Daily Tech News 30 September 2021

• 96% of third-party containers deployed to the cloud contain known vulnerabilities. (ZDNet)
  
  And 63% of code used to deploy cloud solutions is also insecure.
  
  Basically if you follow the latest standards and best practices in deploying a containerised cloud solution, you're fucked.
  
  I use containers - both the old and new servers are containerised - but for isolation, not for deployment. And I certainly don't use third-party containers for production (and rarely even for development).
  
  Docker... Basically sucks.

• U.S. needs to work with Europe to slow China's innovation rate, says Commerce Secretary Raimondo. (CNBC)
  
  That headline struck me as still more paid propaganda for China from the mainstream press, but that's unusual for CNBC. It's actually a direct quote:

  If we really want to slow down China's rate of innovation, we need to work with Europe. ... We have to work with our European allies to deny China the most advanced technology so that they can't catch up in critical areas like semiconductors. ... We want to work with Europe, to write the rules of the road for technology, whether it's TikTok or artificial intelligence or cyber.

  That doesn't mean it's not paid propaganda; it's just not CNBC getting paid off. Also the Biden administration has the IQ of cold soup.
  
  
  
• Phison has shown a new PCIe 5 SSD controller for both server and client devices. (Tom's Hardware)
  
  Toshiba already showed off controllers for server SSDs, but the client models are new.
  
  These will support transfer rates up to 14GB per second. Which is a lot.
  
  
  
• The users are always wrong. (UTK)
  
  But so are the programmers, and so are the managers. The secret to success is to never try to do anything.
  
  
  
• Russia has arrested the head of a cybersecurity company on charges of high treason. (Bleeping Computer)
  
  Because he wouldn't roll over for the intelligence agencies running the ransomware gangs.
  
  
  
• Digital pickpocketing the Apple Pay way. (Bleeping Computer)
  
  Hackers can spend unlimited amounts on your Visa card from a locked iPhone without the phone ever leaving your pocket. Apparently does not work with Mastercard or with Android devices.
  
  Researchers notified Apple of this a year ago.
  
  
  
• An entirely different attack has been making the rounds on Android. (Bleeping Computer)
  
  Malware embedded in at least 200 apps on the Play Store has been signing people up to unwanted paid subscriptions. The apps have been removed but that doesn't mean the subscriptions have been cancelled, and it certainly doesn't mean anyone is getting their money back.
  
  

posted by Pixy Misa at 04:15 AM

| Access Comments