Language Selection

English French German Italian Portuguese Spanish

KDE

Qt 4.0 Progress

Filed under
KDE

Qt4 is really progressing well. The only problem at this point is that it still changes a lot even after Beta 2... So what’s new in Qt land since Beta 2?

KDE Kommander Arbitrary Code Execution Vulnerability

Filed under
KDE
Security

Eckhart Wörner has reported a vulnerability in KDE, which can be exploited by malicious people to compromise a user's system.

Cross Platform PIM on a Stick

Filed under
KDE

Available for memory sticks on Windows or Linux, the new release KDE-PIM/Platform independent lets you carry around your favourite KDE applications and your personal data in the palm of your hand. This device independent software can import your data directly from Outlook and sync it with KDE-PIM running on other computers. Based on the great work of the KDE-PIM developers, KDE-PIM/Pi is available for Windows, Linux and the Zaurus PDA and includes platform independent versions of KAddressbook and KOrganizer (Screenshots).

KDE kdelibs PCX Image Buffer Overflow Vulnerability

Filed under
KDE
Security

Bruno Rohee has reported a higthly critical vulnerability in KDE kdelibs, which potentially can be exploited by malicious people to compromise a vulnerable system.

The Linux Box Show: Aaron Seigo on KDE's Future

Filed under
KDE
-s

KDE developer Aaron J. Seigo on The Linux Box Show speaks of the new Appeal project and what that means for kde 4.0. He outlines three main principals for the Appeal project and that adds up to more eye candy and functionality for all.

KDE 3.4 offers improved accessibility

Filed under
KDE

zdnet has a nice little article covering KDE 3.4 accessibility features. They say, "An improved colour scheme and a tool that reads out text should make KDE Linux desktop more usable for those whose vision is impaired."

"It's a huge improvement in accessibility," said Matthias Dalheimer, a KDE developer. "There is a new screen reading technology for visually impaired people and a much better colour scheme with icons that have a high contrast."

KDE DCop DoS Vulnerability prior to 3.4

Filed under
KDE
Security

Sebastian Krahmer has reported a vulnerability in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the authentication process in the DCOP (Desktop Communication Protocol) daemon dcopserver. This can be exploited to lock the dcopserver for arbitrary local users. Successful exploitation may result in decreased desktop functionality for the affected user.

The vulnerability has been reported in versions prior to 3.4.

Solution: Upgrade to KDE 3.4 or apply patch.

Click for more information and links to patches.

Original information on dot.kde.org.

KDE 3.4 Unleashed

Filed under
KDE
Reviews
-s

Defined as a network transparent contemporary desktop environment for UNIX workstations similar to the desktop environments found under the MacOS or Microsoft Windows, KDE provides an easy-to-use highly customizable integrated graphical interface for today's most demanding tasks. These include email communication, newsgroup participaton, web surfing, instant messaging, graphic design and manipulation, multimedia capabilities thru audio and video applications, system monitoring, file managing, and even software package handling. Today we will look at the latest incarnation.

It's hitting the mirrors folks.

Filed under
KDE

KDE 3.4 scheduled to be released on March 16 is making it's way onto mirrors as planned. It is still not officially announced yet, but stay tuned. Mirrors should be fairly complete by morning. We will mostly likely get the go-ahead by then.

Please stop by the old homestead here tomorrow for a review and of course plenty of beautiful default and customized screenshots from little ole me in my gallery as well.

Interview, interview, they've all got it in to view

Filed under
KDE

On LugRadio Jono Bacon, Stuart Langridge, Ade Bradshaw, and Matt Revell talk about Linux and whatever else comes along, including:

Aaron Seigo, KDE developer, talks about what KDE's up to and dispels some myths about the desktop environment.

Link.

Syndicate content

More in Tux Machines

Raspberry Pi lookalike offers HDMI 2.0 and optional M.2

Geniatech’s “XPI-S905X” is a new Raspberry Pi pseudo clone with a quad -A53 Amlogic S905X plus 2GB RAM, up to 16GB eMMC, 4K-ready HDMI 2.0, LAN, 4x USB, touch-enabled LVDS, and optional M.2. Geniatech, which is known for Qualcomm based SBCs such as the Snapdragon 410 based, 96Boards-like Development Board IV and Snapdragon 820E based Development Board 8, has posted specs for a Raspberry Pi form factor board with a quad -A53, Amlogic S905X with 1/6GHz to 2GHz performance. No pricing is available for the XPI-S905X, which appears to be aimed at the OEM market. Read more

​Linus Torvalds talks about coming back to work on Linux

"'I'm starting the usual merge window activity now," said Torvalds. But it's not going to be kernel development as usual. "We did talk about the fact that now Greg [Kroah-Hartman] has write rights to my kernel tree, and if will be easier to just share the load if we want to, and maybe we'll add another maintainer after further discussion." So, Kroah-Hartman, who runs the stable kernel, will have a say on Linus' cutting-edge kernel. Will someone else get write permission to Torvalds' kernel code tree to help lighten the load? Stay tuned. Read more Also: Linux Foundation Technical Advisory Board election call for nominations

Mozilla: Firefox 65 Plans and Firefox 63 Analysis

  • Firefox 65 Will Block Tracking Cookies By Default
    Mozilla today released Firefox 63, which includes an experimental option to block third-party tracking cookies, protecting against cross-site tracking. You can test this out today, but Mozilla wants to enable it for everyone by default in Firefox 65.
  • The Path to Enhanced Tracking Protection
    As a leader of Firefox’s product management team, I am often asked how Mozilla decides on which privacy features we will build and launch in Firefox. In this post I’d like to tell you about some key aspects of our process, using our recent Enhanced Tracking Protection functionality as an example.
  • Firefox 63 Lets Users Block Tracking Cookies
    As announced in August, Firefox is changing its approach to addressing tracking on the web. As part of that plan, we signaled our intent to prevent cross-site tracking for all Firefox users and made our initial prototype available for testing. Starting with Firefox 63, all desktop versions of Firefox include an experimental cookie policy that blocks cookies and other site data from third-party tracking resources. This new policy provides protection against cross-site tracking while minimizing site breakage associated with traditional cookie blocking.
  • Firefox 63 – Tricks and Treats!
  • Firefox 63 Released, Red Hat Collaborating with NVIDIA, Virtual Box 6.0 Beta Now Available, ODROID Launching a New Intel-Powered SBC and Richard Stallman Announces the GNU Kind Communication Guidelines
    Firefox 63.0 was released this morning. With this new version, "users can opt to block third-party tracking cookies or block all trackers and create exceptions for trusted sites that don't work correctly with content blocking enabled". In addition, WebExtensions now run in their own process on Linux, and Firefox also now warns if you have multiple windows and tabs open when you quit via the main menu. You can download it from here.
  • Changes to how Mozilla Readability extracts article metadata in Firefox 63
    Mozilla Readability will now extract document metadata from Dublin Core and Open Graph Protocol meta tags instead of trying to guess article titles. Earlier this year, I documented how reader mode in web browsers extract metadata about articles. After learning about the messy state of metadata extraction for reader mode, I sought to improve the extraction logic used in Mozilla Readability. Mozilla Readability was one of the first reader mode parsers and it’s used in Firefox as well as other web browsers.

Security: Cross-Hyperthread Spectre V2 Mitigation Ready For Linux, Targeted vs General-Purpose Security and More

  • Cross-Hyperthread Spectre V2 Mitigation Ready For Linux With STIBP
    On the Spectre front for the recently-started Linux 4.20~5.0 kernel is STIBP support for cross-hyperthread Spectre Variant Two mitigation. Going back to the end of the summer was the patch work for this cross-hyperthread Spectre V2 mitigation with STIBP while now it's being merged to mainline.
  • Targeted vs General purpose security
    There seems to be a lot of questions going around lately about how to best give out simple security advice that is actionable. Goodness knows I’ve talked about this more than I can even remember at this point. The security industry is really bad at giving out actionable advice. It’s common someone will ask what’s good advice. They’ll get a few morsels, them someone will point out whatever corner case makes that advice bad and the conversation will spiral into nonsense where we find ourselves trying to defend someone mostly concerned about cat pictures from being kidnapped by a foreign nation. Eventually whoever asked for help quit listening a long time ago and decided to just keep their passwords written on a sticky note under the keyboard. I’m pretty sure the fundamental flaw in all this thinking is we never differentiate between a targeted attack and general purpose security. They are not the same thing. They’re incredibly different in fact. General purpose advice can be reasonable, simple, and good. If you are a target you’ve already lost, most advice won’t help you. General purpose security is just basic hygiene. These are the really easy concepts. Ideas like using a password manager, multi-factor-auth, install updates on your system. These are the activities anyone and everyone should be doing. One could argue these should be the default settings for any given computer or service (that’s a post for another day though). You don’t need to be a security genius to take these steps. You just have to restrain yourself from acting like a crazy person so whoever asked for help can actually get the advice they need.
  • Oracle Moves to Gen 2 Cloud, Promising More Automation and Security [Ed: Ellison wants people to blindly trust proprietary blobs for security (a bad thing to do, never mind the CIA past of Oracle and severe flaws in its DBs)].
    A primary message from Ellison is that the Gen 2 Oracle cloud is more secure, with autonomous capabilities to help protect against attacks. Ellison also emphasized the segmentation and isolation of workloads on the Gen 2 Oracle cloud, providing improved security.
  • Reproducible Builds: Weekly report #182
    Here’s what happened in the Reproducible Builds effort between Sunday October 14 and Saturday October 20 2018...