today's howtos

• How to use wall command in linux - Unixcop

  wall is (an abbreviation of write to all) is a Unix command-line utility that displays the contents of a computer file or standard input to all logged-in users. It is used by root to send out shutting down message to all users just before poweroff. It displays a message on the terminals of all logged-in users. The messages can_be either typed on the terminal or the contents of a file. Also usually, system administrators send messages to announce maintenance and ask users to log out and close all open programs.The messages ‘re shown to all logged in users with a terminal open.

• Any Port in a Storm: Ports and Security, Part 1

  When IT and Security professionals talk about port numbers, we’re referring to the TCP and UDP port numbers a service is running on that are waiting to accept connections. But what exactly is a port?

• Book Review: Data Science at the Command Line By Jeroen Janssens

  Data Science at the Command Line: Obtain, Scrub, Explore, and Model Data with Unix Power Tools written by Jeroen Janssens is the second edition of the series “Data Science at the Command Line”. This book demonstrates how the flexibility of the command line can help you become a more efficient and productive data scientist. You will learn how to combine small yet powerful command-line tools to quickly obtain, scrub, explore, and model your data. To get you started, author Jeroen Janssens provides a Docker image packed with over 80 tools–useful whether you work with Windows, macOS, or Linux.

• How to Take a Typing Test on Linux With tt

  In the modern era of technology, typing has become one of the most common activities for a lot of professions. Learning to type faster with accuracy can help you get more things done in the same amount of time. However, touch typing is not a skill that you can master overnight. It takes regular practice and testing to improve your speed and accuracy gradually. While there are a lot of websites that help you achieve this, all you essentially need on Linux is a terminal. Let's see how.

• FIX: Google Chrome doesn’t work on Kali linux

• How to install OpenToonz on a Chromebook

  Today we are looking at how to install OpenToonz on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below. If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

Security and DRM Leftovers

• Azure OMIGOD Flaw Under Attack [Ed: Microsoft Azure as de facto back door in Linux]

• Microsoft Azure OMI Vulnerabilities Are Being Exploited

• Security experts weigh in on Microsoft Azure security holes [Ed: Security experts would never touch Azure]

• Microsoft asks Azure Linux admins to manually patch OMIGOD bugs

• Apple warns of arbitrary code execution zero-day being actively exploited on Macs

  Apple has warned iPhone and Mac users it's aware of security bugs in its software that are being actively exploited. First off, the iGiant thanked Google for spotting CVE-2021-30869 in macOS Catalina. It's a nasty flaw, as it's in the XNU kernel at the heart of Apple's operating systems including macOS and iOS. As Apple's advisory explains, "a malicious application may be able to execute arbitrary code with kernel privileges" by exploiting this security hole. Thus, malware running on a system can use the bug to take total control. The fruit-themed company says the flaw existed thanks to a "type confusion issue" that was sorted out "with improved state handling."

• Microsoft WPBT flaw lets hackers install rootkits on Windows devices [Ed: Even Microsoft-connected sites such as this know that Windows is inadequate for security]

  Security researchers have found a flaw in the Microsoft Windows Platform Binary Table (WPBT) that could be exploited in easy attacks to install rootkits on all Windows computers shipped since 2012.

• Is it OK to use stolen data? What if it's scientific research in the public interest?

  There's a fine line between getting hold of data that may be in the public interest and downright stealing data just because you can. And simply because the data is out there – having been stolen by online intruders and then leaked – does not mean it is right to use it. A paper published in Nature Machine Intelligence this week is an effort to help guide data scientists and researchers through the ethical dilemmas which present themselves when considering using information obtained from data breaches.

• A new zero-day is being exploited to compromise Macs (CVE-2021-30869)

  Flagged by researchers Erye Hernandez and Clément Lecigne of Google’s Threat Analysis Group and Ian Beer of Google Project Zero, the vulnerability is a type confusion issue found in XNU, the kernel of Apple’s macOS and iOS operating systems.

• Plug critical VMware vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005)

  “This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server,” the company noted.

• Apple* and John Deere* shareholders file resolutions questioning their anti-repair stances | U.S. PIRG

  Shareholders press these leading Right to Repair opponents to explain themselves as regulatory pressure mounts 

• Ransomware attacks reach disturbing levels

• Ransomware attacks have reached 'stratospheric' levels

• Ransomware attacks reach 'stratospheric' levels finds new research

Linux 5.15-rc3

So after a somewhat rocky merge window and second rc, things are now
actually looking pretty normal for rc3. Knock wood.

There are fixes all over, and the statistics look fairly regular, with
drivers dominating as they should (since they are most of the tree).
And outside of drivers, we have a fairly usual mix of changes -
architecture fixes, networking, filesystems, and tooling (the latter
being mostly kvm selftests).

Shortlog appended, it's not too long and easy to scan through to get a
flavor for the details if you happen to care.

Please do give it a whirl,

             Linus

Huawei launches OS openEuler, aims to construct 'ecological base of national digital infrastructure'

Chinese tech giant Huawei launched openEuler operating system (OS) on Saturday, another self-developed OS after the HarmonyOS, as it tries to "solve the domestic stranglehold problem of lacking its homegrown OS in basic technology," and build a full-scenario covered ecosystem to prepare for more US bans. The openEuler OS can be widely deployed in various forms of equipment such as servers, cloud computing and edge computing. Its application scenarios cover Information Technology, Communication Technology and Operational Technology to achieve unifying an operating system with multi-device support, according to the company's introduction. In the ICT field, Huawei provides products and solutions such as servers, storage, cloud services, edge computing, base stations, routers, industrial control among others, all of which need to be equipped with an OS. Huawei has therefore been building capabilities to achieve a unified OS architecture, and meet the demands of different application scenarios, the firm said on Saturday. The openEuler program was initially announced back in 2019 as an open source operating system. Today's launch is an updated one.