The Truth: Patch Tuesday, SUSE Quitting OpenStack, HP Needs a New Way to Sell Printers

Wednesday, 9 October 2019

Hump day! If you’re a windows admin, you’re probably busy patching systems. For everyone else, here’s what happened in the tech world since the last newsletter:

Yesterday was the second Tuesday of the month which, as usual, means lots of patches to install. Microsoft has fixed 59 vulnerabilities in Windows, Office, Edge and Azure. Nine of them are rated critical, including CVE-2019-1372, which allows the users of Azure virtual machines to execute code on the host machine itself. Remote code execution and privilege escalation in one! CVE-2019-1327 in Office allows attackers to take over a victim’s machine by getting them to open a manipulated document. The Register has details on many of the Microsoft patches here.

Adobe, for once, has not published any updates for Patch Tuesday.

SAP, however, has released fixes for eight vulnerabilities in NetWeaver, SQL Anywhere, BusinessObjects and other products. Two of these vulnerabilities have a CVSS rating that exceeds 9.

German Linux company SUSE is getting rid of its OpenStack commitment. It’s a bit of an unexpected move, The Register explains: “Coming less than a month before OpenStack’s Shanghai Open Infrastructure Summit and a scant few since SUSE released Cloud 9, chock full of OpenStack Rocky goodness, the move will raise a few eyebrows. Not least those of Matthew Johns, the outfit’s product and solutions marketing manager for Cloud Solutions, who had cheerfully posted a blog just over a week earlier on how to upgrade OpenStack.” For a long time, SUSE was one of the primary forces behind OpenStack. “SUSE is a founding member and platinum sponsor of the OpenStack Foundation and was the first to launch a commercially supported OpenStack distro in 2012, based on the Essex release. Seven years on, the party is over.” It looks like they are now moving towards Kubernetes instead.

Printers, like razors, are famous for a business model that involves selling the main device at a loss and making money by selling a consumable – in the case of the printer, this would be ink cartridges. Apparently, this business model doesn’t work anymore for HP, one of the biggest printer manufacturers: “HP is overturning a print sales model that helped it amass billions in profits over the decades but is now challenged by rival supplies makers luring customers with cheaper ink and toner cartridges.” They are now shifting more and more to selling printers that come preloaded with years' worth of ink or toner. The big question here is if that will work. After all, what is stopping other companies to do the same with those bigger tanks that they did with the smaller cartridges? “HP did not explain how it will ensure its locked printers only accept its own-branded supplies; supplies cloners and re-manufacturers have reverse-engineered cartridge smart chips for more than a decade.”

Twitter gave advertisers access to private information of its users by accident. Email addresses or phone numbers entered for security purposes could thus be used to target ads. Yes, they are really saying that this happened by accident. I wonder if all the money they made from this was an accident, too?

Response to Twitter Oopsie

Blizzard has suspendet a Hearthstone pro after he voiced his support for pro-democracy protesters in his home province of Hong Kong in an interview. The pro, known by the handle Blitzchung, is now banned from the digital CCG for a year and had his winnings cancelled. Blizzard is partly owned by Tencent, a Chinese company and the protesters advocate for independence from China. “Fuel Games, developer of rival card game Gods Unchained, tweeted Tuesday its support for Blitzchung and said it’ll pay ‘all of his lost winnings.’ The developer will also invite him to its $500,000 tournament.” This stuff isn’t unprecedented in the CCG world. After Magic The Gathering pro player Owen Turtenwald was kicked out of the Magic Pro League and banned from MTG tournaments for alleged inappropriate behaviour towards female players, he became a professional Hearthstone player.

This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.