pjl's comments

Similarly if you're using MacPorts, make sure to sync and upgrade xz if you have it installed.

5.6.1 was available for a few days and just rolled back ~20 minutes ago: https://github.com/macports/macports-ports/commit/a1388aee09...

These filters supposedly do: https://cyclopure.com/product/purefast-filter-cartridge-for-...

NIH references them here: https://factor.niehs.nih.gov/2022/4/feature/3-feature-pfas-w...

It was a great listen!

“The conflict was no longer farmer versus weed, but also farmer versus farmer. When his neighbors illegally sprayed the pesticide, Wallace reported it. After harvest, Wallace was shot and killed.

On today's show, a murder mystery – about how a weed divided neighbors and led to Mike Wallace's death.”

Here’s a link to the episode: http://www.npr.org/sections/money/2017/06/02/531272125/episo...

Maybe give Malwarebytes Anti-Malware for Mac [1] a try? I've used their Windows products for a while now.

[1] https://www.malwarebytes.org/antimalware/mac/

Ars Technica followed up with Amazon and got this response:

"In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using," Amazon told Ars. "All Fire tablets’ communication with Amazon’s cloud meet our high standards for privacy and security including appropriate use of encryption."

http://arstechnica.com/gadgets/2016/03/amazon-removed-device...

AWS recently announced ClassicLink [1], which helps with migration: "In order to allow EC2-Classic instances to communicate with these resources, we are introducing a new feature known as ClassicLink. You can now enable this feature for any or all of your VPCs and then put your existing Classic instances in to VPC security groups."

[1] https://aws.amazon.com/blogs/aws/classiclink-private-communi...

If you're using AWS' ELB, Amazon has already added a new Predefined Security Policy with SSLv3 disabled: ELBSecurityPolicy-2014-10

At least for detection (from the article): "During installation it is extracted into /Library/Application Support/JavaW, after which the dropper generates a p-list file so that the backdoor is launched automatically."

I don't think the issue is related to HVM. I have instances scheduled for system reboot that are not HVM.

MacPorts does not use system libraries for good reasons:

"There are several reasons why MacPorts uses its own libraries. It makes ports more consistent across different versions of Mac OS X. For example, if we can rely on openssl 1.0.0 from MacPorts, we don't have to test every port that needs ssl for every available openssl installation. Apple's software tends to break from time to time (e.g. openssl refuses to build with an old zlib, but for awhile Apple shipped the old headers of the vulnerable zlib version). Even if Apple's versions aren't broken, they're rarely up-to-date. Apple has a habit of not updating the libraries in Mac OS X until absolutely necessitated by a security vulnerability." [1]

[1] https://trac.macports.org/wiki/FAQ#ownlibs

1and1's Control Panel is quite painful to use, but you don't have to go through cancel.1and1.com to transfer a domain - just make sure your domain is unlocked and you have the EPP code handy.