Daily Tech News 16 September 2021

• TipTop's "The One" gluten-free bread is bread. Sure it's made of tapioca starch and rice flour and - yes - soy, but it tastes like bread, has the texture of bread, doesn't fall apart the moment you butter it, and only costs twice as much as bread.
  
  It's the breadiest bread I've had since I was diagnosed with celiac back in 2010.
  
  
  
• Microsoft has fixed a bug that potentially let anyone hack your Azure Linux servers. (Wiz)
  
  They silently install a management agent on your servers if you use certain Azure services. The management agent has a hole in it - not so deep as a well, not so wide as a church-door... Actually, it pretty much is. If you don't firewall your server properly, anyone can access that agent to run any code they want without needing anything fiddly like a password.
  
  It's a double whammy: A remote code execution vulnerability coupled with complete failure to actually check the password. You can just waltz straight in.
  
  

  This is even more severe. The RCE is the simplest RCE you can ever imagine. Simply remove the auth header and you are root. remotely. on all machines. Is this really 2021? pic.twitter.com/iIHNyqgew4

  — Ami Luttwak (@amiluttwak) September 14, 2021

  
  
  
  
• Microsoft is now offering the option to go passwordless on your Microsoft accounts. (Bleeping Computer)
  
  Just like your servers.
  
  What could possibly go wrong?

• The Xiaomi 11T has an A78 core and the 11T Pro the newer X1 core, allowing for an easy performance comparison. (AnandTech)
  
  Except that both models cheat to get better scores on performance and battery benchmarks, so the easy performance comparison is basically useless.
  
  
  
• AMD is ready to produce Arm CPUs. (Tom's Hardware)
  
  They're just... Not actually doing so. So the announcement, and the article, and this news item, are all kind of pointless.
  
  
  
• Intel is cutting prices on its server CPUs to compete with AMD. (WCCFTech)
  
  Just not for you. Unless you ship a million servers a year you're stuck with list price and that's not changing.
  
  
  
• When Stack Overflow goes wrong. (Litle Man in My Head)
  
  Looking for a quick example of how to implement encryption? Stack Overflow answers will give you a convenient cut and paste solution that will ruin your day.
  
  
  
• Developer burnout: Shut up you whiny little bitches. (CodeSubmit)
  
  Seriously? This is what people consider "burnout"? There's no mention at all of auditory hallucinations.
  
  
  
• Don't pass mutable default values to Python functions. (Valinsky)
  
  That's it. That's the article. Now you don't need to read it.
  
  
  
• Is Apple's new A15 mobile CPU actually faster than the A14? (MacWorld)
  
  Apple's own marketing numbers suggest that it's slower. That seems unlikely but you'd think they'd oversell rather than under.
  
  
  
• ExpressVPN's CIO was a former UAE spy. (Motherboard)
  
  And they knew that when they hired him.

  Daniel has a deep understanding of the tools and techniques used by the adversaries we aim to protect users against, and as such is a uniquely qualified expert to advise on defense against such threats. Our product and infrastructure have already benefited from that understanding in better securing user data.

  Yeah, that's one way to look at it.

posted by Pixy Misa at 05:35 AM

| Access Comments