The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday October 4, 2017

Ubuntu is dropping the 32-bit ISO.

If you were hoping to download Ubuntu 17.10 32-bit come its release next month we’ve some bad news to give you.

Ubuntu is dropping 32-bit builds of Ubuntu desktop entirely as of Ubuntu 17.10

Canonical’s Dimitri John Ledkov has asked the Ubuntu release team to “action” a proposal he put forth earlier in the development cycle, in which he argued that i386 builds of Ubuntu desktop (aka 32-bit builds) should no longer be produced.

No changes are being made to other builds of Ubuntu 17.10, such as minimal install ISOs or the net install option, and this news does not mean Ubuntu won’t run on 32-bit, simply that you won’t be able to download a pre-made desktop ISO image for it.

The 32-bit Ubuntu archive is not going anywhere either. If you’re currently running a 32-bit version of Ubuntu you can continue to upgrade to new releases as normal.

This change also does not affect Ubuntu flavours such as Xubuntu, Ubuntu MATE Ubuntu Budgie, et al — they’ll be free to make their own decisions about what they support.

And there’s always Ubuntu 16.04 LTS, which is supported until 2021 and readily available as a 32-bit image.

Source: www.omgubuntu.co.uk

Sent to us by: Robbie Ferguson

Unfortunately, some people still use Internet Explorer... and yet another serious exploit has been found.

There's a bug in the most current version of Internet Explorer that leaks the addresses, search terms, or any other text typed into the address bar.

The bug allows any currently visited website to view any text entered into the address bar as soon as the user hits enter. The technique can expose sensitive information a user didn't intend to be viewed by remote websites, including the Web address the user is about to visit. The hack can also expose search queries, since IE allows them to be typed into the address bar and then retrieved from Bing or other search services.

his weakness may allow malicious sites to view information the user presumed was private. People should strongly consider using Google Chrome, Mozilla Firefox, or another non-IE browser.

Source: arstechnica.com

Sent to us by: Roy W. Nash

Dyson plans to release a "radical" electric car in 2020.

Dyson, the engineering company best known for its vacuum cleaners and fans, plans to spend £2bn developing a "radical" electric car.

The battery-powered vehicle is due to be launched in 2020.

Dyson says 400 staff have been working on the secret project for the past two years at its headquarters in Wiltshire.

However, the car does not yet exist, with no prototype built, and a factory site is yet to be chosen.

Sir James declined to give further details of the project, with the only leaked information being an internal email where he simply states, "Competition for new technology in the automotive industry is fierce and we must do everything we can to keep the specifics of our vehicle confidential."

Source: www.bbc.com

Sent to us by: Roy W. Nash

Equifax doesn't seem to have a grasp on security.

In failing to correctly patch a known vulnerability and exposing the personal data of potentially 143 million Americans to hackers, Equifax made a security blunder of epic proportions — however, it appears the company is just getting started.

Leaving its digital doors wide open to criminals apparently wasn't enough for the credit reporting agency, as it's now sending hack victims directly into the open arms of unknown internet pranksters.

Yes, Equifax is directing those concerned about the data breach and its repercussions to a fake website set up to troll the company itself. That's right, the official Equifax Twitter account is pointing people to what looks to be a fake site (aka a phishing site).

Equifax created a very real site — https://www.equifaxsecurity2017.com — where people can enter their last name along with the last six digits of their social security number to see if they were affected by the hack.

Unsurprisingly, someone cloned that site and hosted that copy at a very similar URL: https://securityequifax2017.com. The two sites, one real and one fake, look the same to the casual observer. In fact, they are so easily confused that Equifax itself apparently can't tell the difference.

Thankfully, the maker of the spoofed site seems more interested in calling out Equifax for their incompetence than stealing the personal information of unsuspecting victims.

The header of the fake site reads, "Cybersecurity Incident & Important Consumer Information Which is Totally Fake, Why Did Equifax Use A Domain That's So Easily Impersonated By Phishing Sites?"

The spoof site goes on saying, "Equifax should have hosted this on equifax.com with a reputable [EV] SSL Certificate. Instead they chose an easily impersonated domain and used a jelly-bean SSL cert that any script kiddie can impersonate in 20 minutes."

It's not clear if the site captures the data entered by a tricked consumer, or if it discards it. There is no real contact information on the page, and many of the links take you to a YouTube video for Rick Astley's "Never Gonna Give You Up"

Source: mashable.com

Sent to us by: Jeff Weston