harvard.my.id - Page 72 of 134

Jul 17

Python programming: PyPl is rolling out 2FA for critical projects, giving away 4,000 security keys

PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python programming language.

Python is one of the world’s most popular programming languages, loved for its breadth of packages or add-on libraries that make it useful for data science. Developers need to update these packages frequently and attackers have used this behavior to backdoor their Windows, Linux and Apple machines through bogus packages that are similarly named to legitimate ones, otherwise known as software supply chain attacks.

PyPI, which is managed by the Python Software Foundation (PSF), is the main repository where Python developers can get third-party developed open-source packages for their projects.

SEE: Working hard or hardly working? Employees don’t trust their colleagues to be productive while working from home

PyPI and JavaScript’s equivalent npm repository act like the App Store/Play Store for developers, but aren’t closed and the free services don’t have the resources to vet package submissions for malware.

Google, through the Linux Foundation’s Open Source Security Foundation (OpenSSF), is tackling the threat of malicious language packages and open-source software supply chain attacks. It found over 200 malicious JavaScript and Python packages in one month and noted “devastating consequences” for developers and the organizations they write code for when they install them.

One way developers can protect themselves from stolen credentials is by using two-factor authentication and the PSF is now making it mandatory for developers behind “critical projects” to use 2FA in coming months. PyPI hasn’t declared a specific date for the requirement.

“We’ve begun rolling out a 2FA requirement: soon, maintainers of critical projects must have 2FA enabled to publish, update, or modify them,” the PSF said on its PyPI Twitter account.

As part of the security drive, it is giving away 4,000 Google Titan hardware security keys to project maintainers gifted by Google’s open-source security team.

“In order to improve the general security of the Python ecosystem, PyPI has begun implementing a two-factor authentication (2FA) requirement for critical projects. This requirement will go into effect in the coming months,” PSF said in a statement.

“To ensure that maintainers of critical projects have the ability to implement strong 2FA with security keys, the Google Open Source Security Team, a sponsor of the Python Software Foundation, has provided a limited number of security keys to distribute to critical project maintainers.

PSF says it deems any project in the top 1% of downloads over the prior six months as critical. Presently, there are more than 350,000 projects on PyPI, meaning that more than 3,500 projects are rated as critical. PyPI calculates this on a daily basis, so the Titan giveaway should go a long way to cover a chunk of key maintainers but not all of them.

In the name of transparency, PyPI is also publishing 2FA account metrics. There are currently 28,336 users with 2FA enabled, with nearly 27,000 of them using

Jul 17

Gadget buyers, Intel may have ‘bad news’ for you

giant chips Intel has reportedly told customers that it will raise the price of most of its microprocessors and peripheral chip products. According to a report in Nikkei Asia, the biggest US chipmaker plans to raise prices on flagship products such as central processing units for servers and computers as well as on a wide range of other items, including chips for Wi-Fi and other connectivity. In a statement Nikkei Asia, the company said, “On its Q1 earnings call, Intel indicated it would increase pricing in certain segments of its business due to inflationary pressures. The company has begun to inform customers of these changes.”
Why the price hike
Intel has reportedly cited rising costs for increasing prices. The company said that price hikes are required due to the surging costs for production and materials. Intel’s notice to clients comes at a time when almost the entire world is in the grip of severe inflation. In the US too, consumer prices reportedly rose 9.1% in June, a 40-year record.
How much will be the price increase
According to the report, the percentage increases have not been finalized yet. They could differ for different types of chips, “but are likely to range from a minimal single-digit increase to more than 10% and 20% in some cases.”
Intel is not the only one
The world’s biggest contract chipmaker Taiwan Semiconductor Manufacturing Company (TSMC) recently told clients that it will raise prices by a “single-digit” percentage starting in 2023. The company plans to increase prices for most of its fabrication processes by 6% starting from January 2023, as per a report in DigiTimes. In May, Bloomberg reported that Samsung is set to increase its chipmaking prices by up to 20%. Samsung, however, has not responded to the report. China-based relatively smaller chip maker Semiconductor Manufacturing International Corp too is said to have told investors that it will be raising its prices in view of the rising material costs.

FOLLOW US ON SOCIAL MEDIA

FacebookTwitterInstagramKOO APPYOUTUBE

Jul 17

Five great gadgets for the beach

You’re unlikely to be mistaken for a member of the Hells Angels on the Cake sa. Quiet and friendly-looking rather than leather-jacket-sexy, this new release from Swedish startup Cake is Still a lot of fun to zip around on.

The brand is by Stefan Ytterborn, a former Ikea employee and founder of action-helmet brand POC, who saw a gap in the market for green off-road motorbikes that can smoothly traverse the bumpiest of sand dunes and hairiest of mountain paths. There are several sa models to choose from: the sa Plus requires a motorbike license and maxes out at 90kmph, while the sa Flex – really a moped – can be used with a regular driving license but has a top speed of 45kmph. The Plus can travel about 84km, and the Flex 92km, between charges. Meanwhile, the new sa Work comes in Plus or Flex form; it’s basically a beefier update, boasting a 50 per cent bigger battery capacity than the originals.

Cake calls the sa a “Swiss Army knife on wheels”

All are low-slung, weigh less than 100kg and possess dirt bike-style wheels and stellar suspension. What the sa lacks in speed it makes up for in ease of use. It’s activated by entering a passcode on its handlebar-mounted screen; a companion app has GPS and can track your riding stats.

The best bits? The brand calls sa a “Swiss Army knife on wheels”, which is about right: it’s a versatile machine that has a mule-like carrying capacity and can be furnished with various attachments, from surfboard racks and extra seats to, as of this month , colorful windscreens. And once at your destination, its battery can be used to fire up personal devices, including phone, laptop, small stove and coffee machine. (If you intend to power several gadgets, and bigger appliances, I’d recommend the Work and/or the optional second battery.)

Pick from attachment packages such as the Carry (rack, basket, waterproof bag) or the Max (power converter, baskets, cargo net), or build your own. Cake sa, from £7,850, Work version from €8,850, ridecake.com

Walk on water

Philip Werner, Awake’s founder, calls electric surfing a “totally new sport”. Participants do not require Oahu-like waves for an adrenaline rush; they need only grip a handheld remote that Werner calls a “dynamite stick”. The new Rävik S 22 is Awake’s zippiest model yet. The jet-propelled board has a response time of 0.02 seconds and a top speed of 57kmph. It’s less buoyant than its predecessors, enabling sharper turns, and making it slightly more difficult for beginners to embrace than the Rävik 3, but novices should still be able to stand up within an hour or so. It lasts about 20 minutes with the standard battery, and can be ridden on waves as well as in sleepy bays. Awake Rävik S 22, from €12,900, awakeboards.com

Cool it

With the TravelR, Colorado upstart RovR is a challenging market behemoth Yeti for

Jul 16

This $20 TikTok home gadget is seriously genius

We may receive a commission from purchases made via links on this page. Pricing and availability are subject to change. This content is created by a 3rd party partner for Yahoo.

Simplify your home and your life with this home device outlet for $20. (Source: Getty Commercial)

We can’t seem to stop finding things to buy on TikTok, and this $20 gadget is truly taking the cake for handiness and affordability. The LoraTap Mini Remote Control Outlet has the power to make any device you plug in remote-controlled. This amazing gadget is truly a game changer. Now you won’t always have to get up to turn a lamp on and off; you simply press the button on the included remote insted. Plus, this gem of a product is on Amazon for just $20.

#TikTokMadeMeBuyIt

From laptops to fans to lamps, plug everything into this LoraTap outlet. (Source: Amazon)

$19.99 at Amazon

The LoraTap Outlet is making its rounds on TikTok as one user, @julianna_claire posted how she uses it in her home. Why simplify only one home appliance when you could do it for all of them. You can probably see why this gadget is going viral. This mini remote makes being a little lazy now and then a lot easier.

Setting up the LoraTap Mini Remote Control Outlet is simple. Setup is wireless and only requires you to remove the adhesives and stick the base to whatever wall or surface you would like it to be. The remote sticks directly to the base using built-in magnets.

The mini remote features a simple power button to control whatever device you choose to plug into the LoraTap outlet. It’s compatible with a wide range of home appliances such as laptops, TVs, lamps, routers and fans. All of these devices can now be controlled with the touch of a button.

The ratings are incredible

The LoraTap Mini Remote Control Outlet isn’t just loved by TikTokers. On its Amazon page, it boasts 4.5 out of 5 stars with over 400 ratings. Read what one verified purchaser said,

“Works really well. I’ve bought other brands that don’t work every time […] So far this one has worked every time on the first press. It also takes up a smaller amount of space on the receptacle than other brands, so you have room to plug something else into the other receptacle. I like it enough that I’m considering buying more.”

Are you ready for things to be a little easier? Then go ahead and simplify your home and your life for just $20 today.

Looking for more great Amazon deals? Check these out:

Home:

Home Improvements:

Jul 15

Gadgeteer Adds 23 New Musical Gadgets In Update

A new update for physics-based puzzle game Gadgeteer brings 23 musical gadgets to play with as well as a new environment to build in.

The Musical Gadget Update released recently for Gadgeteer on Quest and PC VR. It adds a bunch of new music-inspired tools for players to implement in their Rube Goldberg machines, such as a metronome, xylophone, drum parts, cymbals, gongs, cowbells and a rubber chicken.

As you can see in the trailer embedded above, players can use existing well-known Gadgeteer staples, such as the marble ball, to interact with the new musical elements to produce tones in sequences and create songs.

The update also adds in a new sandbox environment, ‘Study’, which is “purposely designed to offer a building canvas that’s different from the ‘Apartment’ environment” and provides a better canvas for building music-focused machines.

Free update for Gadgeteer is OUT NOW! 23 new ‘musical’ gadgets and 1 new environment to build in. pic.twitter.com/DTD1UxyoEe

— Gadgeteer (@gadgeteergame) July 5, 2022

Metanaut CEO and Creative Director Peter Kao shared bits about future updates to come in a prepared statement, “Our players have been asking for gadgets that allow them to build perpetually running machines. They’ve also asked for powerful electrical gadgets. These are great suggestions and we have them on the top of our list of gadgets to prototype.”

Metanaut has consistently updated Gadgeteer through early access and post launch, adding in some key features such as online level sharing, while also expanding out with Quest and PSVR releases in 2019 and 2021 respectively.

The update is available now for Gadgeteer on PC VR and Quest platforms, with PSVR to come in the future.