苹果mac 连接服务器
Earlier this week, a security researcher disclosed an exploit showing that websites could use Zoom’s video chat software to start your webcam and record without your permission. Now Apple is removing Zoom’s web server from all Macs automatically.
本周早些时候,一位安全研究人员披露了一个利用漏洞,该漏洞表明网站可以使用Zoom的视频聊天软件来启动您的网络摄像头,并在未经您许可的情况下进行录制。 现在,Apple正在自动从所有Mac中删除Zoom的Web服务器。
Zoom, a video chat service wanted to provide convenience. It designed its software to join a video chat and start your webcam just by clicking on a link. But then Safari, Apple’s browser, released an update to prevent exactly that behavior. Instead, you would confirm that you wanted to start your webcam.
想要提供便利的视频聊天服务Zoom。 它设计了其软件来加入视频聊天并仅通过单击链接即可启动网络摄像头。 但是随后,Apple的浏览器Safari发布了一个更新,以完全防止这种行为。 相反,您将确认要启动网络摄像头。
So Zoom decided to work around that problem and installed a local web server on Macs that could bypass the security check, in the name of convenience. That entire concept is problematic, and as shown by Jonathan Leitschuh, a bad actor could easily create a website that would autojoin you to a call and start your webcam.
因此,Zoom决定解决此问题,并以方便的名义在Mac上安装了可以绕过安全检查的本地Web服务器。 整个概念都是有问题的,而且正如乔纳森·莱茨丘(Jonathan Leitschuh)所展示的那样,坏演员可以轻松地创建一个网站,该网站可以自动将您加入通话并启动网络摄像头。
Worse yet, uninstalling Zoom from your Mac doesn’t remove the web server. Which meant it was easy to force a reinstall of the software, again without your permission.
更糟糕的是,从Mac上卸载Zoom不会删除Web服务器。 这意味着很容易在没有您允许的情况下强制重新安装该软件。
Zoom promised to make changes and apparently, Apple stepped in to help. Apple released a silent update that removes Zoom’s web server from your Mac. The process is automated, and you won’t need to do anything. That should keep anyone who likes Zoom safer on MacOS. However, the autojoin feature still affects Windows. [TechCrunch]
Zoom承诺做出改变,显然,Apple介入了。 苹果发布了一个无声更新,该更新从Mac删除了Zoom的Web服务器。 该过程是自动化的,您无需执行任何操作。 那应该会让喜欢Zoom的人在MacOS上更安全。 但是,自动加入功能仍会影响Windows 。 [ TechCrunch ]
在其他新闻中: (In Other News:)
Microsoft’s latest Insider update includes passwordless sign-in: Microsoft is moving forward with Insider testing, and the latest update includes some interesting additions. In addition to expanding Your Phone to work with more Surface devices, the company is testing a new passwordless sign-in option. It essentially forces all Microsoft accounts on a PC to use Windows Hello, which should make login a little smoother. [Microsoft]
Microsoft的最新Insider更新包括无密码登录: Microsoft正在推进Insider测试,并且最新更新包括一些有趣的功能。 除了将您的手机扩展为可与更多Surface设备一起使用外,该公司还在测试新的无密码登录选项。 从本质上讲,它会强制PC上的所有Microsoft帐户使用Windows Hello,这将使登录更加流畅。 [微软]
A former Tesla employee admits uploading source code to iCloud: Guangzhi Cao, a former Tesla engineer, left the company to work for Chinese EV startup Xiaopeng Motors. He worked in Tesla’s Autopilot division, and before he left uploaded Autopilot source code to iCloud. Tesla has accused him of stealing the code to take to his new company, although Xiaopeng Motors denies any knowledge of the theft. Cao claims he deleted all the files he uploaded to the cloud. [The Verge]
特斯拉前员工承认将源代码上传到iCloud:特斯拉前工程师曹光志离开公司,为中国电动汽车初创公司小鹏汽车工作。 他曾在Tesla的Autopilot部门工作,然后才将Autopilot源代码上传到iCloud。 特斯拉(Tesla)指控他窃取了将密码带给新公司的代码,尽管小鹏汽车否认有任何关于盗窃的知识。 曹声称他删除了所有上传到云中的文件。 [边缘]
Microsoft is closing Remix3D.com later this year: Microsoft is retiring Remix3D.com on January 10, 2020. The company introduced the site as part of a 3D push in its Windows 10 Creators Update. Much like TVs, 3D in Windows never took off, and now it seems to be winding down slowly. [Thurott]
微软将于今年晚些时候关闭Remix3D.com:微软将于2020年1月10日淘汰Remix3D.com。该公司在其Windows 10 Creators Update中作为3D推送的一部分介绍了该网站。 就像电视一样,Windows中的3D从未起飞,现在看来它正在慢慢消失。 [图洛特]
Pale Moon browser’s older download versions infected with malware: Pale Moon, a fork of FireFox, announced that hackers breached its archive server. The server provided links to older versions of the browser, and the hackers added malware to those downloads. The goal seems to be stealing your cryptocurrency. Chalk it up to another reason not to use a Firefox fork. [ZDNet]
Pale Moon浏览器的旧下载版本感染了恶意软件: FireFox的分支Pale Moon宣布黑客破坏了其存档服务器。 该服务器提供了到旧版本浏览器的链接,黑客将恶意软件添加到了这些下载中。 目标似乎是在窃取您的加密货币。 将其归因于不使用Firefox分支的另一个原因。 [ ZDNet ]
Google shut down the Nest Apple Watch app: Do you use your Apple Watch to control your Nest thermostat? According to Google, probably not. The company says very few people used the app, and so it removed Apple Watch compatibility in the latest update. [9to5Google]
Google关闭了Nest Apple Watch应用程序:您是否使用Apple Watch控制Nest恒温器? 根据Google的说法,可能不是。 该公司表示,很少有人使用该应用程序,因此它在最新更新中删除了Apple Watch兼容性。 [ 9to5Google ]
White Hat hackers tried to take down ransomware criminals, but it’s a draw: White Hat hackers tried to use a Denial of Service attack to prevent the spread of ransomware, in a novel approach to a growing problem. They noticed parts of how the ransomware spread and attacked were predictable and tried to take advantage of that vulnerability. Initially, it worked, but the bad hackers just updated the software. Nice try though. [Ars Technica]
白帽黑客试图清除勒索软件犯罪分子,但这是一个吸引:白帽黑客试图以一种新颖的方法来解决日益严重的问题,从而利用拒绝服务攻击来阻止勒索软件的传播。 他们注意到勒索软件的传播和攻击方式是可以预测的,并试图利用该漏洞。 最初,它起作用了,但是坏的黑客只是更新了该软件。 不错的尝试。 [ Ars Technica ]
Apple disabled Walkie-Talkie from the Apple Watch following exploit: Following the disclosure of an exploit, Apple disabled the Walkie-Talkie feature on the Apple Watch. Details are scarce, but it seems with the right set of steps a bad actor could use Walkie-Talkie to listen to your conversations without you knowing. Apple promises to fix the problem and reenable the feature down the road. [9to5Mac]
Apple在利用以下漏洞后从Apple Watch禁用了Walkie-Talkie :在披露了漏洞利用之后,Apple在Apple Watch上禁用了Walkie-Talkie功能。 细节很少,但似乎只有正确的步骤,一个坏演员才能在不知情的情况下使用对讲机收听您的对话。 苹果承诺将解决该问题并在将来重新启用该功能。 [ 9to5Mac ]
Forty years ago today, July 11th, NASA’s Skylab space station fell back to Earth.
四十年前的今天,即7月11日,NASA的Skylab空间站坠落地球。
Skylab was the first space station launched and operated by NASA. It only saw use for about 24 weeks, and the station was made up of a modified Saturn Rocket and leftover Apollo hardware.
Skylab是NASA发射和运营的第一个太空站。 它只使用了大约24周,并且该站由改良的Saturn Rocket和剩余的Apollo硬件组成。
The space station saw problems early and was damaged by the launch to get the rocket into space. As a result, astronauts spent a significant amount of time repairing the station when they first arrived.
该空间站很早就发现问题,并因将火箭送入太空的发射而受损。 结果,宇航员在首次到达时就花费了大量的时间修理该站。
Astronauts did perform experiments aboard the space station, ranging from life science to solar physics. But the main goal was just to prove that humans could live aboard a space station, even if only temporarily. In that way, Skylab paved the way to future space stations like the International Space Station (ISS).
宇航员确实在空间站上进行了从生命科学到太阳物理学的实验。 但是主要目的只是证明人类可以住在空间站上,即使只是暂时的。 通过这种方式,Skylab为未来的空间站(例如国际空间站(ISS))铺平了道路。
After NASA decided to stop sending new crews to the station, its orbit slowly decayed before plummeting back to Earth. NASA attempted to control the fall so that the space station would land in the Indian Ocean and avoid harming anyone.
在美国宇航局决定停止派遣新的工作人员到该站后,它的轨道缓慢衰减,然后坠落回地球。 美国宇航局试图控制坠落,使空间站降落在印度洋上,并避免伤害任何人。
Unfortunately, parts of it did land in Australia, leading the country—and this is true—to fine NASA $400 for littering. [Space.com]
不幸的是,它的一部分确实在澳大利亚降落,导致该国处于领先地位,这确实是对NASA乱扔垃圾罚款400美元。 [ Space.com ]
翻译自: https://www.howtogeek.com/fyi/daily-news-roundup-apple-removes-zooms-web-server-from-your-mac/
苹果mac 连接服务器
6167
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
