Opera GX is a game-centric web browser developed by Opera Software AS, which was first announced on June 11, and now released as the world’s first gaming browser.

The browser is distinguishable by its gaming-inspired theme and the integration of Razer Chroma, which is perhaps the world’s largest lighting system for gaming devices, allowing you to enjoy a more thrilling and immersive experience browsing with the lighting effects on your supported device.

And there’s the presence of CPU and RAM limiter capabilities, aimed at speeding up your PC gaming experience altogether. Albeit, this may not be the first browser to integrate Razer Chroma, as Vivaldi already have it in version 2.5 which brings first-of-its kind integration to Razer Chroma for gaming devices.

Opera GX is currently supported only on Windows PCs, and expressly for use within games, just as Steam’s inbuilt browser works. Though, it isn't supported for game consoles like the Microsoft Xbox One or PlayStation game devices.

How to use Opera GX for gaming

With such features like Razer Chroma integration, and game collections from Twitch, you can use Opera GX, which functions like any standard Chromium browser, but with gamers at heart, and works just as Chrome browser would open a website.

Simply head over the official Opera Gx site to download the gaming browser, and once downloaded to your Windows PC, then launch the browser.

You'd most definitely love the looks and UI experience of the browser, and you'll find most social messengers that are available on the sidebar, which includes Facebook Vkontakte, Messenger, Telegram, and WhatsApp fully integrated, and you are able to chat right from the browser’s interface.

Additionally, Opera GX features a built-in free VPN, just like the main Opera browser and adblocker, with a “video pop out” feature to allow you playback videos in smaller overlay outside of the web browser.

What more features are available on the Gaming Browser?

There is the “GX Corner” panel that sits at the left corner of the tab bar, with news about new upcoming games and deals aggregation links for games on sale. It also includes a “Daily News” section, which by default, offers you a dedicated stream of latest gaming news.

Also, the sidebar features a Twitch panel, whereby you can easily browse through the channels you follow, and to see who's presently online streaming, or even get notified when a channel you’re following starts a live streaming.

Opera will be bringing a “Video over game” feature so that you can also watch a video walkthrough or other video on top of a game section, even while you’re still playing it, though this feature isn’t yet available for now.

How to use Opera GX to Enhance your Online Gaming experience

The iPhone lockscreen bypass bug that was reported by a security researcher, Jose Rodriguez has gone unpatched as Apple is prepping to release the newest version of its mobile OS next week.

While the exploit allow just anyone to bypass the iPhone lockscreen to gain access to contact information, and perhaps other piece of information saved on the device. The bug was first spotted in 2018 on iOS 12.1, and now the latest iOS 13 still suffers the same bug using similar technique, which revolves around the activation of FaceTime call and accessing the Siri voiceover feature to enable access to contact list.

The bypass technique also works on iOS 13 GM which runs on iPhone X, albeit access to photos is denied on the device, but ordinarily, the procedure requires physical access to the iPhone, and the enabling of voiceover by initiating a FaceTime call.

And perhaps, this latest bug is inline with a long list of lockscreen bypass bugs on iOS, which started from iOS 6.1 & 7 far back in 2013, that allowed just anyone access to iPhone contact information and even saved photos. Even on the iOS 8.1 and iOS 12.1, the lockscreen can also be bypassed using same procedure.

But the good news is that Apple is already working on the permanent fix, which is expected in the iOS 13.1 beta, which is planned for release on September 30th.

Apple to release iOS 13 without patching the LockScreen Bypass bug

Google announced plans to implement DNS-over-HTTPS (DoH) in the next version of its browser, Chrome 78 with users given the option of choosing the corresponding DoH server to use for DNS resolution.

This is coming on the heels of Mozilla's enabling of DoH in the main Firefox browser release for a small percentage of its users, and promise of subsequently making it available for all Firefox users. While the actual support for DoH was added to Firefox 62 to improve the way the browser interacts with DNS, using encrypted networking to obtain DNS information from the server that is configured within the browser.

Albeit, Mozilla is been criticized for enabling the feature by default on Firefox and domiciling all the DNS traffic to Cloudflare.

Google, on the other hand, is towing a different part, as it will first check whether a user's DNS provider is on its list of known DoH-compatible providers, which if the user's DNS provider is on the list, will automatically upgrade Chrome DoH to that provider's DoH server for DNS resolution.

And Chrome DoH will run on all platforms other than Linux and iOS, including Android 9 and later, which if the user has configured a DNS-over-TLS provider, Chrome will also use that instead of the ones from their list, except there is an error.

The upgrading of DNS Resolution to DoH will happen according to the user's current DNS provider, that given that it is supported, as Google feels that the users DNS resolution experience will need to remain the same.

Nonetheless, DNS-over-HTTPS (DoH) have not been welcomed in enterprise environments, governments and ISPs, as some ISPs in certain countries block connection to sites via monitoring the DNS traffic.

It will allow users to bypass such censorship or spoofing attacks and increase privacy as the DNS requests would be hard to monitor. And just anyone, including privacy advocates would be able to bypass traffic filters set in place by rogue governments to track the citizens.

Chrome 78 to make debut with DNS over HTTPS (DoH) support

Mozilla announced plans to enable DNS-over-HTTPS (DoH) by default in the Firefox browser, starting with US users this month. But the news was received with lots of criticism, as most security researchers believed the idea of domiciling all the DNS traffic to Cloudflare, is bad idea.

While the operating system is what's normally responsible for managing DNS and other network settings on all applications, but Mozilla is looking to change all that, by making Firefox able to dictate the pitch. And should other applications also follow this example, it will only lead to chaos over the Web.

Now, imagine if you get different DNS for different applications or perhaps, have the applications implementing own IP stack, with different addresses, routing and so forth. Though, DoH generally, is a good technology as it brings privacy via encryption, but the correct way would be to standardise DoH and add support for it into automatic address configurations and operating systems, not applications.

Mozilla should revert the change to allow users, at least to opt-in, and choose their DoH provider, rather than automatically defaulting to Cloudflare. The company must take real responsibility by working together with the security community to create RFCs to make DHCPv6, DHCPv4 and Router support DNS URLs instead of IP addresses.

It could also contribute in developing support for the operating systems, if truly privacy is a concern for Mozilla. And whether you've got trust for Cloudflare or not, directly supporting centralization by using DoH in Firefox sucks.

The best way to voice out against it is perhaps is to turn DoH off in your Firefox browser, simply go to Settings - Network Settings and uncheck the Enable DNS over HTTPs checkbox.

Why Mozilla's defaulting of Firefox DoH to Cloudflare is a bad idea?

Cloud Dataproc is a fully managed cloud service for running Apache Spark and Hadoop clusters in a simpler, and more cost-efficient manner, by reducing operational hours, and you paying only for the resources used.

Now, Google Cloud brings Spark as a service to the Kubernetes container, and ditching the virtual machine-based Hadoop clusters, with other non-Spark analytics engines support coming in the future. While the open source container orchestration platform, Kubernetes has been a big deal in the Cloud industry, which cluster computing has become increasingly important in big data processing.

Google is launching the alpha of Cloud Dataproc to Kubernetes as an important step for the Cloud service to serve as a hybrid cloud model.

The overriding idea, however is for enterprise customers to have the ability to run Apache Spark on Google Kubernetes Engine (GKE) clusters, with products such as Anthos making GKE available virtually anywhere, customers will be able to take Cloud Dataproc to their data centers as well.

Google Cloud Dataproc coming to Kubernetes is significant as it provides customers with single control plane for both deployment and managing of Apache Spark on Google Kubernetes Engine on public cloud or on-premises environment.

This is bringing enterprise-grade support, management, and security to Apache Spark jobs on Kubernetes, which is also the first of many objectives, including to simplify infrastructure complexities for data scientists around the world.

Google Cloud Dataproc comes to Kubernetes with an alpha release

Mozilla has progressed in its effort to thwart network snoopers by encrypting connections to the web servers that host websites, using DNS-over-HTTPS (DoH), the combination of the network technology, DNS and HTTPS, to prevent middlemen from figuring out the internet servers.

While the support for DoH was added to Firefox 62 as a way to improve the way the browser interacts with DNS, employing encrypted networking to obtain DNS information from the server that is configured within Firefox, but it does not use DoH by default, as users are required to go through the configuration editor to enable it.

Now, the company has announced plans to enable support for the DNS-over-HTTPS protocol by default within the Firefox browser, starting with US users this month.

Mozilla had been testing the DoH support in Firefox way back since 2017, and so far, no issues have been recorded with the new protocol. So, it now plans to enable DoH in the main Firefox browser release for a small percentage of its users, and subsequently enable it for all Firefox users.

What this means is that Firefox will ignore the DNS settings setup in the operating system, and instead, use the browser-side DoH resolver. And the encryption of the DNS traffic will effectively hide DNS information from ISPs and traffic filters, or even , enterprise firewalls and any other third-party that wants to intercept a user's traffic.

Albeit, DNS-over-HTTPS has not been welcomed by enterprise environments, governments and ISPs, as DoH could allow just anyone, including privacy advocates to bypass traffic filters set in place by rogue governments to track the citizens.

Mozilla's implementation of DoH, however would help to seal off major holes, regarding privacy and security, though there will be some technical challenges, but gradually things will surely improve.

Mozilla will now enable Firefox DNS-over-HTTPS (DoH) by default

Lilu (Lilocked) ransomware was first discovered by a ransomware note uploaded on ID Ransomware, a portal for identifying new ransomware based on the demand specified in the ransomware note.

Now, the new strain of ransomware has reportedly infected thousands of Linux servers around the world, with the attacks haven commenced in mid-July, but severe cases were most evidence in the last few weeks. While the actual mechanism employed in the attack remains unknown, it is quite obvious that bad actors are targeting Linux-based servers running on the defunct Exim software.

The ransomware note that accompanied the attacks come with the encrypted message: “I’ve encrypted all your sensitive data!!! It’s a strong encryption, so don’t be naive to restore it;)” according to a Russian forum.

And once the victims click on the link within the note, they are redirected to a site on the dark web, demanding that they enter the key from the note, which when entered, requires them to deposit 0.03 bitcoin or the equivalent of $325 in an Electrum wallet in order to recover their files.

But luckily, the ransomware doesn't affect any system file, and Linux systems will continue to run as normal; as it target only files with such extensions as CSS, PHP, HTML, SHTML, JS, INI and other formats. Albeit, the actual number of infected Linux servers could not be ascertained as there are many of such servers currently not indexed on Google.

For now, there is no security advisory issued to mitigate the attack, however as per usual security recommendation, try to ensure your passwords are strong and all apps are updated to latest versions.

Linux Servers targeted by new strain of Lilocked (Lilu) ransomware

The cybersecurity researchers at Avast have disclosed that about 29 models of GPS tracking devices used in keeping tabs on children manufactured by Chinese companies, come with a number of vulnerabilities.

While the GPS tracking devices are estimated to be over 500,000 (available for purchase on Amazon and some other online merchants) all come shipped with "123456" as the default password, which an attacker could easily break into as most of the users never bothered to change the default password.

The vulnerabilities stems from the fact that communication between the 'Cloud and GPS trackers' and 'Cloud and the device's mobile Apps' and 'Users and the device's web application' were done over unencrypted HTTP protocol, leaving it open to man-in-the-middle (MiTM) attackers who could intercept the data with unauthorized commands.

As communications via the web application is over HTTP; the JSON requests are also in plaintext and unencrypted, allowing an tracker to call an arbitrary mobile number, which when connected would enable them to listen to the tracker through the other party without trace.

Again the communication in text-based protocol lacks any form of authorization, which process works by identificartion of the tracker by its IMEI number.

The researchers also discovered that remote attackers could obtain the real-time GPS coordinates of any target device by simply sending SMS to the mobile number associated with the SIM card which is to provide DATA and SMS capabilities to the device.

Albeit, the attackers would need to first know the associated mobile number and password on the tracker to be able to carry out an attack, though it can be exploited by the cloud/mobile app flaws to authorize the tracker to send SMS to an arbitrary mobile number by itself, allowing the attackers to obtain the trackers specific mobile number.

Once access is gained to the device's mobile number and given that the default password '123456' remains for most of the devices, the attacker can easily use the SMS as attack vector.

The researchers, however claimed to have since notified the manufacturerers of the GPS tracking devices critically affected by the security vulnerabilities, as well as the vendors, but still no response.

How GPS Tracking devices could expose Kids real-time Location data

Twitter has temporarily disabled the 'Tweet via SMS' feature after it was reportedly abused by hackers to compromise the company's CEO, Jack Dorsey's Twitter account, whereby a series of tweets with racial slur was posted on the timeline.

The hacking group called "Chuckling Squad" - replicated the mobile number associated with the CEO's Twitter account to gain access to tweet racist, cum offensive messages and threats via SMS. The procedure known as "SIM Swap" allows anyone to recover a supposedly lost or displaced SIM by requesting the telecom company to transfer the number to another SIM card.

Through social engineering trick, the group were able to get Dorsey's mobile phone number and provider, which enabled it gain unrestricted access, whereby they used the popular 'Tweet via SMS' feature to post tweets under his username, without actually breaking into his account.

While the Tweet via SMS feature allow users to make post directly to Twitter by simply sending an SMS message to a specific Twitter number from the registered mobile number associated with the account. Albeit, it requires no extra authorization which was the bane that allowed it to be easily hijacked by the hacking group.

Twitter halted the feature to forestall such incidence from repeating itself, and has promised to reactivate it in markets that depend on SMS for reliable communication soon.

The company also confirmed it was working on longer-term strategy because of the vulnerabilities that must be addressed by the mobile carriers to have a linked phone number for two-factor authentication.

Twitter halts the 'Tweet via SMS' feature after an Impromptu hack

Mozilla has been at the forefront in fight against websites that track users online activities, which tracking is only beneficial to advertisers who target specific users, despite that it invades their privacy.

Now, the company has released Firefox 69 with ability to block third-party tracking cookies by default, which is powered by the new tool called Enhanced Tracking Protection, a step-up from its earlier approach of manually keeping websites and advertisers from tracking users online activity.

While the Enhanced Tracking Protection debuted in Firefox 57 as an option to block website elements (analytics trackers, ads and social share buttons), enabling tracking protection outside of private browsing. It aims to help in mitigating privacy threats and put the users back in control of their online activities without fear of snooping and tracking of their browsing behavior across websites — without knowledge or consent.

Firefox 69 goes even beyond the cookies, as cookies aren't the only tracker that follow users around on the web; it also block Cryptominers, which are capable of accessing the CPU, resulting slow down and fast battery draining, which helps the miners to generate cryptocurrency — certainly not for the user, but for themselves.

Firefox allows you to view those sites that are already blocked via the Blocking Tracking Cookies section, and you can also turn off blocking for specific sites.

The Enhanced Tracking Protection is ultimately aimed at blocking only third-party trackers (ad cookies), as it allow first-party cookies, such as logins, so that you can continue where you last left off, without having to retype passwords.

Mozilla's move to tackle cryptomining, stems from the fact that it uses CPU to generate the cryptocurrency, and fingerprinting that track users across the web. The fingerprinting scripts is capable of harvesting a snapshot of computer’s configuration, which can be used to track a user, without consent.

Firefox users, however can turn on ‘Strict Mode’ to get protection from fingerprinting scripts; albeit Mozilla promises to turn fingerprinting protections on by default in future releases.

Firefox 69 block third-party Cookies & Cryptominers by default