Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 24 Jun 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Release of DragonFly BSD 5.6 Roy Schestowitz 1 22/06/2019 - 5:49pm
Story Android Leftovers Rianne Schestowitz 1 22/06/2019 - 5:38pm
Story Stable kernels 5.1.13, 5.1.14, 4.19.54, 4.19.55, 4.14.129, 4.9.183, and 4.4.183 Rianne Schestowitz 22/06/2019 - 5:10pm
Story Today in Techrights Roy Schestowitz 22/06/2019 - 1:18pm
Story Android Leftovers Rianne Schestowitz 22/06/2019 - 7:54am
Story today's leftovers Roy Schestowitz 22/06/2019 - 5:05am
Story Security FUD and Distraction From NSA Back Doors Roy Schestowitz 22/06/2019 - 4:55am
Story Linux Hardware: Intel and Qualcomm Roy Schestowitz 22/06/2019 - 4:49am
Story KDE: Latte, Plasma Vision and GSoC Roy Schestowitz 22/06/2019 - 4:38am
Story Video and Events: foss-north, KubeCon+CloudNativeCon, Fedora and Python Roy Schestowitz 22/06/2019 - 4:23am

Red Hat's last quarterly report?

Filed under
Red Hat

Soon, IBM will complete its acquisition of Red Hat for $34-billion. But, Red Hat's not resting on its laurels waiting. The company announced its financial results for the first quarter of fiscal year 2020 ended May 31, 2019. With first quarter total revenue of $934 million, up 15 percent year-over-year in USD, or 18 percent in constant currency, Red Hat did quite well.

Still, Wall Street expected Red Hat to report net income of $162.4 million, or 87 cents a share, on sales of $931.6 million after the market closes on Thursday, based on a FactSet survey of 14 analysts. In reality, Red Hat GAAP net income for the quarter was $141 million, or $0.76 diluted earnings per share. Non-GAAP adjusted net income for the quarter was $186 million, or $1.00 diluted EPS.

Not bad. Not bad at all.

Read more

Kwort Linux 4.3.4 is out, check what’s new

Filed under
GNU
Linux

Kwort Linux team proudly announced the new release of Kwort Linux 4.3.4 on 16 June, 2019.

It’s CRUX-based distribution featuring with Openbox window manager and offering a own package manager called kpkg.

Kwort is a modern, small (included only useful applications) and fast Linux distribution that is designed especially for power users as it doesn’t offer any installer script.

And users needs to follow the official instruction to install the system manually.

Read more

Also: The 2019 System76 Oryx Pro, Full Review!

Ubuntu: Ubuntu Podcast, Wine Concerns, Parallel Installs and Vanilla Framework 2.0

Filed under
Ubuntu
  • Ubuntu Podcast from the UK LoCo: S12E11 – 1942

    This week we’ve been to FOSS Talk Live and created games in Bash. We have a little LXD love in and discuss 32-bit Intel being dropped from Ubuntu 19.10. OggCamp tickets are on sale and we round up some tech news.

    It’s Season 12 Episode 11 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

  • Wine Developers Appear Quite Apprehensive About Ubuntu's Plans To Drop 32-Bit Support

    It's looking like the plans announced by Canonical this week to drop their 32-bit packages/libraries beginning with Ubuntu 19.10 will be causing problems for the Wine camp at least in the near-term until an adequate solution is sorted out for providing their 32-bit Wine builds to Ubuntu users.

    Wine and Steam are among the few prominent Linux software packages still prominently living mostly in a 32-bit world. Valve certainly has the resources to come up with a timely solution especially with Ubuntu being the most popular Linux distribution used by Steam and they can move on with shipping their own 32-bit Steam Runtime libraries and other changes as needed. For the upstream Wine project it might be a bit more burdensome providing 32-bit Wine packages for Ubuntu.

  • Parallel installs – test and run multiple instances of snaps

    In Linux, testing software is both easy and difficult at the same time. While the repository channels offer great availability to software, you can typically only install a single instance of an application. If you want to test multiple instances, you will most likely need to configure the remainder yourself. With snaps, this is a fairly simple task.

    From version 2.36 onwards, snapd supports parallel install – a capability that lets you have multiple instances of the same snap available on your system, each isolated from the others, with its own configurations, interfaces, services, and more. Let’s see how this is done.

  • Vanilla Framework 2.0 upgrade guide

    We have just released Vanilla Framework 2.0, Canonical’s SCSS styling framework, and – despite our best efforts to minimise the impact – the new features come with changes that will not be automatically backwards compatible with sites built using previous versions of the framework.

    To make the transition to v2.0 easier, we have compiled a list of the major breaking changes and their solutions (when upgrading from v1.8+). This list is outlined below. We recommend that you treat this as a checklist while migrating your projects.

With Regolith, i3 Tiling Window Management Is Awesome, Strange and Easy

Filed under
GNU
Linux

Regolith Linux brings together three unusual computing components that make traipsing into the i3 tiling window manager world out-of-the-box easy.

Much of the focus and attraction -- as well as confusion -- for newcomers to the Linux OS is the variety of desktop environments available. Some Linux distributions offer a range of desktop types. Others come only with a choice of one desktop.

i3 provides yet another option, but it is a much different choice that offers an entirely new approach to how you interact with the operating system.

Window managers usually are integrated into a full-fledged desktop system. Window managers control the appearance and placement of windows within the operating system's screen display. A tiling window manager goes one step further. It organizes the screen display into non-overlapping frames rather than stacking overlapping windows.

The i3 tiling window manager in Regolith Linux serves as what essentially becomes a standalone pseudo desktop. It automatically arranges windows so they occupy the whole screen without overlapping.

Read more

Security: John Deere, Windows, Debian, Ubuntu, and Mozilla Firefox

Filed under
Security
  • John Deere's Promotional USB Drive Hijacks Your Keyboard

    “The device itself, it’s pretty ingenious, actually,” the Reddit user said. “It’s an HID-compliant keyboard that, when connected detects what platform it’s on and automatically sends a keyboard shortcut to open a browser, and then it barfs the link into the address bar.”

  • New Variant of the Houdini Worm Emerges

    WSH RAT is currently being offered as a subscription, at $50 per month. The malware operators are actively marketing the malware as compatible with all Windows XP to Windows 10 releases, featuring automatic startup methods, and various remote access, evasion, and stealing capabilities.

  • Debian's Intel MDS Mitigations Are Available for Sandy Bridge Server/Core-X CPUs

    The Debian Project recently announced the general availability of a new security update for the intel-microcode firmware to patch the recently disclosed Intel MDS (Microarchitectural Data Sampling) vulnerabilities on more Intel CPUs.

    Last month, on May 14th, Intel disclosed four new security vulnerabilities affecting many of its Intel microprocessor families. The tech giant was quick to release updated microcode firmware to mitigate these flaws, but not all the processor families were patched.

  • Canonical Outs New Linux Kernel Live Patch for Ubuntu 18.04 LTS and 16.04 LTS

    Canonical released a new Linux kernel live patch for the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating system series to address the recently disclosed TCP Denial of Service (DoS) vulnerabilities.

    Coming hot on the heels of the recent Linux kernel security updates published earlier this week for all supported Ubuntu releases, the new Linux kernel live patch is only targeted at Ubuntu versions that support the kernel live patch and are long-term supported, including Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus).

  • Firefox Users Warned to Patch Critical Flaw

    Mozilla is urging users of its Firefox browsers to update them immediately to fix a critical zero-day vulnerability. Anyone using Firefox on a Windows, macOS or Linux desktop is at risk.

    The vulnerability, CVE-2019011707, is a type confusion in Array.pop. It has been patched in Firefox 67.0.3 and Firefox ESR 60.7.1.

    Mozilla announced the patch Tuesday, but the vulnerability was discovered by Samuel Groß of Google Project Zero on April 15.

    Mozilla implemented the fix after digital currency exchange Coinbase reported exploitation of the vulnerability for targeted spearphishing attacks.

    "On Monday, June 17, 2019, Coinbase reported a vulnerability used as part of targeted attacks for a spear phishing campaign," Selena Deckelmann, senior director, Firefox Browser Engineering, told TechNewsWorld. "In less than 24 hours, we released a fix for the exploit."

Tails 3.14.1 is out

Filed under
GNU
Linux
Security
Web
Debian

This release is an emergency release to fix a critical security vulnerability in Tor Browser.

It also fixes other security vulnerabilities. You should upgrade as soon as possible.

Read more

Also: It's Time to Switch to a Privacy Browser

Games: A Year Of Rain, Evan's Remains, Dota Underlords, ISLANDERS, Nowhere Prophet, Fear The Rampager and More

Filed under
Gaming
  • Daedalic Entertainment's new RTS "A Year Of Rain" will be coming to Linux

    This is really exciting news, as a huge fan of such RTS games, Daedalic Entertainment's "A Year Of Rain" looks really good and it turns out they're going to support Linux.

    Interestingly, back when it was first announced in March I did email Daedalic to ask about Linux support. They told me then, that they didn't really have any answer on it. However, it seems things have changed and they've decided Linux will be supported. On Steam, the developer said it's planned and it seems it may even happen during the Early Access period.

  • Evan's Remains, a beautiful-looking puzzle platformer with visual novel elements plans Linux support

    Evan's Remains from Matías Schmied and Whitethorn Digital is a new one to capture my interest. Blending a rather atmospheric puzzle platformer, with a little visual novel flair and it's planned for Linux.

  • Dota Underlords from Valve is now in open beta for Linux, mobile too

    Valve are doing some really impressive work with Dota Underlords, their new strategy game that everyone can now try.

    As a quick reminder on the gameplay: you go through rounds, picking heroes and placing them on the board, then you fight against the choices of other players and neutral enemies for loot. The actual battles are done by AI, with the tactical part based on your choices and positioning. You lose health based on the amount of enemy heroes left if they beat you and it's the last player standing to win.

    It's free and will remain free to play, with some sort of optional Battle Pass likely to come for cosmetic items in future. They have a lot more planned for it including: daily challenges, a level up system, a tournament system, seasonal rotation for heroes and more. They said that during the Open Beta Season, it will regularly see new features and updates.

  • Colourful city-builder 'ISLANDERS' has officially released for Linux and it's really lovely

    I don't think I've hit the buy button on Steam that quickly in a while, as ISLANDERS, a colourful city-builder is now officially out for Linux.

    Developed by GrizzlyGames, ISLANDERS is a minimalist strategy game for those who don't have hours to invest in resource management. Released back in April, the Linux version arrived yesterday along with a big update that also adds in a Sandbox Mode and the ability to undo your last building placement which sounds handy.

  • Roguelike deck-building game 'Nowhere Prophet' releasing on July 19th, looks very interesting

    Deck-building card-based games really are all the rage now! I'm okay with this, as I love them and I am excited to see what more developers do with it. Nowhere Prophet is one that looks great and it's out next month. Developer Sharkbomb Studios and publisher No More Robots have now confirmed the release date of July 19th. We got confirmation back in April, that Linux will be supported too.

    Set on planet Soma, this science-fiction post-apocalypse game mixes in two distinct modes of play. The first is the travel system, with you facing encounters across a procedurally generated map (so the game is different each time). If you enter combat, it switches into the turn-based card game mode.

  • Dead Cells "Fear The Rampager" update is live and it continues being awesome

    Still one of my top games, Dead Cells just got another big free update "Fear The Rampager" so it's time to jump back in for one more run.

    The big addition this time is the introduction of The Rampager. A new foe to challenge you that's currently haunting a variety of biomes in Boss Stem Cell 3 and higher.

  • Heroes of Hammerwatch updated and the Witch Hunter expansion is out now

    Crackshell have expanded their rogue-lite action-adventure game Heroes of Hammerwatch with a free update along with the great sounding Witch Hunter expansion.

    First up, the free update available for everyone adds in a few new features including new dungeon mechanics, companions, new drinks and a new statue if you have the Pyramid of Prophecy DLC. Additionally the free update has some performance improvements, more chest room variations, enemies can now be killed by poison and plenty of other balance changes.

  • My Friend Pedro | Linux Gaming | Ubuntu 18.04 | Steam Play

    My Friend Pedro running through Steam play.

MX GNU/Linux, A Desktop Mix of Mepis and Antix without Systemd

Filed under
GNU
Linux
Debian

MX is an interesting desktop GNU/Linux based on Debian but without Systemd. It's powered with simple and user friendly interface thanks to XFCE Desktop. It's actually very lightweight, shipped with a lot of MX own tools (including remastering and tweaking ones), available in 32-bit and 64-bit architectures. The latest version, MX-18 "Continuum", equipped with ability to search and install Flatpak applications. Last but not least, MX exists as collaboration between two big communities, Mepis and antiX, hence the name MX since 2008 up to today. I hope you enjoy my overview below introducing several good points of MX.

Read more

Optane SSD RAID Performance With ZFS On Linux, EXT4, XFS, Btrfs, F2FS

Filed under
Graphics/Benchmarks

This round of benchmarking fun consisted of packing two Intel Optane 900p high-performance NVMe solid-state drives into a system for a fresh round of RAID Linux benchmarking atop the in-development Linux 5.2 kernel plus providing a fresh look at the ZFS On Linux 0.8.1 performance.

Two Intel Optane 900p 280GB SSDPED1D280GA PCIe SSDs were the focus of this round of Linux file-system benchmarking. EXT4, XFS, Btrfs, and F2FS were tested both on a single Optane SSD and then in RAID0 and RAID1 with two of these high performance drives. Additionally, ZFS On Linux 0.8.1 was tested on this system both with a single drive and in RAIDZ. For putting the Optane SSD performance in reference, there is also a standalone result provided of a Samsung 970 EVO 500GB NVMe SSD with EXT4. In case you missed out earlier Optane 900P benchmarks on Linux from 2017, see them here for this still very competitive SSD. While there are now the 905P SSDs, the 900P models remain available and cheaper hence why going for those when picking up two of them for this round of Linux RAID testing. All of the file-systems were tested using the Linux 5.2 Git kernel and running with their stock/default mount options. The EXT4/XFS/F2FS RAID was tested using Linux MD RAID while the Btrfs and ZFS RAID were using their file-system's native RAID capabilities.

Read more

today's leftovers

Filed under
Misc
  • Marcus Lundblad: Midsomer Maps

    Since it's been kindof a tradition for me to do some blogging around midsomer, I thought we might as well keep with that tradition this year as well… And there's been some nice news in latest beta release of Maps, 3.33.3.

  • How to install Zorin OS on a computer from USB stick or DVD
  • Clear Linux Gets Questions Over Steam Integration, Other Plans For This High-Perf Distro

    Auke Kok of Intel / Clear Linux carried out the distribution's first ask-me-anything session today where he fielded questions ranging from Steam to under-served software projects. 

    Auke is a long-time Intel Linux developer and also one of the prominent contributors to Clear Linux going back to its early days. Among the highlights from Wednesday's "ask me anything" included: 

    - When asked about Fedora's flicker-free boot process, Auke pointed out that it's made possible in part through work spearheaded at Intel around the frame-buffer/fastboot code worked on by their graphics team. While it's great the shared work happening, from the Clear Linux perspective they are more focused on achieving lightning fast boot times over a slick boot process. But they may look into it in some aspect moving forward, but their priority is just to have a quick booting system.

  •  

  • Open Source Is Critical To Linode: Christopher Aker, Founder & CEO

    Linode is celebrating its 16th anniversary. Linode actually predates Amazon Web Services. We sat down with the founder and CEO of Linode, Christopher Aker, to talk about the history of Linode and how it enabled developers to reap the benefits of cloud before AWS came to exist.

Funding for GNU and Debian

Filed under
GNU
Debian
  • Paying (some) Debian developers

    In an offshoot of the Debian discussion we looked at last week, the Debian project has been discussing the idea of paying developers to work on the distribution. There is some history behind the idea, going back to the controversial Dunc-Tank initiative in 2006, but some think attitudes toward funding developers may have changed—or that a new approach might be better accepted. While it is playing out with regard to Debian right now, it is a topic that other projects have struggled with along the way—and surely will again.

    The discussion on the debian-devel mailing list about possibly recommending dh for building packages that we covered headed into a bit of a tangent on "difficult packaging practices" that might be preventing new people from contributing. From there, Andreas Tille brought up the longstanding idea of creating some kind of Debian equivalent to the Ubuntu personal package archives (PPAs). Raphaël Hertzog suggested that it might be worth using some of the money in the Debian bank account to fund the development of such a feature.

  • Double the movement: Inspire someone to explore free software

    Thank you for being part of our exceptionally generous community. Your interest in our mission is what got us where we are, in position to succeed if we keep at it. While it's incredible to have hundreds of thousands of subscribers around the world, we need to connect with millions if we're to realize a world free of proprietary software. This spring, we have set ourselves goals to reach 200 new members and 400 donations before July 15th, and to achieve them, we need your help. Please take this moment to publicly share your passion for free software. If each free software supporter inspires just one other, we can double our strength.

    We tasked free software designer Raghavendra Kamath with creating some inspiring visual images to help us spread our message further. You can find these banners and profile images, including their embed codes, here. Sharing these images online might inspire someone to explore free software, and may give reasons for you to educate your friends and family about why free software matters. Use the hashtag #ISupportFreeSoftware when you share the images online or on your social media.

Programming/Development Leftovers

Filed under
Development
  • ‘I code in my dreams too’, say developers in Jetbrains State of Developer Ecosystem 2019 Survey

    Last week, Jetbrains published its annual survey results known as The State of Developer Ecosystem 2019. More than 19,000 people participated in this developer ecosystem survey. But responses from only 7000 developers from 17 countries were included in the report. The survey had over 150 questions and key results from the survey are published, complete results along with the raw data will be shared later. Jetbrains prepared an infographics based on the survey answers they received. Let us take a look at their key takeaways:

  • Python and "dead" batteries

    Python is, famously, a "batteries included" language; it comes with a rich standard library right out of the box, which makes for a highly useful starting point for everyone. But that does have some downsides as well. The standard library modules are largely maintained by the CPython core developers, which adds to their duties; the modules themselves are subject to the CPython release schedule, which may be suboptimal. For those reasons and others, there have been thoughts about retiring some of the older modules; it is a topic that has come up several times over the last year or so.

    It probably had been discussed even earlier, but a session at the 2018 Python Language Summit (PLS) is the starting point this time around. At that time, Christian Heimes listed a few modules that he thought should be considered for removal; he said he was working on a PEP to that end. PEP 594 ("Removing dead batteries from the standard library") surfaced in May with a much longer list of potentially dead batteries. There was also a session at this year's PLS, where Amber Brown advocated moving toward a much smaller standard library, arguing that including modules in the standard library stifles their growth. Some at PLS seemed to be receptive to Brown's ideas, at least to some extent, though Guido van Rossum was apparently not pleased with her presentation and "stormed from the room".

  • When and How to Win With New Programming Languages
  • Understanding Data Ops and it's impact on Application Quality

Latest Security FUD

Filed under
Security

Linux Foundation, Kernel, and Linux Plumbers Conference

Filed under
Linux
  • Tech Giants Join Linux Foundation's Connected-Cities Efforts [Ed: Just surveillance capitalism inside Zemlin's PAC. Reminder: the spokesperson of the "Linux" Foundation is the former spokesperson of James Clapper.]
  • Generalized events notification and security policies

    Interfaces for the reporting of events to user space from the kernel have been a recurring topic on the kernel mailing lists for almost as long as the kernel has existed; LWN covered one 15 years ago, for example. Numerous special-purpose event-reporting APIs exist, but there are none that are designed to be a single place to obtain any type of event. David Howells is the latest to attempt to change that situation with a new notification interface that, naturally, uses a ring buffer to transfer events to user space without the need to make system calls. The API itself (which hasn't changed greatly since it was posted in 2018) is not hugely controversial, but the associated security model has inspired a few heated discussions.

  • Detecting and handling split locks

    The Intel architecture allows misaligned memory access in situations where other architectures (such as ARM or RISC-V) do not. One such situation is atomic operations on memory that is split across two cache lines. This feature is largely unknown, but its impact is even less so. It turns out that the performance and security impact can be significant, breaking realtime applications or allowing a rogue application to slow the system as a whole. Recently, Fenghua Yu has been working on detecting and fixing these issues in the split-lock patch set, which is currently on its eighth revision.

    [...]

    With a split lock, the value needs to be kept coherent between different CPUs, which means assuring that the two cache lines change together. As this is an uncommon operation, the hardware design needs to take a special path; as a result, split locks may have important consequences as described in the cover letter of Yu's patch set. Intel's choice was to lock the whole memory bus to solve the coherency problem; the processor locks the bus for the duration of the operation, meaning that no other CPUs or devices can access it. The split lock blocks not only the CPU performing the access, but also all others in the system. Configuring the bus-locking protocol itself also adds significant overhead to the system as a whole.

    On the other hand, if the atomic operation operand fits into a single cache line, the processor will use a less expensive cache lock. This all means that developers may increase performance and avoid split locks by actions like simply correctly aligning their variables.

  • Real-Time Microconference Accepted into 2019 Linux Plumbers Conference

    We are pleased to announce that the Real-Time Microconference has been accepted into the 2019 Linux Plumbers Conference! The PREEMPT_RT patch set (aka “The Real-Time Patch”) was created in 2004 in the effort to make Linux into a hard real-time designed operating system. Over the years much of the RT patch has made it into mainline Linux, which includes: mutexes, lockdep, high-resolution timers, Ftrace, RCU_PREEMPT, priority inheritance, threaded interrupts and much more. There’s just a little left to get RT fully into mainline, and the light at the end of the tunnel is finally in view. It is expected that the RT patch will be in mainline within a year, which changes the topics of discussion. Once it is in Linus’s tree, a whole new set of issues must be handled. The focus on this year’s Plumbers events will include:

Renaming openSUSE

Filed under
SUSE

At the 2019 openSUSE Conference, the openSUSE board discussed governance options at length. There will evidently be an official statement on its conclusions in the near future, but that has not been posted as of this writing. It would appear, though, that the board chose a foundation structure over the other options. A German registered association (e. V.) would have been easier to set up than a foundation, but an association has weaker restrictions so it could potentially shift its focus away from the openSUSE mission. Joining another umbrella group seemingly lacked appeal from the beginning, as did the option of doing nothing and leaving things as they are now.

The stated purpose of the foundation is to make it easier for openSUSE to accept donations and manage its own finances — things that are hard for the project to do now. The foundation structure, in particular, allows the project to enshrine its core objectives (such as support for free software) into the DNA of the organization, making it hard to divert the foundation toward some other goal. A foundation also allows openSUSE to retain its current governing board and membership structure.

In the absence of an official statement from the board, details on the decision and the reasoning behind it can be had by watching this YouTube video of a question-and-answer session with the board at the openSUSE Conference.

One motivation for the change that wasn't highlighted in the board session, but which was an undercurrent in the discussions leading up to it, is a desire for more independence from SUSE in general driven by concerns about what the company might do in the future. Such worries are not entirely irrational, even though by all accounts SUSE management is fully supportive of openSUSE now. A company's attitude can change quickly even in the absence of external events like a change of ownership. If SUSE were to be sold yet again, the new owners could take a rather dimmer view of the openSUSE project.

Read more

Security: National Security Agency (NSA) in Coreboot and NSA Back Doors in Microsoft Windows Out of Control

Filed under
Security
  • The NSA Is Looking To Contribute To A New x86 Security Feature To Coreboot

    The US National Security Agency (NSA) has developers contributing to the Coreboot project.

    Eugene Myers of the NSA under the Information Assurance Research, NSA/CSS Research Directorate, has been leading some work on an STM/PE implementation for Coreboot.

  • Coreboot Adds Support For Apollolake-Powered UP-Squared SBC Maker Board

    Coreboot now supports the UP Squared, the new single board computer / maker board based on an Intel Apollo Lake SoC.

    Not to be confused with the $35 Atomic Pi Intel SBC that aims to compete directly with the Raspberry Pi, the UP Squared is a higher-tier ~$150 board with more connectivity and options. The UP Squared offers dual Gigabit Ethernet, HDMI / DP, eMMC, mini-PCIe x1, MIPI CSI, 40-pin header, two USB 3.0 ports, and other options. Both Microsoft Windows and an assortment of Linux distributions are supported.

  • All-In-One Malware ‘Plurox’ Can Hack Your PC In ‘Three Different Ways’ [Ed: When you mean to say Microsoft Windows (with its NSA back doors) but instead you say "PC" as if Microsoft has nothing to do with it]

    The SMB plugin mentioned previously is essentially a repackaged NSA exploit called EternalBlue that was publicly leaked in 2017.

    The plugin allows bad actors to scan local networks and spread the malware to vulnerable workstations via the SMB protocol (running the EternalBlue exploit).

    But that’s not all. UPnP is actually the sneakiest and most nasty plugin among all. It creates port forwarding rules on the local network of a compromised system and uses it to build backdoors into enterprise networks bypassing firewalls and other security measures in place.

  • Windows 10 gets a lot of little fixes – and Microsoft reminds us it’ll start to force updates [Ed: Forced NSA back doors. Gone are the days of controlling our PCs if they contain proprietary software because "for our security/safety" (of course!) remote software modifications will be imposed on us.]

Audiocasts/Shows: TLLTS, FLOSS Weekly and BSD Now

Filed under
Interviews
  • The Linux Link Tech Show Episode 814
  • FLOSS Weekly 534: All Things Open 2019

    All Things Open is a polyglot technology conference focusing on the tools, processes and people making open source possible. Target audience includes designers, developers, decision makers, entrepreneurs and technologists of all types and skill levels.

  • OpenZFS in Ports | BSD Now 303

    The ZFS on FreeBSD project has renamed the userland and kernel ports from zol and zol-kmod to openzfs and openzfs-kmod
    The new versions from this week are IOCTL compatible with the command line tools in FreeBSD 12.0, so you can use the old userland with the new kernel module (although obviously not the new features)
    With the renaming it is easier to specify which kernel module you want to load in /boot/loader.conf: > zfs_load=”YES”
    or > openzfs_load=”YES”
    To load traditional or the newer version of ZFS

Syndicate content

More in Tux Machines

One Mix Yoga 3 mini laptop demostrated running Ubuntu

If you are in interested in seeing how the Ubuntu Linux operating system runs on the new One Mix Yoga 3 mini laptop. You are sure to be interested in the new video created by Brad Linder over at Liliputing. “ I posted some notes about what happened when I took Ubuntu 19.04 for a spin on the One Mix 3 Yoga in my first-look article, but plenty of folks who watched my first look video on YouTube asked for a video… so I made one of those too.” The creators of the One Mix Yoga 3 have made it fairly easy to boot an alternative operating system simply by plugging in a bootable flash drive or USB storage device. As the mini laptop is powering up simply hit the delete key and you will be presented by the BIOS/UEFI menu. Simply change the boot priority order so that the computer will boot from a USB device and you are in business. Read more

Security: Curl, Fedora, Windows and More

  • Daniel Stenberg: openssl engine code injection in curl

    This flaw is known as CVE-2019-5443. If you downloaded and installed a curl executable for Windows from the curl project before June 21st 2019, go get an updated one. Now.

  • Fedora's GRUB2 EFI Build To Offer Greater Security Options

    In addition to disabling root password-based SSH log-ins by default, another change being made to Fedora 31 in the name of greater security is adding some additional GRUB2 boot-loader modules to be built-in for their EFI boot-loader. GRUB2 security modules for verification, Cryptodisk, and LUKS will now be part of the default GRUB2 EFI build. They are being built-in now since those using the likes of UEFI SecureBoot aren't able to dynamically load these modules due to restrictions in place under SecureBoot. So until now using SecureBoot hasn't allowed users to enjoy encryption of the boot partition and the "verify" module with ensuring better integrity of the early boot-loader code.

  • Fedora 31 Will Finally Disable OpenSSH Root Password-Based Logins By Default

    Fedora 31 will harden up its default configuration by finally disabling password-based OpenSSH root log-ins, matching the upstream default of the past four years and behavior generally enforced by other Linux distributions. The default OpenSSH daemon configuration file will now respect upstream's default of prohibiting passwords for root log-ins. Those wishing to restore the old behavior of allowing root log-ins with a password can adjust their SSHD configuration file with the PermitRootLogin option, but users are encouraged to instead use a public-key for root log-ins that is more secure and will be permitted still by default.

  • Warning Issued For Millions Of Microsoft Windows 10 Users

    Picked up by Gizmodo, acclaimed Californian security company SafeBreach has revealed that software pre-installed on PCs has left “millions” of users exposed to hackers. Moreover, that estimate is conservative with the number realistically set to be hundreds of millions. The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them. What SafeBreach has discovered is a high-severity flaw which allows attackers to swap-out harmless DLL files loaded during Toolbox diagnostic scans with DLLs containing a malicious payload. The injection of this code impacts both Windows 10 business and home PCs and enables hackers to gain complete control of your computer. What makes it so dangerous is PC-makers give Toolbox high-permission level access to all your computer’s hardware and software so it can be monitored. The software can even give itself new, higher permission levels as it deems necessary. So once malicious code is injected via Toolbox, it can do just about anything to your PC.

  • Update Your Dell Laptop Now to Fix a Critical Security Flaw in Pre-Installed Software

    SafeBreach Labs said it targeted SupportAssist, software pre-installed on most Dell PCs designed to check the health of the system’s hardware, based on the assumption that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.” What the researchers found is that the application loads DLL files from a folder accessible to users, meaning the files can be replaced and used to load and execute a malicious payload. There are concerns the flaw may affect non-Dell PCs, as well. The affected module within SupportAssist is a version of PC-Doctor Toolbox found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool. The most effective way to prevent DLL hijacking is to quickly apply patches from the vendor. To fix this bug, either allow automatic updates to do its job, or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here). You can read a full version of the SafeBreach Labs report here.

  • TCP SACK PANIC Kernel Vulnerabilities Reported by Netflix Researchers

    On June 17th, Researchers at Netflix have identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

  • DNS Security - Getting it Right

    This paper addresses the privacy implications of two new Domain Name System (DNS) encryption protocols: DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). Each of these protocols provides a means to secure the transfer of data during Internet domain name lookup, and they prevent monitoring and abuse of user data in this process. DoT and DoH provide valuable new protection for users online. They add protection to one of the last remaining unencrypted ‘core’ technologies of the modern Internet, strengthen resistance to censorship and can be coupled with additional protections to provide full user anonymity. Whilst DoT and DoH appear to be a win for Internet users, however, they raise issues for network operators concerned with Internet security and operational efficiency. DoH in particular makes it extremely difficult for network operators to implement domain-specific filters or blocks, which may have a negative impact on UK government strategies for the Internet which rely on these. We hope that a shift to encrypted DNS will lead to decreased reliance on network-level filtering for censorship.

Drawpile 2.1.11 release

Version 2.1.11 is now out. In addition to bug fixes, this release adds one long awaited feature: the ability to detach the chat box into a separate window. Another important change is to the server. IP bans now only apply to guest users. When a user with a registered account is banned, the ban is applied to the account only. This is to combat false positives caused by many unrelated people sharing the same IP address because of NAT. Read more Also: Drawpile 2.1.11 Released! Allow to Detach Chat Box into Separate

Audiocasts/Shows: Going Linux, Linux Action News, TechSNAP, GNU World Order, Linux in the Ham Shack, Python Podcast

  • Going Linux #371 · Listener Feedback

    Bill continues his distro hopping. We discuss the history of Linux and a wall-mountable timeline. Troy gives feedback on Grub. Grubb give feedback on finding the right distribution. Highlander talks communication security and hidden files. Ro's Alienware computer won't boot. David provides liks to articles.

  • Linux Action News 111

    Ubuntu sets the Internet on fire, new Linux and FreeBSD vulnerabilities raise concern, while Mattermost raises $50M to compete with Slack. Plus we react to Facebook’s Libra confirmation and the end of Google tablets.
  • SACK Attack | TechSNAP 406

    A new vulnerability may be the next ‘Ping of Death’; we explore the details of SACK Panic and break down what you need to know. Plus Firefox zero days targeting Coinbase, the latest update on Rowhammer, and a few more reasons it’s a great time to be a ZFS user.

  • GNU World Order 13x26
  • LHS Episode #289: Linux Deep Dive

    Hello and welcome to Episode #289 of Linux in the Ham Shack. In this episode, LHS gets a visit from Jon "maddog" Hall, a legend in the open source and Linux communities. He discusses--well--Linux. Everything you ever wanted to know about Linux from its early macro computing roots all the way up to the present. If there's something you didn't know about Linux, you're going to find it here. Make sure to listen to the outtake after the outro for 30 more minutes on Linux you problem didn't know anything about. Thanks to Jon for an illuminating and fascinating episode.

  • Podcast.__init__: Behind The Scenes At The Python Software Foundation

    One of the secrets of the success of Python the language is the tireless efforts of the people who work with and for the Python Software Foundation. They have made it their mission to ensure the continued growth and success of the language and its community. In this episode Ewa Jodlowska, the executive director of the PSF, discusses the history of the foundation, the services and support that they provide to the community and language, and how you can help them succeed in their mission.