Language Selection

English French German Italian Portuguese Spanish

Malicious Proprietary Software From Microsoft and Google

Filed under
Google
Microsoft
  • Microsoft rolls out a new update for Surface Duo SDK Preview

    The new update is available for Mac, Windows and Ubuntu....

  • Microsoft Brings Its Windows 10 Antivirus Arsenal to Linux [Ed: Wow. Softpedia's "LINUX" section (Popa) is now an arm of Microsoft proprietary software marketing. Sure missing Marius Nester there. Whose arsenal is this? NSA's?]
  • Microsoft: Linux Defender antivirus now in public preview, iOS and Android are next [Ed: Of course Microsoft's sponsored propaganda network also promotes Microsoft proprietary software in the “LINUX” section. It does this all the time. The site has also just put "GitHub: We won't take down any of your content unless we really have to" under the "LINUX" section because proprietary software (GitHub) is somehow "LINUX"?!]
  • Chrome deploys deep-linking tech in latest browser build despite privacy concerns

    Google has implemented a browser capability in Chrome called ScrollToTextFragment that enables deep links to web documents, but it has done so despite unresolved privacy concerns and lack of support from other browser makers.

    Via Twitter on Tuesday, Peter Snyder, privacy researcher at privacy-focused browser maker Brave Software, observed that ScrollToTextFragment shipped earlier this month in Chrome 80 unflagged, meaning it's active, despite privacy issues that have been raised.

    "Imposing privacy and security leaks to existing sites (many of which will never be updated) REALLY should be a 'don't break the web,' never-cross redline," he wrote. "This spec does that."

    The debate over the feature percolated last year on mailing lists and in GitHub issues posts and picked up in October when the team working on Chrome's Blink engine declared their intent to implement the specification. The feature rollout serves to illustrate that the consensus-based web standards process doesn't do much to constrain the technology Google deploys.

  •      

  • New Mexico Sues Google Over Collection of Children's Data

           

             

    New Mexico’s attorney general sued Google Thursday over allegations the tech company is illegally collecting personal data generated by children in violation of federal and state laws.

More in Tux Machines

DownZemAll is an open source download manager for Windows, Linux and macOS

Recently, while casually browsing GitHub, I came across a name that seemed familiar at first; it turned out to be a new download manager called DownZemAll. The program's name is very similar to the popular DownloadThemAll! extension for Firefox, which is what surprised me. The official page reveals that the developer of DownZemAll started the project during the time the legacy add-on stopped working with Firefox Quantum, and seems to have used it as the inspiration to rewrite this application. But that's where the similarities end, because DownZemAll is a desktop program. Let's take a look at it to see how it stacks up. The interface is mostly what you'd expect in a download manager: a menu bar, toolbar, the main pane, but unlike others, DownZemAll has a sidebar too. The options in the side panel are also available from the right-click menu. Read more

Audiocasts/Shows: Choose Linux, The Linux Link Tech Show, Bad Voltage

You Can Now Buy a PinePhone Preloaded with Ubuntu Touch

Ubuntu Touch, also known by the name UBports, is a community-maintained version of Ubuntu for phones and tablets based on Ubuntu 16.04 LTS. It is a direct continuation of the codebase Canonical cancelled a few years back. From today you (and anyone else interested) can preorder a PinePhone Community Edition with UBports direct from the Pine64 Store. Read more

Kernel: New LWN Articles and SELinux in Next Linux

  • Automatic buffer selection for io_uring

    The io_uring subsystem has, in the last year, redefined how asynchronous I/O is done on Linux systems. As this subsystem grows in both capability and users, though, it starts to run into limitations in the types of operations that can be expressed. That is driving a number of changes in how operations are programmed for io_uring. One example is the mechanisms considered for carrying a file descriptor between operations that was covered here in early March. Another has to do with how I/O buffers are chosen for operations. As io_uring developer Jens Axboe describes in this patch set, the usual mode for programs that handle large numbers of file descriptors is to use poll() to find out which descriptors are ready for I/O, then making separate calls to actually perform that I/O. One could use io_uring in this mode, but it defeats one of the purposes of the whole exercise: avoiding system calls whenever possible. The io_uring way of doing things is to just queue an asynchronous operation on every file descriptor, then react to the resulting events whenever one of those operations is executed. Working that way can indeed reduce system calls — all the way to zero if the request ring is kept full. But it also requires allocating a separate I/O buffer for each of those queued operations, even though many of them may not execute for an indefinite period of time. The poll() method, instead, allows an application to defer buffer allocation until a buffer is actually needed. Losing that flexibility can result in significantly higher memory use for applications that keep a large number of operations outstanding.

  • Working-set protection for anonymous pages

    A bit of background may be helpful for understanding how this patch set works; we'll start with a highly oversimplified picture, then add some details as we go. Virtual-memory systems allow applications to address far more memory than can actually fit into the physical memory installed in the system, so a significant part of any given process's address space is likely to exist only on secondary storage at any given time. Obviously, the pages that are in physical memory should be the ones that the process is going to use in the near future. The kernel cannot know for sure which pages will be useful, though, so it must fall back onto a set of heuristics that allow it to guess as well as it can. Some of those heuristics are reasonably straightforward. For example, if a process is observed to be working through a file sequentially, chances are pretty good that it will soon be wanting the pages of the file immediately after those it is accessing now. Another heuristic, found at the core of almost any virtual-memory implementation, is that pages that have been used recently are likely to be used in the future, while those that have languished unused for a while may not be worth keeping around. To implement that last approach, the kernel maintains a "least-recently used" (LRU) list; all user-space pages in physical memory are kept on that list. The kernel occasionally checks the pages on the LRU list and moves those that have been accessed recently to the head of the list. When more memory is needed, to bring in pages from secondary storage, for example, pages at the tail end of the list are reclaimed. In truth, the kernel maintains more than one LRU list. To begin with, the "LRU list" is actually two lists: the "active" and "inactive" lists. The active list functions mostly as described in the previous paragraph, except that, when pages fall off the tail of the list, they are put onto the inactive list instead. At that point, the protections on those pages are set to disallow all user-space access. Should some process access one of those pages, a "soft" page fault will result; the page will be made accessible again and returned to the active list. When memory is needed, pages will be reclaimed from the inactive list.

  • SELinux Seeing Performance Improvements With Linux 5.7

    A few months back when we last looked at the performance impact of having SELinux enabled there was a hit but not too bad for most workloads. But we'll need to take another look soon as with the Linux 5.7 kernel are some performance improvements and more for SELinux. The NSA-backed Security Enhanced Linux has seen a fair amount of work build up for the now-open Linux 5.7 kernel merge window.