Language Selection

English French German Italian Portuguese Spanish

Slashdot

Syndicate content Slashdot: Linux
News for nerds, stuff that matters
Updated: 50 min 5 sec ago

Fedora Drops 32-Bit Linux

50 min 5 sec ago

Fedora Linux 31 Beta is Here

50 min 5 sec ago

CentOS 8 To Be Released Next Week

Saturday 12th of October 2019 09:58:01 PM

Linux 5.3 Released

Thursday 10th of October 2019 05:58:01 PM

Linux Foundation Survey Proves Open-Source Offices Work Better

Wednesday 9th of October 2019 02:58:01 PM

Huawei Starts Selling Laptops With Linux Preinstalled

Monday 7th of October 2019 08:58:02 PM

More in Tux Machines

4 Free and Open Source Alternatives to Adobe Photoshop

Adobe Photoshop is a premium image editing and design tool available for Windows and macOS. Undoubtedly, almost everyone knows about it. It’s that popular. Well, you can use Photoshop on Linux using Windows in a virtual machine or by using Wine – but that is not an ideal experience. In general, we don’t have a lot of options available as a replacement for Adobe Photoshop. However, in this article, we shall mention some of the best open-source Photoshop alternatives available for Linux (with cross-platform support as well). Do note that Photoshop is not just a photo editor. It’s used by photographers, digital artists, professional editors for various usage. The alternative software here may not have all the features of Photoshop but you can use them for various task that you do in Photoshop. Read more

Security Leftovers

  • Use sshuttle to build a poor man’s VPN

    Nowadays, business networks often use a VPN (virtual private network) for secure communications with workers. However, the protocols used can sometimes make performance slow. If you can reach reach a host on the remote network with SSH, you could set up port forwarding. But this can be painful, especially if you need to work with many hosts on that network. Enter sshuttle — which lets you set up a quick and dirty VPN with just SSH access. Read on for more information on how to use it. The sshuttle application was designed for exactly the kind of scenario described above. The only requirement on the remote side is that the host must have Python available. This is because sshuttle constructs and runs some Python source code to help transmit data. [...] Depending on the capabilities of your system and the remote system, you can use sshuttle for an IPv6 based VPN. You can also set up configuration files and integrate it with your system startup if desired. If you want to read even more about sshuttle and how it works, check out the official documentation.

  • Hardening Firefox against Injection Attacks

    Firefox not only renders web pages on the internet but also ships with a variety of built-in pages, commonly referred to as about:pages. Such about: pages provide an interface to reveal internal state of the browser. Most prominently, about:config, which exposes an API to inspect and update preferences and settings which allows Firefox users to tailor their Firefox instance to their specific needs. Since such about: pages are also implemented using HTML and JavaScript they are subject to the same security model as regular web pages and therefore not immune against code injection attacks. More figuratively, if an attacker manages to inject code into such an about: page, it potentially allows an attacker to execute the injected script code in the security context of the browser itself, hence allowing the attacker to perform arbitrary actions on the behalf of the user. To better protect our users and to add an additional layer of security to Firefox, we rewrote all inline event handlers and moved all inline JavaScript code to packaged files for all 45 about: pages. This allowed us to apply a strong Content Security Policy (CSP) such as ‘default-src chrome:’ which ensures that injected JavaScript code does not execute. Instead JavaScript code only executes when loaded from a packaged resource using the internal chrome: protocol. Not allowing any inline script in any of the about: pages limits the attack surface of arbitrary code execution and hence provides a strong first line of defense against code injection attacks.

  • IPFire on AWS: Update to IPFire 2.23 - Core Update 136

    Today, we have updated IPFire on AWS to IPFire 2.23 - Core Update 136 - the latest official release of IPFire. This update includes security fixes for OpenSSL and the Linux kernel, an updated Perl, and of course many other fixes throughout the whole system.

  • Pros and cons of event-driven security

    Great news, everyone! Forrester Research says that 95% of all recorded breaches in 2016 came from only three industries: government, technology, and retail. Everyone else is safe... ish, right? Hold on for a moment. Tech? Retail? What kind of industry diversification is this? We are, after all, living in 2019, where every business is a tech business. And all of us are continuously selling something, whether it’s an innovative product or an amazing service. So what the report should have said is that 95% of all recorded breaches came from attacks on 95% of all businesses both online and offline. And some of the attackers went for the .gov. More on the matter, 43% of attackers target small businesses—and that’s a lot considering that, on average, a hack attempt takes place every 39 seconds. To top things off, the average cost of a data breach in 2020 is expected to exceed $150 million. These stats sound a bit more terrifying out of context, but the threat is still very much real. Ouch.

Programming: Elana Hashman, Red Hat Pushing Microsoft (.NET) and More

  • PyDev of the Week: Elana Hashman

    This week we welcome Elana Hashman (@ehashdn) as our PyDev of the Week! Elana is a director of the Open Source Initiative and a fellow of the Python Software Foundation. She is also the Clojure Packaging Team lead and a Java Packaging Team member. You can see some of her work over on Github. You can also learn more about Elana on her website. Let’s take a few moments to get to know her better!

  • Eclipse Che 7 and the .NET developer

    Eclipse Che 7, an open source in-the-browser development environment, allows you to define custom workspaces for your software development. Think of a workspace as you would think of a development PC: You have an operating system, programming language support, and all the tools necessary to write code. In this article, I’ll introduce the .NET developer to this new world and highlight ways you can use Eclipse Che to your advantage.

  • How to Convert String to Lowercase in Python

    Some times you may require to convert any string to lower case (all letters). This tutorial will help to convert a string (any case) to lower case as showing in the below image.

  • How to fuck up software releases

    I manage releases for a bunch of free & open-source software. Just about every time I ship a release, I find a novel way to fuck it up. Enough of these fuck-ups have accumulated now that I wanted to share some of my mistakes and how I (try to) prevent them from happening twice.

today's howtos