Month: June 2021

Anzeige: So findet dich der beste Tech-Job

Das französische Start-up talent.io vernetzt Tech-Talente mit potenziellen Arbeitgebern. Talente legen ein Profil an und warten einfach ab, bis ein Unternehmen um ein Vorstellungsgespräch bittet. (Onlinewerbung)

Das französische Start-up talent.io vernetzt Tech-Talente mit potenziellen Arbeitgebern. Talente legen ein Profil an und warten einfach ab, bis ein Unternehmen um ein Vorstellungsgespräch bittet. (Onlinewerbung)

Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Open source repositories can be vectors for badness, so look before you run.

Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Enlarge (credit: Getty Images)

Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found.

The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked those of legitimate and often widely used packages already available there, Ax Sharma, a researcher at security firm Sonatype reported. So-called typosquatting attacks succeed when targets accidentally mistype a name such as typing “mplatlib” or “maratlib” instead of the legitimate and popular package matplotlib.

Sharma said he found six packages that installed cryptomining software that would use the resources of infected computers to mine cryptocurrency and deposit it in the attacker’s wallet. All six were published by someone using the PyPI username nedog123, in some cases as early as April. The packages and download numbers are:

Read 4 remaining paragraphs | Comments

Gesundheitsreport 2021: "Die Batterien sind leer"

Krankenstand niedrig, psychische Belastungen hoch: Die Techniker Krankenkasse hat analysiert, wie sich das “Coronajahr” auf Beschäftigte ausgewirkt hat

Krankenstand niedrig, psychische Belastungen hoch: Die Techniker Krankenkasse hat analysiert, wie sich das "Coronajahr" auf Beschäftigte ausgewirkt hat

id Software: Offenbar neues Quake in Entwicklung

Zum 25. Jubiläum von Quake gibt es Gerüchte über einen neuen Serienteil. Der soll bei id Software und Machine Games (Wolfenstein) entstehen. (Quake, id Software)

Zum 25. Jubiläum von Quake gibt es Gerüchte über einen neuen Serienteil. Der soll bei id Software und Machine Games (Wolfenstein) entstehen. (Quake, id Software)

Google Photos is so 2020—welcome to the world of self-hosted photo management

Google offers many desirable, easy-to-use, effective features. Going open source is trickier.

  • Say hello to Google's new pricing tiers for Google Photos.

We take more photos now than ever before. Growth in this already astronomical segment is explosive, with over 1.4 trillion photos taken last year, according to InfoTrends. That's up from 1 trillion in 2017. Video is much the same, with YouTube saying in recent years that about 500 hours of video is uploaded to the platform every minute.

Finding a solution to organizing and safely storing these precious memories is more important than ever, and it's becoming an increasingly large problem to solve. Photos depict a special moment in time, a memory or event that can't be recreated. They are irreplaceable and largely only exist digitally. Because of this, there are few categories of data that suit a free and open self-hosted solution better.

Purists will argue that your photos are yours and you should own them forever, no matter what, in full resolution. Pragmatists will argue that so long as the export tools are good enough, purity doesn't matter. For many day-to-day photo service users, though, that was all an academic thought experiment—most people use Google Photos. The service passed a billion users two years ago. (Exporting on Google Photos, by the way, means using Google Takeout. I've been waiting for my requested data for seven days as of this writing.)

Read 88 remaining paragraphs | Comments