Language Selection

English French German Italian Portuguese Spanish

Linuxinsight

Syndicate content
LinuxInsight - aggregated feeds
Updated: 27 min 58 sec ago

TuxMachines: MySQL Patching

Wednesday 14th of September 2016 12:05:13 PM
  • MySQL 0-day could lead to total system compromise
  • MySQL Exploit Evidently Patched

    News began circulating yesterday that the popular open source database MySQL contains a publicly disclosed vulnerability that could be used to compromise servers. The flaw was discovered by researcher Dawid Golunski and began getting media attention after he published a partial proof-of-concept of the exploit, which is purposefully incomplete to prevent abuse. He said the exploit affects "all MySQL servers in default configuration in all version branches (5.7, 5.6, and 5.5) including the latest versions." In addition, MariaDB and Percona DB which are derived from MySQL are affected.

read more

TuxMachines: Security News

Wednesday 14th of September 2016 10:49:46 AM
  • Tuesday's security updates
  • [Mozilla:] Cybersecurity is a Shared Responsibility

    There have been far too many “incidents” recently that demonstrate the Internet is not as secure as it needs to be. Just in the past few weeks, we’ve seen countless headlines about online security breaches. From the alleged hack of the National Security Agency’s “cyberweapons” to the hack of the Democratic National Committee emails, and even recent iPhone security vulnerabilities, these stories reinforce how crucial it is to focus on security.

    Internet security is like a long chain and each link needs to be tested and re-tested to ensure its strength. When the chain is broken, bad things happen: a website that holds user credentials (e.g., email addresses and passwords) is compromised because of weak security; user credentials are stolen; and, those stolen credentials are then used to attack other websites to gain access to even more valuable information about the user.

    One weak link can break the chain of security and put Internet users at risk. The chain only remains strong if technology companies, governments, and users work together to keep the Internet as safe as it can be.

  • IoT malware exploits DVRs, home cameras via default passwords

    The Internet of Things business model dictates that devices be designed with the minimum viable security to keep the products from blowing up before the company is bought or runs out of money, so we're filling our homes with net-connected devices that have crummy default passwords, and the ability to probe our phones and laptops, and to crawl the whole internet for other vulnerable systems to infect.

    Linux/Mirai is an ELF trojan targeting IoT devices, which Malware Must Die describes as the most successful ELF trojan. It's very difficult to determine whether these minimal-interface devices are infected, but lab tests have discovered the malware in a wide range of gadgets.

  • Someone Is Learning How to Take Down the Internet

    First, a little background. If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack (DDoS). Like the name says, this is an attack designed to prevent legitimate users from getting to the site. There are subtleties, but basically it means blasting so much data at the site that it's overwhelmed. These attacks are not new: hackers do this to sites they don't like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it's a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.

  • Internet's defences being probed: security expert

    A big player, most possibly a nation state, has been testing the security of companies that run vital parts of the Internet's infrastructure, according to well-known security expert Bruce Schneier.

    In an essay written for the Lawfare blog, Schneier, an inventor of the Blowfish, Twofish and Yarrow algorithms, said that the probes which had been observed appeared to be very carefully targeted and seemed to be testing what exactly would be needed to compromise these corporations.

    Schneier said he did not know who was carrying out the probes but, at a first guess, said it was either China or Russia.

    Pointing out that the easiest way to take a network off the Internet was by using a distributed denial of service (DDoS) attack, he said that major firms that provide the basic infrastructure to make the Internet work had recently seen an escalation of such attacks.

  • Hackers smear Olympic athletes with data dump of medical files

    Hackers are trying to tarnish the U.S. Olympic team by releasing documents they claim show athletes including gymnast Simone Biles and tennis players Venus and Serena Williams used illegal substances during the Rio Games.

    The medical files, allegedly from the World Anti-Doping Agency, were posted Tuesday on a site bearing the name of the hacking group Fancy Bears. “Today we'd like to tell you about the U.S. Olympic team and their dirty methods to win,” said a message on the hackers' site.

    The World Anti-Doping Agency confirmed it had been hacked and blamed Fancy Bears, a Russian state-sponsored cyber espionage team that is also known as APT 28 -- the very same group that may have recently breached the Democratic National Committee.

read more

TuxMachines: 7 KDE Apps You Should Know About

Wednesday 14th of September 2016 10:41:25 AM

KDE regularly polls as the most popular desktop environment for Linux. However, because more desktops use GNOME applications, to many users KDE might as well be a separate operating system. That is unfortunate, because some of the most feature-rich free applications are designed for KDE.

I am not referring here to utilities like the Kate text editor, the Konsole terminal, or even the Dolphin file manager. All of these are well-integrated into KDE and have all the features any user could want, but most of them are matched by GNOME counterparts. Rather, I am thinking of applications that are outstanding by any measure, the best of breed in their software categories.

read more

LXer: KaOS 2016.09 Is Here as the First Linux Distro to Offer KDE Plasma 5.8 LTS Beta

Wednesday 14th of September 2016 10:09:48 AM
The KaOS development team had the great pleasure of announcing the availability of a new, updated installation medium of their KaOS Linux computer operating system.

TuxMachines: Lubuntu 16.04 - good operating system with a bit of disappointment

Wednesday 14th of September 2016 09:45:44 AM

The reason? I am not so fond of an LXDE desktop environment that isn't an integrated desktop environment per se, but rather a collection of different small tools under the same roof.

But anyway I thought there should be a review for this distribution, especially because it is in the Top-20 of Distrowatch rating.

As happened multiple times before, the trigger was a request from my customers. One of them ordered a disk with Lubuntu 16.04 operating system. You can order your personal copy of Lubuntu operating system too!

read more

TuxMachines: Linux helped me grow as a musician

Wednesday 14th of September 2016 09:28:33 AM

In the early days of Linux it was possible to do high-quality audio recording, but it was often difficult to set up. Then Ubuntu Studio made it a lot easier.

Back in 2000-2002, after studying B2B marketing, I started to work at an engineering office. Aside from marketing and sales stuff, I was in charge of optimizing the number of workstations and licenses to match our real needs and cut costs.

We had many expensive CAD workstations that were mainly running Unix at the time, from vendors such as SGI, IBM, and Sun, with costly CATIA, Euclid, and Unigraphics software.

I was a computer geek but because of my studies in marketing, I didn't have the opportunity to play with Unix systems. Then I discovered GNU/Linux, and I downloaded some available distributions, including Red Hat, Mandrake, and Debian. These distros were not easy to install like they are today, and often even getting the network working was difficult, but having a terminal on a cheap laptop was great.

In 2004 I adopted Ubuntu, a version of Linux that was good for new users.

Thanks to Framasoft.org, I already was using a lot of open source applications before switching to Linux, such as Firefox, OpenOffice, Gimp, and Inkscape.

read more

TuxMachines: Linux and Graphics

Wednesday 14th of September 2016 09:18:10 AM

read more

LXer: Lubuntu 16.04 - good operating system with a bit of disappointment

Wednesday 14th of September 2016 09:12:37 AM
The Lubuntu distribution is an LXDE-based reincarnation of Ubuntu that is officially created and supported by Canonical.

TuxMachines: Games for GNU/Linux

Wednesday 14th of September 2016 09:10:55 AM

read more

Reddit: Little wonky things about Unity desktop

Wednesday 14th of September 2016 08:53:28 AM

So, I personally am a Unity user because it looks great, it is stable, things are not moved around between releases, the user experience is comfortable, and there is just a professional feeling all around.

There is, however, a bunch of small UX lemons that I have found:

  • On every login, I am reminded that my hostname is not compatible with something called Avahi, and thus Avahi is disabled. Why would this be important to mention? I would expect it to be the other way around: when you explicitly want to start using Avahi, it would tell you that you have to modify your hostname.
  • Despite setting all my update preferences to "every two weeks", the update dialog pops up on every login, and when I click "Remind me later", it pops up for another occasion after couple of minutes.
  • Hibernate is still disabled by default, even though it would work just fine on many machines. Even suspend does not work reliably on all machines with Linux anyway, so why be so conservative about hibernate?
  • When I open the mini calendar from the top bar, the current day is highlighted with orange color. However, when I change the month, the same day (by number) is highlighted from that other month. This can create an impression that the current month is something different than it actually is.

There could be some garden party to do something about these little papercuts. Have you found any others?

submitted by /u/jones_supa
[link] [comments]

LXer: Classic Unix/Linux editor Vim gets first update in years

Wednesday 14th of September 2016 08:15:26 AM
After more than a decade, the vi, or Vim, editor is getting a major update.

Reddit: Someone Is Learning How to Take Down the Internet

Wednesday 14th of September 2016 07:19:54 AM

LXer: An open source perspective on the Internet of Things (part 1)

Wednesday 14th of September 2016 07:18:15 AM
This post is the first in a series that examines the IoT, with a focus on Linux and other open source technologies used in home and industrial automation. ? ? An Open Source Perspective on the Internet of Things Part 1: Who Needs It? ? Last week, the Raspberry Pi Foundation announced it has sold […]

LXer: GNOME 3.26 Linux Desktop to Be Dubbed Manchester, After GUADEC 2017's Host City

Wednesday 14th of September 2016 06:21:04 AM
Now that the GUADEC event for the soon-to-be-released GNOME 3.22 desktop environment has come to an end, the GNOME Project is already planning for the next year's installation.

Reddit: Making music on Linux

Wednesday 14th of September 2016 05:29:34 AM

Hello, I have a question for people who use Linux for music production. Could anyone recommend some good tutorials on Linux music software? I've used ReNoise and Ardour in the past, but I've just installed KXStudio and want to use the full benefits of Jack, standalone synths/drum machines/modules, MIDI/sound routing, VeSTige, etc. It seems like a lot to take on, but it also seems like the benefits of utilizing all of this would be extremely rewarding.

submitted by /u/Ciderbat
[link] [comments]

LXer: Easy way to install Oracle VirtualBox On Arch Linux & Manjaro

Wednesday 14th of September 2016 05:23:53 AM
Are you facing trouble to install Oracle VirtualBox On Arch Linux & Manjaro ? Don't worry, here is the article for you.

Reddit: nvcc command not found

Wednesday 14th of September 2016 05:09:24 AM

Hey everyone! I'm trying to compile a software and when I type "make" I get a few errors : /bin/sh: nvcc: command not found Makefile:1154: recipe for target 'cryptonight/cryptonight.o' failed make[2]: *** [cryptonight/cryptonight.o] Error 127 make[2]: Leaving directory '/home/sbourgeois/Downloads/ccminer-cryptonight-daemon' Makefile:728: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/home/sbourgeois/Downloads/ccminer-cryptonight-daemon' Makefile:398: recipe for target 'all' failed make: *** [all] Error 2

I've been looking around to be able to "find" the nvcc command but everything I've tried didn't work. If you guys could help me that's be great!

I run on Fedora 23 and 24

submitted by /u/shbour
[link] [comments]

More in Tux Machines

Kubuntu 16.10 Finally Gets a Public Release, Beta 2 Uses KDE Plasma 5.7 Desktop

Earlier today, September 28, 2016, Canonical announced the release of Ubuntu 16.10 (Yakkety Yak) Final Beta, which is also the Beta 2 snapshot for some of the opt-in flavors, including Kubuntu. Read more

Black Panther OS Is No Cool Cat

Installation requires at least 10 GB of hard drive space and 1.5 GB memory. Normally, those requirements are not an issue. It becomes one, however, when installing to a virtual machine. Avoid two annoyances with installing Black Panther OS. The cancel/next buttons on the bottom of the screen did not show until I narrowed the height of the panel bar. Read more

Tiny, open, $18 quad-core SBC has WiFi, BT, eMMC, microSD

FriendlyARM’s 40 x 40mm “NanoPi Neo Air” hacker SBC runs Ubuntu Core on an Allwinner H3 with 8GB eMMC, WiFi, BT, a DVP cam connector, and a microSD slot. The NanoPi Neo Air is a respin of the astonishingly affordable, $8 NanoPi Neo that shipped in July, and has the same 40 x 40mm dimensions as the Neo, making the two boards the smallest quad-core SBCs around. The Neo Air adds WiFi, Bluetooth 4.0, 8GB eMMC, and a DVP camera connector while sacrificing the Ethernet and USB host ports. It debuts at $18, but will eventually move to $20. Read more

Lubuntu 16.10 Beta 2 Comes with LXDE as LXQt Got Postponed Until Lubuntu 17.04

As part of today's Ubuntu 16.10 (Yakkety Yak) Final Beta release, Simon Quigley and hard working folks from the Lubuntu team had the great pleasure of announcing the release of Lubuntu 16.10 Beta 2. Read more