memory Archives

AppWizard

April 25, 2026

Moving Valheim away from being an MMO was “the best decision” the team made

Valheim is a Norse-inspired survival game developed by Iron Gate Studio, which allows players to build homes and fight monsters. It is set to release its 1.0 version five years after its initial launch. The game has been compared to titles like Rust but maintains a unique charm. The development team decided against an MMO format, which they consider "the best design decision." Valheim began as a test project for networking solutions, evolving into a game focused on single-player and small group experiences. The Nordic theme was chosen for its compatibility with the gameplay, despite the CEO Richard Svensson not being a fan of Viking lore. The game's art style was developed out of necessity, allowing for easier solo production. Each biome in the game is created separately, with influences from games like The Legend of Zelda: Breath of the Wild and The Elder Scrolls V: Skyrim, while loosely incorporating Norse mythology. Valheim has achieved financial success and critical acclaim during its early access phase, enabling Iron Gate Studio to focus on its development. The game is currently available on Steam at a 50% discount. Indie Game Works, featuring a chapter on Valheim, is available in limited and general editions.

AppWizard

April 25, 2026

NoVoice malware hit 2.3 million Android devices through apps Google never should have approved

McAfee researchers discovered a complex Android rootkit campaign, dubbed Operation NoVoice, that infiltrated 50 applications on Google Play, exploiting vulnerabilities in the kernel that had been patched but not uninstalled. The malware was resilient enough to survive factory resets and was concealed within seemingly benign apps, which collectively garnered 2.3 million downloads. The malicious payload was hidden in the com.facebook.utils package and used steganography to embed an encrypted payload within a PNG image. The malware conducted multiple checks to avoid detection and established contact with a command-and-control server, polling for exploit packages every 60 seconds. It utilized 22 distinct exploits, including vulnerabilities that had received patches between 2016 and 2021. The malware disabled SELinux enforcement and installed a persistent rootkit that could survive factory resets. Google confirmed the removal of the infected apps but noted that users who had already downloaded them remained at risk, especially if their devices were running unpatched Android versions. McAfee advised affected users to treat their devices as compromised and consider professional inspection or hardware-level storage wiping for remediation.

Winsage

April 25, 2026

Linux and Windows 95 running side by side? This dev made it happen.

Open-source developer "Hailey" has introduced the Windows 9x Subsystem for Linux (WSL9X), which allows users to run both Windows and Linux applications simultaneously on classic versions of Windows, including Windows 95, 98, and Me. WSL9X operates by running a modern Linux kernel (6.19) alongside the Windows 9x kernel, enabling features such as paging, memory protection, and pre-emptive scheduling. It is neither emulation nor virtualization and does not require hardware virtualization. WSL9X is available for download, but users must build it from the source provided by Hailey. It allows access to a genuine Linux terminal alongside classic Windows applications, enabling various tasks without compromising system stability.

Tech Optimizer

April 24, 2026

Fileless Malware and Email Authentication Gaps

Fileless malware operates stealthily within networks, utilizing legitimate system tools like PowerShell and Windows Management Instrumentation (WMI) to execute malicious code in memory without leaving traces on disk. Traditional antivirus solutions struggle to detect these threats due to their reliance on file signatures. The primary vector for fileless malware is email, where attackers use spoofed messages to trick users into activating malicious scripts. Misconfigurations in Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) records create vulnerabilities that attackers exploit to deliver spoofed emails. Traditional endpoint protection mechanisms are inadequate against fileless attacks, necessitating a shift towards behavioral analysis for detection. Organizations must assess their preparedness by ensuring proper email authentication configurations and enhancing endpoint security capabilities. Integration among security teams and updated employee security awareness programs are also essential. Sendmarc helps organizations mitigate vulnerabilities by providing visibility into SPF, DKIM, and DMARC configurations and enforcing DMARC to block unauthenticated messages.

Tech Optimizer

April 23, 2026

Take Control: Customer-Managed Keys for Lakebase Postgres

Encryption at rest is essential for cloud environments, especially in regulated sectors. Lakebase offers Customer Managed Keys (CMK), allowing organizations to control their encryption keys from preferred Key Management Services (KMS) like AWS KMS, Azure Key Vault, or Google Cloud KMS. Lakebase CMK manages both persistent storage and ephemeral compute, ensuring data security. Lakebase's architecture separates storage and compute layers, enabling elastic scaling and serverless operations. The storage layer maintains persistent data, while the compute layer consists of dynamic Postgres instances. This separation poses encryption challenges, addressed by Lakebase CMK through a hierarchical Envelope Encryption model. The key hierarchy includes: 1. Customer Managed Key (CMK): The Root of Trust in the cloud KMS, never accessed in plaintext by Databricks. 2. Key Encryption Key (KEK): A transient key for wrapping data keys. 3. Data Encryption Keys (DEKs): Unique keys for each data segment, stored in an encrypted state. When data access is needed, Lakebase retrieves DEKs by unwrapping keys from the KMS. If a key is revoked, access to the data is denied, and ephemeral compute instances are terminated. In practice, CMK applies to: 1. Persistence Layer (Storage): All data segments are encrypted with keys controlled by the CMK. 2. Ephemeral Layer (Compute): Each compute instance generates a unique ephemeral key, and upon revocation, the instance is terminated, destroying in-memory keys. CMK implementation follows a delegation model, allowing Security Admins to manage keys without accessing data. The process includes key configuration, workspace binding, and lifecycle management. Key rotation is seamless, requiring no data re-encryption. All cryptographic operations involving the CMK are logged by the cloud provider's audit service. Lakebase CMK is available for Enterprise tier customers, allowing organizations to manage their encryption keys effectively.

Winsage

April 23, 2026

Microsoft just made Windows 11’s Drag Tray for sharing files less annoying, and it actually works now

Microsoft has introduced the Drop Tray in Windows 11, replacing the previous Drag Tray to enhance file sharing. The Drop Tray features a more compact design and aims to minimize accidental openings while being easily dismissible. It is expected to roll out to all Windows 11 PCs by May as part of a set of reliability fixes. The new design encourages users to engage with it intentionally for file sharing, improving usability for those with desktop folders. The option to enable or disable the Drop Tray can now be found under Settings > System > Multitasking > Drop Tray.

Tech Optimizer

April 23, 2026

The antivirus feature I skip on every SSD-powered PC

File shredders may not effectively erase data on solid-state drives (SSDs) due to the way SSDs distribute data, which can lead to deleted files remaining retrievable. Additionally, using file shredders can reduce the lifespan of SSDs because of their limited write cycles. Instead of file shredders, drive encryption is recommended for protecting sensitive data on SSDs, as it ensures that deleted data remains unreadable. Windows 11 offers integrated drive encryption for users with a Microsoft account, and tools like VeraCrypt or Cryptomator can create encrypted folders for managing sensitive documents. It's important to safeguard access to encrypted data by backing up decryption passwords or recovery keys.

Winsage

April 23, 2026

Engineering secure passkey sync in Microsoft Password Manager

Passkeys are a new form of authentication that replace traditional passwords, providing a phishing-resistant and streamlined sign-in process. Microsoft Password Manager allows users to save and synchronize passkeys across devices linked to their Microsoft accounts, enhancing accessibility. The architecture for passkey syncing includes confidential computing for sensitive operations, hardware-rooted key protection for encryption keys, tamper-evident recovery storage, and encrypted synchronization across devices. Sensitive passkey operations are executed in Azure's confidential computing environments, ensuring cryptographic materials are processed securely. The encryption keys are protected using Azure Managed HSM, with access governed by attestation-based mechanisms. Registration and recovery processes require user authentication and enforce security measures within confidential computing boundaries, including a lockout state after consecutive incorrect PIN attempts. The system aims to provide a secure and user-friendly experience as part of a transition to a passwordless future.

Tech Optimizer

April 23, 2026

Aurora Serverless: Faster performance, enhanced scaling, and still scales down to zero

Amazon Aurora Serverless offers an on-demand, auto-scaling database management solution that adjusts to workload demands, scaling up during high usage and down to zero during inactivity. The latest version, platform version 4, has a 30% performance increase over version 3 and allows users to monitor performance metrics effectively. Benchmark tests show that both Aurora MySQL and Aurora PostgreSQL on platform version 4 achieve a 27% to 34% increase in New Orders per Minute (NOPM) compared to version 3. The autoscaling mechanism in Aurora Serverless has been improved, doubling the default scaling rate and achieving maximum capacity in 22 minutes, a 45% improvement over the previous 40 minutes. A Sysbench workload test indicates that version 4 completes tasks 27% faster and at a 28% lower cost compared to version 3. Additionally, platform version 4 incorporates more metrics for better scaling decisions, enhancing performance in resource competition scenarios. To check the current platform version of an Aurora Serverless cluster, users can navigate to the Amazon RDS console or use the AWS CLI command provided.

AppWizard

April 23, 2026

New CS2 update brings back CSGO’s silky smooth camera shake

Valve has released a mini-patch for Counter-Strike 2 that adjusts camera motion due to recoil to more closely match CS:GO, aiming to reduce camera shake during gameplay. This change is expected to enhance the experience for players familiar with both games. Demonstrations indicate a smoother gameplay experience, and Valve assures that bullet trajectories will remain consistent with CS2. The patch also includes fixes for various Animgraph 2 bugs, improvements to ladder movement mechanics, and a resolution for a crash issue during halftime transitions.