The Linux-based mobile operating system, Ubuntu Touch run by UBports, has dropped the name Unity8 from its Desktop Environment; which name change was as a result of clash with the popular game engine, Unity.

While the name clash is one reason, with "Unity" well known as a 2D/3D game and simulation platform. Another reason is that most users found "Unity8" same as the game engine, whereby they commonly inquire on how to import 3D models and meshes into the shell.

The choice of the new name Lomiri is the stickiness with the name "ubuntu" in many of Lomiri's dependencies. Such dependencies as "ubuntu-download-manager", "ubuntu-ui-toolkit", and "qtubuntu", among others. Albeit, there are warnings that packages containing the name "ubuntu" may not be accepted into some target distro.

What Packages and Projects will be renamed?


Typically, a name change is time-consuming, so renaming as few projects as possible should be the right way to go. The following are some of the things that will be renamed or modified in the short term:

  • ubuntu-ui-toolkit -> lomiri-ui-toolkit
  • unity8, containing the shell, will become lomiri
  • ubuntu-download-manager -> lomiri-download-manager

Also, the interface used to call on the projects will be changed. For instance, the Ubuntu.Components QML import will change to Lomiri.Components. And in the foreseeable future, the company will provide backwards compatibility in Ubuntu Touch images. While developers will only need to update to new API when packaging their apps for other distributions.

The QML's lack of namespacing is perhaps a blessing, as the only change to most QML applications will be the statement (from import Ubuntu.Components 1.3 to import Lomiri.Components 1.3).

The Packages that will remain Unchanged



Ubuntu Touch, the convergent operating system shipping Lomiri, the OpenStore, and its confined applications, will still retain its names. Additionally, all components which are used by other projects and for other distributions, such as gsettings-qt using the com.canonical.gsettings D-Bus namespace.

Albeit, Debian has accepted it for use by the Deepin desktop environment. And components that don't use the "Unity" or "Ubuntu" name, such as qtmir and morph-browser, among others, will not be renamed.

How will the name change affect Users?



The name change will not be noticed by most users of Ubuntu Touch as only components will be renamed, with the old "Unity8" name which is not used visibly within the mobile operating system.

But developers creating unconfined applications may notice small changes, like Upstart job names will change, as well as internal API shifting. However, the company plans to maintain backwards compatibility within Ubuntu Touch in the foreseeable future.

The name change is currently in progress for some components, like lomiri-download-manager. So these components are been prepared for building on Debian testing, renaming them, and then moving the upstream repositories to GitLab.

Ubuntu Touch changes Unity8 name to Lomiri for the Desktop Environment



Cloud Snooper is a new malware that is capable of compromising the security of Linux based servers by deploying a kernel driver, which according to SophosLab report, bypasses firewall security measures.

While Linux has been touted as a highly secure operating system, there are still some downside that challenges its security architectures; albeit perhaps, the compromised systems in the SophosLab report were running both Linux and Windows EC2.

Simply by deploying the Cloud Snooper malware, attackers can execute commands on the network servers, with the malware residing on the server underneath the administrator’s oversight.

How the Cloud Snooper Malware was Discovered?



SophosLabs during the course of investigating a malware incidence on cloud infrastructure hosted in the Amazon Web Services (AWS) cloud, discovered a sophisticated attack pattern that employed unique techniques to evade detection, allowing the malware to freely communicate with its command and control (C2) servers via a firewall, which under normal circumstances, should have prevented that kind of communication.

Though the problem is not an AWS issue, but the technique in use on AWS represents a method of piggybacking C2 traffic on legitimate traffic, such as web traffic, which in a way can bypass many, if not most, firewalls.

The team from Sophos used a bespoke APT (Advanced Persistent Threat) toolset which gives them reason to believe that the malware and its operators were pretty advanced threat actors, and possibly government-backed attackers.

How Cloud Snooper Malware Infects The Servers?



The attackers exploited the Linux kernel driver file called “snd_floppy” which is declared dead years ago, but in this case it's only a tricking name and has nothing to do with any hardware support.

It must have perhaps chosen the name to add to its complexity, by feigning similarity with other Linux drivers that share same initials starting with “snd” like snd_hda_intel, snd_pcm, snd_hda_codec, and snd_timer. And the attacker employs an in-band signaling method with the hidden command script running in the regular network traffic data to perform the harmful actions.

The secret data is then extracted from the network traffic by the snd_floppy driver file, which the attackers deployed and uses the 16-bit TCP source port to send the command to bypass the detection from firewalls.

In order to Secure your Server From Cloud Snooper Attack, it is recommended that you modify your current security rules for firewall to detect and block packets from illegitimate source ports.

And if the firewall fails to restrict the entry of infected files, you can add a second layer of security to prevent script execution. Additionally, you should use any tool that is capable of monitoring and detecting the infected kernel drivers or any unwanted programs running on your server.

Cloud Snooper Malware targets Linux Kernel Driver to Attack Cloud Servers



For most people, finding a smart way to invest their hard-earned money is a top priority. With all of the different investments on the market, choosing the right ones can be extremely difficult. In the past few years, cryptocurrencies like Bitcoin have become some of the hottest investments on the market. But, making a real go of cryptocurrency investing is only possible if you learn how to mine for Bitcoin.

If you want to have success with this type of cryptocurrency investing, you will need to learn the ins and outs of Bitcoin mining. On average, 79 percent of the people who invest in cryptocurrencies will buy Bitcoin. This is why Bitcoin mining is so popular.

Read on to find out more about the Bitcoin mining processes and how much it really cost.

Why Does Bitcoin Needs So Much Energy?


While Bitcoin may be a digital currency, the computers that are used for mining are ravenous energy hogs. On average, Bitcoin consumers around 67 terawatt-hours of electricity each year. Basically, this is enough power for 10 million households. One of the main reasons for this energy consumption is blockchain. Since there is no central bank to regulate this currency, a distributed accounting system known as blockchain is used.

Each of the Bitcoin trade transactions is put into blocks. These blocks of trade date are very hard and time-consuming to reconcile. This is due to the fact that the data for these transactions is spread across various computers around the world. One of the things Bitcoin has done to offset the tedious nature of blockchain transactions is to award people who contribute computing power to thees transactions up to 12 Bitcoins.

If you are tired of spending tons of money on energy, it is time to see if you can get a better deal. Businesses that specialize in Bitcoin mining have a number of options when it comes to the energy rates and providers in their area. Simply settling for the first energy provider you come across can lead to a lot of money being wasted. This is why you need to work on researching basic electricity rates by state. With this information, you can figure out whether or not your current energy provider is giving you a good deal. If they aren’t, switching providers is your best course of action.

Embracing Bitcoin Mining Energy-Saving Models


Most people fail to realize that up to 80 percent of the mining revenue produced by Bitcoin goes to paying the exorbitant energy costs. One of the latest trends in the world of Bitcoin mining is entrepreneurs setting up shop in remote parts of Mongolia and China. These areas have very low energy costs, which is why the push to set up Bitcoin mining operations there is gaining popularity.

In recent years, the computing hardware used by most Bitcoin miners known as an application-specific integrated circuit has become more energy-efficient. The only problem with using these circuits is the number of them that have to be deployed to turn a profit.

Familiarity With the Different Types of Cryptocurrency Mining


Before you jump into the world of cryptocurrency mining, you need to find out more about the different types of mining and the costs associated with each one. Having this information is crucial when trying to avoid biting off more than you can chew financially with this new venture. If you are curious about the different types of cryptocurrency mining, here is some helpful information.

  • Mining Pools are Gaining Popularity: If you are mining Bitcoin without the backing of a corporation or business, it can be hard to get all of the resources you need for success. Instead of letting your new cryptocurrency venture rapidly decline due to a lack of resources, you need to think about joining a mining pool.

    These pools connect Bitcoin mining enthusiasts and allow them to share things like proof-of-work calculations and even nodes. While you may have to pay a membership fee to join one of these mining pools, it will be worth it considering the help you can receive.
  • The Power of Personal Mining: Are you using your personal PC to mine for Bitcoin? If so, this is referred to as personal mining. When developing a personal mining operation, you need to consider things like the type of computer you will use and the energy-efficiency of this rig. Failing to consider these factors can lead to you losing money in the long run. Consulting with more experienced Bitcoin miners can help you figure out how to make a personal mining operation successful.
  • Cloud Mining is a Good Idea: If you want to avoid the costs of setting up a mining rig of your own, cloud mining is a great option. With this type of mining, you only have to worry about paying a fee to a third-party supplier who already has a mining rig in place. This not only allows you to get off and running with you Bitcoin mining venture, it also helps you avoid the cost of maintaining the mining rig.


Time to Take Action



Now that you know more about the cost and benefits of Bitcoin mining, it is time to take action. With a bit of time and research, you should have no problem achieving favorable results.

How much does it really Cost to Mine Bitcoin in 2020?



Mozilla has introduced new approach to secure Firefox browser for Linux and Mac, using a new lightweight sandboxing architecture, called RLBox, that employs WebAssembly sandbox to protect against vulnerabilities posed by third-party libraries.

While Firefox make use of various external libraries to render audio, images and videos, which third-party sources could be exploited by attackers to introduce malicious scripts; with security now a highly-required feature for any web application to avoid compromises to personal data and business information.

Before now, Firefox uses process-level sandboxing and Rust programming language to protect against security issues. However, the method mostly benefit pre-existing components and, often restricted to certain area with various limitations.

What Is RLBox Sandboxing Architecture?



Mozilla in conjunction with researchers from the University of California San Diego, Stanford University and University of Texas at Austin, developed the new framework called RLBox to improve web browser security.

RLBox helps to improve browser security by separating third-party libraries from the rest of the browser that could contain potential security issues, which process is known as sandboxing. It runs on WebAssembly security mechanism to put the browser components into secure sandboxes so that attackers can't exploit the system through third-party libraries.

The unique sandboxing method separate third-party libraries from the browser’s native code; but instead of isolating the app from the operating system, RLBox will completely obstruct the execution of any malicious code within the external library on the system.

Firefox 74 Availability For Linux And Mac



RLBox has been integrated into Firefox 74 to complement other security capabilities on the browser. And it is currently available for the browser versions for Linux and Mac, with the new update of Firefox 74 expected to launch in March 2020.

Also, expected is the DNS over HTTPS (with Cloudflare as the DNS resolver) roll out to users, which turns the option on by default for users in the United States. And for alternative DNS service, users can select NextDNS via the Network Settings dialog in Preferences.

Additionally, there is the disabled TLS 1.0 and TLS 1.1. for sites that don't support TLS version 1.2, which going forward will show an error page.

Firefox 74 brings RLBox Sandboxing Architecture to Secure Third-party Libraries



Brave Browser is an open-source web browser based on Chromium, developed by Brave Software, with the notable features of ads blocking and tracking prevention; also offering users ways to send cryptocurrency in the form of Basic Attention Tokens to content creators.

The open source browser recently teamed up with Internet Archive’s Wayback Machine to enable users to surf dead web pages. If a website visit returns a 404 error, or any other error codes, Brave browser will detect it and automatically offer to search the Wayback Machine for a backup page.

Brave browser is capable of detecting 14 HTTP error codes in addition to the regular 404 error code, including: 408, 410, 451, 500, 502, 503, 504, 509, 520, 521, 523, 524, 525, and 526.

How the Integration of Native Wayback Machine Works?



The Wayback Machine is a digital archive of the Web, founded by the Internet Archive, a San Francisco based nonprofit organization.



While several web pages have gone offline over the years, they are archived in the Wayback Machine, allowing web users to access those pages as they were when live, thus making it possible to travel back in time and see dead websites. Brave browser's native Wayback Machine integration means you don't have to visit the Internet archives to access dead websites anymore with the browser having the function in-built.

Albeit you can also plug various Wayback Machine functionality such as 404 detection, via extensions in browsers like Firefox, Chrome, or Safari.

Other Wayback Machine Functions Available to Brave Browser



Brave browser collaborated with Wayback Machine, allowing Internet Archive to accept Brave’s BAT micropayments after it was launched in 2017.

The Internet Archive can receive micropayments from participating Brave Browser users, with the alt-browser controlling the ads, mostly, through the micropayments feature. But you need to put in some bitcoin that will be distributed to the sites you visit in a month.

Brave browser's Wayback Machine integration is currently available in the desktop version, as the feature has not been released for the mobile versions of the browser.

Brave Browser's Native Wayback Machine Integration brings Dead Website to Live



Microsoft Azure Sphere is an end-to-end IoT security system that is built on microcontroller (MCU), the sort of devices using tiny and relatively low-powered embedded objects for connectivity and basic controls.

The Cloud service was announced in 2018 to provide full-fledged IoT system security, with the platform comprising Microsoft’s own Linux-based OS, connected MCU and its cloud-based security services. According to Microsoft, the next decade will witness nearly all consumer gadget, household appliance, and industrial devices fully connected to the Internet.

And for everyone of these devices, there is one thing in common, a tiny chip, called a microcontroller (MCU), hosting the compute, storage, memory, and operating system directly on the device.

What are the components of Microsoft Azure Sphere?



Microsoft Research uncovered ways to secure the vast number of MCU-powered devices, by leveraging years of security experience, and learning from across the tech industry, to identify what it calls "the Seven Properties of Highly-Secure Devices".



The Azure Sphere consists of the customizable Linux-based OS, certified microcontroller chips MediaTek 3620 and cloud-based security services. In addition to the need for multiple layers of in-depth defense, both in hardware and in software, to repel hackers even when they've successfully breached one layer of security.

Why Microsoft’s Azure Sphere?



Microsoft Azure seeks to help to set up secure and scalable IoT or internet-connected devices of all sizes for organizations with minimal security risks.

Given the rise in hardware devices connected to the internet, with millions of such IoT devices exposed to cyber-attacks. These devices help to connect both personal and enterprise users, and it has become more important to make sure there is better security to prevent negative effects on businesses and lives.

The Azure Sphere platform Azure brings the rigor and scale Microsoft has built over the decades protecting its own systems and data in the cloud to MCU powered devices. It is perhaps the first initiative that aims to create a comprehensive system to lock down security on IoT system and devices.

Microsoft launches Linux-based IoT Security system service, Azure Sphere



TikTok is a hugely popular Chinese video-sharing social network, used to create short lip-sync, comedy, and special talent videos.

While the app was launched in 2017 for iOS and Android in markets outside of China. But TikTok has been saddled with thousands of sexually explicit comments found on videos posted by children as young as nine, which resulted the company to delete hundreds of these comments.

Albeit, the majority of users who posted the contents were still able to do so on the platform, even with TikTok's rules against sexual messages targeted at children.

How TikTok's new Parental Control features will help to Solve the Issue?



TikTok has recently introduced a set of new parental controls called “Family Safety Mode” that is designed to allow parents set limits on their teens' use of the mobile app. The parental control features include limits on direct messages, screen-time management controls, and a restricted mode to limit the appearance of inappropriate content.

The Family Safety Mode will require that parents must first create account on the app, which will then be linked to the teen’s account.

And if enabled, parents will be fully able to control their teens activities on the app, such as turning off or limiting what the teens can interact with, and who they can message; or even choose to turn TikTok’s “restricted” mode on to limit inappropriate content.

TikTok's Growing Generation Z Userbase



TikTok is increasingly dominated by the demographic cohort succeeding the Millennials and preceding Generation Alpha, the Generation Z, whose birth years fall on mid 1990s and mid-2010s as ending birth years, with the year 1997 as the most widely accepted beginning.

The Generation Z users make up about 60% of the app's US monthly users, with ages ranging between 16 to 24, according to Mediakix. These users typically share 15-second clips of themselves doing comedy skits, dancing, lip-syncing, or participating in challenges that regularly pop up on the platform.

TikTok's popularity among teens, combined with the unique potential for viral stardom, has forced parents to seek for ways to control the activities of their teens around everything from privacy to how their kids can actually benefit from the platform.

In a move to avail users some control, TikTok added a screen time management tool last year that allow users to set limits on the time spent on the platform every day. And this month, the company partnered with popular TikTok stars to create short videos to encourage users to track their time spent on the platform.

TikTok's new 'Family Safety Mode' gives Parents Control over Teens phone habits



The first Developer Preview of Android 11 has been released by Google almost a month ahead of the usual release cycle. And the next version of Android brings some really exciting new features onto the table, albeit the preview build means that the set of features and APIs are intended for developer testing only.

Android 11 preview build is still highly unstable and capable of unexpected behavior, like UI lags and frequent app crashes. The worst scenario that could happen to a user, however is perhaps the lose of all the data on the phone if not properly backed up.

Google has made a detailed roadmap for the Android 11 release, which includes when it will release all the developer previews, public beta builds and the final release.

Timeline, milestones, and updates





Android 11 Developer Preview Phases



The developer previews as the name suggests are released during the early months, which will focus on adding new features and APIs for developers testing only and making required changes after the developers must have given their feedback.

  • Developer Preview 1 (February)
  • Developer Preview 2 (March)
  • Developer Preview 3 (April)


Android 11 Developer Preview phases runs from February 2020 for development and testing environments. Each includes SDK tools, API reference, system images, and emulators. The early baseline build will focus on developer feedback, with new features, APIs, and behavior changes, and priority window for feedback on APIs and report on any critical issues.

The Developer Preview 2 is more about incremental update with additional features, APIs, and behavior changes, with developers feedback and early app compatibility testing. While the Developer Preview 3 is update for stability and performance and getting apps ready for Public Betas.

It includes system images for a variety of Pixel devices, including Pixel 4 / 4 XL, Pixel 3a / 3a XL, Pixel 3 / 3 XL, or Pixel 2 / 2 XL, for developing and testing.

Android 11 Public Beta Phases



The Initial Public Beta phase is over-the-air update to early adopters who are enrolled in the Android Beta program. It involves continuous compatibility testing, and feedback from Android Beta users.

  • Public Beta 1 (May)
  • Public Beta 2 (June)
  • Public Beta 3 (July)


The second beta phase is more of Platform Stability milestone. With the Final APIs open for Play publishing and the final compatibility testing for apps, SDKs, and libraries.

Release candidate build is the last phase of the public beta. It includes the release of compatible updates for apps, SDKs, and libraries.

Final Release Date



The Final release forAndroid 11 to AOSP and the ecosystem is scheduled for Q3 2020. It will include the release of compatible updates for apps, SDKs, and libraries. And continuous work to target Android 11 build with new features and APIs.

If you want to get started with testing the previews, you can install Android 11 on your hardware device, or set up an emulator for compatibility testing. Check the Android 11 update page for more details.

Android 11 Roadmap: Developer Previews, Public Betas and Final Release Date



There will always come a time in your web project that you'll need image or photo without background to align with your web or content development, BG Eraser for Mac and Windows allow you to easily erase background with AI technology.

BG Eraser instantly remove the photo/image background automatically with the help of artificial intelligent (AI) technology, which minimizes the chances of low image quality, and ensures that your image is as real as possible. The background processing simply involves cutting out of the surrounding objects from a photo to make the background transparent.

It is based on a powerful machine learning and AI technology for background intelligence, and the best part is that you get all this for 100% free.

Unique Features of BG Eraser



  • Safe
  • AI-Infused Processing
  • 100% Free Utility
  • Guarantees High Image Quality
  • Fast and Speedy Delivery


Steps to Remove Image Background with BG Eraser



It takes only 3 steps for BG Eraser to process image background removal, after you must have downloaded the Background Eraser software, as follows:

Step 1.



Upload: Simply upload your image and the photo should be either jpg or png.

Step 2.



Analyze & Erase: The software analyzes and process the photo based on machine learning to ensure high quality result.

Step 3.



Preview & Download: After the processing, your image will be ready for download by clicking on the download button to get the photo with background removed.

Kindly note that the image must be less than 3mb for both Win installer and Mac installer. And the software is fully compatible with the newest Windows 7/8/10/Vista/Xp & Mac OS X and above.

The BG Eraser automatic background remover and background editor will easily remove the background of any photo online in seconds. Try it for free!

BG Eraser Review: Instantly remove background from Photos/Images for free



CSI Linux is specifically designed for forensics and cyber investigations, as it removes the hassles of installation and configuration of different software packages, with tons of pre-installed tools for analysis and security prevention.

While Kali NetHunter is perhaps the most popular Linux-based penetration testing platform, with the Debian-derived Linux distribution designed for digital forensics, the most notable feature is the support for over 50 new mobile devices, and fully capable of running on Android 4.4 (KitKat) to the latest version on all supported devices.

These software tools play a significant role in the cyber investigation process, with the rise in cybercrimes, organizations and government agencies have become directly involved in setting up cyber investigation labs to tackle the crime incidence on the Internet.

The key open source tools available for CSI Linux include: Catfish Search, Recon-ng, FBI (Facebook Information), Autopsy GUI, KeePassXC, Nmap, Maltego, Twitter feed pull, OSINTFramework, OSINT-Search, Wireshark, theHarvester and Sherlock.

How CSI Linux can Help with Cyber Investigations?



CSI Linux comes in three separate platforms, namely Analyst, Gateway, and SIEM. With the Analyst edition containing tools for investigation, analysis, and cyber reports generation, which also allow users to generate complete report of suspects by gathering all social footprints using tools like Maltego and RecordMyDesktop.

The CSI Linux Gateway, on the other hand, links all Analyst traffic via Tor network to provide safety and anonymity over the Internet. While the last on the list, SIEM edition is for Incident Response and Intrusion detection.

As a multi-purpose operating system designed for cyber investigators, CSI Linux is useful in resolving Online Investigation: including Social Media Accounts, Website Information, and Open-source intelligence (OSINT).

Also, CSI Linux helps with Incident Response, such as Intrusion Detection/Prevention and Malware Analysis.

Getting Started with CSI Linux



The minimum requirement for CSI Linux installation is 50GB free space for the running of virtual machine images and 20GB to download the installer, with at least 8GB RAM.

Albeit, CSI Linux can’t be downloaded for standalone installation as it's only available for VirtualBox. So, you'll need to install VirtualBox and Virtual Box Extensions to get started with CSI Linux.

And the CSI Linux Investigator comes as an individual OVA file comprising the three editions for the virtual machine, namely CSI Linux Analyst, Gateway and SIEM. For all available tools for CSI Linux, see the full Tools List.

CSI Linux: NetHunter Alternative for Forensics and Cyber Investigations



Microsoft has announced a public preview of Defender Advanced Threat Protection (ATP) for Linux distributions, including CentOS, Ubuntu, and Debian.

The Defender for Linux will focus more on signature-based malware detection, albeit the Defender ATP for Windows is capable of tracking various system behaviors and report to the ATP cloud service, which helps to detect possible threats even without any malware infestation.

Microsoft launched Defender ATP for Mac in March 2019, which was perhaps the first cross-platform expansion of Defender ATP in an attempt to grow the market for the security software beyond Windows.

How Microsoft Defender ATP for Linux will Function?



The Defender Advanced Threat Protection (ATP) is part of Microsoft Threat Protection (MTP) which provides built-in intelligence, automation, and integration to coordinate detection, protection, response, and prevention by combining into a single solution the capabilities to stop cyber-attacks.



Microsoft intends to secure the complex and heterogeneous Linux environments with the launch of Defender ATP for Linux by providing comprehensive protection through a single solution and streamlined view.

According to the company, effective threat protection requires built-in intelligence that can understand how an attack is carried out, in order to prevent its spread across domains, and automatically fix compromised assets.

Why the Defender ATP for Linux?



The extension of Microsoft endpoint threat protection to Linux has been a long-awaited development, as hackers are now paying more attention to Linux platform, making it a target for Trojans, spyware, ransomware, and other malicious threats.

Albeit, the attack surface for Linux is far behind, compared to Windows, but Linux has its own share of vulnerabilities and malware threats, which need proactive monitoring to keep the system secure.

Microsoft also hinted on Defender ATP anti-malware apps for Android and iOS devices, though no specific timeline was mentioned when it would be released, however the company stated that it would be available later in the year.

Microsoft previews Defender Advanced Threat Protection (ATP) for Linux



Everyone in the world is bound to experience stress, as it is a normal part of life. But over time, stress can also take a toll on a person’s health, especially if the person is often placed in stressful situations or doesn’t know how to handle stress.

Moving could be very stressful, but there are several ways to get the job done. Regardless of how you’re planning to work with moving services long-distance, your upcoming move can still be stress-free.

But, for your move to be stress-free, you must take note of the following hacks:

1. Start As Early As Possible



You should start rolling up your sleeves the moment you decide to move. Even if you have chosen a professional moving company from several movers NYC, there are limited tasks that the mover can carry out.



The easiest way to have a stress-free move is to start as early as possible. When time is on your side, you'll be opportune to carry out the tasks required when moving without going around in circles. You won’t be pressed for time and end up producing poor outputs (moving boxes that aren’t properly packed, or the new home wasn’t clean weeks before moving in) if you start early.

2. Know Your Limits



The human body can do a lot of things, but don’t forget that it also has limitations. As a mover, you need to understand this fact and respect your body when it gives you signs to rest or slow down.

If you want your upcoming move as stress-free as possible, figure out what your physical and mental limits are, and don’t go overboard. If you’re not trained or accustomed to lift heavy objects, let the professionals do it. If you see yourself dozing off as you’re labeling your moving boxes, get some shuteye, and resume work after sleeping.

The urgency of the move or the task at hand should never force you to exhaust your mind and body. Doing this can only do more harm than good as you’ll end up hurting yourself, which can cause delays and extra expenses.

3. Don’t Skip Meals



Although it is very tempting to forget taking your meals when moving, you should never do it. Where can you find the energy and endurance to carry out several tasks required for the move if your stomach is empty? Do you think you can actually last throughout the entire move if you skip meals?



Make sure that you don’t skip any of your meals when preparing for the move. If you’re planning to pack all of your valuables during the weekend, take breaks and sit down to eat. If you want to visit your new house to clean, make sure that you’re doing it when your stomach is full.

Having a well-balanced meal is important, especially on the day of the move. Your body will be strong enough to fight germs and bacteria since moving will need you to act fast in different environments. Not to mention the mental responsibilities required when moving.

4. Don’t Forget To Have Fun



Moving requires long-term commitment because you have to work before, during, and after the proper moving day. For starters, you need to clean both the old and new home, properly pack your valuables and keep an eye on your moving boxes when you’re on the road.

Instead of focusing on how stressful the tasks are, change your mindset, and start looking for gimmicks that can make the activities fun.

For starters, you can dance to your favorite songs when cleaning, use colorful markers when labeling your moving boxes and befriend the movers to keep your move interesting. Determine what your interests are and enjoin these when moving, and you’ll be surprised how easy you can finally say goodbye to stress!

5. Think Positive



Settling to live in a new place is exciting. But the task of getting your stuff from Point A to Point B is certainly less fun. But it can always be done. Sure, you might have a lot of things on your plate once you decide to move, but as long as you know how to ward off stress and prioritize your tasks, your move will be smooth and easy.

From how to pack a box without a single casualty, to having yourself ready, these hacks will make boxing up your belongings far less stressful.

5 Life Hacks for an Easier, Faster and Stress-Free Move



Mozilla, the Firefox browser maker had formerly released a browser extension for Firefox to provide free VPN service in the US, but now the company has gone ahead to launch a stand-alone VPN app for Android.

The Firefox VPN adds to a plethora of VPN services available for both mobile and desktop; but what are some notable features that make Firefox VPN stand out in the already overcrowded VPN market?

While the Firefox Private Network service is still in closed beta, from what can be gathered from the company sources, the VPN service encrypts all network activity on Android devices. And the service uses the WireGuard protocol to secure its connections, and it is developed in partnership with Mullvad.

Unlike VPN packages from Opera, Firefox VPN is intended to serve as a paid service to avoid profiling of users, which is what's done by most other free VPN services.

What Extra Features are available with Firefox VPN Service?



Mozilla touted an extensive network of over 100 servers in more than 30 countries for the VPN service, and it is also supported on Windows 10, Android and Chromebooks with support for iOS, Mac and Linux still in the works.



The company claims the WireGuard protocol offer better encryption, with faster speed compared to other VPN services.

It should be noted that most of the other VPN services opt for traditional protocols like OpenVPN or IPsec, against Firefox Private Network use of the newer WireGuard standard, which is most likely the key advantage of the Firefox service.

How to Download the Firefox VPN App for Android?



At the moment, Firefox Private Network is an invite only service, but the Android app is now available for download. You can join the waiting list by applying from the official site, then an invite will be sent to you to download, install and turn on the Private Network.

Once you're connected, you can choose any server from the available server locations, and the subscription is currently for only $4.99/month, though Firefox calls it a "limited-time beta pricing."

Mozilla launches stand-alone Android App as part of Firefox Private Network



Google's browser, Chrome is currently leading in the world's browser user share with 67%, leaving rivals scratching for the surface, according to analytics vendor Net Applications.

The browser's dominance could be tied to Google's frequent updates, which happens every six to eight weeks, with the last upgrade on December 10, 2019. Google also publishes release notes aimed at highlighting upcoming features, additions, substitutions, enhancements and modifications to the browser.

And recently, Google patched a number of vulnerabilities with the latest Chrome release, with over $45,000 paid out in bug bounties to security researchers who are responsible for disclosing of the vulnerabilities. While Chrome updates happen in the background, users only have to relaunch the browser to complete the process.

What's coming in Future Chrome releases?



Chrome 80, which was released first week of February started the process of lock down on cookies, which Google announced earlier as a highly monumental change to the browser, by phasing out support for third-party cookies.

Google's enforcing of SameSite, will affect Web cookies distributed from third-party sources, not necessarily the site a user is surfing, but the user has to manually set and access over secure connections.

Albeit, Google emphasized SameSite's benefit as helping to prevent cross-site request forgery (CSRF) attacks, not for any privacy purpose.

Chrome 81: Support for AR & NFC features on the web



Google released a beta version of Chrome 81 last week, available for Android, Chrome OS, Linux, macOS, and Windows. While the update include new APIs which will ultimately provide web developers with means to bring a host of new capabilities and features to the Web.



And foremost, Chrome 81 brings support for augmented reality (AR) directly on the web browser, which builds upon the functionality Google has been slowly adding to Chrome over the past few months. Additionally, there is a new Hit Test API that makes it easy to place objects in real-world environment.

Secondly, Chrome 81 introduces NFC framework for the Web that will enable apps to interact with NFC tags, which is essentially beneficial for providing information about museum exhibits, inventory management, and providing information in a conference badge, among others.

The current version, Chrome 80, already issue warning about obsolete TLS (Transport Layer Security) 1.0 via a "Not Secure" alert in the address bar and pop-up with more information. Starting with Chrome 81, Google will add a full-page interstitial warning that interrupts attempt to reach the destination site.

Finally, Chrome 81 will by default no longer support FTP - File Transfer Protocol (FTP) is an old protocol used to transfer files over an unencrypted connection. However, users can choose to re-enable FTP support by enabling the FtpProtocol feature via the --enable-features=FtpProtocol flag or using the --enable-ftp command line flag.

Chrome Updates: What new Features are Expected in future Chrome releases?



OpenSSH is an open-source implementation of the Secure Shell (SSH) Protocol, comprising a suite of tools that provide secure and encrypted remote operation, key management and server service.

The popular open-source secure shell tool latest release, OpenSSH 8.2 includes key changes to further secure the remote login channel from advanced cyber-attacks. It adds support for FIDO/U2F hardware authenticator, and has deprecated SSH-RSA public key signature algorithm, with planned move to disable it by default in future releases.

OpenSSH support for FIDO devices is possible by new public key types' ecdsa-sk' and 'ed25519-sk', along with the corresponding certificate types, according to the OpenSSH 8.2 release note.

Why the support for FIDO Universal 2nd Factor authentication?



FIDO U2F is an open authentication standard which enables users to securely access online services using a single security key, without the need for drivers or client software. And FIDO2 is the latest generation of the U2F protocol, necessitated as a result of advanced security threats growing in complexity as hackers are now able to easily break the encryption systems.

It uses tokens which are mostly connected via USB, but could also be attached via Bluetooth or NFC. For OpenSSH, communication with the token is via a middleware library like Yubico's libfido2 which is capable of sharing with any standard USB HID U2F or FIDO2 token.

The hardware security key adds extra layer of authentication to an account on top of the regular password, allowing users to quickly log into their accounts more securely by simply pressing a button after inserting the USB security key.

Deprecation of SSH-RSA public key Signature Algorithm



Initially, OpenSSH uses the SSH-RSA public key Signature Algorithm for generating the public key signature for end-to-end encryption, however given that the SHA-1 algorithm is susceptible to advanced cyber attack, OpenSSH has gone ahead to deprecate the “ssh-rsa” public key algorithm.

For instance, the infamous Spectre and Meltdown, leveraged the OpenSSH application installed on PC, whereby an attacker-owned process exploits memory read vulnerabilities to steal secret SSH private keys from the restricted memory of the system.

Starting with OpenSSH 8.2, it uses alternate methods such as RSA SHA-2 and ssh-ed25519 signature algorithm for better enhanced security, coupled with hardware security key support which enables two-factor authentication for secure connection with a remote device.

OpenSSH Deprecates SHA-1 algorithm, adds FIDO/U2F Hardware Authenticator Support



Before now, the dominant notion is that Apple platforms, including macOS are more secure than Windows, but that is no longer the reality according to a report by the cyber-security outfit, Malwarebytes.

Malwarebytes' state of malware report covered a relative plateau in the overall volume of threat detection in 2019, with the telemetry showing a clear trend towards industrialization. While the global Windows malware detection for business endpoints increased by 13 percent, attack techniques split threat categories neatly between those targeting consumers and the ones affecting enterprise networks.

The report shows that Apple hasn't really succeed in cracking down adware to the same degree with malware, which has resulted an increase in the targeting of macOS instead of Windows PCs by cyber-criminals.

And the Trojans, Emotet and TrickBot made a return in 2019 as botnets to terrorize organizations alongside new ransomware categories, such as Sodinokibi, Ryuk, and Phobos, with registry key disablers making a splashy debut in top detection, reflecting the greater sophistication by today’s enterprise-focused attackers.

How the State of Malware report was Compiled?



Malwarebytes' State of Malware report comprises data sets collected from telemetry, honey pots, and research conducted by the threat analysis team, which reports ranges from January 1 through December 31, 2019.

And the data from the previous year is used to demonstrate the year-over-year change, while the telemetry is derived from Malwarebytes' customers, both consumer and enterprise, exclusively real-time detection from active, and premium accounts.

This methodology reduces outliner data that may skew the trends. For instance, if a user is installing Malwarebytes for the first time may have thousands of detection from existing infections that are not actively exploited during the timeframe of the study.

The Main Takeaways of the Report



The threat sophistication in 2019 increased with many exploits using credential-stealing tools, and multi-stage attacks involving mass malware infections target.

While there’s also an increase over the last two years in move to organizations over consumers, with overall consumer threat detection down by 2 per cent from 2018, but enterprise detection increased by 13 per cent in 2019.

And the effect is a significant rise in the overall prevalence of Mac threats in 2019, with over 400 per cent increase from 2018. Albeit, another reason for the increase can be attributed to increase in Malwarebytes' Mac userbase.

However, Malwarebytes examined the threats per endpoints to see how that increase reflects the reality of Mac threat landscape, and the result is an average of 11 threats per Mac endpoint, which is nearly double the average of 5.8 threats per endpoint on Windows.

Malwarebytes scores Apple's macOS low on Security against Adware Attacks



GameSnacks are HTML5-based browser games designed for quick loading and capable of running on low-end smartphones with slow connections, developed by Area 120.

While Area 120 is a workshop within Google that help to rapidly build new products in an entrepreneurial environment. It is a hub where Googlers spend 100% of their time on 20% of projects. GameSnacks is part of Area 120, Google’s lab experimental projects, to make HTML5 games accessible for low-end phones on slow networks around the world.

Unfortunately, many web-based games don’t load quickly on low memory devices, such as 2G or 3G network devices that millions of people rely on today. GameSnacks seeks to solve this problem with games that are fast, easy to play, and available on any device that can connect to the internet.

How GameSnacks HTML5 Games are easy to play and fast loading?



Typically, web-based game loads slowly on a 1 GB RAM phone on a 3G network, which is what millions of people around the world are currently using as main mobile device.

GameSnacks HTML5 Games load within a few seconds in any slow network conditions, even on networks slower than 1 Mbps. For instance, a popular GameSnacks game called Tower, is ready to play on 1 GB RAM device connected to 3G quickly. The Area 120 team achieved the fast performance by reducing the size of the initially-loaded HTML page, by compressing additional assets such as images, scripts, and sounds, and loading them only when necessary.



GameSnacks games will soon arrive into the Gojek ecosystem through GoGames, which is a leading mobile technology platform in Southeast Asia that is focused on removing life’s daily frictions.

Earlier Application of HTML5 Games Development



The earliest application of HTML5 Games is perhaps that of Wooga, a German company that specialized in Social Games, with Wooga's Pocket Island launched in 2012; which project aimed to push HTML5 Games into new territory and create the worlds biggest game ever.

But the project inadvertently hit the rock. What would have translated as the most advanced game title for the emerging web development standard, HTML5, was not to be or better, was set for the future.

The company labeled the project "failed" and subsequently tagged the emerging web standard, HTML5, not ready for serious game development.

But that has all changed, as the emerging standard, HTML5 is super-ready now for mobile game development. Besides mobile, GameSnacks games also work on both touch PC’s mouse and keyboard; and you don’t need any set of instructions to play the games.

GameSnacks: Web-based HTML5 Games for Low End Phones by Area 120



Mozilla has released Firefox 73, as a first point to its scheduled four weeks browser refresh, which it announced in September, against the original six-week span.

The browser's faster release span may mean the distinct possibility that each upgrade will now boast of fewer new features, which Firefox 73 is a proof, with only a few highlighted changes. Among the notable addition is a new default setting for page zooming, with about six vulnerabilities patched, half of which is labeled as "High" - the second-most-severe threat rating by Mozilla.

Mozilla, however touted the addition of "readability backplate" designed to collaborate with Windows' high contrast mode. The new setting replaces the original colors of a website's text and background, with high contrast for easier reading by people with vision problem.

Starting with Firefox 73, the readability backplate will now place a block of background color between the text and background image, so that websites in High Contrast Mode are more readable without the disabling of background images.

How to Change Default Setting for Page Zooming



There is a new global user-set default for the page zoom, instead of zooming by each site individually, it can now be set as default level higher or lower than 100% baseline.



If you want to change the default zoom (100%), you must open Preferences on macOS or Options on Windows PC, then from the "General" tab find "Language and Appearance" and then select the desired default zoom from the box.

What the “Readability Backplate” Solution is all about?



For users with low vision, who rely on Windows' High Contrast Mode to make sites more readable, formerly to increase readability of text, Firefox disables background images with High Contrast Mode enabled.

But starting with Firefox 73, the “readability backplate” solution places a block of background color between the text and background image, so that websites in High Contrast Mode are more readable without disabling the background images.

Firefox 73 is now available for download on Windows, macOS and Linux from Mozilla's official site. Firefox updates, however happens in the background for those that have it already installed, so users would only need to relaunch the browser to get the new version.

If the automatic update fails, you can manually update for Windows PCs, by pulling up the menu under the three horizontal bars at the upper right, and click the question mark within a circle, then choose About Firefox. While users on macOS, the "About Firefox" is under the "Firefox" menu. The page will show if the browser is up to date or start the refresh process.

Firefox 73 introduces "Readability Backplate" to aid People with Vision Problem



Google has a growing portfolio of operating systems under development, ranging from the popular to the less known, and otherwise redundant projects like Fuchsia OS. But it appears Google may also be working on yet another operating system, “Pigweed” as spotted on a new US trademark application.

The company recently applied for "Pigweed" trademark registration to cover “computer operating software” category, first spotted by Redditor lgats, on the USPTO website.

Albeit, Pigweed was also spotted in the Chromium code repository and a proposed code change for Fuchsia OS. While the FCC and trademark sleuth, has Google filing for a new trademark application with the USPTO for the name “Pigweed” which application states that the Pigweed trademark will cover computer operating software.

What's the meaning of the name "Pigweed"?



Pigweed is a specie of Amaranthus, a cosmopolitan genus of short-lived perennial plants, with some species cultivated as vegetables, and ornamental plants.

The name may have come about from its use as fodder for pigs, as Pigweed plants are commonly considered weeds by farmers and gardeners because they thrive more in disturbed soils.

What's the Chance for A Google Pigweed OS?



There is a likelihood that Pigweed and Fuchsia are perhaps the same or at least, related as seen in Google’s Chromium code repository, with the reference to Pigweed. It is present in the code of “Monorail” which is the issue tracker for Chrome and some other Google projects.



Though, this reference could be a co-incidence by the proposed change made by the developers. The proposed code change made direct reference to “pigweed” before the switch to “fuchsia” from November.

It isn't clear enough, however, to make any conclusive statement that Pigweed and Fuchsia are the same project. The developers that proposed the name change are in multiple other Google projects and it may simply be a co-incidence, albeit perhaps the developers are aware of what Pigweed is, nonetheless.

Google Pigweed: New Operating System Or Another Name for Fuchsia OS?



Google Maps launched in 2005, as a web mapping service that offers satellite imagery, aerial and street views, including 360° interactive panoramic views of streets, and real-time traffic conditions, among others.

The company last week marked the Maps platform’s 15th birthday with a new look and bevy of new features, and for the Google Maps app, a whole new icon. Along with the new look, Google Maps has also removed the hamburger menu, with the app getting two more tabs at the bottom, making a total of five.

But most notable of the new features is the Transit data which has added live arrival times and crowd predictions, and offer new aspects of traveling via public transit. And transit riders are now able to see temperature in advance so that they can plan whether to dress cool or bundle up.

There is also a new accessibility information to allow riders know which bus or train lines offer easy entrances and whether there are help attendants for disabled passengers.

What's the functions of each tabs on Google Maps app?



The new changes to Maps UI, include the various pages organized into five tabs at the bottom of the screen; the functions are as follows:

  • Explore: The Explore tab offers recommendations and reviews of nearby restaurants, activities, and attractions.
  • Commute: Offers directions for various location, the travel time estimates, traffic data, and other related information.
  • Saved: A list of saved locations that is customisable for quick access and organized by category and shareable.
  • Contribute: Here, you can submit photos, reviews, and other suggestions for business places on Google Maps.
  • Updates: Feed for recent reviews and updates for places you've visited, trending locations, and recommendations from Local Guides.


New Transit Data: Live view Assistance and Attributes



These are helpful updates for you to get around more easily and effectively, with the Live View mode, which offers real-time AR help when walking to a place. It will show you the exact distance of your destination and the easiest direction.

When traveling by public transportation, Google Maps will display important information about the facilities along your route, including available vehicles and transport system. While Google Maps shows how crowded your route is, with the new update, you can now give information or find about other “transit attributes” like current temperature in train or bus, and whether there are disability-accessible entries.

Additionally, it allows you to get such information as security personal and other safety measures on-board the public transportation, with some regions listing designated places for women, if available and how many train carriages are available on the route.

Google Maps update brings Improved Transit Data close to real-life experience



Chrome 80, released last week begins the process of lock down on Web cookies, which Google announced earlier as a highly monumental change to the browser, by phasing out support for third-party cookies.

The Internet giant also patched a number of vulnerabilities with the latest Chrome release, haven paid out over $45,000 in bug bounties to security researchers responsible for the disclosing of the vulnerabilities. While Chrome updates in the background, users only have to relaunch the browser to complete the upgrade.

And if the automatic update fails, you can manually update the browser by navigating to "About Google Chrome" menu under the vertical ellipsis from the upper right; which tab will display whether the browser is up to date or the download process presented before a "Relaunch" button.

Chrome 80 marks the first step in Google's lock down on Web cookies



SameSite prevent browsers from sending Web cookies along with cross-site requests, which serves as protection against cross-site request attacks and mitigate the risk of cross-origin data leakage.



While cookies are one of several ways of adding persistent tracking to web sites, which capabilities have evolved over the years, albeit with some legacy issues. The major browsers (Chrome, Firefox, and Edge) in a move to remedy this issue, are changing the browser behavior to privacy-preserving defaults.

Enforcement of the new classification system for web cookie in Chrome 80 will begin on February 17, which is the opening switch-on-SameSite salvo, with a small section of Chrome users, and gradually increased over time. Google will be rolling out new capabilities and changes in stages, allowing to verify if things are working as planned before extending to all users.

Other Changes & new Features in Chrome 80



Chrome 80 introduces an alarm bell icon with a strike-through at the right edge of the address bar, which feature is perhaps the first time Chrome will present quiet UI, an build-in browser dialog.

The so-called quieter notifications promised by Google awhile ago arrived with chrome 80. It's engaged manually by navigating to Settings > Advanced > Privacy and security > Site Settings > Notifications. And toggling the "Use quieter messaging (blocks notification prompts from interrupting you)" switch on the pop-up blocker.

Google has also promised to automatically silence some sites by enabling the quieter UI for some Chrome users, who have "repeatedly deny" the notification requests to auto-enroll.

Finally, Chrome 80 brings added enterprise-centric features as Google continued its move to enhance the browser's in-business capabilities, even more so as Microsoft is strongly pitching the Chromium-based Edge as preferred alternative to Enterprises.

SameSite Enforcement as first step to Cookies lockdown begins with Chrome 80



The Open Bug Bounty Project started in 2014 as a non-profit program to connect security researchers and website owners in a more transparent, and mutually rewarding way, with the aim of making the Web a safer place for everyone.

The program has so far attracted over 10,000 researchers, with 498,505 coordinated disclosures, 272,564 fixed vulnerabilities and 681 bug bounties from 1,374 websites. In fact, the success story is perhaps as a reinventing of "next-generation penetration testing" or similar services for betterment of all.

But still there is uncertainty in the future of commercial bug bounty platforms, despite that the not-for-profit Open Bug Bounty project has reported impressive growth and traction.

The Open Bug Bounty Project History



The project started in June 2014 by a group of independent security researchers, as a non-profit platform, and there is no financial or commercial interest in the project.

Before now, the founding researchers pay the hosting expenses and development costs from their pocket, and have spend several nights verifying all new submissions. But today, Open Bug Bounty is hosting about 680 bug bounties, which offers monetary or non-monetary remuneration for the security researchers from over 50 countries.

Such companies as Acronis, Telekom Austria, or United Domains are running their bug bounties at Open Bug Bounty. And the coordinated vulnerability disclosure platform allows anyone to report a vulnerability as long as the vulnerability was not known through intrusive testing techniques and submitted with responsible disclosure guidelines.

What constitutes Safe and Non-Intrusive Testing?



Open Bug Bounty only accept Cross-Site Scripting, CSRF (Cross-site request forgery) and vulnerabilities that feature among the most commonly reported web application vulnerabilities today.



Initially, they accepted submissions of XSS, Improper Access Control, and other security issues on any site condition to strictly non-intrusive testing, with coordinated disclosure and respect of their code of conduct: When reporting GDPR PII exposure, they do not store the PII but the blurred screenshot after verifying the vulnerability.

The process of testing the vulnerabilities is harmless and cannot lead to damage for the website, database, server or related infrastructure.

Open Bug Bounty prohibits reporting of vulnerabilities that were detected by vulnerability scanners and other automated tools that can impact on website performance or cause other issues. And they do not accept any vulnerabilities that can, or intended to harm a website, its data or related infrastructure.

The Bounties and Rewards



Website owners can express gratitude to a researcher for reporting vulnerability in a most responsible way by proper and proportional reward system to the researcher's efforts.

Open Bug Bounty encourage website owners to at least say a “thank you” to the researcher or write brief recommendation in the researcher’s profile. But there is, however, absolutely no obligation or duty by site owners to express a gratitude in any way.

The project promotes positive, constructive and mutually respectful communications between website owners and security researchers. And the researchers on the platform get various honorary badges for quality of their submissions and the number of websites they helped to secure.

Open Bug Bounty Project: The Rise of Open & Coordinated Vulnerability disclosure



College life allow students to fit into a part-time job along with their school and social schedules. Whether a student wants to make some extra cash or add some skills and experience to his/her resume, part-time employment is the answer. Part-time jobs for college students, however, are in high demand due to shortage of workforce, and necessary because of high cost of college life.

If a part-time job sounds like something you might want to try, consider the list below from the best Us Essay Writers of the top 10 part-time jobs for college students.

1. Tutor



A college student who works as a part-time tutor can earn anywhere between $15 and $35 per hour. This job involves helping students with their homework to help them advance in certain areas of study. It can also involve reviewing and discussing assignments to help students understand and succeed academically.

2. IT Support



A college student with the requisite skills and knowledge can also work as an IT support specialist and make between $15 and $30 per hour. This job will need him/her to give technical support for businesses, as well as their customers and/or employees, to help them solve computer hardware and software problems.

3. Paid Internship



College students lucky enough to land a paid internship find themselves is a very promising place. In addition to earning extra money and/or college credits, they also get to gain valuable work experience in their field of study. Most of them also end up getting permanent employment after graduation, saving them from the hustle and stress that come with job hunting.

4. Restaurant Host



As a restaurant host, a college student can make between $8 and $20 per hour. This job will mainly involve greeting guests and sitting them at a table. It can also involve helping servers manage their heavy workloads. The best thing about this type of part-time job is that you can get great tips.

5. Driver



Working as a part-time driver, a student can earn anywhere between $10 and $30 per hour. This might involve working as a personal driver and transporting people from one place to another, or working as a delivery driver and transporting packages safely to their destination.

6. Barista



A college student can make about $11 per hour plus tips working as a part-time barista. Most college students' diet often consists of a large measure of caffeine. It is no surprise, therefore, that college towns often have many coffee shops. This is perfect because students working as part-time barista can squeeze in a couple of hours before class.

7. Bookkeeper



Businesses of all sizes often need help keeping their figures and facts in order, which is where part-time bookkeepers come in handy. Doing this job on a part-time basis, a student can earn up to $20 per hour, and it mostly involves using bookkeeping software and spreadsheets to record, update, and check financial transactions and records.

8. Cashier



This job involves scanning and bagging, in addition to handling cash transactions. A college student can make up to $11 per hour working on a part-time basis.

9. Nursing Assistant



This is a good job for students hoping to work in the healthcare field after graduation. The job usually involves reporting to the registered nurses and helping in tasks such as feeding patients, transporting them, and cleaning them.

10. Freelance Writer



This is a perfect job for students who enjoy writing. Depending on their writing skills and experience, they can make up to $30 per hour writing articles about topics such as health and fitness, finance, sports, fashion, and more for various websites, magazines, and other types of publications.

In addition to looking for the best classes to attend, college students invest almost the same amount of effort looking for part-time employment to help them pay for their college expenses. However, this is not the only reason they look for such jobs. According to a CNBC report, college students who also have a part-time job tend to get better grades. In addition, they are more likely to find a good job after graduating, or even a few months before graduating.

10 Great Part-Time Jobs for College Students to Earn Income



Microsoft released the stable version of Chromium-based Edge browser on January 15, 2020 as part of Windows 10 update, but after 21 days since launch, there isn't any sign that the new browser is drawing hordes of users.

According to Net Applications, Microsoft's browser share - the combination of Edge and IE, suffered a fall by six-tenths of a percentage point to end at 13.6%. While IE alone dropped by almost nine-tenths of a point, the largest one-month decline by IE since September 2019.

Microsoft Edge's increase of three-tenths of a percentage point, however nullified some of the older browser's losses, as Microsoft's newer browser posted a larger share than the aged IE, for the first time.

Microsoft Edge (not Chromium based) surpasses Internet Explorer (IE)



For about four and a half years after launch, Microsoft Edge (not the Chromium based) has surpassed Internet Explorer (IE), with IE recording a user share of 6.6%, while Edge posted 7% according to data published by analytics company Net Applications.

As the first time since Microsoft Edge's début in mid-2015, the original Edge browser has surpassed IE. Albeit, Microsoft relaunched Edge based on Chromium on January 15, with Windows 10 updates as functionally mandatory, except for those users in a managed enterprise network, all Windows 10 PC automatically downloaded the update.

But there has been far fewer demands for the Chromium-based Edge on Windows 10, or other Windows platforms, including Windows 7 and 8.1, or even macOS.

Other Browsers Share as at January, 2020



Mozilla's browser, Firefox lost two-tenths of a percentage point of user share, thereby sliding to 8.1%, which is the lowest mark since August 2016 for the browser.

The last month loss was the eighth straight that Firefox's user share ended lower than 9 percentage points, as Firefox has had a four-month slump in the summer of 2016, but bounced back to 13% before it again started a decline.

Google Chrome added three-tenths of a point to its user share to end the month at 66.9%, which also was the same number Chrome hit in February 2019. Without any much turbulence in Chrome's share, there's no chance that Chrome will lose its top-of-the-heap spot, any time soon.

The only practical threat to Chrome, however is Chromium Edge, with Microsoft's attempt to woo enterprise users and supplant the current leader with the so-called edge-baits, Firefox has proven too weak to pose any threat.

21 Days after release: Chromium-based Edge isn't drawing hordes of new users



OpenSMTPD, an open-source implementation for the server-side SMTP protocol, initially developed as part of OpenBSD project but now pre-installed on several UNIX-based systems, reportedly have a critical vulnerability.

The vulnerability marked (CVE-2020-7247) as disclosed by Qualys Research Labs, resides in the function of OpenSMTPD's sender address validation, called smtp_mailaddr(), which is exploitable to execute arbitrary shell commands with elevated root-privileges on a vulnerable server just by simply sending specially crafted SMTP messages.

It affects OpenBSD version 6.6 with the default configuration for the locally enabled interface, and remotely, when the daemon is enabled to listen on interfaces and accepts external mail.

Details of the OpenBSD OpenSMTPD Remote Code Execution Vulnerability



The vulnerability resides in OpenBSD’s mail server OpenSMTPD’s “smtp_mailaddr()” function, affecting OpenBSD version 6.6. and allows an attacker to execute arbitrary shell commands as root user.



While there are some limitations in the exploitation of the vulnerability in terms of local part length (maximum of 64 characters) and characters (“$”, “|”) to be escaped, the security researchers overcome these limitations using a technique from the Morris Worm by executing the body of the mail as a shell script in Sendmail.

Qualys had responsibly reported the flaw to OpenSMTPD developers; for more technical details on this vulnerability, see the security advisory page.

OpenSMTPD version 6.6.2p1 released to Fix the Critical Bug



OpenSMTPD developers has released OpenSMTPD version 6.6.2p1 with a patch for the Remote Code Execution Vulnerability, and also pushed out the update for all OpenBSD users.

IT and Sysadmins running servers with a vulnerable version of the OpenBSD software are advised to update to the new release, OpenSMTPD version 6.6.2p1 to apply the patch. Also, all OpenBSD vulnerabilities in your environment can be tracked with the OpenBSD Vulnerabilities Dashboard that leverages data in Qualys Vulnerability Management subscription.

All patches for the OpenBSD base system are distributed as unified diffs, with each patch cryptographically signed with the signify(1) tool and contains usage instructions. And the patches for supported releases are incorporated into the -stable branch, which is maintained for one year after release.

Update for the Critical Bug that opens Linux and OpenBSD Mail Servers to Hackers