Language Selection

English French German Italian Portuguese Spanish

Security and Proprietary Software

  • Patch Tuesday, January 2020 Edition

    As first reported Monday by KrebsOnSecurity, Microsoft addressed a severe bug (CVE-2020-0601) in Windows 10 and Windows Server 2016/19 reported by the NSA that allows an attacker to spoof the digital signature tied to a specific piece of software. Such a weakness could be abused by attackers to make malware appear to be a benign program that was produced and signed by a legitimate software company.

  •                    

  • Was It an Act of War? That’s Merck Cyber Attack’s $1.3 Billion Insurance Question. [iophk: Windows TCO]

                         

                           

    In all, the attack crippled more than 30,000 laptop and desktop computers at the global drugmaker, as well as 7,500 servers, according to a person familiar with the matter. Sales, manufacturing, and research units were all hit. One researcher told a colleague she’d lost 15 years of work. Near Dellapena’s suburban office, a manufacturing facility that supplies vaccines for the U.S. market had ground to a halt. “For two weeks, there was nothing being done,” Dellapena recalls. “Merck is huge. It seemed crazy that something like this could happen.”

  •                    

  • A Windows 10 Vulnerability Was Used to Rickroll the NSA and Github [iophk: Windows TCO]

                         

                           

    "What Saleem just demonstrated is: With [a short] script you can generate a cert for any website, and it's fully trusted on IE and Edge with just the default settings for Windows," Kenn White, a researcher and security principal at MongoDB, said. "That's fairly horrifying. It affects VPN gateways, VoIP, basically anything that uses network communications." (I spoke with White before Rashid had demonstrated the attack against Chrome.)

                           

    The flaw involves the way the new versions of Windows check the validity of certificates that use elliptic-curve cryptography. While the vulnerable Windows versions check three ECC parameters, they fail to verify a fourth, crucial one, which is known as a base point generator and is often represented in algorithms as G. This failure is a result of Microsoft's implementation of ECC rather than any flaw or weakness in the ECC algorithms themselves.

  • VirtaMove Announces Beta Version V-Migrate for Linux Container Migrations

    The new release of VirtaMove’s award-winning application migration product V-Migrate for Linux now moves legacy Red Hat and other Linux application infrastructure forward with a stateful re-install of applications into a container. You can now easily move legacy applications from Red Hat Enterprise Linux RHEL 5 and 6 to new Linux Docker containers on modern Linux releases and even run those containers on Microsoft Windows Server 2019. V-Migrate for Linux software automatically moves Linux-based applications from older to newer operating systems, on modern in-house servers or on hybrid or public cloud environments, including Microsoft Azure and Amazon AWS clouds. RHEL 6 reaches End of Maintenance Support 2 on November 30, 2020. On January 14, 2020, Microsoft ended all support for Windows Server 2008 R2.

More in Tux Machines

Evince chosen as the Librem 5 Document Viewer

The default Librem 5 applications define the out of the box experience. Our team has been hard at work adding essential apps that people expect from a smartphone. The latest is the popular FOSS document viewer Evince which we adapted using our powerful convergence library libhandy. We have put a lot of design and development into the idea of convergence – the ability to run applications on desktop and mobile without maintaining separate code basess or many additional views. libhandy has already been successfully used to adpat or build all the current Librem 5 apps including GNOME Settings, Epiphany, Calls, Chats and more. What makes libhandy so powerful for designers and developers is its simplicity. Just swap out your widget inheritance to use libhandy and add breakpoint logic. Read more

GNU/Linux in Devices

  • StixRF A 70 MHz 6 GHz SDR USB receiver stick

    – Control: GNU Radio support

  • 3D-printable Raspberry Pi bits and pieces you should totally make

    Recently, we’ve seen an awful lot of new designs online for 3D-printable Raspberry Pi cases and add-ons. Here are a few that definitely need your attention.

  • Best USB Gaming Controllers With Linux Support (Review) in 2020 [Ed: The links appear to be Amazon 'referral spam']

    Are you looking to get a new gaming controller for your Linux PC? Not sure which one to buy so that you don’t run into any issues? We can help, because we’ve done the research for you and our in-depth analysis can reveal which is the best product for the buck. Here’s our list with the top USB gaming controllers for Linux.

  • Best USB WiFi Adapters for Linux (Review) in 2020

    It is hard to find a Linux-compatible USB WiFi adapter these days, as mainstream manufacturers like Netgear, Belkin, and others do not take the platform seriously. As a result, many Linux users do not know what to buy. Since finding a compatible Linux WiFi adapter is so tricky we researched more than 20 models on the market — read more about our in-depth analysis and see which is the best product. Here’s our list of the best Linux compatible USB WiFi adapters.

Audiocasts/Shows: Linux in the Ham Shack and More

  • LHS Episode #326: Ni Hao, Moto

    Hello and welcome to the 326th installment of Linux in the Ham Shack. In this short-topic format show, the hosts discuss a major win for Motorola, the FCC and 5.9GHz, operating practices in Australia, iText, FreshRSS, GridTracker and much more. Thank you for listening and please, if you can, donate to our Hamvention 2020 Fund.

  • Ask Lunduke - Feb 17, 2020 - Slackware and Pre-Internet Podcasts

    Ask Lunduke is a weekly podcast where the community can ask any question they like… and I (attempt to) answer them. This episode is available via Podcast RSS feed, LBRY, Patreon, and YouTube. Links on the left. Topics on Ask Lunduke this week: Why does closed source software exist? How can we fix WHOIS? Would a Star Trek Land be more popular than Disney's Star Wars Land?

  • Another Look at My Homelab (More Detail)

    You asked for more detail on my Homelab, so here it is. In this video, I go over a bit more detail on how my Homelab is organized, so you can get an idea on how everything is connected together.

Red Hat OpenShift, Satellite and Latest Brag

  • OpenShift 4.3: Console Customization: YAML Samples

    Out of the box, OpenShift 4 provides a few examples for users. With this new extension mechanism users can now add their own YAML sample for all users on the Cluster. Let us look at how we can manually add a YAML example to the cluster. First we need to navigate to the Custom Resource Definition navigation item and search for YAML:

  • Red Hat Satellite Ask Me Anything Q&A from January 15, 2020

    This post covers the questions and answers during the January 2020 Satellite Ask Me Anything (AMA) calls. For anyone not familiar, the Satellite AMAs are an "ask me anything" (AMA) style event where we invite Red Hat customers to bring all of their questions about Red Hat Satellite, drop them in the chat, and members of the Satellite product team answers as many of them live as we can during the AMA and we then follow up with a blog post detailing the questions and answers.

  • Red Hat named to Fortune’s 100 Best Companies to Work For list for 2nd year in a row

    If you ask Red Hatters why they love working for Red Hat, you’ll hear a common theme. The culture and the people. I frequently hear from new Red Hatters that it just feels different to work here. It’s clear our associates are passionate about being apart of something bigger than themselves, a movement. As a result, Red Hat has been ranked No. 48 on Fortune Magazine's list of 100 Best Companies to Work For! This is our second consecutive year making the list and it’s most gratifying that in a year full of exciting change, one thing has remained constant. Red Hat is still Red Hat and it is a great place to work! Thinking back on this year and all that we’ve experienced, I’m grateful that we have put a great deal of attention and focus on continuing Red Hat’s culture because of the value it brings to our associates, customers, partners and the industry as a whole. We are all committed to preserving our way of working and this latest recognition is a testament to this effort. As we move forward, we are laser focused on maintaining what we do and how we do it—the open source way.