News briefs for January 8, 2019.
GitHub's CEO Nat Friedman yesterday announced that free accounts now can create private repositories (previously only paid accounts could have private repositories). Ars Technica reports[1] that "Now every GitHub account can create an unlimited number of private repositories. These are still restricted—only three people can collaborate on these repositories—but a great many of those projects that once had no option but to be opened up might now be marked as private." The Ars Technica article also expresses concern that one possibility with this change is that "programs that would previously have been published as open source will now be closed up forever".
Bash-5.0 was released[2] yesterday. This release fixes several bugs and introduces many new features. From the release announcement: "The most notable new features are several new shell variables: BASH_ARGV0, EPOCHSECONDS, and EPOCHREALTIME. The `history' builtin can remove ranges of history entries and understands negative arguments as offsets from the end of the history list. There is an option to allow local variables to inherit the value of a variable with the same name at a preceding scope. There is a new shell option that, when enabled, causes the shell to attempt to expand associative array subscripts only once (this is an issue when they are used in arithmetic expressions). The `globasciiranges' shell option is now enabled by default; it can be set to off by default at configuration time."
Security researchers at Wandera recently discovered "more than a dozen iPhone apps covertly communicating with a server associated with Golduck, a historically Android-focused malware that infects popular classic game apps." According to TechCrunch[3], the malware was discovered more than a year ago and affected retro-style games on Google Play "by embedding backdoor code that allowed malicious payloads to be silently pushed to the device". See the post[4] for more details.