menu

Category: News

News is a core category, featuring (among other topics) journalistic articles, announcements about new software, discussions of new security incidents, and descriptions of new developments in the world of technology. Posts in this category are exclusively about new or upcoming topics.

Posted on by Arnon Erba in News

Update 4/29/19: The bug affecting printing in Google Calendar appears to be fixed.

Trying to print your Google Calendar but keep getting a broken print preview window? Try enabling the “Show weekends” option under the Day/Week/Month/Year dropdown menu. If you don’t, you may be unable to print your calendar from any view.

It looks like this is a server-side issue, since a 500 error is logged to the browser console when the print preview window fails to load. Hopefully, Google will release a fix for Calendar in the near future, as the issue has already been reported on the Calendar forums:

Posted on by Arnon Erba in News

This morning, Apple released iOS 12.1.4, an incremental update that fixes several security issues including the Group FaceTime eavesdropping bug from last month. The Group FaceTime service has also been re-enabled for devices running iOS 12.1.4 or higher.

The eavesdropping bug, discovered accidentally in January by a 14-year-old from Arizona, caused certain Group FaceTime calls to automatically connect even if the recipient did not answer the call. This flaw allowed macOS or iOS users to be eavesdropped on by any malicious FaceTime user. The bug was disclosed privately to Apple by the teen and his mother at least a week before it went public, but it appears that Apple did not clearly or immediately respond to the bug reports they filed.

Shortly after the bug went viral on January 28th, Apple took the Group FaceTime service offline as a temporary fix before a patch could be released. On February 1st, with Group FaceTime still offline, Apple announced that the bug had been fixed server-side and that a client-side software update to fully resolve the issue would be available the week of February 4th.

Read More

Posted on by Arnon Erba in News

On Monday, CentOS 7.6 (1810) became generally available for download. CentOS 7.6 follows the October release of Red Hat Enterprise Linux 7.6, as CentOS is the open source community-supported rebuild of Red Hat Enterprise Linux (RHEL).

A list of changes, deprecated features, and known issues can be found in the release notes for 7.6. Notably, the golang package is no longer included in the default CentOS repositories, and instead must be installed from the EPEL testing repository as discussed in the release notes.

You can trigger an upgrade to CentOS 7.6 in one step by running:

yum clean all && yum update

The upgrade requires a reboot to load the new kernel version. After upgrading, you can check your new distribution and kernel versions by running cat /etc/system-release and uname -r, respectively.

Posted on by Arnon Erba in News

This September, iOS 12 brought software optimizations to a wide range of Apple devices, but one seemingly minor change to the iPad keyboard has confused users and prompted a slew of complaints. For no clear reason, Apple reversed the layout of the “.?123” and emoji keys in the bottom left of the keyboard, throwing off users who expected to find their punctuation and number keys in the usual location.

Notably, iOS 12.0.1 brings a fix for some charging and Wi-Fi issues that iPhone XS users have experienced, but it also restores the iPad keyboard to its pre-iOS 12 layout. This should be a welcome change for users who are accustomed to touch-typing on their iPad keyboards.

iOS 12.0.1 is immediately available for download on all supported devices.

Posted on by Arnon Erba in News

In a blog post last week, Microsoft announced an interesting new feature for Windows 7 business users. With Windows 7 reaching end-of-life on January 14, 2020, many companies have already migrated to Windows 10, but it’s likely that not everyone is going to meet the 2020 deadline. With this in mind, Microsoft is going to provide a new paid service called “Windows 7 Extended Security Updates” to help ease the last few business customers onto Windows 10.

Only For Businesses, Not Home Users

Windows 7 Extended Security Updates (ESU) will be available exclusively for Volume Licensing customers, which means only the Professional and Enterprise flavors of Windows 7 will be supported. However, that didn’t stop Gordon Kelly from Forbes from writing a confusing article about the new feature. Instead, in his post titled “Microsoft ‘Confirms’ Windows 7 New Monthly Charge”, Kelly insinuates that Microsoft is about to start charging individual Windows 7 users a monthly fee as a penalty for not upgrading to Windows 10.

That isn’t the case at all. In fact, home users will not be able to pay for Extended Security Updates even if they want to since the feature is only available for Volume Licensing customers. In reality, this feature is specifically targeted at enterprises with specialized requirements that need assistance or just a bit more time to migrate their critical systems off of Windows 7. Extended Security Updates does not impose any additional penalties over the already well-established end-of-life date for the aging OS.

A Smoother Transition

The enterprise world works very differently than the usual home/small office Windows environment. There are a lot of factors that hold back major OS upgrades, and, as we saw with Windows XP, these delays can cause major businesses to run past the end-of-life date of software and become vulnerable to newly discovered security flaws. When Windows XP left extended support, Microsoft was forced to continue supporting select customers (for a fee) who were unable or unwilling to migrate to Windows 7 in time.

At any rate, Microsoft will only provide the Windows 7 Extended Security Updates option until January 2023, so Windows 7 is certainly not going to be around forever.

Oh, and Microsoft is not planning to force Windows 10 home users to pay a monthly fee either, no matter what clickbait nonsense Kelly writes.

Posted on by Arnon Erba in News

(Editor’s note: This post has been updated since publication.)

As announced in February this year, Google Chrome’s design is being evolved to more clearly indicate to users that websites using plain HTTP are not loaded securely and that HTTPS connections should be expected instead. Today, Chrome is pushing a change that affects all HTTP sites worldwide: starting in version 68, Chrome will display a “Not Secure” warning in the address bar for all sites loaded over HTTP.

This isn’t the first change Chrome has made to clearly indicate that HTTP is not secure. Chrome has been marking HTTP traffic as “Not Secure” in Incognito mode as far back as version 62. The “Not Secure” warning has also been appearing for HTTP sites in Chrome’s normal mode when a page contains a password field or when the user interacts with any input field.

Although Chrome has taken the lead, Mozilla Firefox is also on board with the effort to visually flag HTTP pages as insecure. Firefox currently displays an address bar warning for HTTP sites that contain login forms and displays a visible warning message next to login forms that are served insecurely.

What’s Next

The future will bring more changes for the way Chrome visually handles HTTP and HTTPS connections. As I covered back in May, Chrome is scheduled to remove the “Secure” text from HTTPS connections in September with the release of Chrome 69. One month later, in October 2018, Chrome will color the HTTP “Not Secure” warning red when users enter data into insecure sites in Chrome 70. Ed: A previous version of this post inaccurately reflected the circumstances in which the “Not Secure” warning will be colored red in Chrome 70. The color will only change when users enter data on HTTP pages.