Language Selection

English French German Italian Portuguese Spanish

Advertisement

Learn Linux Kernel Device Drivers With Linux Foundation Instructor Bill Kerr

Filed under
Advertisement
Linux

Bill Kerr has taught Linux Foundation courses in Linux Kernel internals, debugging, device drivers and application development for many years. He helped write the original Linux Foundation Training course materials and has been working with UNIX kernels for 35 years.

Read more

8 Ways to Write a Better Linux SysAdmin Job Posting

Filed under
Advertisement
GNU
Linux

Linux system administrators are in high demand these days and many hiring managers say they're having a hard time finding talent to fill their open positions. It's critical, then, for companies seeking skilled admins to hone their recruiting process in order to stay competitive – and this starts with writing an effective job posting.

Unfortunately, many companies aren't hitting the mark. Job postings for sysadmin positions are largely similar; they’re boring and generic, according to New York City-based recruiter Steve Levy.

Read more

Sourceforge Hijacks the Nmap Sourceforge Account

Filed under
Advertisement
Development

Hi Folks! You may have already read the recent news about Sourceforge.net
hijacking the GIMP project account to distribute adware/malware.
Previously GIMP used this Sourceforge account to distribute their Windows
installer, but they quit after Sourceforge started tricking users with fake
download buttons which lead to malware rather than GIMP. Then Sourceforge
took over GIMP's account and began distributing a trojan installer which
tries to trick users into installing various malware and adware before
actually installing GIMP.

Read more

Slashdot Burying Stories About Slashdot Media Owned SourceForge

Filed under
Advertisement
Development

If you’ve followed any tech news aggregator in the past week, you’ve probably seen the story about how SourceForge is taking over admin accounts for existing projects and injecting adware in installers for packages like GIMP. For anyone not following the story, SourceForge has a long history of adware laden installers, but they used to be opt-in. It appears that the process is now mandatory for many projects.

People have been wary of SourceForge ever since they added a feature to allow projects to opt-in to adware bundling, but you could at least claim that projects are doing it by choice. But now that SourceForge is clearly being malicious, they’ve wiped out all of the user trust that was built up over sixteen years of operating. No clueful person is going to ever download something from SourceForge again. If search engines start penalizing SourceForge for distributing adware, they won’t even get traffic from people who haven’t seen this story, wiping out basically all of their value.

Read more

SourceForge commits reputational suicide

Filed under
Advertisement
Development

Despite seeming reformed last year, SourceForge has been caught red-handed abusing the reputations of open source projects

Read more

SourceForge locked in projects of fleeing users, cashed in on malvertising [Updated]

Filed under
Advertisement
Development

The takeover of the SourceForge account for the Windows version of the open-source GIMP image editing tool reported by Ars last week is hardly the first case of the once-pioneering software repository attempting to cash in on open-source projects that have gone inactive or have actually attempted to shut down their SourceForge accounts. Over the past few years, SourceForge (launched by VA Linux Systems in 1999 and now owned by the tech job site company previously known as Dice) has made it a business practice to turn abandoned or inactive projects into platforms for distribution of "bundle-ware" installers.

Despite promises to avoid deceptive advertisements that trick site visitors into downloading unwanted software and malware onto their computers, these malicious ads are legion on projects that have been taken over by SourceForge's anonymous editorial staff. SourceForge's search engine ranking for these projects often makes the site the first link provided to people seeking downloads for code on Google and Bing search results.

And because of SourceForge's policies, it's nearly impossible for open-source projects to get their code removed from the site. SourceForge is, in essence, the Hotel California of code repositories: you can check your project out any time you want, but you can never leave.

Read more

[Ed: Why am I not surprised?]

SourceForge-GIMP Controversy

Filed under
Advertisement
GNU

SourceForge hijacks GIMP account, loads it with adware

Filed under
Advertisement
GNU

It looks like SourceForge has taken over the account of GIMP user Jernej Simončič who was maintaining the Windows version of the project.

Read more

Pandora FMS SP1 is finally here

Filed under
Advertisement
Development
News
Software

We are very pleased to announce the new Service Pack 1 for version 5.1 of Pandora FMS, with many new features and numerous bug fixes compared to the last release that we launched last June. You can find out everything below:

Microsoft to cut on software development, focus on ads

Filed under
Advertisement
Microsoft

Under the leadership of Satya Nadella, Microsoft has done a major reshuffle at the company. Nadella will be tightening the focus that the sharp and most celebrated CEO of the world, Steve Ballmer, gave to the company with attack campaigns against Google. Nadella is appointing Mark Penn as C-level executive promoting him to the role of chief strategy officer.

Read more ►

Syndicate content

More in Tux Machines

Security Leftovers

  • Security updates for Monday
  • Recursive DNS Server Fingerprint Problem

    Our goal is to identify hijacked resolvers by analyzing their fingerprints, in order to increase safety of Internet users. To do that, we utilize data collected via RIPE Atlas (atlas.ripe.net).

  • Online developer tutorials are spreading XSS and SQL injection flaws

    The researchers, from across three universities in Germany and Trend Micro, checked the PHP code bases of more than 64,000 projects on Github and uncovered more than 100 vulnerabilities that they believe might have been introduced as a result of developers picking up the code that they used from online tutorials.

  • BrickerBot, the permanent denial-of-service botnet, is back with a vengeance

    BrickerBot, the botnet that permanently incapacitates poorly secured Internet of Things devices before they can be conscripted into Internet-crippling denial-of-service armies, is back with a new squadron of foot soldiers armed with a meaner arsenal of weapons.

  • Reproducible Builds: week 104 in Stretch cycle
  • Webroot antivirus goes bananas, starts trashing Windows system files
    Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them – knackering PCs in the process. Not only were people's individual copies of the antivirus suite going haywire, but also business editions and installations run by managed service providers (MSPs), meaning companies and organizations relying on the software were hit by the cockup. Between 1200 and 1500 MST (1800 and 2100 UTC) today, Webroot's gear labeled Windows operating system data as W32.Trojan.Gen – generic-Trojan-infected files, in other words – and moved them into quarantine, rendering affected computers unstable. Files digitally signed by Microsoft were whisked away – but, luckily, not all of them, leaving enough of the OS behind to reboot and restore the quarantined resources.
  • How The Update Framework Improves Security of Software Updates
    Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That's the challenge that The Update Framework (TUF) aims to solve. Justin Cappos, assistant professor at New York University, detailed how TUF works and what's coming to further improve the secure updating approach in a session at last week's DockerCon 17 conference in Austin, Texas. Simply using HTTPS and Transport Layer Security (TLS) to secure a download isn't enough as there have been many publicly reported instances of software repositories that have been tampered with, Cappos said.
  • Security Updates for Ubuntu Phone to End in June
    Security updates for Ubuntu phone and tablet will end this June, Canonical has confirmed. Current OTA updates are currently limited to critical fixes and security updates — a decision we were first to tell you back in January. But after June 2017 Canonical “will no longer deliver any further updates”.
  • Canonical to stop supporting Ubuntu Phone in June
    Canonical had already announced development of its Ubuntu Phone software was ending. Now we know when the final nail goes in the coffin: June.
  • Malware Hunts And Kills Poorly Secured Internet Of Things Devices Before They Can Be Integrated Into Botnets
    Researchers say they've discovered a new wave of malware with one purpose: to disable poorly secured routers and internet of things devices before they can be compromised and integrated into botnets. We've often noted how internet-of-broken-things devices ("smart" doorbells, fridges, video cameras, etc.) have such flimsy security that they're often hacked and integrated into botnets in just a matter of seconds after being connected to the internet. These devices are then quickly integrated into botnets that have been responsible for some of the worst DDoS attacks we've ever seen (including last October's attack on DYN).

GNOME/GTK News

  • The Way GNOME Handles Wallpapers Really Annoys Me
    I love GNOME Shell — and no, not just because I’ve little choice now that is Ubuntu’s default desktop! But the more I use GNOME the more I learn that the desktop environment, like every other, has its own share of quirks, bugs and inconsistencies. Like the following appreciably niche niggle in the the way GNOME handles desktop wallpapers.
  • Drag-and-drop in lists
    I’ve recently had an occasion to implement reordering of a GtkListBox via drag-and-drop (DND). It was not that complicated. Since I haven’t seen drag-and-drop used much with list boxes, here is a quick summary of what is needed to get the basics working.

Containers News

  • How Kubernetes is making contributing easy
    As the program manager of the Kubernetes community at Google, Sarah Novotny has years of experience in open source communities including MySQL and NGINX. Sarah sat down with me at CloudNativeCon in Berlin at the end of March to discuss both the Kubernetes community and open source communities more broadly. Among the topics we covered in the podcast were the challenges inherent in shifting from a company-led project to a community-led one, principles that can lead to more successful communities, and how to structure decision-making.
  • How Microsoft helped Docker with LinuxKit and Moby Project [Ed: Microsoft 'helped'... embrace, extend, coerce; haven't Docker employees learned from history?]
    Today, supporting Linux is as critical to Microsoft as it is to Red Hat and SUSE.
  • How to make branding decisions in an open community
    On April 18, Docker founder Solomon Hykes made a big announcement via a pull request in the main Docker repo: "Docker is transitioning all of its open source collaborations to the Moby project going forward." The docker/docker repo now redirects to moby/moby, and Solomon's pull request updates the README and logo for the project to match. Reaction from the Docker community has been overwhelmingly negative. As of this writing, the Moby pull request has garnered 7 upvotes and 110 downvotes on GitHub. The Docker community is understandably frustrated by this opaque announcement of a fait accompli, an important decision that a hidden inner circle made behind closed doors. It's a textbook case of "Why wasn't I consulted?"

Ubuntu 17.04: Unity's swan song?

For the most part, not much has changed on Ubuntu's Desktop edition in the past year. Unity 7 has more or less remained the same while work was progressing on the next version of the desktop, Unity 8. However, now that both desktops are being retired in favour of the GNOME desktop, running Ubuntu 17.04 feels a bit strange. This week I was running software that has probably reached the end of its life and this version of Ubuntu will only be supported for nine months. I could probably get the same desktop experience and most of the same hardware support running Ubuntu 16.04 and get security updates through to 2021 in the bargain. In short, I don't think Ubuntu 17.04 offers users anything significant over last year's 16.04 LTS release and it will be retired sooner. That being said, I could not help but be a little wistful about using Unity 7 again. Even though it has been about a year since I last used Unity, I quickly fell back into the routine and I was once more reminded how pleasant it can be to use Unity. The desktop is geared almost perfectly to my workflow and the controls are set up in a way that reduces my mouse usage to almost nothing. I find Unity a very comfortable desktop to use, especially when application menus have been moved from the top panel to inside their own windows. While there are some projects trying to carry on development of Unity, this release of Ubuntu feels like Unity's swan song and I have greatly enjoyed using the desktop this week. While there is not much new in Ubuntu 17.04, the release is pretty solid. Apart from the confusion that may arise from having three different package managers, I found Ubuntu to be capable, fairly newcomer friendly and stable. Everything worked well for me, at least on physical hardware. Unity is a bit slow to use in a virtual machine, but the distribution worked smoothly on my desktop computer. Read more