Language Selection

English French German Italian Portuguese Spanish

Proprietary Software Leftovers

Filed under
Software
  • AuriStor breathes life into Andrew File System – Blocks and Files [Ed: Financial ripoff; AuriStorFS is also limited to an operating system with NSA back doors so it's money down the sewer.]

    Andrew File System developer AuriStor updated attendees at an IT Press Tour briefing about its work on the file system with an HPC and large enterprise customer base dating back 16 or more years.

    AuriStorFS (a modern, licensed version of AFS) is a networked file system providing local access to files in a global namespace that has claimed higher performance, security and data integrity than public cloud-based file-sharing offerings such as Nasuni and Panzura.

    AuriStor is a small and distributed organisation dedicated to expanding the popularity and cross-platform use of AuriStorFS.

  • India says not to preorder Starlink until it obtains a license

    “Public is advised not to subscribe to Starlink services being advertised,” a tweet from India’s Department of Telecommunications (DoT) reads. The DoT also says it asked Starlink to refrain from “booking / rendering the satellite internet services in India.” In other words, Starlink will have to put preorders on hold until it can get approval from the Indian government.

  • India tells public to shun Musk-backed Starlink until it gets licence

    A government statement issued late on Friday said Starlink had been told to comply with regulations and refrain from "booking/rendering the satellite internet services in India with immediate effect".

  • GitHub is back online after a two-hour outage

    Microsoft-owned GitHub experienced a more than two-hour long outage today, affecting thousands or potentially millions of developers that rely on its many services. GitHub started experiencing issues at around 3:45PM ET, with Git operations, API requests, GitHub actions, packages, pages, and pull requests all affected.

  • Insurers run from ransomware cover as losses mount

    Faced with increased demand, major European and U.S. insurers and syndicates operating in the Lloyd's of London market have been able to charge higher premium rates to cover ransoms, the repair of hacked networks, business interruption losses and even PR fees to mend reputational damage.

    But the increase in ransomware attacks and the growing sophistication of attackers have made insurers wary. Insurers say some attackers may even check whether potential victims have policies that would make them more likely to pay out.

  • Apple Grants Repair Indulgence for iPhones

    Save your huzzahs and whatever you do, do not pop the champagne. Apple did not just ‘cave’ to the right to repair movement, and the fight for an actual, legal right to repair is more important now than ever.

    The occasion for this reminder is, of course, the little-‘m’ momentous announcement by Apple this morning that it would make “Apple parts, tools, and manuals” available to “individual consumers” for self repair — starting with the iPhone 12 and iPhone 13.”

  • Montana high school hit by ransomware

    From their listing, Avos Locker is clearly aware that this is a tiny school district with only a few hundred students and less than two dozen teachers. And yet they are trying to ransom them. Avos writes: “If they refuse to negotiate, we will leak all the data we’ve got.”

  • Apple alerts journalists, activists about state-sponsored [cracking] attempts after NSO Group suit

    On the same day Apple announced a lawsuit against Israeli spyware vendor NSO Group for developing [cracking] tools to help breach iOS technology, the company was notifying potential targets of those exploits.

    El Faro, a news organization in San Salvador, El Salvador, reported late Tuesday that 12 of its staff members received notices from the company, which warned that that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID.” The company also sent notices to four others in San Salvador who are “leaders of Civil Society organizations and opposition political parties,” the news organization reported.

  • Run a website off a Google Sheets Database, with Hugo

    Here’s how I built a website, Profilerpedia, using a Google Sheet as the backing database.

    Profilerpedia aims to map the profiling ecosystem and connect software with profilers and profilers with great analysis UIs, so we can make code faster and more efficient. More on Profilerpedia in the announcement post.

    It’s interesting to explain the architecture, because it challenges some engineering dogmas, like “a spreadsheet isn’t a good database”. I think running your site from a spreadsheet is a very reasonable pattern for many sites.

    The resulting architecture is my third or fourth attempt at this; I learned a lot along the way, I’m pretty happy with the result, and I want to share what I learned.

  • Boeing Missteps on 737 MAX Went Beyond Deadly Crashes That Killed 346, new Book Reveals

    When the first Boeing 737 MAX plane came off the production line in December 2015, it was the beginning of a highly anticipated new line of aircraft for the storied company. It incorporated the latest technology and was billed by Boeing as "deliver[ing] the highest efficiency, reliability and passenger comfort in the single-aisle market." Tragically, that promise came to a glaring halt with two back-to-back disasters in which flight control software known as the Maneuvering Characteristics Augmentation System (MCAS) incorrectly gauged the aircrafts' angles of ascent and prevented the pilots from manually overriding it. In total, 346 people on board Lion Air flight 610 on October 28, 2018 and Ethiopian Air flight 302 on March 10, 2019 were killed after only about 13 minutes and 6 minutes in the air, respectively.

More in Tux Machines

Videos and Audio: 7 Tools Every GNU/Linux Gamer 'Needs' To Use, Peppermint OS 5-22-2022 Walkthrough, Late Night Linux

Obarun is gradually becoming a fork of Artix

Take a look at this on your own and judge. It may not be in the official repositories but the last commit is signed by the Founder of Obarun and the rest by his co-author. When OUR was released to the public one of the claimed rules of participation was to not build any parts of systemd or any package that wouldn?t conform to Obarun. Obarun?s version of pacman incorporated a block from installing systemd or its libraries. Elogind is the central part, the essence of systemd. When you have no set principles and values, anything goes, and you can drift from one character to another, without remorse. Obarun will not be removed from the strict list of distros without systemd or elogind, but as soon as this OUR package moves to the repos it will be ?bye bye? Obarun from any mention in this site. At least VOID never claimed to not involve systemd or its parts into the distribution, people just assumed it was systemd-free because of the use of runit and consolekit. So VOID was more justified to switch to systemd?s logind. Read more Newly-updated: 2022 hardcore list of linux distributions without elogind and other systemd parts

Canonical/Ubuntu: LXD, Ubuntu Weekly Newsletter, and More

  • Install ROS 2 Humble in Ubuntu 20.04 or 18.04 using LXD containers | Ubuntu

    We welcome the new release of ROS 2 Humble which targets the recently released Ubuntu 22.04. If you want to install it now, please visit the ROS 2 Humble documentation. But if you want to install ROS 2 Humble and test compatibility, keeping your current Ubuntu (20.04, 18.04,…) environment stable until you know you are ready to upgrade, you can dive into LXD containers.

  • Ubuntu Fridge | Ubuntu Weekly Newsletter Issue 736

    Welcome to the Ubuntu Weekly Newsletter, Issue 736 for the week of May 15 – 21, 2022.

  • Canonical at HPE Discover 2022 | Ubuntu

    HPE and Canonical have a long-standing relationship, certifying Ubuntu on HPE hardware. Now, you can go beyond the operating system and engage with us on hybrid cloud, AI/ML, and open source support projects. Now we’re excited to share that we’ll be at the HPE Discover 2022 in Las Vegas on June 28-30 showcasing our solution in the expo. From the latest insights in secure connectivity, hybrid cloud, AI and unified data analytics, HPE Discover 2022 is the best place to stay ahead of the trends and technologies that will move your business forward, faster.

Security Leftovers

  • Hijacking webcams with Screencastify | Almost Secure

    Everyone has received the mails trying to extort money by claiming to have hacked a person’s webcam and recorded a video of them watching porn. These are a bluff of course, but the popular Screencastify browser extension actually provides all the infrastructure necessary for someone to pull this off. A website that a user visited could trick the extension into starting a webcam recording among other things, without any indications other than the webcam’s LED lighting up if present. The website could then steal the video from the user’s Google Drive account that it was uploaded to, along with anything else that account might hold. Screencastify is a browser extension that aids you in creating a video recording of your entire screen or a single window, optionally along with your webcam stream where you explain what you are doing right now. Chrome Web Store shows “10,000,000+ users” for it which is the highest number it will display – same is shown for extensions with more than 100 million users. The extension is being marketed for educational purposes and gained significant traction in the current pandemic. As of now, it appears that Screencastify only managed to address the Cross-site Scripting vulnerability which gave arbitrary websites access to the extension’s functionality, as opposed to “merely” Screencastify themselves and a dozen other vendors they work with. As this certainly won’t be their last Cross-site Scripting vulnerability, I sincerely recommend staying clear of this browser extension.

  • Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems [Ed: This is not an OS issue; it's about people installing malware on their own systems and it's not even an "Open Source" issue; led by companies that put NSA back doors in their proprietary software, there's an effort underway to say "Open Source" is the real threat and they tell us the solution to the problem is with the firms that help NSA invade machines]

    The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.

  • Why sudo is so important in Linux and how to use it | ZDNet

    When I first started using Linux, things were exponentially more complicated. The distributions were far less mature, but they also required the use of a particular system account to get certain things done. That account was root, and with it, you had unlimited power over your operating system. To demonstrate the power of root, one trick you could always play on unsuspecting users was to tell them to change to the root user with the command su and then have them issue the following command:

  • An uncomplicated introduction to Uncomplicated Firewall | ZDNet

    When I first started using Linux, back in '97, working with the built-in firewall was not something just anyone could do. In fact, it was quite complicated. Starting around 1998, if you want to manage the security of a system, you had to learn iptables (which is a suite of commands for manipulating the Netfilter packet filtering system).

  • Best Wi-Fi Security & Performance Testing Tools for 2022

    The prevalence of Wi-Fi has been accelerating for two decades, but in the last two years, it’s surged even further as so many people were forced to work from home. That trend led to many strengthening the performance of their Wi-Fi networks. But security remains a problem.

  • CISA Adds 21 Known Exploited Vulnerabilities to Catalog [Ed: A huge chunk of these are Microsoft holes, actively exploited while Microsoft commandeers the media to obsess over "Linux"]

    CISA has added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow on the of the "Date Added to Catalog" column, which will sort by descending dates.

  • Surfshark introduces Linux VPN app with a graphical user interface (GUI)

    Surfshark is one of the better-known VPN providers and is often seen being promoted by large YouTube accounts. Today, the company announced the availability of its VPN on Linux with an entire graphical user interface, or GUI.