MAY
12

Facebook defends itself against op-ed calling for its breakup

On Thursday, Facebook co-founder Chris Hughes wrote an op-ed in The New York Times calling for the company to be broken up, saying that CEO Mark Zuckerberg’s “focus on growth led him to sacrifice security and civility for clicks,” and that he should be held accountable for his company’s mistakes. Now, Facebook has responded an op-ed of its own, saying that its size isn’t the real problem, and that its success as a platform shouldn’t be punished.

Nick Clegg, Facebook’s vice president for global affairs and communications wrote the piece, and in it, he agrees with Hughs that “companies should be held accountable for their actions,” and that tech companies such as Facebook shouldn’t be the ones handling all of the “important social, political and ethical questions” for the internet.

The challenges ‘won’t evaporate by breaking up Facebook or any other big tech company’

But he notes that breaking Facebook up — as Hughes calls for — would be the wrong way to go. “The challenges he alludes to,” Clegg writes, “including election interference and privacy safeguards, won’t evaporate by breaking up Facebook or any other big tech company.” He goes on to reiterate many of Facebook’s regular talking points: that it’s been a net-positive for the world by connecting everyone, allowing businesses thrive and for people to raise lots of money for important causes around the world.

Zuckerberg also responded to the op-ed while in France, saying that “my main reaction was that what [Hughes is] proposing that we do isn’t going to do anything to help solve those issues.”

Notably, Clegg sidesteps what’s probably the op-ed’s main focus: Zuckerberg himself. Hughes notes that while the CEO is a good person, he holds far too much power at Facebook, and can’t be held accountable there — he calls the shots. “The government must hold Mark accountable,” Hughes wrotes.

Continue reading

Copyright

© Flipboard and it's respective authors

MAY
11

Microsoft Confirms Intent To Replace Windows 10 Passwords For 800 Million Users

24,594 viewsMay 11, 2019, 09:09am

Microsoft has very quietly confirmed the death of Windows 10 passwords this week. Microsoft's crypto, identity and authentication team group manager, Yogesh Mehta, has made an announcement that he says puts "the 800 million people who use Windows 10 one step closer to a world without passwords." Whether you love Microsoft or are a Windows 10 hater, I think most people will agree that passwords have long since reached their expiry date. By which I don't just mean in the sense of security policy baseline recommendations either, although Microsoft did also recently announce a change to Windows 10 passwords in that regard as well. Rather I am referring to the whole concept of the password as a secure authentication method.

Mehta confirmed that with the release of the forthcoming Windows 10 May update, Windows Hello becomes a fully FIDO2 certified authenticator. What does that mean, do I hear you ask? The FIDO Alliance, which stands for Fast Identity Online, is an industry body on a mission to solve the problem of passwords through the use of open standards to drive technologies that can securely replace them. FIDO2 is a set of such standards that enable logins backed by strong cryptographic security, and the certification in question applies to the use of Windows Hello for Windows 10 users.

Andrew Shikiar, the CMO of the FIDO Alliance, says that "Microsoft has been a preeminent advocate of FIDO Alliance's mission to move the world beyond passwords." Indeed, it has been making great strides to get rid of passwords since the introduction of Windows Hello, which enables Windows 10 users to sign into devices, back in 2015. So does the arrival of FIDO2 certification for Windows 10 mean that passwords are now dead? Not quite. The death of the password for Window 10 could yet be a lingering and painful one. "We encourage companies and software developers to adopt a strategy for achieving a passwordless future and start today by supporting password alternatives such as Windows Hello," Mehta says, before admitting that to arrive in this future requires "interoperable solutions that work across all industry platforms and browsers." I say painful, by the way, as there will no doubt be no shortage of stories about password security fails until the final nail is hammered into this authentication coffin.

Jake Moore, a security specialist at ESET, is welcoming of the news. "Considering the number of data breaches we have witnessed in the past few months," he says, "it is great to see companies taking the steps required to protect their users." However, he warns that passwords will "still be a feature in the background," and so users must be pushed to "adopt better password management and multi-factor authentication to protect their data in case their information gets into the wrong hands."

Original author: Winder

Copyright

© Flipboard and it's respective authors

MAY
08

EasyApache 4 May 8 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! This release contains a debuginfo package for ea-liblsapi, a fix for an Apache issue with symlink protection, and a number of PHP updates. Take a look at some highlights below, and then join us on SlackDiscord, or Reddit to talk about this update and much more.

ea-liblsapiEA-8330 – Build debuginfo package for ea-liblsapiea-apache2CPANEL-27056 – apache is serving up root owned files when symlink protection is enabledscl-php71scl-php71-metaEA-8431 – Update PHP71 from 7.1.28 to 7.1.29scl-php72scl-php72-metaEA-8427 – Update PHP72 from v7.2.17 to v7.2.18scl-php73scl-php73-metaEA-8428 – Update PHP73 from v7.3.4 to v7.3.5


This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with PHP versions 7.1.29, 7.2.18, and 7.3.5. This release addresses vulnerabilities related to CVE-2019-11036 and another other vulnerability which has not yet been assigned a number. We strongly encourage all PHP 7.1 users to upgrade to version 7.1.29, all PHP 7.2 users to upgrade to version 7.2.18, all PHP 7.3 users to upgrade to version 7.3.5.

AFFECTED VERSIONS
All versions of PHP 7.1 through 7.1.28
All versions of PHP 7.2 through 7.2.17
All versions of PHP 7.3 through 7.3.4


SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

Continue reading

Copyright

© Cpanel

MAY
08

JomSocial 4.7.1 major release: Introducing Page Feature

Hi,

Page is a major feature for community social websites. It is developed with the purpose of helping a user to build a place for people to get connected with their business. For new business or startup, the page will be helpful to build community and convert the followers to customers.

And now, the Page feature is available in JomSocial major update - JomSocial 4.7.1. This new version also includes 8 major improvements and bug fixes.

1. Introducing Page feature

User can create their own pages and set it as public, closed page or public but not to show on the list page menu. There are lots of other settings for pages:

Allow page members to create photo albumnsAllow page members to add videosAllow page members to share filesAllow page members to create polls

Activities types supported for Pages:

Status: add status to the pagePhotos upload: Allows members to upload videos on the pageVideos upload: Allow members to upload video or link online videos on pageFile share: Upload files on page wall streamPoll: Create poll on pagesRating and Review : Allow members to rate and write a review about the page.

Quick guidelines to manage page in JomSocial :

Before creating the pages on frontend, you must check the backend configuration for pages. We Added following new options for pages :

Continue reading

Copyright

© JOMSOCIAL.COM

MAY
06

How to compress images: A web designer's guide

The average speed of a modern internet connection would sound very futuristic to web masters of the past. Back in the early days of the web, the amount of transferred data was crucial, both in terms of time and cost, therefore everyone involved in hosting something online tried to make images smaller. 

Ironically, the problem has not gone away nowadays. Each time you visit a script-heavy web site (such as mainstream world news), it often pulls a dozen megabytes of JavaScript code, images, videos and whatnot. It may still be painfully slow and even cost a pretty penny for some mobile data users.

In this tutorial, we will find out the ways you can slim down bitmap files for the web. As long as it utilises the good old PNG and JPEG formats, we'll see how we can make them smaller without compromising quality, using some hot open source projects. In the end, we'll have substantially smaller files that will still look good but require less time and data to get rendered in users' web browsers. 

Read on to dive into the details. First, a quick note on software. All the tools mentioned here are open source – jump to the bottom for a guide to how to get the software you need.

Choose the right format

It may sound trivial to still be harking on about file size, yet there are enough examples where an image is either too massive without any purpose or looks terrible despite being small. To avoid such mistakes, choose a format to save or convert an image wisely. Using JPEG implies breaking an image into tiles of 8x8 pixels, where each tile gets compressed. The level of compression depends on the user (it's that slider when you save an image) but typically JPEG allows for 10:1 file size gain with an acceptable loss in quality. 

Continue reading

Copyright

© Flipboard and it's respective authors

Advertisement