[RSS] IBM Power10 server (shipping since September 2021) users say their organizations achieved eight nines--99.999999%--of uptime. This is 315 milliseconds of unplanned, per server, per annum outage time due to underlying system flaws or component failures.

https://www.itjungle.com/2024/10/21/ibm-nears-the-end-of-the-road-for-server-reliability-improvements/

Pretty impressive numbers (not just from IBM) here

The new Restricted Service type finally landed in WIP and now when running Windows Protected Print (WPP), the Spooler Worker process (which now does most of the work) runs as the new Account type. This means Print effectively no longer runs as SYSTEM. Customers running the 24H2 version of WPP will get the changes "soon"

Over time we hope to replace more SYSTEM services and move them to a similar model.

Big thanks to @tiraniddo who reviewed the design and gave us early feedback.

High level diff of iOS 18.1 beta 7 vs. iOS 18.1 RC 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/18_1_22B5075a__vs_18_1_22B82/README.md

Halloween, Xmas, Valentines in retail...

Blockchain, AI and God knows what's coming next in IT...

Marketing rules the world.

@mainframed767 but now they can build 41 of those computers an we are DOOOOMED

The draw is complete and now the schedule is out! You can check out the full schedule showing all four days of #Pwn2Own Ireland madness at https://www.zerodayinitiative.com/blog/2024/10/22/pwn2own-ireland-the-full-schedule #P2OIreland

Here is my recent DEF CON talk on Anom, the encrypted phone secretly ran by the FBI. All about the phone, the network, how Anom was structured, who used it, what this means for Signal, Telegram, more https://www.youtube.com/watch?v=uFyk5UOyNqI

New Project Zero issue:

Linux: temporarily dangling PFN mapping on remap_pfn_range() failure in usbdev_mmap() (and elsewhere?)

https://project-zero.issues.chromium.org/issues/366053091

CVE-2024-47674

The next blog post in the Active Directory hardening series just posted, focusing on SMB signing. https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-6-enforcing-smb-signing/ba-p/4272168. You can do this yourself and it makes a difference.

We can finally run Doom in Quake! https://www.youtube.com/watch?v=tVOYmYUWkmE #doom

Now that the drawing is complete, @TheDustinChilds and Zed have a few thoughts about the upcoming #Pwn2Own Ireland contest. https://youtube.com/shorts/6l3BW94xH8E #P2OIrleand

Fortinet's last security blog included a section called "A Call to the Industry: Doing the Right Thing for the Security of our Society", which is good. It talks about "transparent disclosure of discovered vulnerabilities" and "radical transparency".

In other news, Fortigate are almost two weeks into knowing they have a zero day which is actively exploited in one of their products, haven't issued a CVE, haven't done a public writeup, and have patch notes that don't mention the vulns.

[RSS] Attacking the Samsung Galaxy A* Boot Chain

http://blog.quarkslab.com/attacking-the-samsung-galaxy-a-boot-chain.html

[RSS] Linux kernel instrumentation from Qemu and Gdb

http://blog.quarkslab.com/linux-kernel-instrumentation-from-qemu-and-gdb.html

[RSS] Evaluating tail call elimination in the face of return address protection, part 1

https://devblogs.microsoft.com/oldnewthing/20241017-00/?p=110380

[RSS] Finding and exploiting CVE-2024-28578 with fuzzing

https://www.mayhem.security/blog/cve-2024-28578-test-third-party-image-libraries-with-mayhem

[RSS] Hackaday Hacked!

https://hackaday.com/2024/10/19/hackaday-hacked/

By default, Kagi Image Search downranks images from websites with a high proportion of AI-generated content.

You can also use the AI images filter to completely exclude websites with AI-generated images from your image search results.

More info: https://help.kagi.com/kagi/features/exclude-ai-images.html

#Kagi #AdFree #Search #AI

Somehow, I don't think that 2024's richest man in the world, who also is an immigrant, would ever think of using his money to create something like this.
https://www.npr.org/2013/08/01/207272849/how-andrew-carnegie-turned-his-fortune-into-a-library-legacy