Slashdot reader KiloByte warned us about new exploit for .MSI files named "bad taste". Neowin reports: A now-patched vulnerability in the "GNOME Files" file manager was recently discovered which allowed hackers to create dodgy MSI files which would run malicious VBScript code on Linux... Once Nils Dagsson Moskopp discovered the bug, he reported it to the Debian Project which fixed it very rapidly. The GNOME Project also patched the gnome-exe-thumbnailer file which is responsible for parsing MSI and EXE files inside the GNOME Files app... If you run a Linux distribution with the GNOME desktop it's advisable to run the update manager and check for updates as soon as possible before you become affected by this critical vulnerability.

Read more of this story at Slashdot.

Long-time Slashdot reader yzf750 shares sad news about the facility where NASA conducted the Apollo moon landing in 1969: Mission Control at Johnson Space Center is a wreck and this Kickstarter project is trying to save it. The nearby city of Webster, Texas has promised to match Kickstarter funding up to $400,000. The goal is to raise $250,000 to add to the $3.5 million already budgeted by the city of Webster to restore Mission Control. Contributors on Kickstarter can receive rewards including models of the Apollo 11 command module, lunch with Apollo flight controllers, VIP tours, or a free download of the documentary Mission Control: the Unsung Heroes of Apollo. The Kickstarter campaign was launched by Space Center Houston, which is also contributing $5 million to preserve what's been called a "cathedral of engineering." In December the Houston Chronicle noted that though Mission Control is listed in America's National Register of Historic Places, "plans to restore it have been discussed for more than 20 years. But its restoration and preservation remain in limbo, with no set date for work to begin."

Read more of this story at Slashdot.

Protesters aged 17 and 18 die of their wounds from separate incidents in the occupied West Bank.

grab all the details from your Amazon wishlist

Inline display of plotly charts in Jupyter notebooks using L kernel

Tehran calls for release of Iranians imprisoned in the US as it criticises White House demands to free US citizens.

Tehran starts manufacturing missiles that can target fighter jets, drones, cruise missiles and helicopters.

At least 16 women, including a 16-year-old German girl who ran away from home, face terrorism charges in Iraq.

An anonymous reader quotes CNN's report on a new project from Pulitzer Prize-winning librettist Mark Campbell: "The (R)evolution of Steve Jobs" is set to open on Saturday night at the Santa Fe Opera, home to the largest summer-opera festival in U.S. The high-tech production, which runs until August 26, jumps in and out of key moments in the Apple founder's life, from early product-development days alongside Steve Wozniak and the launch of the original iPhone, to his wedding day with Laurene Powell Jobs... The opera features an electronic score, developed by Mason Bates, that incorporates sounds from the products Jobs created, including the audio synonymous with turning on an early Macintosh computer. The libretto, or operatic script, doesn't call out words like Apple or iPhone due to copyright issues; instead, it uses descriptors like "one device" to reference the smartphone. "Only one device, does it all," the libretto reads. "In one hand, all your need. One device. Communication, entertainment, illumination, connection, interaction, navigation, inspiration..." One scene in the high-tech production shows Jobs standing in his family's garage on his 10th birthday. When his father gives him a workbench, the walls around them light up into video screens...

Read more of this story at Slashdot.

The new server locked up again. I rebooted it with the same apps running, but now I'm thinking I have to split it in two. I also have in mind some software that will make that easier. Always factoring. Also might give me a chance to try out the new cname trick we learned. ⏰

100 million HTTPS certificates were issued in the last year by Let's Encrypt -- a free certificate authority founded by Mozilla, Cisco and the Electronic Frontier Foundation -- and they're now issuing more than 100,000 HTTPS certificates every day. Should they be performing more vetting? msm1267 shared this article from Kaspersky Lab's ThreatPost blog: [S]ome critics are sounding alarm bells and warning that Let's Encrypt might be guilty of going too far, too fast, and delivering too much of a good thing without the right checks and balances in place. The primary concern has been that while the growth of SSL/TLS encryption is a positive trend, it also offers criminals an easy way to facilitate website spoofing, server impersonation, man-in-the-middle attacks, and a way to sneak malware through company firewalls... Critics do not contend Let's Encrypt is responsible for these types of abuses. Rather, because it is the 800-pound gorilla when it comes to issuing basic domain validation certificates, critics believe Let's Encrypt could do a better job vetting applicants to weed out bad actors... "I think there should be some type of vetting process. That would make it more difficult for malicious actors to get them," said Justin Jett, director of audit and compliance at Plixer, a network traffic analytics firm... Josh Aas, executive director of the Internet Security Research Group, the organization that oversees Let's Encrypt, points out that its role is not to police the internet, rather its mission is to make communications secure. He added that, unlike commercial certificate authorities, it keeps a searchable public database of every single domain it issues. "When people get surprised at the number of PayPal phishing sites and get worked up about it, the reason they know about it is because we allow anyone to search our records," he said. Many other certificate authorities keep their databases of issued certificates private, citing competitive reasons and that customers don't want to broadcast the names of their servers... The reason people treat us like a punching bag is that we are big and we are transparent. " The criticism intensified after Let's Encrypt announced they'd soon offer wildcard certificates for subdomains. But the article also cites security researcher Scott Helme, who "argued if encryption is to be available to all then that includes the small percent of bad actors. 'I don't think it's for Signal, or Let's Encrypt, to decide who should have access to encryption."

Read more of this story at Slashdot.

Pay attention to this. Something we might not want to let a president do.

get one or more sequences from a FASTA file quickly.

Perl extension to produce SVG diagrams of traffic lights.

get one or more sequences from a FASTA file quickly.