Language Selection

English French German Italian Portuguese Spanish

Linuxinsight

Syndicate content
LinuxInsight - aggregated feeds
Updated: 58 min 3 sec ago

LXer: How to get up and running with sweet Orange Pi

Monday 30th of January 2017 03:37:59 PM
As open source-powered hardware like Arduino and Raspberry Pi becomes more and more mainstream, its cost keeps dropping, which opens the door to new and innovative IoT and STEM applications.read more

Linux.com: IoTivity-Constrained: A Flexible Framework for Tiny Devices

Monday 30th of January 2017 03:30:42 PM

The future of IoT will be connected by tiny, resource-constrained edge devices, says Senior Software Engineer at the Intel Open Source Technology Center. And, the IoTivity-Constrained project is a small-footprint implementation of the Open Connectivity Foundation’s (OCF) standards that’s designed to run on just such devices.

Reddit: Chromium doesn't allow disabling Widevine/EME

Monday 30th of January 2017 02:56:06 PM

Reddit: I'm meeting Richard Stallman today. What would YOU want to ask Stallman?

Monday 30th of January 2017 02:52:24 PM

Richard Stallman is giving a lecture today in my town. I'll likely be able to ask questions. What would you ask Stallman?

submitted by /u/Superiorem
[link] [comments]

Reddit: BitLocker alternative for Linux

Monday 30th of January 2017 02:51:24 PM

I am searching a valuable alternative for BitLocker.

I am afraid of to use TrueCrypt and it's forked one version (VeraCrypt) but I can't see any reasonable alternatives.

What should have I use?

submitted by /u/balintbabics
[link] [comments]

Linux.com: Linux Foundation LFCS and LFCE: Jorluis Perales

Monday 30th of January 2017 02:31:35 PM
Title: Linux Foundation LFCS and LFCE: Jorluis Perales30 JanLearn more

Linux.com: Lessons Learned Running IBM Watson on Mesos

Monday 30th of January 2017 02:00:05 PM

All these newfangled container and microservices technologies inspire all manner of ingenious experiments, and running IBM's Watson on Apache Mesos has to be one of the most -- maybe it's not fair to say crazy -- but certainly ambitious. Jason Adelman of IBM tells us the story of this novel endeavor at MesosCon Asia 2016.

Reddit: Free as in Freedom *and* as in Cost

Monday 30th of January 2017 01:18:32 PM

When we the free software community speak of Linux and GNU, we focus on freedom to tinker, audit, modify, use, and redistribute. I'm leaving aside privacy and security for this post.

But all of the rights except privacy and security only matter because of cost, right? The billionaire that can't read his Apple iTunes ebooks on his Amazon Kindle can just buy a second copy from Amazon. Windows X install trashed? Buy a new computer. Can't use your Windows copy of Battlefield 1 on the Playstation? Buy another copy. Can't use your old printer with the new version of Windows? Buy another printer. Can't get security updates for your three month old Android phone because the vendor doesn't distribute any and the boot loader is locked? Buy another phone.

Free software matters because every single person can never have an infinite budget. Billions of people have no computing access or an inferior computing access because of proprietary software licensing costs, or because they have access to hardware without any proprietary software support and also without free software operating systems and drivers.

As part of this, I think Linux and free software enthusiasts content for us to be a 1% or 2% niche of the computing world are short-sighted. The poor kid down the block or the poor villager across the globe will never be of interest to Microsoft, Apple, Oracle, Google, or Samsung. But we can help them reach Wikipedia, Tor, Khan Academy, etc... etc... when the companies don't care.

submitted by /u/bobthecimmerian
[link] [comments]

TuxMachines: Security News

Monday 30th of January 2017 01:10:20 PM
  • ATM ‘Shimmers’ Target Chip-Based Cards

    Several readers have called attention to warnings coming out of Canada about a supposedly new form of card skimming called “shimming” that targets chip-based credit and debit cards. Shimming attacks are not new (KrebsOnSecurity first wrote about them in August 2015), but they are likely to become more common as a greater number of banks in the United States shift to issuing chip-based cards. Here’s a brief primer on shimming attacks, and why they succeed.

  • Senior journo slams 'frustrating' Windows 10 updates

    A senior editor at the American technology news website Cnet has slammed Microsoft over what he calls the most "frustrating" thing about Windows 10: the update process that happens automatically and cannot be stopped by users.

    Sean Hollister wrote about issues that he had faced and also problems encountered by a large number of Windows 10 users, all of whom had lost work or been forced to interrupt their schedules due to a Windows 10 update.

  • Does Trump's Old Android Phone Pose Major Security Threat?

    Donald Trump is a big fan of the phones in the White House. “These are the most beautiful phones I’ve ever used in my life,” he told the New York Times in an interview this week. It’s not their aesthetics he’s drawn to, but the security built into the system that ensures no one is tapping his calls.

  • President Trump's Insecure Android

    Once compromised, the phone becomes a bug—even more catastrophic than Great Seal—able to record everything around it and transmit the information once it reattaches to the network. And to be clear even a brand new, fully updated Android or iPhone is insufficient: The President of the United States is worth a great many multiples of expensive zero-day exploits.

  • Everything you know about security is wrong, stop protecting your empire!

    Let’s start with AV. A long time ago everyone installed an antivirus application. It’s just what you did, sort of like taking your vitamins. Most people can’t say why, they just know if they didn't do this everyone would think they're weird. Here’s the question for you to think about though: How many times did your AV actually catch something? I bet the answer is very very low, like number of times you’ve seen bigfoot low. And how many times have you seen AV not stop malware? Probably more times than you’ve seen bigfoot. Today malware is big business, they likely outspend the AV companies on R&D. You probably have some control in that phone book sized policy guide that says you need AV. That control is quite literally wasting your time and money. It would be in your best interest to get it changed.

    Usability vs security is one of my favorite topics these days. Security lost. It’s not that usability won, it’s that there was never really a battle. Many of us security types don’t realize that though. We believe that there is some eternal struggle between security and usability where we will make reasonable and sound tradeoffs between improving the security of a system and adding a text field here and an extra button there. What really happened was the designers asked to use the bathroom and snuck out through the window. We’re waiting for them to come back and discuss where to add in all our great ideas on security.

  • Reproducible Builds: week 91 in Stretch cycle

    Verifying Software Freedom with Reproducible Builds will be presented by Vagrant Cascadian at Libreplanet2017 in Boston, March 25th-26th.

  • Linux devices with standard settings infected by Linux.Proxy.10 malware

    Linux operating system was once known to be the most secure OS in the world, but things have changed since security researchers have found malware like Mirai and Bashlite infecting Linux-devices turning them into DDoS botnets. Now, another malware has been discovered targeting Linux.

read more

TuxMachines: Red Hat and Fedora

Monday 30th of January 2017 01:08:09 PM

read more

Phoronix: AMDGPU Winsys Gets Minor Optimization From Pitoiset

Monday 30th of January 2017 12:57:13 PM
Samuel Pitoiset, former Nouveau contributor who is now working for Valve on AMD open-source Linux driver optimizations, landed some improvements this morning in Mesa Git...

Reddit: htop Explained Visually

Monday 30th of January 2017 12:52:06 PM

Phoronix: LibreOffice 5.3 Is Coming This Week, A Look At The New Features

Monday 30th of January 2017 12:35:31 PM
LibreOffice 5.3 is expected to be released this week as the latest feature update to this cross-platform, open-source office suite. Here's a quick feature overview look for those interested in LibreOffice 5.3...

TuxMachines: Deputy decries lack of support for Linux in French Assembly

Monday 30th of January 2017 12:25:33 PM

The IT department at the French National Assembly should improve its support for Linux, says National Assembly Deputy Sergio Coronado. In a letter to the Assembly’s president, he objects to the lack of software updates and absence of technical support for deputies that use Linux on their computers.

read more

Reddit: Collection of Linux fortunes ❤

Monday 30th of January 2017 12:02:39 PM

Phoronix: Older Intel Graphics To Drop From OpenGL 2.1 To 1.4 On Linux

Monday 30th of January 2017 11:35:05 AM
For older Intel i915~i945 graphics hardware, the Linux Mesa driver has exposed OpenGL 2.1 support while under Windows these ~12+ year old integrated graphics have only exposed OpenGL 1.4. Mesa now though might withdraw its OpenGL 2 support by default for older hardware on the i915 driver...

More in Tux Machines

today's leftovers

  • LinuXatUSIL – Previas 2 for #LinuxPlaya
    Damian from GNOME Argentina explained us some code based on this tutorial and the widgets in Glade were presented.
  • RancherOS v0.8.0 released! [Ed: and a bugfix release, 0.8.1, out today]
    RancherOS v0.8.0 is now available! This release has taken a bit more time than prior versions, as we’ve been laying more groundwork to allow us to do much faster updates, and to release more often.
  • The Technicals For Red Hat, Inc. (RHT) Tell An Interesting Tale
  • Ubuntu 17.04 Beta 1 Released | New Features And Download
    Ubuntu 17.04 Zesty Zapus Beta 1 release is finally here. If you’re interested, you can go ahead and download the ISO images of the participating flavors, which are, Lubuntu, Kubuntu, Xubuntu, Ubuntu Budgie, Ubuntu GNOME, Ubuntu Kylin, and Ubuntu Studio. Powered by Linux kernel 4.10, these releases feature the latest stable versions of their respective desktop environments. This release will be followed by the Final Beta release on March 23 and final release on April 13.
  • Ubuntu 17.04 Beta 1 Now Available to Download
    The first beta releases in the Ubuntu 17.04 development cycle are ready for testing, with Xubuntu, Ubuntu GNOME and Ubuntu Budgie among the flavors taking part.

FOSS Policies

Leftovers: BSD

Security Leftovers

  • Stop using SHA1 encryption: It’s now completely unsafe, Google proves
    Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm's use for security-sensitive functions should be discontinued as soon as possible. SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made. However, despite these efforts to phase out the use of SHA-1 in some areas, the algorithm is still fairly widely used to validate credit card transactions, electronic documents, email PGP/GPG signatures, open-source software repositories, backups and software updates.
  • on pgp
    First and foremost I have to pay respect to PGP, it was an important weapon in the first cryptowar. It has helped many whistleblowers and dissidents. It is software with quite interesting history, if all the cryptograms could tell... PGP is also deeply misunderstood, it is a highly successful political tool. It was essential in getting crypto out to the people. In my view PGP is not dead, it's just old and misunderstood and needs to be retired in honor. However the world has changed from the internet happy times of the '90s, from a passive adversary to many active ones - with cheap commercially available malware as turn-key-solutions, intrusive apps, malware, NSLs, gag orders, etc.
  • Cloudflare’s Cloudbleed is the worst privacy leak in recent Internet history
    Cloudflare revealed today that, for months, all of its protected websites were potentially leaking private information across the Internet. Specifically, Cloudflare’s reverse proxies were dumping uninitialized memory; that is to say, bleeding private data. The issue, termed Cloudbleed by some (but not its discoverer Tavis Ormandy of Google Project Zero), is the greatest privacy leak of 2017 and the year has just started. For months, since 2016-09-22 by their own admission, CloudFlare has been leaking private information through Cloudbleed. Basically, random data from random sites (again, it’s worth mentioning that every site that used CloudFlare in the last half year should be considered to having fallen victim to this) would be randomly distributed across the open Internet, and then indefinitely cached along the way.
  • Serious Cloudflare bug exposed a potpourri of secret customer data
    Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug exposed a range of sensitive information that could have included passwords and cookies and tokens used to authenticate users. A combination of factors made the bug particularly severe. First, the leakage may have been active since September 22, nearly five months before it was discovered, although the greatest period of impact was from February 13 and February 18. Second, some of the highly sensitive data that was leaked was cached by Google and other search engines. The result was that for the entire time the bug was active, hackers had the ability to access the data in real-time by making Web requests to affected websites and to access some of the leaked data later by crafting queries on search engines. "The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare CTO John Graham-Cumming wrote in a blog post published Thursday. "We are disclosing this problem now as we are satisfied that search engine caches have now been cleared of sensitive information. We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."