Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 21 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security News

Filed under
  • Just Too Much Administration – Breaking JEA, PowerShell’s New Security Barrier

    Just Enough Administration (JEA) is a new Windows 10/Server 2016 feature to create granular least privilege policies by granting specific administrative privileges to users, defined by built-in and script-defined PowerShell cmdlets. Microsoft's documentation claimed JEA was a security boundary so effective you did not need to worry about an attacker stealing and misusing the credentials of a JEA user.

    But every JEA role capability example I found Microsoft had published had vulnerabilities that could be exploited to obtain complete system administrative rights, most of them immediately, reliably, and without requiring any special configuration. I find it hard to believe most custom role capabilities created by system administrators in the wild are going to be more secure than these, given the track record of the functionally similar features in Linux, the non-obvious nature of vulnerabilities, and the importance of dangerous cmdlets to routine system troubleshooting and maintenance.

    I recommended Microsoft invert what their JEA articles and documentation said about security. Instead of leading with statements that JEA was a security barrier, users with JEA rights should not be considered administrators, and their credentials do not need to be protected like real administrators with a note that this may not be the case if you are not careful; Microsoft's JEA documentation should lead with statements that JEA should not be treated like a security barrier and users with JEA rights and their credentials should be tightly controlled exactly like normal administrators unless the role capabilities have been strictly audited by security professionals. Additionally, the README files and comments of their example role capabilities should start with stern reminders of this.

  • Thousands of internet-connected devices are a security disaster in the making

    The first problem: many IoT devices, like those cameras, are consumer-oriented, which means their owners don't have a security-conscious IT department. "Individuals do not have the purchasing power of a large corporation," says John Dickson, principal of Denim Group, "so they cannot demand security features or privacy protections that a large corporation can of an a product or software vendor."

    PC Pitstop Vice President of Cyber Security Dodi Glenn points out that many IoT purchasers neglect basic security measures, failing to change passwords from obvious defaults. And even if they did want to secure their devices, there are limits to what they can do: "You can't secure these devices with antivirus applications."

  • A SSHowDowN in security: IoT devices enslaved through 12 year old flaw

    In what researchers call the "Internet of Unpatchable Things," a 12-year-old security flaw is being exploited by attackers in a recent spate of SSHowDowN Proxy attacks.

    The Internet of Things (IoT) is an emerging market full of Wi-Fi and networked devices including routers, home security systems, and lighting products. While the idea of making your home more efficient and automating processes is an appealing one, unfortunately, vendors en masse are considering security as an afterthought for thousands of devices now in our homes, leaving our data vulnerable.

  • Microsoft was unable to meaningfully improve the software

    Documents in a class-action lawsuit against Ford and its original MyFord Touch in-vehicle infotainment (IVI) system reveal that the company's engineers and even its top executive were frustrated with the problematic technology.

    The documents from the 2013 lawsuit show Ford engineers believed the IVI, which was powered by the SYNC operating system launched in 2010, might be "unsaleable" and even described a later upgrade as a "polished turd," according to a report in the Detroit News, which was confirmed by Computerworld.

    The SYNC OS was originally powered by Microsoft software. Microsoft continued releasing software revisions it knew were defective, according to the lawsuit.

    "In the spring of 2011, Ford hired Microsoft to oversee revisions, and hopefully the improvement, of the [software]. But ... Microsoft was unable to meaningfully improve the software, and Ford continued releasing revised software that it knew was still defective," the lawsuit states.

    Last week, a U.S. District Court judge certified the case as a class action.

  • Senator wants nationwide, all-mail voting to counter election hacks

    "It's not a question of if you're going to get hacked—it's when you're going to get hacked."

    Those were the words of Verizon CEO Lowell McAdam as he sought to assure investors last week that the company is still interested in purchasing Yahoo despite the massive data breach of Yahoo consumer accounts.

    Whether McAdam's words ring true for the hodgepodge of election systems across the US is anybody's guess. But in the wake of the Obama administration's announcement that the Russian government directed hacks on the Democratic National Committee and other institutions to influence US elections, a senator from Oregon says the nation should conduct its elections like his home state does: all-mail voting.

  • SourceClear Adds Atlassian Stack to Its Open Source Security Platform

    Open source security company SourceClear said it is integrating Atlassian’s suite of developer tools including Bitbucket Pipelines, JIRA Server, JIRA Cloud, and Bamboo into the company’s open source platform. The integration will result in automated security checks being a part of the developer workflow before they ship code.

Best affordable Android smartphones you can buy [October 2016]

Filed under

There are new smartphones hitting the market constantly, but which is the best to pick up when you’re trying to save a buck or two? We’ve seen some great launches this summer and we’re only expecting more over the coming months, but for now, let’s go over the best affordable Android smartphones you can go pick up today…

Read more

StormCrawler: An Open Source SDK for Building Web Crawlers with ApacheStorm

Filed under

StormCrawler (SC) is an open source SDK for building distributed web crawlers with Apache Storm. The project is under Apache license v2 and consists of a collection of reusable resources and components, written mostly in Java. It is used for scraping data from web pages, indexing with search engines or archiving, and can run on a single machine or an entire Storm cluster with exactly the same code and a minimal number of resources to implement.

Read more

Ubuntu 16.10 Provides Incremental Linux Desktop Improvements

Filed under

Canonical, the lead commercial sponsor behind the open-source Ubuntu Linux operating system, is set to debut its second major milestone release of 2016 on Oct. 13. The Ubuntu 16.10 release is named Yakkety Yak and follows the 16.04 Xenial Xerus release, which became generally available on April 21 and is a Long Term Support (LTS) release. The 16.10 release, however, is what Canonical considers to be a standard release. With an LTS, Canonical provides support for five years, while a standard release is supported only for nine months. In many respects, Ubuntu 16.10 is an incremental release and does not provide major new features, but rather a set of updated packages and minor improvements. Among the updated software are the open-source LibreOffice 5.2 productivity suite and the Firefox 48 web browser. Also of particular note is the fact that Ubuntu 16.10 is based on the latest Linux 4.8 kernel, which provides advanced hardware support and improved performance. The Ubuntu 16.10 milestone also provides a preview for the Unity 8 desktop. In this slide show, eWEEK takes a look at some of the features in the Ubuntu 16.04 Linux release.

Read more

Samsung’s 14nm wearable SoC debuts on Gear 3 watch

Filed under

Samsung unveiled a 14nm, dual Cortex-A53 “Exynos 7 Dual 7270” SoC with built-in LTE, which runs Tizen Linux on its new Gear S3 watch.

Samsung may be suffering through one of the worst months in its history, culminating with this week’s recall of the exploding Galaxy Note 7, but the company is so diverse it can also produce some feel-good news at the same time. This week, Samsung Electronics announced the beginning of mass production of a new wearables system-on-chip called the Exynos 7 Dual 7270. Billed as the first wearables-oriented SoC fabricated with a 14-nanometer (nm) FinFET process, the Exynos 7 Dual 7270 will first appear later this year in its Gear 3 smartwatches (see farther below).

Read more

Open-spec COM version of Chip SBC sells for $16

Filed under

The Next Thing unveiled a $16 COM version of the Chip SBC called the Chip Pro, plus a dev kit and a $6 SiP version of the Allwinner R8 SoC called the GR8.

The Next Thing, which gave us the $9-and-up Chip SBC and Chip-based PocketChip handheld computer, has unveiled a $16, open-spec computer-on-module version of the Chip called the Chip Pro. The Chip Pro measures 45 x 30mm compared to 60 x 40mm for the Chip. The Pro has half the RAM of the Chip with 256MB DDR3, and only 512MB NAND flash instead of 4GB NAND, but it retains the onboard WiFi and Bluetooth 4.2.

Read more

ExTiX 16.5 Is the First Stable Distro Based on Ubuntu 16.10 and LXQt 0.10.0

Filed under

Today, October 12, 2016, GNU/Linux developer Arne Exton proudly announced the release and immediate availability for download of his brand new ExTiX 16.5 Linux-based distribution for personal computers.

Read more

LibreELEC 8.0 "Krypton" to Be Based on Kodi 17 Media Center, Linux Kernel 4.8

Filed under

On October 11, 2016, the LibreELEC development team announced the availability of a new Alpha pre-prelease version of the upcoming LibreELEC 8.0 "Krypton" operating system based on the latest Kodi Media Center software.

Read more

6 reasons to choose Android over iPhone

Filed under

Earlier this week my colleague Steve Kovach gave you a quick list of reasons why you should buy the iPhone over any Android alternative. They’re all perfectly valid.

As someone who owns and uses phones from both sides of the fence, though, I thought it’d be fun to see if I could still take the opposite tack.

So consider this a counterpoint. If you don’t want to hop on the Apple train, here are a few time-tested advantages Google’s mobile OS has over its rival from Cupertino.

Read more

Based on Ubuntu 16.04 LTS, the Release Candidate of Black Lab Linux 8.0 Is Here

Filed under

After informing us earlier today, October 12, 2016, about the fact that the Black Lab Linux project has become a commercial product, Black Lab Software CEO Robert Dohnert announced the release of Black Lab Linux 8.0 RC1.

Read more

GNOME 3.22 Desktop Environment Gets Its First Point Release, Brings Improvements

Filed under

As expected, today, October 12, 2016, GNOME 3.22.1 has been announced by GNOME developer Frederic Peters as the first point release of the stable GNOME 3.22 desktop environment for GNU/Linux operating systems.

Read more

today's leftovers

Filed under
  • Wire, the Encrypted Chat App, Is Now Available for Linux

    Wire is an open-source messaging service that offers fully encrypted calls, video and group chats — and now it’s available for Linux. Wire for Linux beta is available to download from today via the Wire website. It has the same feature set as Wire’s other desktops and mobile apps, including always-on end-to-end encryption.

  • stardicter 0.10
  • Skype for Linux users can crash-test video calls in v1.10 Alpha
  • SolarWinds' SAM simplifies management of Linux and Windows environments
  • Qt 5.6.2 Released With ~900 Improvements
  • Intel's new 7th-gen CPUs sail into System76's updated Lemur laptop

    System76 said on Tuesday that it has updated its Lemur-branded laptop with Intel’s new seventh-generation “Kaby Lake” processors. This laptop specifically ships with Ubuntu 16.04.01 LTS (64-bit) installed, thus offering a cheaper price point than an identical solution packing Windows 10. Pricing for the Lemur starts at $700.

    According to the product page, this laptop provides five areas that can be configured: processor, memory, operating system drive, additional storage, and the type of Wireless AC connectivity. On the processor front, there are only two choices: the Intel Core i3-7100U (default) and the Intel Core i7-7500U (an added $160).

  • Indulge Your Nostalgia With This Ubuntu Timeline Wallpaper

    It’s Ubuntu 16.10 release week, which means you might be feeling a little nostalgic for releases past.

    You could take a look back at every Ubuntu default wallpaper, from the very first release to this week’s pending one, or you could set every Ubuntu wallpaper as your desktop background.

  • Raspberry Pi VC4 Graphics Driver Working To Support QPU Shaders

    The latest Raspberry Pi graphics driver hacking by Eric Anholt of Broadcom has been working to support QPU shaders by this open-source driver stack. QPUs are the shader core of the graphics hardware found in the Raspberry Pi SoC, but come up short of supporting OpenCL or OpenGL compute shaders.

  • Cyanogen mods self away from full Android alternative [Ed: Good riddance to another Microsoft proxy (which didn’t have to become that 2 years ago)]

    Android alternative Cyanogen looks to have given up on trying to sell a full mobile operating system.

    The shine has gone off the outfit of late, and in July, it reportedly axed 30 staffers. While there's a core of users who stick with the CyanogenMod code that's the genesis of the company, mobe-makers taking Cyanogen licenses are in short supply (the company claims 20 phones and millions of customers; IDC says nearly 345 million smartphones shipped in 2015).

  • Google sets the date for first sniff at Android 7.1

    Developers can get their hands on Android 7.1 by the end of the month, Google has said.

    And almost all Nexus owners will have it implanted in their gadgets by the end of the year, albeit with some reservations.

    The next chewy chunk of Nougat includes support for better storage management and telephony software, App shortcut APIs to build single click links directly into core directories, and UI changes to build cuddlier and more numerous graphics into the background. There’s also support for Google’s Daydream VR system, for the few phones that can handle it.

Leftovers: OSS and Sharing

Filed under
  • Software AG Launches Open Source Internet of Things Analytics Kit

    Software AG (Frankfurt TecDAX: SOW) has significantly expanded the capabilities of its Apama Community Edition with a new Internet of Things (IoT) Analytics Kit, provided free of charge as Open Source Software under the Apache License, v2.0, along with the ability to run on Raspberry Pi. A different version of Apama Community Edition is also now available as a re-distributable runtime.

  • PhatWare Releases WritePad Handwriting Recognition Engine as Open Source

    PhatWare Corporation, a leading professional software and application developer, is pleased to announce that the entire source code of its award-winning, multilingual WritePad handwriting recognition engine is now available under GPL v.3 license.

  • Facebook Yarn's for your JavaScript package

    Facebook, working with Exponent, Google, and Tilde, has released software to improve the JavaScript development experience, which can use all the help it can get.

    Yarn, introduced on Tuesday under a BSD license and without the patent clause that terminates Facebook's React license for those involved in patent litigation against the company, is an alternative npm client. It's not to be confused with Apache Hadoop YARN (Yet Another Resource Negotiator), which is cluster management software.

  • Paediatric Cancer Drug Being Developed Entirely In The Open

    The Medicines for Malaria Venture (MMV) has posted a Malaria Box, containing over 400 compounds that might be effective against malaria to almost 200 research groups in two years. It’s an open science project, because the only stipulation is that information is deposited in the public domain (and therefore cannot be patented).

    GlaxoSmithKline (GSK)’s Open Lab project, the Tres Cantos Medicines Development Campus near Madrid, Spain, enables visiting scientists to use GSK’s high-tech facilities to research neglected diseases such as malaria and TB.

    Even Bill Gates has tweeted that open-source collaboration between scientists could become a drug discovery catalyst.

    Now, one scientist is embarking upon a virtual pharmaceutical company that will develop a paediatric cancer drug in the open.

  • Shendy: A Low Cost Arsenic Detector for Drinking Water

    If you are designing life-saving tech to help refugees living in refugee camps, you’re probably not going to design a proprietary product, because doing so would be tantamount to signing the death warrant of a percentage of the refugee camp residents. Open source is how the most number of refugees can be helped. In that vein, learn about an initiative to design a low-cost. open source arsenic detector for use in ensuring safe drinking water in refugee camps.

Linux Foundation and Linux

Filed under

More on FreeBSD 11 Release

Russia's Preference for Open-Source to Hurt U.S. Tech Stocks

Filed under

Amid rising political tensions with the U.S., Russia is planning to further lower its usage of licensed software from IT giants like International Business Machines Corp IBM , Microsoft Corporation MSFT , SAP AG SAP and Oracle Corporation ORCL .

Per Bloomberg, "The State Duma, Russia's lower house of parliament, is drafting a bill to restrict government agencies from buying licensed software, giving preference to open-source software."

The proposed law is an addition to an already existing federal law that came into effect on Jan 1, 2016, which restricts the use of foreign software in the public sector, if there is a domestic version available.

Read more

Pieter Alexander Hintjens: 3 December 1962 – 4 October 2016

Filed under

After a long and painful illness, a battle with cancer over the last six years, my brother has died in Brussels, aged only 53.

My love for him has always been the adoring, muted kind that looked up to the light he shone, that basked in his enthusiasm and tried, and failed, to keep up with the thousand-and-one ideas he gave voice and form to. Many of his passions were beyond my comprehension but very real, nevertheless. As a computer programmer, writer of internet protocols and founder of on-line communities, his interests went way over my head. As an author, latterly, we connected and I was able to collaborate with him on one of his books – The Psychopath Code – an involvement for which I am profoundly grateful: Not only has this particular book helped me to navigate a few tricky moments in my own life, but the understanding we shared was like coming home.

I can’t begin to do justice to my brother’s legacy as a professional innovator, thinker, and networker. Pieter was one of these rare people totally unafraid to take chances, to think not just outside the box but into the next universe. How he maintained his enthusiasm and energy, where his inspiration came from, I shall not know in this lifetime.

His death last Tuesday has opened up a hole in my life, a tear in the fabric of my normal. Poignantly – and painfully – it is only as his legacy becomes clearer that I notice the loss of his quiet, determined contribution in my life. Always, in the background, he encouraged me, supporting my modest hopes for an ordinary life: my ambitions to study, to write, to marry and have a child. In all these attempts he was unwaveringly supportive, while seeking so little from me in return. Of course, elder brothers are looked up to, and often expected to take the lead. But lately, in these last few years, while he faced pain and uncertainty – about which he has written so candidly on his blog – while he battled fear and the shadows of disappointment with his trademark wry humour, he faced these challenges fearlessly and with a fiery determination that is frankly awe-inspiring.

Read more

Syndicate content

More in Tux Machines

EU-Fossa project submits results of code audits

The European Commission’s ‘EU Free and Open Source Software Auditing’ project (EU-Fossa) has sent its code review results to the developers of Apache HTTP server target and KeePass. The audit results are not yet made public, however, no critical vulnerabilities were found. Read more

today's leftovers

  • Docker: Making the Internet Programmable
    Docker, and containers in general, are hot technologies that have been getting quite a bit of attention over the past few years. Even Solomon Hykes, Founder, CTO, and Chief Product Officer at Docker started his keynote with the assumption that people attending LinuxCon Europe know that Docker does containers, so instead of focusing on what Docker does, Hykes used his time to talk about Docker’s purpose saying, “It really boils down to one small sentence. We're trying to make the Internet programmable.” Hykes described this idea of making the Internet programmable with three key points. First, they are focused on building “tools of mass innovation” designed to allow people to create and innovate on a very large scale. Second, applications and cloud services are allowing the idea of the Internet as a programmable platform to be realized, and they want to make this accessible to more people. Third, they are accomplishing all of this by building the Docker stack with open standards, open infrastructure, and a development platform with commercial products on top of the stack.
  • How to benchmark your Linux system
    The Software Center list will also include individual tests. These can be fine to use, but they can be tedious to open and configure manually. Keep your eye out for an entry called Phoronix Test Suite, or PTS for short. The Phoronix Test Suite is a powerful program that can run a single test, or an entire battery. PTS offers some built-in suites (collection of tests), or you can design your own suite. When tests are completed, you can choose to upload the test results to, where other users can see your results and even run the exact same tests on their PC.
  • Wunderlist Electron App for Linux
    Missing Wunderlist on Linux? You don’t need to thanks to Wunderlistux, an Electron-based desktop app. It doesn’t claim to be anything more than a wrapper around the official Wunderlist web app (which, yes, you could just open in a new browser tab).
  • Enter the Wasteland: Mad Max now available for Mac and Linux
  • What a lovely day! Mad Max releases for Mac and Linux
  • Mad Max Comes to Linux and Mac
  • GNOME at Linux Install Fest
    It’s an event organized in order to help first year students install a Linux distro on their laptops (here at our uni, we work almost entirely on Linux, so we need to help those that have never used it and set up their distros

today's howtos

Red Hat News