[syndicated profile] rejectedprincesses_feed
A 16-year-old high school junior became the first female quarterback from her school, and possibly in the state of Florida, to throw a touchdown pass in a game. Holly Neher, of Hollywood Hills High School in South Florida, threw a 42-yard touchdown pass Thursday in the fourth quarter of her team’s…

 

“I started jumping up and down. My teammates started jumping on me,” said Holly Neher, possibly the first female quarterback in Florida to throw a touchdown pass. “Coaches were screaming from the sidelines. Everyone started hitting me on the helmet.”

And there is, of course, video:

[syndicated profile] eff_feed

Posted by gennie

Some of the most worrying kinds of attacks are ones that exploit users’ trust in the systems and softwares they use every day. Yesterday, Cisco’s Talos security team uncovered just that kind of attack in the computer cleanup software CCleaner. Download servers at Avast, the company that owns CCleaner, had been compromised to distribute malware inside CCleaner 5.33 updates for at least a month. Avast estimates that over 2 million users downloaded the affected update. Even worse, CCleaner’s popularity with journalists and human rights activists means that particularly vulnerable users are almost certainly among that number. Avast has advised CCleaner Windows users to update their software immediately.

This is often called a “supply chain” attack, referring to all the steps software takes to get from its developers to its users. As more and more users get better at bread-and-butter personal security like enabling two-factor authentication and detecting phishing, malicious hackers are forced to stop targeting users and move “up” the supply chain to the companies and developers that make software. This means that developers need to get in the practice of “distrusting” their own  infrastructure to ensure safer software releases with reproducible builds, allowing third parties to double-check whether released binary and source packages correspond. The goal should be to secure internal development and release infrastructure to that point that no hijacking, even from a malicious actor inside the company, can slip through unnoticed.

The harms of this hack extend far beyond the 2 million users who were directly affected. Supply chain attacks undermine users’ trust in official sources, and take advantage of the security safeguards that users and developers rely on. Software updates like the one Avast released for CCleaner are typically signed with the developer’s un-spoof-able cryptographic key. But the hackers appear to have penetrated Avast’s download servers before the software update was signed, essentially hijacking Avast’s update distribution process and punishing users for the security best practice of updating their software.

Despite observations that these kind of attack are on the rise, the reality is that they remain extremely rare when compared to other kinds of attacks users might encounter. This and other supply chain attacks should not deter users from updating their software. Like any security decision, this is a trade-off: for every attack that might take advantage of the supply chain, there are one hundred attacks that will take advantage of users not updating their software.

For users, sticking with trusted, official software sources and updating your software whenever prompted remains the best way to protect yourself from software attacks. For developers and software companies, the attack on CCleaner is a reminder of the importance of securing every link of the download supply chain.

chestnut_filly: (Default)
[personal profile] chestnut_filly posting in [community profile] amplificathon
Title: The impatience of youth
Author: [archiveofourown.org profile] LiveOakWithMoss
Reader: [personal profile] chestnut_filly
Fandom: The Silmarillion
Pairing: Aredhel/Elenwë, background Fingon/Maedhros
Rating: M
Summary: "Our favorite girls being jackasses. Or: in which I enjoy cock-blocking Aredhel and Elenwë way too much."
Length/Type: 10:47/mp3
Music: "Despacito" by Luis Fonsi ft. Daddy Yankee (¡ojo! que no es la pinche versión Bieber tampoco!)

Mediafire link.

--

Ko-fi link
ffutures: (Default)
[personal profile] ffutures
This was a little disappointing, possibly because it was a very dull day, also because I realise now that I'd left the camera set on 400 ASA, but I didn't feel that the results were much better than my big zoom, which I wouldn't have expected from a prime lens. I ditched about a third of the pictures, what I'm left with is a lot of the same subjects as last time, plus more of the Albert Memorial and a bit more on that black sculpture of the horse, including a plaque with info on the sculptor etc.

https://www.flickr.com/photos/150868539@N02/sets/72157686865515384

My feeling now is that I'll keep the big zoom, really don't use the wider end of the 18-55 enough to justify keeping it, and will probably replace the 18-55 and the 35mm with a good 50mm lens, it's more the sort of focal length I like to work with, and my experiments with the Yonguo lens on the Canon showed that I was getting some reasonable results. Needless to say the Nikon-fit 50mm lenses are hugely more expensive than the Canon-fit Yonguo. There is no urgency about any of this, of course, so the master plan is to get a good 50mm first (or possibly a 60mm Micro-Nikkor if one comes my way) and worry about the rest of it later.

Difference of Mind

Sep. 19th, 2017 02:18 pm
supergee: (neuro)
[personal profile] supergee
SFWA list of sf books with neuroatypical characters.
aldersprig: (lock and key)
[personal profile] aldersprig
First: Slaves, School
Previous:  Seeing Things

🗝️

Desmond was exhausted.  He dragged himself from dinner to the dormitory with hardly a thought other than finding his bed and becoming as horizontal as possible in it.

::We have homework,:: the collar reminded him.  ::And it will not be

read on…

BookFest St Louis–this weekend!

Sep. 19th, 2017 08:04 am
ann_leckie: (AJ)
[personal profile] ann_leckie

So, here I am in St Louis and if you saw yesterday’s blog post you might have noticed there are no St Louis dates on the tour.

BUT.

Thanks to Left Bank Books, there’ll be an event in the Central West End called BookFest St. Louis. There will be lots of writers there, and the vast majority of panels and whatnot are free! (I think there are, like, two exceptions.)

There’s going to be a Science Fiction panel at 5pm on Saturday, September 23, with Charlie Jane Anders, Annalee Newitz, Mark Tiedemann….and me!

If you are in St Louis this weekend, come to BookFest! Left Bank Books is a lovely store with a very nice SF section and worth visiting on its own, but just look at all the folks who are going to be here! Do come to the CWE this weekend if you can!

Mirrored from Ann Leckie.

Signal boost

Sep. 19th, 2017 07:09 am
supergee: (nebula)
[personal profile] supergee
The first time I encountered Farah Mendlesohn was when NYRSF published some idiot saying that Robert Heinlein was a fascist, and Farah, a leftist pacifist, told him in clearly reasoned detail wherein he was full of shit. Since then, I have had the pleasure of hanging out with her at the ICFA and online and reading a number of her excellent critical books. Now she has returned to Heinlein with a book that the cold equations of the book biz tell us is too large to be published by a commercial or university press. So it is being crowdfunded, and I encourage you to join in.

Interesting Links for 19-09-2017

Sep. 19th, 2017 12:00 pm

QotD

Sep. 19th, 2017 05:24 am
dglenn: Me in kilt and poofy shirt, facing away, playing acoustic guitar behind head (Default)
[personal profile] dglenn

[I feel, based on my own reactions each time I think about the loss described here, like I should provide some kind of content-warning to avoid ruining someone's day if this is their nightmare fuel. But I'm really not sure what form this warning should take.]

Linda Ronstadt describes what she can't do. May be upsetting to artists. Many people may just calmly think 'oh, that's sad'. )
rydra_wong: The display board of a train reads "this train is fucked". (this train is fucked)
[personal profile] rydra_wong posting in [community profile] thisfinecrew
Via [tumblr.com profile] vassraptor:

[tumblr.com profile] realsocialskills: Urgent: The GOP is close to destroying the ACA and Medicaid

The GOP is trying to repeal the ACA and cut Medicaid again. They almost have the votes to do it. We have the chance to stop them from getting the votes, if we act *right now*. We need to put overwhelming pressure on every senator to vote no.

Summary of the current situation, who to contact, and an excellent script for phone calls/e-mails from the Autistic Self Advocacy Network.

Leaving Academia

Sep. 19th, 2017 03:16 am
ysabetwordsmith: Cartoon of me in Wordsmith persona (Default)
[personal profile] ysabetwordsmith
Here is an essay about a professor leaving academia

I went to U of I.  There were parts of it that I enjoyed, and the culture wasn't that bad.  But I can see parallels.  For me it was more a matter of looking at the way education was going, and deciding not to get involved in public education as a teacher.  It was obviously going down the tubes, and that was decades ago; it's infinitely worse now.  So too, many colleges.  :/  I couldn't stop it.  I could sure get the hell out of the way.

Poem: "So Closely Allied"

Sep. 19th, 2017 02:34 am
ysabetwordsmith: (gift)
[personal profile] ysabetwordsmith
This poem is spillover from the February 2, 2016 Poetry Fishbowl. It was inspired by prompts from [livejournal.com profile] my_partner_doug, [personal profile] wyld_dandelyon, and [personal profile] chanter_greenie. It also fills the "separation and reunion" square in my 1-23-16 card for the Valentines Bingo fest. This poem has been posted as a birthday present for [personal profile] callibr8. It belongs to the series Polychrome Heroics.

Read more... )

Profile

firstfrost: (Default)
firstfrost

September 2017

S M T W T F S
     12
3456789
10111213141516
17181920212223
24252627282930

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Sep. 19th, 2017 08:50 pm
Powered by Dreamwidth Studios