Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 14 Aug 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Social Mapper Debut

Filed under
OSS
  • Social Mapper: A free tool for automated discovery of targets’ social media accounts

    The tool takes advantage of facial recognition technology and searches for targets’ accounts on LinkedIn, Facebook, Twitter, Google+, Instagram, VKontakte, Weibo and Douban.

  • Social Mapper uses facial recognition to track 'targets' on social media

    RESEARCHERS at US security company Trustwave have released a rather scary new open source tool called 'Social Mapper' that can be used to track "targets" across social media networks using facial recognition.

    The potentially-devious tool works by taking an "automated approach" to searching popular social media sites for names and pictures of people you're looking to track. It can accurately detect and group a person's presence, outputting the results into a report that a human operator can quickly review.

    "Performing intelligence gathering is a time-consuming process, it typically starts by attempting to find a person's online presence on a variety of social media sites," the company asked itself in a news release announcing the software.

  • Social Mapper: This Open Source Tool Lets “Good” Hackers Track People On Social Media

    There are tons of automated tools and services that any shady hacker can employ to grab the public data on Facebook, Twitter, Google, or Instagram, and use it for notorious purposes. But what about the ethical hackers and security researchers who are looking for a means to achieve the same?

    To tackle this issue, security firm Trustwave has released an open source tool that can reduce the time being consumed for such intelligence collection process at a large scale. Called Social Mapper, the tool uses facial recognition to connect the dots on different social media and collect data.

  • Need a facial recognition auto-doxxx tool? Social Mapper has you covered

    Finding people's social media profiles can be a slow and manual business – so why not get facial recognition to help?

    That's the pitch coming from Trustwave's SpiderLabs, which wants to make life easier for penetration testers trying to infiltrate clients' networks and facilities using social engineering and targeted hackery.

    SpiderLabs' Jacob Wilkin explained that new tool Social Mapper can start with the name of an organisation on LinkedIn, a folder full of named images, or a CSV listing of names with URLs to images. With those inputs, he explained this week, the software's facial recognition capabilities can “correlate social media profiles across a number of different sites on a large scale.”

Prometheus Milestone

Filed under
Server

GNU/Linux on Laptops

Filed under
GNU
Linux
Google
  • Dell's Thunderbolt TB16 Dock Can Work With Linux & Drive Dual 4K Displays

    When it came to settling on the latest-generation Dell XPS 13 as my main production workhorse with Fedora Workstation 28, besides the laptop's own traits like its build quality, specs relative to price, and other factors, another important requirement was the ability to drive two 4K displays when at my desk. The Dell XPS 13 has no issue driving dual 4K screens via the Dell Thunderbolt TB16 dock.

  • Chrome OS update makes installing Linux apps easier
  • Chrome OS update simplifies installing Linux applications

    A recent Chrome OS update has made the installation of Linux applications as simple as most of the popular distributions.

    Chrome OS is based on the Linux kernel and it’s been possible to install applications designed for the latter for some time using tools like Crouton.

    However, installing Linux apps on Chrome OS has never been friendly to beginners and required users to be in developer mode and have some knowledge of the command line. A recent OS update has changed matters.

    [...]

    Linux distros have been around since the 90s and continue to build up a roster of desktop-optimised apps. For Chrome OS to ever be considered a serious work platform to rival Windows and Mac, it needed to embrace Linux apps.

  • 28 older Chromebooks now support Linux apps

    More Chromebooks from Acer, Asus, Dell, HP, Lenovo, and Samsung have received Linux app support. The change, which landed Thursday, will apply to some Chromebooks that released in 2015-2017, running Intel Braswell architecture and Kernel 3.18.

  • Chrome OS now supports installing arbitrary Linux packages

    Samsung recently presented the Galaxy Tab S4 as the ultimate productivity portable device but initial reviews have been rather scathing. Thanks to its timing, Samsung’s premium tablet is being compared to the likes of the cheaper iPad, the cheaper Surface Go, and, closer to home, Chromebooks. The latter, especially, is getting more and more talented and the latest experimental feature nearly turns it into that ultimate productivity OS. That is if you live and breathe Linux.

  • Linux Apps Coming To Older Braswell Chromebooks

    The addition of Linux apps to Chrome OS via the Crostini Project seems to be expanding at an exponential rate lately. Google has been content not sharing any insight into the project apart from the advantages it brings to developers but the latest update points at a larger target than just techies developing software.

    According to the commit, a decent number of Braswell-powered Chromebooks will soon be getting Linux app support.

Hardware and Wi-Fi Flaws

Filed under
Security

Patches for PostgreSQL and OpenEMR

Filed under
Security

Microsoft EEE and Openwashing

Filed under
Microsoft

New LibreOffice Version Offers Fresh Take

Filed under
LibO

Potential LibreOffice adopters should consider possible downsides, urged king. With more than two decades into the "revolution" sparked by Linux and open source solutions, LibreOffice still constitutes a small fraction of the productivity applications and tools market.

Would that be the case if these offerings really were superior? Adopting any new platform requires retraining, and that includes LibreOffice, he said. Most employees arrive knowing at least the rudiments of Word and other Microsoft apps.

Plus, to its credit, Microsoft has addressed many user complaints and Office 365 makes it cheaper and easier to use the company's solutions than ever before, added King.

"So companies have to sort out why they are considering LibreOffice," he suggested, to determine "what potential benefits are actually achievable and whether leaving behind a longtime market leading solution (Office) really makes sense."

Read more

Strawberry: Quality sound, open source music player

Filed under
OSS

I recently received an email from Jonas Kvinge who forked the Clementine open source music player. Jonas writes:

I started working on a modified version of Clementine already in 2013, but because of other priorities, I did not pick up the work again before last year. I had not decided then if I was creating a fork, or contributing to Clementine. I ended up doing both. I started to see that I wanted the program development in a different direction. My focus was to create a music player for playing local music files, and not having to maintain support for multiple internet features that I did not use, and some which I did not want in the program at all… I also saw more and more that I disagree with the authors of Clementine and some statements that have been made regarding high-resolution audio.

Read more

Valve May Soon Release a Native 64-Bit Version of Its Steam for Linux Client

Filed under
Linux
Software

Valve is certainly not the last software developer in the world to still offer 32-bit versions of its applications, but as the world kind of moved to 64-bit apps and operating systems, they will be forced to that too very soon.

Apple already forced their hands with the upcoming macOS Mojave 10.14 operating system, which will be available this fall, by deprecating support for 32-bit apps and urging application developers to move to 64-bit apps.

Read more

Latest ClearFog SBC offers four GbE ports and a 10GbE SFP+ port

Filed under
Linux
Ubuntu

SolidRun’s “ClearFog GT 8K” networking SBC runs Ubuntu on a network virtualization enabled quad -A72 Armada A8040 SoC and offers up to 16GB DDR4, 4x GbE ports, a WAN port, a 10GbE SFP+ port, and 3x mini-PCIe slots.

SolidRun has updated its ClearFog line of Linux-driven router SBCs with a ClearFog GT 8K model designed for high-end edge computing, virtual customer premise equipment (vCPE), network functional virtualization (NFV), network security, and general networking duty. The SBC runs Linux Kernel 4.4x, Ubuntu 16.04, and Google IoT Core on Marvell’s quad-core, up to 2GHz Cortex-A72 Armada A8040 SoC. Models are available with 8GB eMMC ($209), 128GB eMMC ($304), 8GB eMMC with 16GB RAM ($526), and 128GB eMMC with 16GB RAM ($621).

Read more

Games and Wine

Filed under
Gaming

Security Leftovers

Filed under
Security
  • People Think Their Passwords Are Too Awesome For Two Factor Authentication. They’re Wrong.
  • Security updates for Thursday
  • Let's Encrypt Now Trusted by All Major Root Programs

    Now, the CA’s root is directly trusted by almost all newer versions of operating systems, browsers, and devices. Many older versions, however, still do not directly trust Let’s Encrypt.

    While some of these are expected to be updated to trust the CA, others won’t, and it might take at least five more years until most of them cycle out of the Web ecosystem. Until that happens, Let’s Encrypt will continue to use a cross signature.

  • WPA2 flaw lets attackers easily crack WiFi passwords

    The security flaw was found, accidentally, by security researcher Jens Steube while conducting tests on the forthcoming WPA3 security protocol; in particular, on differences between WPA2's Pre-Shared Key exchange process and WPA3's Simultaneous Authentication of Equals, which will replace it. WPA3 will be much harder to attack because of this innovation, he added.

  • ​Linux kernel network TCP bug fixed

    Another day, another bit of security hysteria. This time around the usually reliable Carnegie Mellon University's CERT/CC, claimed the Linux kernel's TCP network stack could be "forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (DoS)."

  • State of Security for Open Source Web Applications 2018

    ach year, we publish a set of statistics summarizing the vulnerabilities we find in open source web applications. Our tests form part of Netsparker's quality assurance practices, during which we scan thousands of web applications and websites. This helps us to add to our security checks and continuously improve the scanner's accuracy.

    This blog post includes statistics based on security research conducted throughout 2017. But first, we take a look at why we care about open source applications, and the damage that can be caused for enterprises when they go wrong.

  • New Actor DarkHydrus Targets Middle East with Open-Source Phishing [Ed: Headline says "Open-Source Phishing," but this is actually about Microsoft Windows and Office (proprietary and full of serious bugs)]

    Government entities and educational institutions in the Middle East are under attack in an ongoing credential-harvesting campaign.

    Government entities and educational institutions in the Middle East are under attack in an ongoing credential-harvesting campaign, mounted by a newly-named threat group known as DarkHydrus. In a twist on the norm, the group is leveraging the open-source Phishery tool to carry out its dark work.

    The attacks follow a well-worn pattern, according to Palo Alto Networks’ Unit 42 group: Spear-phishing emails with attached malicious Microsoft Office documents are leveraging the “attachedTemplate” technique to load a template from a remote server.

KDE: Astronomy on KDE, MQTT/GSoC, Konversation Tip

Filed under
KDE
  • Astronomy on KDE

    I recently switched to KDE and Plasma as my main desktop environment, so I thought I'd start digging into some of the scientific software available on KDE. First up is KStars, the desktop astronomy program.

  • LabPlot's MQTT in the finish line

    Hello everyone. GSoC is coming to its end, so I think that I should give a report about what's been done since the last post, and also make a brief evaluation, summary of the project itself.

    As I've written in my last post, the main focus was on improving the quality of the code, cleaning, optimizing and properly documenting it. And also making it more comestible for other developers.

    The next step was searching for bugs and then fixing them. In order to do this properly, I implemented a unit test for the main MQTT related features. This proved to be useful since it helped discover several hidden bugs and errors which were all corrected. The main features, that tests were developed for, are: checking if a topic contains another one, checking if two topics are "common topics" (meaning they only differ at only one level, and are the same size), managing messages, subscribing&unsubscribing.

  • PSA: Use SASL in konversation

    You probably have seen that Freenode has been getting lots of spam lately.

    To protect against that some channels have activated a flag that only allows authenticated users to enter the channel.

    If you're using the regular "nickserv" authentication way as I was doing, the authentication happens in parallel to entering the channels and you'll probably be rejected from joining some.

Julia 1.0

Filed under
Development

The much anticipated 1.0 release of Julia is the culmination of nearly a decade of work to build a language for greedy programmers. JuliaCon2018 celebrated the event with a reception where the community officially set the version to 1.0.0 together.

[...]

Try Julia by downloading version 1.0 now. If you’re upgrading code from Julia 0.6 or earlier, we encourage you to first use the transitional 0.7 release, which includes deprecation warnings to help guide you through the upgrade process. Once your code is warning-free, you can change to 1.0 without any functional changes. The registered packages are in the midst of taking advantage of this stepping stone and releasing 1.0-compatible updates.

The single most significant new feature in Julia 1.0, of course, is a commitment to language API stability: code you write for Julia 1.0 will continue to work in Julia 1.1, 1.2, etc. The language is “fully baked.” The core language devs and community alike can focus on packages, tools, and new features built upon this solid foundation.

Read more

Also: Julia 1.0 Released, 2018 State of Rust Survey, Samsung Galaxy Note 9 Launches Today, Margaret Dawson of Red Hat Named Business Role Model of the Year in Women in IT Awards and Creative Commons Awarded $800,000 from Arcadia

GNOME’s Ace Retro Gaming App Just Keeps Getting Better

Filed under
GNOME
Gaming

Forget Super Smash Bros Ultimate; the best gaming related revelations this week concern the epic GNOME Games app.

The next version of this handy arcade front will let you navigate the GUI using your gamepad, browse and play MSX and Nintendo Virtual Boy games, and load your ROM library faster than a Sonic game can scream ‘SEAAAGAAA!’.

Read more

Educational Linux distribution Edubuntu has been (just about) discontinued

Filed under
Ubuntu

A few years ago the developers of Edubuntu that the Ubuntu-based operating system for teachers and students was going to skip the update to Ubuntu 16.04 and stay on Ubuntu 14.04 indefinitely. The two lead developers came to that decision after realizing that after a decade of working on the project, they didn’t have time to devote to keeping the operating system up to date.

As an open source project, the developers were hoping that someone else might be willing to step up and take over leadership of the project, but that hasn’t happened.

You can still download and use Edubuntu 14.04.5 today, but it’s based on a 4-year-old version of Ubuntu. And when Canonical pulls the plug on support for Ubuntu 14.04 in April, 2019 then the latest version of Edubuntu will also be unsupported.

Read more

today's leftovers

Filed under
Misc
Syndicate content

More in Tux Machines

5 of the Best Linux Educational Software and Games for Kids

Linux is a very powerful operating system, and that explains why it powers most of the servers on the Internet. Though it may not be the best OS in terms of user friendliness, its diversity is commendable. Everyone has their own need for Linux. Be it for coding, educational purposes or the internet of things (IoT), you’ll always find a suitable Linux distro for every use. To that end, many have dubbed Linux as the OS for future computing. Because the future belongs to the kids of today, introducing them to Linux is the best way to prepare them for what the future holds. This OS may not have a reputation for popular games such as FIFA or PES; however, it offers the best educational software and games for kids. These are five of the best Linux educational software to keep your kids ahead of the game. Read more

Kernel: NSA Code/Algorithm in Linux, Performance Superiority Over Windows, and Linux Foundation News

  • Linux 4.18 brings support for Vega M, Volta GV100 and, er, SPECK
    AFTER A WEEK'S DELAY, Linux kernel 4.18 stable has arrived. Announcing the release on Sunday, head of Linuxing Linus Torvalds said: "One week late(r) and here we are - 4.18 is out there. It was a very calm week, and arguably I could just have released on schedule last week, but we did have some minor updates." One notable change is that there's been a lot of code ditched - around 100,000 lines of obsolete code has been slashed.
  • The AMD Threadripper 2990WX shows even higher numbers when benchmarked on Linux
    Phoronix has done a performance comparison of the AMD Threadripper 2990WX in Windows 10 Pro and Linux and the results show Threadripper numbers significantly lower under Windows 10 Pro than in Linux. In some tests such as 7-Zip Compression, the Threadripper 2990WX posted almost 58% higher scores in Linux compared to Windows 10 Pro implying that Linux is a better OS of choice when testing high core count CPUs.
  • Diversity Empowerment Summit Highlights Importance of Allies
    Diversity and inclusion are hot topics as projects compete to attract more talent to power development efforts now as well as build their ranks to carry the projects into the future. The Diversity Empowerment Summit co-located with Open Source Summit coming up in Vancouver August 29-31, will offer key insights to help your project succeed in these endeavors. Although adoption of diversity and inclusion policies is generally seen as simply the right thing to do, finding good paths to building and implementing such policies within existing community cultures continues to be challenging. The Diversity Empowerment Summit, however, provides hard insights, new ideas, and proven examples to help open source professionals navigate this journey.
  • Hollywood rolls out red carpet for open source developers
    The launch of the ASWF is almost like creating a GitHub for the developers behind motion pictures, but open source is nothing new to the film industry. It dates back about 20 years, Andy Maltz, managing director of the Science and Technology Council at the Academy, told CIO Dive. Film "is the only art form that has a fundamental reliance on technology," he said. The film industry's use of tech dates back to photochemical technologies and proceeds to today's digital image capture.

Microsoft Openwashing and Infiltration Tactics

Debian GNU/Linux project to mark 25th birthday on Thursday

The Debian GNU/Linux project will turn 25 on Thursday, with the Linux distribution having made its debut on 16 August in 1993 under the leadership of the late Ian Murdock. In its original manifesto, Murdock stated: "Many distributions have started out as fairly good systems, but as time passes attention to maintaining the distribution becomes a secondary concern." Maintaining a Debian system was made simple after some developers created a package management system known as apt. Apt — and its derivatives like aptitude and synaptic — have served to make the task of updating a Debian system simple. With apt, the secondary concern that Murdock referred to was effectively taken care of. Incidentally, there are now about 29,000 packages available in Debian. Read more Also new (Debian-related news):

  • DebConf 18
  • Google Summer of Code 2018- Final Report
    This project aims at developing tools and packages which would simplify the process for new applicants in the open source community to get the required setup. It would consist of a GUI/Wizard with integrated scripts to setup various communication and development tools like PGP and SSH key, DNS, IRC, XMPP, mail filters along with Jekyll blog creation, mailing lists subscription, project planner, searching for developer meet-ups, source code scanner and much more! The project would be free and open source hosted on Salsa (Debian based Gitlab) I created various scripts and packages for automating tasks and helping a user get started by managing contacts, emails, subscribe to developer’s lists, getting started with Github, IRC and more.