Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

pfSense / Wireguard / Bad Code / Close Call

By itss | 26/03/2021
0 Comment

A nice write-up of how a whole bunch of bad code very nearly ended up in FreeBSD 13 due to several bad calls on the part of pfSense. https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/

Category: Technology
Post navigation
← Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur) A Nice Little Cryptography Primer →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • Google Faces Fines Over Google Play If It Doesn't Make More Concessions
    by BeauHD on 11/12/2025 at 12:10 am

    EU regulators say Google's Play Store changes still don't meet fairness rules and are preparing a potentially hefty 2026 fine unless Google makes deeper concessions. Reuters reports: Google Play has been in the European Commission's crosshairs since March, with regulators singling out technical restrictions preventing app developers from steering users to other channels for cheaper offers. Another issue is the service fee charged by Google for facilitating an app developer's initial acquisition of a new customer via Google Play which the regulator said goes beyond what is justified. Tweaks to Google Play announced in August to make it easier for app developers to direct customers to other channels and choose a fee model are still falling short, the people said, with the EU antitrust regulator viewing Apple's recent changes to its App Store as a benchmark. [...] Google can still offer to make more changes before regulators impose a fine, likely in the first quarter of the next year, the people said, adding that the timing of any sanction can still change. "We continue to work closely with the European Commission in its ongoing investigation but have serious concerns that further changes would put Android and Play users at risk of malware, scams and data theft. Unlike iOS, Android is already open by design," a Google spokesperson said. Read more of this story at Slashdot.

  • India Proposes Charging OpenAI, Google For Training AI On Copyrighted Content
    by BeauHD on 10/12/2025 at 11:30 pm

    An anonymous reader quotes a report from TechCrunch: On Tuesday, India's Department for Promotion of Industry and Internal Trade released a proposed framework that would give AI companies access to all copyrighted works for training in exchange for paying royalties to a new collecting body composed of rights-holding organizations, with payments then distributed to creators. The proposal argues that this "mandatory blanket license" would lower compliance costs for AI firms while ensuring that writers, musicians, artists, and other rights holders are compensated when their work is scraped to train commercial models. [...] The eight-member committee, formed by the Indian government in late April, argues the system would avoid years of legal uncertainty while ensuring creators are compensated from the outset. Defending the system, the committee says in a 125-page submission (PDF) that a blanket license "aims to provide an easy access to content for AI developers reduce transaction costs [and] ensure fair compensation for rightsholders," calling it the least burdensome way to manage large-scale AI training. The submission adds that the single collecting body would function as a "single window," eliminating the need for individual negotiations and enabling royalties to flow to both registered and unregistered creators. Read more of this story at Slashdot.

  • Qualcomm Acquires RISC-V Chip Designer Ventana Micro Systems
    by BeauHD on 10/12/2025 at 10:50 pm

    Qualcomm has acquired RISC-V startup Ventana to strengthen its CPU ambitions beyond mobile, "reinforcing its commitment and leadership in the development of the RISC-V standard and ecosystem," the company said in a press release. CRN Magazine reports: The San Diego-based company said Ventana's expertise in RISC-V, a free and open alternative to the Arm and x86 instruction set architectures, will enhance its CPU engineering capabilities and complement "existing efforts to develop custom Oryon CPU technology." Financial terms of the deal were not disclosed. Qualcomm, which has already been using RISC-V for some products outside the PC and server markets, said Ventana's contributions will boost its "technology leadership in the AI era across all businesses," indicating the broad impact expected by this acquisition. "We believe the RISC-V instruction set architecture has the potential to advance the frontier on CPU technology, enabling innovation across products," Durga Malladi, executive vice president and general manager of technology planning, edge solutions and data center for Qualcomm, said in a statement. "The acquisition of Ventana Micro Systems marks a pivotal step in our journey to deliver industry-leading RISC-V-based CPU technology across products." Further reading: Qualcomm Is Buying Arduino, Releases New Raspberry Pi-Esque Arduino Board Read more of this story at Slashdot.

  • Ubuntu Will Have Native AMD ROCm AI/ML and HPC Libraries In Next LTS Release
    by BeauHD on 10/12/2025 at 10:20 pm

    Longtime Slashdot reader MadCow42 writes: Canonical just announced that they're packaging AMD's ROCm libraries (for AIML and HPC with both data-center GPUs as well as desktop/laptop GPUs), directly into the Ubuntu Universe archive. You can run ROCm on Ubuntu today but you have to install it via a script from AMD and manually remove and reinstall for any upgrades or bug fixes. Having it in Ubuntu as a normal Debian package will make it much easier to install and also to maintain in the long run via normal apt tooling ('apt upgrade'). This also means that ROCm can be an automatically-installed dependency for other packages, which doesn't happen today. And, interestingly, Canonical has committed to providing long-term-support for ROCm in Ubuntu -- which is particularly exciting for edge and IoT devices that may have a long life in the field and need regular security patches and updates. Read more of this story at Slashdot.

  • Adobe Integrates With ChatGPT
    by BeauHD on 10/12/2025 at 9:50 pm

    Adobe is integrating Photoshop, Express, and Acrobat directly into ChatGPT so users can edit photos, design graphics, and tweak PDFs through the chatbot. The Verge reports: The Adobe apps are free to use, and can be activated by typing the name of the app alongside an uploaded file and conversational instruction, such as "Adobe Photoshop, help me blur the background of this image." ChatGPT users won't have to specify the name of the app again during the same conversation to make additional changes. Depending on the instructions, Adobe's apps may offer a selection of results to choose from, or provide a UI element that the user can manually control -- such as Photoshop sliders for adjusting contrast and brightness. The ChatGPT apps don't provide the full functionality of Adobe's desktop software. Adobe says the Photoshop app can edit specific sections of images, apply creative effects, and adjust image settings like brightness, contrast and exposure. Acrobat in ChatGPT can edit existing PDFs, compress and convert other documents into a PDF format, extract text or tables, and merge multiple files together. The Adobe Express app allows ChatGPT users to both generate and edit designs, such as posters, invitations, and social media graphics. Everything in the design can be edited without leaving ChatGPT, from replacing text or images, to altering colors and animating specific sections. If ChatGPT users do want more granular control over a project they started in the chatbot, those photos, PDFs, and designs can be opened directly in Adobe's native apps to pick up where they left off. Read more of this story at Slashdot.

  • Cable Channel Subscribers Grew For the First Time In 8 Years Last Quarter
    by BeauHD on 10/12/2025 at 9:13 pm

    An anonymous reader quotes a report from Ars Technica: On Monday, research analyst MoffettNathanson released its "Cord-Cutting Monitor Q3 2025: Signs of Life?" report. It found that the pay TV operators, including cable companies, satellite companies, and virtual multichannel video programming distributors (vMVPDs) like YouTube TV and Fubo, added 303,000 net subscribers in Q3 2025. According to the report, "There are more linear video subscribers now than there were three months ago. That's the first time we've been able to say that since 2017." In Q3 2017, MoffettNathanson reported that pay TV gained 318,000 net new subscribers. But since then, the industry's subscriber count has been declining, with 1,045,000 customers in Q2 2025, as depicted in the graph [here]. The world's largest vMVPD by subscriber count, YouTube TV, claimed 8 million subscribers in February 2024; some analysts estimate that number is now at 9.4 million. In its report, MoffettNathanson estimated that YouTube TV added 750,000 subscribers in Q3 2025, compared to 1 million in Q3 2024. Traditional pay TV companies also contributed to the industry's unexpected growth by bundling its services with streaming subscriptions. Charter Communications offers bundles with nine streaming services, including Disney+, Hulu, and HBO Max. In Q3 2024, it saw net attrition of 294,000 customers, compared to about 70,000 in Q3 2025. Other cable companies have made similar moves. Comcast, for example, launched a streaming bundle with Netflix, Peacock, and Apple TV in May 2024. For Q3 2025, Comcast reported its best pay TV subscriber count in almost five years, which was a net loss of 257,000 customers. "Traditional pay TV -- i.e. cable and satellite -- still declined quarter over quarter in Q3, but again, by less," noted SteamTV Insider. "The [year-over-year] rate of attrition dropped from -12.4 percent to -10.2 percent over 12 months." MoffettNathanson added: "Yes, Q3 saw a positive net add number for [pay TV for] the first time in eight years, but that positive result came in the year's seasonally strongest quarter. We're not yet close to seeing the category actually grow again..." Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress