data-piece: 1500 ms // subscribe from part 1 data-piece: 2000 ms // subscribe from part 2 data-piece: 2000 ms

The problem is that same pattern with almost identical code will be written over and over again in the same project. So instead of creating a publisher and subscriber with multiple message types each time this pattern needs to be used, it is simpler to just use new instances of the publisher object each time:

var messageSet1 = function(callback) { Array.apply(null, { length: 3 }).forEach(function(unused, index) { setTimeout(function() { callback('Hello ' + index); }, index * 500); }); }; var messageSet2 = function(callback) { Array.apply(null, { length: 3 }).forEach(function(unused, index) { setTimeout(function() { callback('World ' + index); }, index * 500); }); }; var MessageBox = function() { var self = { publishers: [] }; self.streams = function(streams) { self.publishers = []; streams.forEach(function(stream, index) { self.publishers.push(Publisher()); stream(self.publishers[index].publish); }); }; self.subscribeTo = function(index, callback) { return self.publishers[index].subscribe(callback); } return self; }; var messageBox = MessageBox(); // Use a trivial example to preserve clarity messageBox.streams([messageSet1, messageSet2]); messageBox.subscribeTo(0, function(data) { console.info('subscribe from part 1B', data); }); messageBox.subscribeTo(1, function(data) { console.info('subscribe from part 2B', data); }); // subscribe from part 1B Hello 0 // subscribe from part 2B World 0 // subscribe from part 1B Hello 1 // subscribe from part 2B World 1 // subscribe from part 1B Hello 2 // subscribe from part 2B World 2

A non-index based naming scheme could be introduced by passing more data into the streams call, but I wanted to keep the example as minimal as possible.

Github Location: https://github.com/Jacob-Friesen/obscurejs/blob/master/2016/publishSubscribeAutomation.js

A software problem which has already been solved, but not everywhere.

In the early days of the WWW, some websites were a lot better than others. Some places you would fill out a form and it would log you out and forget your stuff; the meaning of icons varied across the web; ….

Nowadays, there are a lot of Standards. There’s a certain way things generally work. Visual cues consistently mean the same thing and work the way I, as a semi-daft user with a lisp and a peg leg, would expect it to, without any further thought or research.

How did this wonderful increase in usability and optimisation happen? I think it’s due to JQuery.

For those who don’t know, JQuery is a bunch of software libraries that do common tasks like “initiate twitter-like pagination” or “build a form” the right way. In other words, some people who had seen a lot of good and bad choices, wrote some functions that any other programmer can use, and wrote down all the best 500-line programs so that other people could do them with just 1 line. (If you still don’t understand what I mean by a “library”, look at the third or fourth lesson on an introduction to C++ tutorial – somewhere in the beginning the instructor will explain why sometimes you want to take a long program and split off bits of the code as separate functions.)

  So here are several problems that have all been solved very nicely. The problems were that:

not everyone has the time/funds to perfect every last nanometer of their website

not everyone has the expertise to do everything perfectly

consequently, users had a bad experience

consequently, less business was transacted online

many people were solving the same problem

too much code was being written to solve the same problem in different places

consequently, management’s and programmers’ interests were disaligned.

The problem was solved through specialisation, as well as programming techniques like abstraction, callbacks, encapsulation, so on.

How far can this Library solution be taken? I mean both in the sense of economic viability and in the sense of programmability.

If I’m typing in some random stuff into R, I kind of expect that sparse matrices are multiplying in the best way possible, or in general that calculations are being done as quick as they could be.

Wouldn’t it be nice if every data structure could automatically tap into any relevant mathematical theorems that reduce calculation time or provide insights? For example the computer shouldn’t literally add the numbers 1+2+3+…+97+98+99+100 because mathematicians already know that 1+100 + 2+99 + 3+98 + 4+97 … = 101 × 50, which is way quicker to calculate. Wouldn’t it be great if data structures could automatically “know” (via libraries) any theorem about curvature, graph traversal, Yoneda lemma, and so on, without the programmer having to be a maths textbook him/herself?

Is this impossible? Or has it just not been done yet?

So at work today I worked with a new server and she told me and the other servers how much she loved me and how good of a worker I am and that I’d make an amazing server and omg its so nice to see people appreciate my work. My manager thanked me for coming in and doing my job and above and beyond and I was just like “dude I’m just working” lol and he’s like nah you do more than that and I’m just glad they liked my work ethic and that I get a serving job cause that pays more, a lot more. AND it’s a good job until I can do acting full time =‘) and a lot of servers tell me they love me and appreciate me <3 WHICH IS AMAZING CAUSE THEY WILL TIP ME WELL !!!

this week the senate will vote on whether or not to give the fbi warrantless access to your browsing data. this is extremely dangerous and a violation of privacy. not only would the fbi be able to essentially hack into your computers and internet service, but they might also hack into ones overseas. anything on your computers, they’ll be able to have access to. this is an extremely dangerous power the fbi is trying to get, and it CAN be stopped, but only if you guys are willing to put forth the effort.

how do you stop it? first, get the word out. twitter, tumblr, facebook, just get the word out by either making your own status or sharing this link. 

secondly, call your senators. on this website, just enter your phone number and it will give you a script to read off of. it will take you less than 30 seconds, trust me. you can also tweet them, send them emails, etc. all the contact info is on this site here. they will listen. dont know who your senators are? go here and scroll to the bottom. it lists all the senators and who you can call. also, you can tweet at them or send them an email. (all the links in this paragraph lead to the same source)

guys, it is extremely important this bill not get passed. PLEASE reblog this and at least tweet at them? you dont even have to think of anything to type. you literally click the tweet button and it does it for you. please, guys, please.

Update: The New Yahoo Finance

By Michael La Guardia, Senior Director of Product for Sports & Finance

A couple of weeks ago we introduced the world to our new Yahoo Finance page.  As we told you then, our goal is to provide the same quality content our users have come to expect, with cleaner, more modern designs and a focus on increased personalization and community engagement.

At launch, we asked our users to share their thoughts and feedback, so we can continue to iterate and improve our product.  We heard from many of you, and one thing is certain:  Yahoo Finance inspires deep passion and loyalty. We appreciate how vocal the community has been since the redesign - both with pats on the back, some great suggestions, and some frustrations - and we’ve been listening to all of it.  We’ve contacted many of you directly to let you know we’re addressing these concerns, and we’ve made real progress based on your feedback.   

To date we have closed a number of major issues, and dozens of smaller ones.  Here is a quick list of what’s been done so far:   

We’ve addressed many data availability and quality issues.

We added back options data for the S&P VIX ticker.

We added analyst 1 year price targets to the right side of the Key Stats module.

We’re now live updating all standard quote details on the Quote Summary Page.

We are once again showing “Get Quotes for Top 10 Holdings” link for ETF and MutualFund quotes.

We’ve restored our databases and should now have the same level of historical data that we used to have.  We also made it easier to manipulate date ranges for historical data.

All recent SEC filings are available for tickers again.

We’ve added “Yield” back to tables for bonds.

We have made adjustments to the way the site is laid out and how you interact with it.

You can now copy data out of our Historical Data pages and paste it correctly into a spreadsheet.

We increased the density of the data table on the Statistics tab.

When you navigate from one Quote Summary Page to another, we now keep you on the same tab.  For example, if you were looking at Yahoo’s financials and navigated to the Alibaba Quote page, the new page would open on the Financials tab.

We’ve made many headers clickable for direct access to deeper information.

Clicking on an option strike price now shows all options available at that price.

We restored the link to the Currency Converter tool.

We fixed bugs that you pointed out.

The Recently Viewed list no longer gets wiped out.

You can now select MAX time frame on historical data.

Adding a symbol to multi-quote now no longer wipes out the whole list.

Our products are constantly evolving, and we’ll continue to answer your questions and address your concerns.  There is still more to do, including some exciting new features that will be rolling out in the coming months.  You’ll be hearing from us regularly as it happens.  

In the meantime, keep your suggestions and feedback coming.