Language Selection

English French German Italian Portuguese Spanish

KDE: Debian's Builds of KDE/Plasma, Krita Report and KDE on Instagram

Filed under
KDE
  • Norbert Preining: KDE/Plasma updates for Debian sid/testing

    I have written before about getting updated packages for KDE/Plasma on Debian. In the meantime I have moved all package building to the openSUSE Build Service, thus I am able to provide builds for Debian/testing, both i386 and amd64 architectures.

  • [Krita's] April Development Update

    With near infinite difficulty we managed to release Krita 4.2.9 in the last week of March… So now it’s time to look ahead! All Krita developers work from home anyway, whether they do sponsored work or are volunteers, but it’s quite hard to keep focus these days. Several of us are in quarantine, others are in lock-down — with people in Hong Kong, China, India, Russia, Poland, Germany, the Netherlands, U.S.A, Canada, Mexico and Brazil we live under a wide variety of pandemic responses. The Libre Graphics Meeting in Rennes has been moved to 2021, as has the Krita Developers Sprint that was going to happen right after LGM.

    But life goes on, and we’re on the verge of another edition of Google Summer of Code. Krita has received a bunch of excellent proposals! Let’s keep our fingers crossed for our prospective students!

    And, of course, a lot is happening in Krita’s repository! About two weeks ago we merged the resource management rewrite branch into master. Now, let’s unpack this in what we’ve been doing, and what this means… For the past five years, we’ve been working on rewriting the way Krita handles things like brush presets, brush tip and tags. This turned out to be a huge amount of work, sucking up lots and lots of energy. But in March we felt we could risk merging everything into master so it would get into the development builds.

  • KDE on Instagram

    Instagram is one of those social medium services and is run by everyone’s favourite Facebook. The good side of it is that it’s based on happy pretty pictures rather than angry people (Twitter) or political disinformation (Facebook) but the bad side of that is it is common to feel inferior because you’re not as good looking as the people in the pictures. Well that’s not a problem because everyone using KDE or helping out the community is automatically good looking.

More in Tux Machines

Lutris 0.5.9 Beta Released With Epic Games Store Support, DXVK-NVAPI/DLSS, Gamescope

The Lutris 0.5.9 beta delivers on initial support for the Epic Games Store, support for DXVK-NVAPI and DLSS, FidelityFX Super Resolution is now an exposed option for compatible Wine versions, Valve's Gamescope Wayland game compositor is now an option, Esync usage is now enabled by default, the Dolphin emulator is now available as a game source, improved process monitoring, and other enhancements. It's quite a hearty update for this game manager. Read more

today's leftovers

Audiocasts/Shows: Missing OBS Features On Arch Linux, Going Linux, and GNU World Order

Proprietary Software and Security Issues

  • SolarWinds [Attack] Reached 27 U.S. Attorneys’ Offices, Justice Says

    The attack compromised Microsoft 365 accounts of at least 80% of the department’s employees working in offices located in the Eastern, Northern, Southern and Western Districts of New York. Also affected to a lesser degree were employees in U.S. Attorneys’ offices in 14 other states, including California, Florida, Maryland, Texas and Virginia, as well as the District of Columbia.

  • Safari isn't protecting the web, it's killing it

    There's been a lot of discussion recently about how "Safari is the new IE" (1, 2, 3, 4, 5).

    I don't want to rehash the basics of that, but I have seen some interesting rebuttals, most commonly: Safari is actually protecting the web, by resisting adding unnecessary and experimental features that create security/privacy/bloat problems.

    That is worth further discussion, because it's widespread, and wrong.

    More specifically, Safari's approach isn't protecting the web from bloat & evil Google influence, because: [...]

  • Hasta la Vista Gmail

    I’ve been a Gmail user pretty much since day 1, when it was still an invite-only service in 2004.1 Not anymore. Over the past month I’ve migrated most of my email to Fastmail and I’m extremely happy with the result.

    Why bother? Well, I guess it won’t come to you as a shock that I’ve felt progressively more uncomfortable with how Google (and the like) are handling my personal data. I’ve also been getting quite frustrated with attempts to make email/my inbox “smarter”. I never needed a “priority inbox”, auto-categorization of email, etc. Simple is good. Just put the newest emails on the top and I’ll sort it out from there.

  • Google dodges regulation, hits advertisers with “regulatory” charges: What’s the Scam?

    We are not familiar with what draconian regulatory schemes exist for Google in Austria and Turkey, but here in Australia we know what it is – which is not much at all. And they paid no tax on their 2020 revenue of $5.2 billion.

  • Storing Encrypted Photos in Google’s Cloud

    Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices. As users store more and more photos in the cloud, significant privacy concerns arise because even a single compromise of a user’s credentials give attackers unfettered access to all of the user’s photos. We have created Easy Secure Photos (ESP) to enable users to protect their photos on cloud photo services such as Google Photos. [...]

  • Spyware revelations are a crucial moment for Indian democracy
  • Joint Open Letter: States Must Implement Moratorium on Surveillance Technology - PEN America

    We the undersigned civil society organizations and independent experts are alarmed at the media revelations that NSO Group’s spyware has been used to facilitate human rights violations around the world on a massive scale. These revelations are a result of the Pegasus Project and are based on the leak of 50,000 phone numbers of potential surveillance targets. The project is a collaboration of more than 80 journalists from 16 media organizations in 10 countries coordinated by Forbidden Stories, a Paris-based media non-profit, with the technical support of Amnesty International, who conducted forensic tests on mobile phones to identify traces of the Pegasus spyware.

  • Canonicalization Attacks Against MACs and Signatures

    Canonicalization Attacks occur when a protocol that feeds data into a hash function used in a Message Authentication Code (MAC) or Digital Signature calculation fails to ensure some property that’s expected of the overall protocol.

    The textbook example of a canonicalization attack is the length-extension attack against hash functions such as MD5–which famously broke the security of Flickr’s API signatures.

    But there’s a more interesting attack to think about, which affects the design of security token/envelope formats (PASETO, DSSE, etc.) and comes up often when folks try to extend basic notions of authenticated encryption (AE) to include additional authenticated (but unencrypted) data (thus yielding an AEAD mode).