Google uses the build tool called Blaze internally for automated building and testing of software; and the company later released it as an open-source project with the name Bazel, which is an anagram of Blaze.

Bazel will allow developers to build and test software for multiple platforms across a wide range of languages, with supported platforms including: Windows, MacOS, and Linux. While the major difference from other such build tools is that Bazel rebuilds only what is essential, and does it faster, with incremental builds enabled, allowing advanced local/distributed caching, dependency analysis, and parallel execution.

The new tool leverages on the uniform extension language called Starlark, which was formerly known as Skylark, and it's positioned for faster build speeds, with builds that are fully scalable.

Additional to the open source build tool support for a variety of languages and platforms, is also support for TensorFlow machine learning library and the Angular web framework, with semantic versioning that starts from Bazel 1.x releases that will be backward compatible to Bazel 1.0.

There will also be window of at least three months between new releases of Bazel, with some minor monthly releases.

Bazel was born of Google's needs for highly scalable builds, and was open sourced back in 2015, the company hopes that Bazel could fulfill similar needs in the broader software development landscape.

Google Bazel to enable Developers Automate the building and testing of software



Opera 65 Beta released on October 17 supports DNS-over-HTTPS (DoH) protocol, which feature helps to encrypt DNS traffic, and increase users' privacy and security by protecting against eavesdropping and manipulation of DNS data through man-in-the-middle attacks.

While Cybersecurity Experts have vehemently opposed the DNS-over-HTTPS protocol because actually, DoH doesn't prevent ISPs from tracking its user, and it renders enterprise cyber-security set ups weak, as it overwrites the centrally-imposed DNS settings to allow employees to use DoH to bypass any DNS-based traffic filtering solutions.

And the fact that DNS traffic is centralized to a few DoH resolvers, there's the problem of DoH's impact on the DNS ecosystem itself, with the decentralized network of servers giving way to new layer of DoH resolvers, which sits on top of the existing DNS layer.

Opera also decided to default the DNS resolver to Cloudflare for the test, which path was equally followed by Mozilla, the Firefox browser maker, having Cloudflare to power the DNS over HTTPS functionality of the Firefox browser, which was received with lots of criticism, as most security researchers believed the idea of domiciling all the DNS traffic to Cloudflare, is a bad idea.

Google took a different route in implementing DNS over HTTPS on Chrome browser, by allowing the availability of several DNS providers in the test, instead of domiciling all DNS traffic to Cloudflare.

The DNS queries on Opera browser will go through Cloudflare servers, and for requests that cannot be handled by Cloudflare, will have to go through the local DNS server by allowing the browser to connect to local resources.

Albeit, the Opera DNS-over-HTTPS feature is not enabled by default, the user will have to enable it by navigating to opera://flags/#opera-doh in the web browser's address bar. Then the right experimental flag will be loaded on the internal opera://flags page directly.

But you can also load opera://flags and directly search for Secure DNS to set the Secure DNS (DNS over HTTPS) flag to Enabled. And you'll have to restart the Opera web browser for it to take effect.

Opera Software, however did not prioritize privacy in the documentations, rather the company has only entered into a deal with Cloudflare to limit data exposure, usage and retention when a user enables the service.

Opera 65 beta default of DNS-over-HTTPS to Cloudflare’s 1.1.1.1 server



Bike hailing business is gaining a huge traction in Lagos, as Nigeria's commercial nerve center with a population of over 20 million people is notorious for traffic congestion. And how best for commuters to beat the traffic, if not through a good old bike ride -popularly known as Okada, in the local parlance!

While there are about half a dozen bike hailing services in Nigeria, the bike hailing startups are still saddled with the problem of unregulated market in Lagos, and as such, are vulnerable to some issues that may affect their future operations, if nothing urgent is done about it.

Okada, on the other hand, are not quite difficult to pick up anywhere in Lagos; as they are everywhere and you just have to wave at them to stop and haggle with the riders until an agreed price that's acceptable is reached.

Top Bike hailing Service in Lagos



ORide



ORide is a bike hailing service launched under Opera OPay, which aims to make commute around Lagos more easier. The service was officially launched on May 27, 2019. But unlike the taxi hailing services like Uber and Taxify, it is not designed with the convenience of peer-to-peer ride sharing, rather ORide is only a means to navigate the Lagos traffic.



To access the ORide service, you'll have to go through the OPay app, which though the UI is not a very user-friendly, sure gets the job done. It requires that you first download the OPay app from the Play store to your Android phone, and create an account, which will send SMS code for authentication when you try to log into the app for any extended period.

The obvious advantage of ORide over others is that they have a more spread of riders, making it easy to get a rider on any commute. But the fact that it uses the OPay wallet can be a bit stressful, given that you must create an account, even when you want to take just a short trip.

MAX



Max is a bike hailing service that assures a stressful experience as the app is pretty easy to use and ensures good user friendly interface. Though the maps integration appeared a little scrumpy, but on the good side, you'd only have to wait about three minutes to be connected to a rider, referred to as "Champion” on the service.



The con of this service is mainly the dearth of riders, as getting a champion can take as much as 25 minutes, which if you’re in a haste or stranded at a place, that could be a problem, but waiting in the comfort of your house may not be the worst proposition.

Gokada



Gokada is yet another bike hailing service in Lagos that promises an easier experience with their recent re-branding. You simply download and install the app, and you are good to go!



Gokada works more with verified and trained professional bikers to provide better service experiences to riders. In other words, you know exactly what you'll be getting, unlike the regular okada bikes who are largely unpredictable and mostly untrained in good service delivery.

Bikes will long remain relevant, as mainly due to unsuitable road networks and unavailability of effective traffic planning, commuters will always tend to find alternative transport systems to ply through the deplorable roads, which also adds to the fact that they'd get to beat the frantic traffic jam as well.

Top Bike Hailing Service in Lagos to make your Commute easier



Microsoft has announced the general availability of Tamper Protection, a security addition designed to protect Microsoft ATP customers against unauthorized changes to their security settings.

While there are growing attempts by bad actors to disable Windows Defender Antivirus to stop the security service all together, or turn off behavior monitoring and script scanning by going after real-time protection settings like the OnAccessProtection policies.

The tamper protection feature is designed to protect against such malicious and unauthorized changes to the security mechanisms, and thus ensure that endpoint security is maintained against malware and threats that are directed at the Enterprise.

Enabling the Tamper protection will prevent unwanted changes to security settings such as the core anti-malware scanning feature of Microsoft Defender ATP next generation protection, Cloud-delivered protection, IOAV (IE Downloads and Outlook Express Attachments initiated), and Behavior monitoring, which also works with real-time protection to analyze and determine threat scenarios.

Additionally, the Security intelligence updates used by Windows Defender Antivirus to detect latest threats are protected from modification, either by local admins or by any malicious application.

The new security feature, which has been in testing for sometime now within Windows Insider program, is a result of extensive research into modern attack patterns and the evolving threat landscape, along with consistent engagement with partners and feedback from Microsoft customers.

Tamper Protection is deployed and managed centrally through Microsoft Intune, which procedure is similar to how endpoint security settings are managed, and can be enabled for an organization, user groups or through devices.

Microsoft releases Tamper protection for Defender ATP Enterprise customers



Google introduced 'Site Isolation' in Chrome for desktop in 2018, which feature brings additional line of defense by ensuring that the pages from different websites are opened in different sandbox processes on the browser.

The security feature was enabled by default in the web browser starting with the release of Chrome 67, in a bid to thwart the infamous Spectre and Meltdown attack, and also protect against many other online threats. With the browser getting its own isolated process, it will become harder for malicious websites to access cross-site data using such side-channel vulnerability.

While the Google research team in a proof-of-concept demonstrated how an attacker could employ JavaScript to read the address space of a Chrome process, via the open tab, and also access site credentials that was opened. The Site Isolation feature will help to protect all types of sensitive data, including cookies, stored passwords, network data, stored authentication, and also cross-origin messaging that aid sites to securely relay messages across domains.

The availability of the feature for Android starts with Chrome 77, and has been enabled for about 99% of users running Android devices with a RAM of at least 2GB, and a 1% holdback for monitoring performance.

Albeit, the site isolation in Chrome for Android doesn't sandbox all the websites, unlike what is the case with Chrome for desktops; it protect only highly-sensitive information websites where users credentials are entered or accessed. But you can forcefully enable the protection to isolate all sites by an opt-in to full Site Isolation on chrome://flags/#enable-site-per-process settings page.

And once the feature is active for a user, Chrome will keep list of isolated sites stored locally on the user's device, which will help the browser to automatically turn on the feature whenever the user revisit any of the sites.

Google extends Sandbox Security mechanism to Chrome for Android



Facebook introduced the "Data Abuse Bounty" program as a reward system last year, which anyone that reports valid incidence of its apps collecting users' data in violation of its data policies, gets a price reward.

But given its vast ecosystem with millions of third-party apps, only a few of the developers have implemented a vulnerability disclosure program, thereby making them unable to offer bug bounty rewards to security researchers for responsibly reporting bugs in the apps, which in turn has limited the program.

Now, Facebook in a move to encourage the developers of third-party apps to take security more serious by setting up a vulnerability disclosure program, has expanded the program to include third-party apps and to pay security researchers for disclosing bugs in third-party apps.

Facebook's earlier expansion of the bounty program for third-party apps was only valid on submissions for exposure of Facebook users' tokens that compromises the login details for a third-party app using Facebook.

The expansion now include all third-party apps on its ecosystem, and requires that all such third-party app developers should set up vulnerability disclosure policy to help the researchers to be eligible for rewards when bugs are found in their code and claim it from Facebook.

While the scope is to reward valid bug reports in third-party apps or websites that directly integrate with Facebook if the bugs are discovered through pen-testing authorized by the third-party rather than just passively observing the vulnerability.

Facebook promises to issue rewards based on the validity of bugs reported and some other factors which are indicated in their terms, with minimum reward of $500 Bounty.

Facebook to pay Security Researchers for disclosing Bugs in Third-party apps



Mozilla has disabled the execution of inline JavaScripts on Firefox as a defense against code injection attacks, by implementing strict Content Security Policies (CSP) that ensure all scripts are executed only when loaded from a packaged resource within the internal protocol.

The execution of inline scripts and also the potentially dangerous eval-like functions for Firefox inbuilt "about: pages" have often served as gateway to very sensitive preferences and settings on the browser, which in turn presents huge security risks. So Mozilla's blockade is an effort to mitigate such class of potential cross-site scripting (XSS) issues in the browser.

And given that web pages are written in HTML/JavaScript which in the security context of the browser, are also prone to such code injection attacks, and fully capable of allowing remote attackers to inject and execute arbitrary code by cross-site scripting attacks.

Albeit, the changes won't directly affect how websites work on the Firefox browser, but according to Mozilla, it will closely audit and evaluate the usage of harmful functions in third-party extensions and other inbuilt mechanisms.

Mozilla has promptly rewritten all use of eval-like functions from the system privileged contexts and parent processes in the codebase of Firefox browser. Additionally, the company has also added eval() assertions to disallow the use of eval() function and its derivatives in system-privileged script contexts.

Mozilla disables Inline JavaScript Execution on Firefox browser



There is a zero-day vulnerability affecting a component that comes inbuilt with Apple's software, iTunes and iCloud for Windows, which exploitation causes it to evade detection by antivirus.

While the vulnerability stems from Bonjour updater, the zero-configuration networking (zeroconf) implementation of communication protocol that works in the background to automate low-level network tasks, such as downloading future updates of Apple software.

The protocol is a set of technologies which automatically creates usable computer network based on the TCP/IP when PCs or other network peripherals are interconnected, without requiring special configuration servers or any manual operator intervention. Bonjour updater is installed as separate program on PCs, so simply uninstalling Apple iTunes and iCloud doesn't actually remove it, that is the more reason it remain installed on numerous Windows PCs still not updated, and silently running behind the scene.

The zero-day vulnerability exploitation of the Bonjour was disclosed by researchers from Morphisec Labs, made possible when an attacker targeted an unnamed organization in the automotive industry with the BitPaymer ransomware.

And the component was exploitable by the unquoted service path vulnerability, which is a common software flaw that occurs when an executable contains spaces in filename and so, it's not enclosed in the quote tags ("") as required. Therefore the unquoted service path vulnerability is exploitable by simply planting a malicious file to the parent path to trick legit applications into executing the malicious programs to evade detection.

Apple, however has released the fix in iCloud for Windows 7.14, iCloud for Windows 10.7, and iTunes 12.10.1 for Windows to patch the vulnerability. It is recommended that all Windows users with either iTunes or iCloud installed should update to the latest software to ensure their security.

Why You need to Update Apple iTunes and iCloud on Windows PC?



Facebook launched Workplace in 2016, as a collaboration platform that offer standard chat functions and the ability to share files, including photos and videos, also voice clips, between employees within an organization.

And the first update to Workplace allow users to interact with external partners and agencies, with the capability of up to 50 participants to engage in group conversations within the application, via text, voice and video. While the next update to the chat app, was support for communication between workers in separate organizations.

Facebook subsequently launched features such as pinned threads, to make it easier for users to keep track of chats, coupled with the ability to pin important messages at the top of the app, up to 15 messages. And the “do not disturb” mode to allow employees turn off alerts and notifications when busy or away, with “replies” feature that enable direct responses to individual chat within a broader conversation.

Now, Facebook is working on bringing its Portal video hardware to the office with a dedicated Workplace app, which is one among a handful of other updates to the enterprise collaboration platform.

The Portal video display supports video calls between Facebook Messenger and WhatsApp, and utilizes an AI powered “smart camera” that tracks both body movements of the speakers engaging in the call. With the incorporation of Workplace app, Portal would be able to connect workers in an organization as well.

What that means is that Workplace on Portal will facilitate communication not only with friends, but with colleagues at work, in a more secure and safer platform; also users will be able to call other Portal device right from their mobile phone if they are on the go or via their PC or iPads in the office.

The first Portal device shipments started with 54,000 units in 2018, with the period measured from the time those devices were first released in November, meaning that shipments was completed at the end of the year.

Facebook has scheduled next shipment as demand has gone up in 2019, the company announced new devices last month and harping on the potential for the displays to come in handy in the office, as more Workplace customers have requested trials of Portal devices and have commenced testing in their organizations.

Facebook continues its push for Workplace adoption with Portal in the Office



The modern camera offerings with many megapixels, not withstanding, you'd still need a nifty image resize tool to bring out the exact copy of image required for professional image processes.

That is where AI Image Enlarger comes to play, available for Mac and Windows, the super-unique tool uses artificial intelligence (AI) capabilities to enhance small or low-resolution images/photos, making it easy for you to upscale your images. And the beauty of the AI capabilities is that your resized images does not loose its original quality, as it guarantees an even smarter and sharper image than what's obtainable before, and the best part - it's available for FREE.

The AI Image Enlarger software which comes absolutely free, is fully capable of enlarging any small definition image to high definition without losing quality, based on machine learning and AI technology which it packs into its processes.

Unique Features of AI Image Enlarger Software



  • Easy to use User Interface
  • Utilizes Machine learning and AI technology
  • Simple Drag & Drop Option for uploading image
  • Easily Convert Images from Low Definition to High Definition
  • Support for Windows and Mac Computer


AI Image Enlarger software employs hundreds of thousands HD photos to teach its deep learning system, thereby enabling the AI solution to analyze images and be able to add missing details during the enlargement process.

Steps to Convert Images from Low Definition to High Definition



First, go to the official AI Image Enlarger software website and download the software to your Windows or Mac computer. And note that the software is fully compatible with Windows 7/8/10 & Mac OS X and newer versions.

Then create an account for the software and log into your account on the Windows/Mac software.



Now, it is time to upload your image, but before that you should note the file limits as follows:

1. Image must be less than 3MB
2. Image should not be more than 800 width x 750 height
3. And Only .jpg, .jpeg, and .png extensions are currently supported

Once you upload your image, then choose from the styles namely: Artwork, Photo, Face, and High-Grade. You can also enlarge it twice or 4x the size of the original uploaded image, without loosing the original image quality.



After you have chosen a style, then click on submit which will provide a preview of your image. If you are satisfied with the final output, then click on the Download button to get your enlarged image, all for free.

Our Verdict!



The AI Image Enlarger software is perhaps best for quick and easy image enlargement, with the great perk of AI capabilities that makes the procedure almost effortless, and the best part is that you don’t need to pay for the software.

Additionally, you also get to enlarge your image without having to go through any rigorous study on how to use the photo editing software, as the tool is so easy to use, that even a newbie in photo editing won't have an issue.

AI Image Enlarger Review: Freely Enlarge Low Resolution Images with AI Solutions