Easy Contact
253 Main Ave, Passaic NJ 07055Call 973-777-5656
info@advantagecomputers.com
Fax 973-777-5821
© 2024 ~ All Rights Reserved
Advantage Computer Solutions
Company
Services
Testimonials
Amazing!
Zack is amazing! I have gone to him with computer issues for the past few years now and he always finds a way to fix… Read more “Amazing!”
Professional, smart & sensitive
Cannot say enough good things about Zack Rahhal and his team. Professional, smart, sensitive to small biz budgets and a helluva good guy. Could not… Read more “Professional, smart & sensitive”
AMAZINGLY WONDERFUL STAFF
stars indeed. So reliable and helpful and kind and smart. We call Al and he is “on it” immediately and such a FABULOUS teacher, patient… Read more “AMAZINGLY WONDERFUL STAFF”
Whatever my need, unfailingly helpful
I’ve been a customer of the staff at Advantage for many years now. They have never let me down! Whatever my need, however big or… Read more “Whatever my need, unfailingly helpful”
Best Kept Secret
I’ve known the Advantage Team for years. They are the absolute best techs in the field, bar none. I couldn’t tell you how many tens… Read more “Best Kept Secret”
Excellent Experience
I had an excellent experience with Advantage. Aside from being extremely professional and pleasant generally, Zack was incredibly responsive and helpful, even before and after… Read more “Excellent Experience”
Simply The Best!
Simply The Best! Our company has been working with Advantage Computer Solutions for a few years, Zack and his Team are AWESOME! They are super… Read more “Simply The Best!”
Awesome
The engineering team at Advantage Computers is the best in the business. They are nothing short of technical… Read more “Awesome”
It’s like having a cousin in the business.
Al, Nasser and Zack have been keeping our operations going for over a decade, taking care of our regular upgrades and our emergency system problems.… Read more “It’s like having a cousin in the business.”
Exceptional People
In many cases, exceptional people do not receive recognition for their hard work and superior customer service. We do not want this to be one of those… Read more “Exceptional People”
Highly Recommended
I became a customer about 6-7 months and I can say nothing but great things about this business. Zack takes care of me. I am… Read more “Highly Recommended”
Life Savers
THANK GOD for this local computer repair business who saved me hundreds, my hard drive was messed up, i called the company with warranty they… Read more “Life Savers”
I don’t have enough words to express my appreciation
I don’t have enough words to express my appreciation for Nassar and Paul, and the other members of Advantage Computer Solutions. I live in Bergen… Read more “I don’t have enough words to express my appreciation”
Minuteman Press Newark
Advantage Computer Solutions is absolutely great. They show up, do what they say they are going to, complete the job without issues (my other computer… Read more “Minuteman Press Newark”
Knowledgeable, Reliable, Reasonable
Knowledgeable, Reliable, Reasonable Working with Advantage Computers since 1997 for both personal and business tech support has been a rewarding and enjoyable experience. Rewarding, in… Read more “Knowledgeable, Reliable, Reasonable”
Excellent service!
Excellent service! I am the administrator for a busy medical office which relies heavily on our computer system. We have used Advantage Computer Solutions for… Read more “Excellent service!”
Great Advice and Service
Advantage offers great advice and service I bought parts for my gaming pc online and they put it together in a day for a great… Read more “Great Advice and Service”
Great Service, Support and Sales
Our company has been using the services of Advantage Computers since 2006. It was important to find a reliable company to provide us with the technical… Read more “Great Service, Support and Sales”
Extremely Professional and Passionate
Our company has been working with Advantage since the 1990’s and have been a loyal client ever since. Advantage does not make it very difficult… Read more “Extremely Professional and Passionate”
Handles all our Office IT
Advantage Computer Solutions has handled all of our computer and IT needs for the past 2 years. The staff is always professional and the service… Read more “Handles all our Office IT”
Passaic Housing Authority
Since 1996 the Housing Authority of the City of Passaic has been a client of Advantage Computer Solutions. Our Agency has utilized their outstanding services… Read more “Passaic Housing Authority”
They made sure EVERYTHING was working
“When the computer I use to run my photography business started acting erratically and kept shutting down, I was in a panic. I depend on… Read more “They made sure EVERYTHING was working”
October is Cybersecurity Awareness Month! Why being cyber‑smart matters
The campaign may last for a month, but we should remember that cybersecurity is a year-round affair
The post October is Cybersecurity Awareness Month! Why being cyber‑smart matters appeared first on WeLiveSecurity
Hackers could force locked iPhones to make contactless payments
Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds
The post Hackers could force locked iPhones to make contactless payments appeared first on WeLiveSecurity
ESET Threat Report T2 2021
A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The post ESET Threat Report T2 2021 appeared first on WeLiveSecurity
CISA and NSA release guidance for securing VPNs
What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks
The post CISA and NSA release guidance for securing VPNs appeared first on WeLiveSecurity
Announcing New Patch Reward Program for Tsunami Security Scanner
Posted by Guoli Ma, Sebastian Lekies & Claudio Criscione, Google Vulnerability Management Team
One year ago, we published the Tsunami security scanner with the goal of detecting high severity, actively exploited vulnerabilities with high confidence. In the last several months, the Tsunami scanner team has been working closely with our vulnerability rewards program, Bug Hunters, to further improve Tsunami’s security detection capabilities.
Today, we are announcing a new experimental Patch Reward Program for the Tsunami project. Participants in the program will receive patch rewards for providing novel Tsunami detection plugins and web application fingerprints. We hope this program will allow us to quickly extend the detection capabilities of the scanner to better benefit our users and uncover more vulnerabilities in their network infrastructure.
For this launch, we will accept two types of contributions:
As with other Security Reward Programs, rewards can be donated to charity—and we’ll double your donation if you choose to do so. We’ll run this program in iterations so that everyone interested has the opportunity to participate.
To learn more about this program, please check out our official rules and guidelines. And if you have any questions or suggestions for the program, feel free to contact us at tsunami-patch-rewards@google.com.
Google releases emergency fix to plug zero‑day hole in Chrome
The emergency release comes a mere three days after Google’s previous update that plugged another 19 security loopholes
The post Google releases emergency fix to plug zero‑day hole in Chrome appeared first on WeLiveSecurity
Week in security with Tony Anscombe
ESET unmasks FamousSparrow APT group – Stopping cloud data leaks – European cybercrime ring busted
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Bug in macOS Finder allows remote code execution
While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented
The post Bug in macOS Finder allows remote code execution appeared first on WeLiveSecurity
FamousSparrow: A suspicious hotel guest
Yet another APT group that exploited the ProxyLogon vulnerability in March 2021
The post FamousSparrow: A suspicious hotel guest appeared first on WeLiveSecurity
Distroless Builds Are Now SLSA 2
Posted by Priya Wadhwa and Appu Goundan, Google Open Source Security Team
A few months ago we announced that we started signing all distroless images with cosign, which allows users to verify that they have the correct image before starting the build process. Signing our images was our first step towards fully securing the distroless supply chain. Since then, we’ve implemented even more accountability in our supply chain and are excited to announce that distroless builds have achieved SLSA 2. SLSA is a security framework for increasing supply chain security, and Level 2 ensures that the build service is tamper resistant.
This means that in addition to a signature, each distroless image now has an associated signed provenance. This provenance is an in-toto attestation and includes information around how each image was built, what command was run, and what build system was used. It also includes any special parameters that were passed in, the exact commit the images were built at, and more. This provenance is a useful tool for builds that need to be audited in the future.
SLSA 2 Requirement
Distroless
Source – Version controlled
Source code in Github
Build – Scripted build
Build script exists as a Tekton Pipeline, invoked as a Google Cloud Build step
Build – Build service
All steps run on Kubernetes with Tekton
Provenance – Available
Provenance is available in the rekor transparency log as an in-toto attestation
Provenance – Authenticated
Provenance is signed with the distroless GCP KMS key
Provenance – Service generated
Provenance is generated by Tekton Chains from a Tekton TaskRun
Achieving SLSA 2 required some changes to the distroless build pipeline: we set up Tekton Pipelines and Tekton Chains in a GKE cluster to automate building images and generating provenance. Every time a pull request is merged to the distroless Github repo, a Tekton Pipeline is triggered. This Pipeline builds the distroless images, and Tekton Chains is responsible for generating signed provenance for each image. Tekton Chains stores the signed provenance alongside the image in an OCI registry and also stores a record of the provenance in the rekor transparency log.
Don’t trust us?
You can try the build yourself. Because distroless builds are reproducible, all the information to replicate the build is in the provenance, and you or a trusted third party can build the image yourselves and verify the build is correct by matching image digests.
You can verify an attestation for a distroless image with cosign and the distroless public key:
$ cosign verify-attestation -key cosign.pub gcr.io/distroless/base@sha256:4f8aa0aba190e375a5a53bb71a303c89d9734c817714aeaca9bb23b82135ed91
Verification for gcr.io/distroless/base@sha256:4f8aa0aba190e375a5a53bb71a303c89d9734c817714aeaca9bb23b82135ed91 —
The following checks were performed on each of these signatures:
– The cosign claims were validated
– The signatures were verified against the specified public key
– Any certificates were verified against the Fulcio roots.
…
And you can find the provenance for the image in the rekor transparency log with the rekor-cli tool. For example, you could find the provenance for the above image by using the image’s digest and running:
$ rekor-cli search –sha sha256:4f8aa0aba190e375a5a53bb71a303c89d9734c817714aeaca9bb23b82135ed91
af7a9687d263504ccdb2759169c9903d8760775045c6e7554e365ec2bf29f6f8
$ rekor-cli get –uuid af7a9687d263504ccdb2759169c9903d8760775045c6e7554e365ec2bf29f6f8 –format json | jq -r .Attestation | base64 –decode | jq
{
“_type”: “distroless-provenance”,
“predicateType”: “https://tekton.dev/chains/provenance”,
“subject”: [
{
“name”: “gcr.io/distroless/base”,
“digest”: {
“sha256”: “703a4726aedc9ec7a7e32251087565246db117bb9a141a7993d1c4bb4036660d”
}
},
{
“name”: “gcr.io/distroless/base”,
“digest”: {
“sha256”: “d322ed16d530596c37eee3eb57a039677502aa71f0e4739b0272b1ebd8be9bce”
}
},
{
“name”: “gcr.io/distroless/base”,
“digest”: {
“sha256”: “2dfdd5bf591d0da3f67a25f3fc96d929b256d5be3e0af084db10952e5da2c661”
}
},
{
“name”: “gcr.io/distroless/base”,
“digest”: {
“sha256”: “4f8aa0aba190e375a5a53bb71a303c89d9734c817714aeaca9bb23b82135ed91”
}
},
{
“name”: “gcr.io/distroless/base”,
“digest”: {
“sha256”: “dc0a793d83196a239abf3ba035b3d1a0c7a24184856c2649666e84bc82fc5980”
}
},
{
“name”: “gcr.io/distroless/base-debian10”,
“digest”: {
“sha256”: “2dfdd5bf591d0da3f67a25f3fc96d929b256d5be3e0af084db10952e5da2c661”
}
},
{
“name”: “gcr.io/distroless/base-debian10”,
“digest”: {
“sha256”: “703a4726aedc9ec7a7e32251087565246db117bb9a141a7993d1c4bb4036660d”
}
},
{
“name”: “gcr.io/distroless/base-debian10”,
“digest”: {
“sha256”: “4f8aa0aba190e375a5a53bb71a303c89d9734c817714aeaca9bb23b82135ed91”
}
},
{
“name”: “gcr.io/distroless/base-debian10”,
“digest”: {
“sha256”: “d322ed16d530596c37eee3eb57a039677502aa71f0e4739b0272b1ebd8be9bce”
}
},
{
“name”: “gcr.io/distroless/base-debian10”,
“digest”: {
“sha256”: “dc0a793d83196a239abf3ba035b3d1a0c7a24184856c2649666e84bc82fc5980”
}
},
{
“name”: “gcr.io/distroless/base-debian11”,
“digest”: {
“sha256”: “c9507268813f235b11e63a7ae01526b180c94858bd718d6b4746c9c0e8425f7a”
}
},
{
“name”: “gcr.io/distroless/cc”,
“digest”: {
“sha256”: “4af613acf571a1b86b1d3c50682caada0b82024e566c1c4c2fe485a70f3af47d”
}
},
{
“name”: “gcr.io/distroless/cc”,
“digest”: {
“sha256”: “2c4bb6b7236db0a55ec54ba8845e4031f5db2be957ac61867872bf42e56c4deb”
}
},
{
“name”: “gcr.io/distroless/cc”,
“digest”: {
“sha256”: “2c4bb6b7236db0a55ec54ba8845e4031f5db2be957ac61867872bf42e56c4deb”
}
},
{
“name”: “gcr.io/distroless/cc-debian10”,
“digest”: {
“sha256”: “4af613acf571a1b86b1d3c50682caada0b82024e566c1c4c2fe485a70f3af47d”
}
},
{
“name”: “gcr.io/distroless/cc-debian10”,
“digest”: {
“sha256”: “2c4bb6b7236db0a55ec54ba8845e4031f5db2be957ac61867872bf42e56c4deb”
}
},
{
“name”: “gcr.io/distroless/cc-debian10”,
“digest”: {
“sha256”: “2c4bb6b7236db0a55ec54ba8845e4031f5db2be957ac61867872bf42e56c4deb”
}
},
{
“name”: “gcr.io/distroless/java”,
“digest”: {
“sha256”: “deb41661be772c6256194eb1df6b526cc95a6f60e5f5b740dda2769b20778c51”
}
},
{
“name”: “gcr.io/distroless/nodejs”,
“digest”: {
“sha256”: “927dd07e7373e1883469c95f4ecb31fe63c3acd104aac1655e15cfa9ae0899bf”
}
},
{
“name”: “gcr.io/distroless/nodejs”,
“digest”: {
“sha256”: “927dd07e7373e1883469c95f4ecb31fe63c3acd104aac1655e15cfa9ae0899bf”
}
},
{
“name”: “gcr.io/distroless/nodejs”,
“digest”: {
“sha256”: “f106757268ab4e650b032e78df0372a35914ed346c219359b58b3d863ad9fb58”
}
},
{
“name”: “gcr.io/distroless/nodejs-debian10”,
“digest”: {
“sha256”: “927dd07e7373e1883469c95f4ecb31fe63c3acd104aac1655e15cfa9ae0899bf”
}
},
{
“name”: “gcr.io/distroless/nodejs-debian10”,
“digest”: {
“sha256”: “f106757268ab4e650b032e78df0372a35914ed346c219359b58b3d863ad9fb58”
}
},
{
“name”: “gcr.io/distroless/nodejs-debian10”,
“digest”: {
“sha256”: “927dd07e7373e1883469c95f4ecb31fe63c3acd104aac1655e15cfa9ae0899bf”
}
},
{
“name”: “gcr.io/distroless/python3”,
“digest”: {
“sha256”: “aa8a0358b2813e8b48a54c7504316c7dcea59d6ae50daa0228847de852c83878”
}
},
{
“name”: “gcr.io/distroless/python3-debian10”,
“digest”: {
“sha256”: “aa8a0358b2813e8b48a54c7504316c7dcea59d6ae50daa0228847de852c83878”
}
},
{
“name”: “gcr.io/distroless/static”,
“digest”: {
“sha256”: “9acfd1fdf62b26cbd4f3c31422cf1edf3b7b01a9ecee00a499ef8b7e3536914d”
}
},
{
“name”: “gcr.io/distroless/static”,
“digest”: {
“sha256”: “e50641dbb871f78831f9aa7ffa59ec8f44d4cc33ae4ee992c9f4b046040e97f2”
}
},
{
“name”: “gcr.io/distroless/static-debian10”,
“digest”: {
“sha256”: “9acfd1fdf62b26cbd4f3c31422cf1edf3b7b01a9ecee00a499ef8b7e3536914d”
}
},
{
“name”: “gcr.io/distroless/static-debian10”,
“digest”: {
“sha256”: “e50641dbb871f78831f9aa7ffa59ec8f44d4cc33ae4ee992c9f4b046040e97f2”
}
}
],
“predicate”: {
“invocation”: {
“parameters”: [
“MANIFEST_SUBSECTION={string 0 []}”,
“CHAINS-GIT_COMMIT={string 976c1c9bc178ac0371d8888d69893145c3df09f0 []}”,
“CHAINS-GIT_URL={string https://github.com/GoogleContainerTools/distroless []}”
],
“recipe_uri”: “task://distroless-provenance”,
“event_id”: “531c282f-806e-41e4-b3ad-b596c4283381”,
“builder.id”: “tekton-chains”
},
“recipe”: {
“steps”: [
{
“entryPoint”: “#!/bin/sh\nset -ex\n\n# get the digests for a subset of images built, and store in the IMAGES result\ngo run provenance/provenance.go images $(params.MANIFEST_SUBSECTION) > $(results.IMAGES.path)\n”,
“arguments”: null,
“environment”: {
“container”: “provenance”,
“image”: “docker.io/library/golang@sha256:cb1a7482cb5cfc52527c5cdea5159419292360087d5249e3fe5472f3477be642”
},
“annotations”: null
}
]
},
“metadata”: {
“buildStartedOn”: “2021-09-16T00:03:04Z”,
“buildFinishedOn”: “2021-09-16T00:04:36Z”
},
“materials”: [
{
“uri”: “https://github.com/GoogleContainerTools/distroless”,
“digest”: {
“revision”: “976c1c9bc178ac0371d8888d69893145c3df09f0”
}
}
]
}
}
As you might guess, our next step is getting distroless to SLSA 3, which will require adding non-falsifiable provenance and isolated builds to the distroless supply chain. Stay tuned for more!