Language Selection

English French German Italian Portuguese Spanish


Microsoft Malware and Spyware, GNU/Linux Routers

Filed under
  • ‘We’re From Microsoft and We’ve Been Remotely Watching Your Computer’

    We are going into our third year of living in the Gardens of Taylor. When you come off of the city street and onto this property, you can sometimes get a creepy feeling, like this is familiar in an unpleasant sort of way. It can feel like you’ve just stepped into Stepford Village. Every yard has been manicured to match the ones on either side of it. The edging along all driveways and sidewalks is a perfect two inches across and if a weed or mushroom happens to grow within that etched space, it is gone the next time you look for it.

    Stuff like that just vanishes. Spooky like.

    Fact is, the property manager pays the lawn service to make a drive through every other day in order to take care of any anomalies. Once I got used to it, I became comfortable with living here, being that it’s for people with physical disabilities and age 55 or over.

    On moving-in day, we hadn’t been there an hour before people began to take notice of us from across the street. They would stop just long enough to pretend they weren’t checking us out, then they would be on their way. Some even stopped to help.


    Now Claude and Jane both run Linux. Their money is safe, and if anyone calls giving them instructions how to get a virus off of their Windows’ computer, they just laugh and hang up, but not before telling them they run Linux.

    There will come a day, maybe sooner than any of us think, when a scam like this might actually work on a Linux machine. In the past two years we’ve seen stories of Linux servers being compromised, and there is constant news that this or that piece of malicious code might be making its way to Linux computers soon.

    Being prudent, I run both Avast for day-to-day stuff and various Clam iterations for biweekly sweeps for rootkits. I exchange a lot of Windows stuff with my Reglue kids, so that’s only smart. Not that I expect anything to go south in the near future. Everything I’ve seen coming down the Linux pike demands hands-on the target computer to inject the badware.

    Here’s a Helios Helpful Hint: Don’t let someone you don’t know have access to your computer, sans the repair guy.

    However I do believe in preparedness. Jane’s Linux Mint install runs the same security as mine and I administrate it remotely (from home. I’ll get Claude up to speed on Wednesday.

    How long ago was it that many of us gave up on the “disconnected generation?” For a while I didn’t work with people who were so set in their ways that they bucked any suggestion of having to learn something new. And honest-to-goodness, a lady in the neighborhood asked me to make her computer the same way it was when she bought it. That would be the Windows Vista release. Sigh.

    “No ma’am. Not for any amount of money. Sorry.”

    I’m not into any more stress than necessary these days.

    Vista? Really?

  • Security Design: Stop Trying to Fix the User

    Every few years, a researcher replicates a security study by littering USB sticks around an organization's grounds and waiting to see how many people pick them up and plug them in, causing the autorun function to install innocuous malware on their computers. These studies are great for making security professionals feel superior. The researchers get to demonstrate their security expertise and use the results as "teachable moments" for others. "If only everyone was more security aware and had more security training," they say, "the Internet would be a much safer place."

    Enough of that. The problem isn't the users: it's that we've designed our computer systems' security so badly that we demand the user do all of these counterintuitive things. Why can't users choose easy-to-remember passwords? Why can't they click on links in emails with wild abandon? Why can't they plug a USB stick into a computer without facing a myriad of viruses? Why are we trying to fix the user instead of solving the underlying security problem?

  • Security Design: Stop Trying to Fix the User [It says (scroll down) "Getting a virus simply by opening an email was an urban legend, a technically impossible but scary sounding thing to frighten normies with, as late as the 90s. ...Microsoft made that myth real with the first release of Outlook"]
  • A tiny PC as a router

    We needed a router and wifi access point in the office, and simultaneously both I and my co-worker Ivan needed such a thing at our respective homes. After some discussion, and after reading articles in Ars Technica about building PCs to act as routers, we decided to do just that.

    The PC solution seem to offer better performance, but this is actually not a major reason for us.

    We want to have systems we understand and can hack. A standard x86 PC running Debian sounds ideal to use.

    Why not a cheap commercial router? They tend to be opaque and mysterious, and can't be managed with standard tooling such as Ansible. They may or may not have good security support. Also, they may or may not have sufficient functionality to be nice things, such as DNS for local machines, or the full power if iptables for firewalling.

    Why not OpenWRT? Some models of commercial routers are supported by OpenWRT. Finding good hardware that is also supported by OpenWRT is a task in itself, and not the kind of task especially I like to do. Even if one goes this route, the environment isn't quite a standard Linux system, because of various hardware limitations. (OpenWRT is a worthy project, just not our preference.)

Hardware Firewall: Choosing the Right Firewall Distribution

Filed under

Over the years I've bought some less than impressive consumer routers, so these days I run my own self-built hardware firewall appliance. Surprisingly, deciding on which option was best for my needs was not as easy as I had hoped.

Building a hardware firewall requires you to decide on the hardware your firewall/router computer operating system will be installed on. Like myself, some people might use an old PC. Others might decide to install their selected firewall operating system onto a rack mount server. However one decides to do this, the completed act of installing this OS onto the dedicated hardware creates a dedicated hardware firewall.

And unlike a software firewall, hardware firewalls serve a single dedicated purpose – to act as a gateway appliance for your network. Having had experience with three popular firewall operating systems in the past, I found that choosing the "right one" is a matter of perspective.

In this article, I'm going to share my experience and overall impressions about those three different firewall solutions. Some of these are highly advanced while others are incredibly easy to use. Each of these solutions share something that I feel good about sharing with my readers. All of the firewalls are easily downloadable without any annoying sign-up pages (I'm looking at you, Sophos).

Read more

GNU Linux-libre Kernel 4.8 Officially Released for Those Who Want 100% Freedom

Filed under

On October 2, 2016, immediately after Linus Torvalds announced the release of Linux kernel 4.8, Alexandre Oliva from the GNU Linux-libre project published the GNU Linux-libre 4.8 kernel for those who want 100% freedom when using a GNU/Linux OS.

Read more

Also: GNU Midnight Commander 4.8.18 Adds Syntax Highlighting for CUDA and GLSL, Fixes

GNU Linux-libre and Microsoft Slant on Linux 4.8

Filed under

Desktop: GNU/Linux Bug Reports, Creator of DirectX on the Demise of Microsoft, Vista 10 Share Falls

Filed under
  • The Bug Report

    So I get a bug report. It is on GNU/Linux, of course, because that is the only ecosystem that sends bug reports.

    So first I boot up my work box (Computer #1, Windows 10) which is the one that has the sweet monitor and try to VPN to the Server box (Computer #2, GNU/Linux Fedora Server, amd64). But, of course, at one point I'd stripped all the non-console-mode functionality off of the server, so VPN is a fail. I could have done the fix easily via ssh and emacs-nox, but, I figure it will only take a minute to get a graphical environment up and running.

    There's a GNU Linux VM running on VirtualBox on the work box, but, I get distracted from the actual problem when I can't figure out how to get VirtualBox to create a large screen. Totally not a problem, but, I get obsessed with this minutiae and can't let it go. I waste time tweaking the virtual graphics card settings with no effect.

  • Doom for Windows [Ed: by the creator of DirectX, who isn't pleased with Windows Update.]

    Windows failed to make the leap to new business models and new distributed computing paradigms such that now in the year 2016 Microsoft is on the cutting edge of adopting Apple’s 2007 business model for Windows 10. Here’s why Microsoft has reached the end of its road. They lost the mobile market, they lost search, they’re struggling to compete in the cloud and all they have left is a legacy OS with an architecture from the days of personal computing when connectivity was something only nerds and IT managers worried about. Now the idea of personal computer security is collapsing. It is readily becoming apparent that NOTHING can stop malicious attackers from eventually penetrating the best most advanced security measures of any personal device. Furthermore, as the Edward Snowden scandal has made plain to us all, if malicious attackers aren’t breaking into our computers, then the worlds governments are requiring companies to make their products vulnerable to intrusion. The idea that a lowly personal computer behind a frail consumer router… made in China… stands any chance of resisting serious hacking attempts is a fast fading dream.

    Back when I was making online game publishing DRM (Digital Rights Management) Solutions we measured the time it took Chinese and Russian hackers to crack our best latest security attempts in weeks. Today it can take a matter of days or hours.

    The Windows Operating system has become vast, bloated and cumbersome to maintain. It faces constant security bombardment by the entire worlds connected hacker community and government security agencies. The volume of patches it needs to maintain even the most rudimentary pretext of stability and security requires a constant and overwhelming flood of Windows updates. The seriousness of the situation and the sheer flood of data Microsoft is constantly sending to our computers is staggering. I wanted to show a screen shot of my HUGE Windows Update history but mysteriously, after this most recent disastrous update… Microsoft has seen fit to clear my machine of that information…

  • No Free Upgrades, No New Users: Windows 10 Declines for First Time Since Launch [Ed: based on Microsoft-connected firm]

    The latest batch of market share statistics provided by Net Applications for desktop operating systems puts Windows 10 on the second position in the rankings, but it also reveals something totally unexpected that happened last month.

    Windows 10 has actually lost market share last month despite the fact that everyone expected the operating system to continue its growth, which could be a sign that Microsoft’s 1 billion devices running Windows 10 goal might take a bit longer to become reality.

4MRecover 20.0 Data Recovery Live CD Is Now in Beta, Includes TestDisk 7.0

Filed under

4MLinux developer and project leader Zbigniew Konojacki informs Softpedia today, October 2, 2016, about the release and immediate availability for download of the Beta pre-release version of the upcoming 4MRecover 20.0 Live CD.

As you might know already, the 4MLinux 20.0 and 4MLinux Core 20.0 GNU/Linux distributions are in the works, which means that Zbigniew Konojacki is also preparing new versions of his other projects, including 4MRecover, a Live CD that can be used for data recovery independent of a computer operating system.

Therefore, 4MRecover 20.0 Beta is based on the Beta release of the 4MLinux 20.0 operating system, which should be officially promoted to the stable channel on the first day of November 2016, and it ships, as usual, with the powerful TestDisk 7.0 data recovery and PhotoRec 7.0 image recovery software.

Read more

NetworkManager 1.4.2 Released for GNU/Linux Distros with Various Improvements

Filed under

Beniamino Galvani announced a new stable release of the NetworkManager network configuration tool suite for GNU/Linux operating system, the second for the latest 1.4 series.

Read more

​ For lessons on digital swaraj, Gandhi is an open source

Filed under

Gandhi engaged with the copyright law to subvert the economics he disagreed with, and to infuse it with values close to his heart, wrote a US law professor in a 2013 paper titled ‘Gandhi and Copyright Pragmatism’. “Toward the later part of his life, he also came to deploy copyright law to curtail market-based exploitation when he could. In many ways then, Gandhi’s approach did with copyright law what open source licensing and the Creative Commons Project would begin doing with copyright in the 21st century,” wrote Shyamkrishna Balganesh of University of Pennsylvania Law School.

Now, consider the life and work of Richard M Stallman (callsign RMS in the geek-verse). A champion of the movement for Free and Open Source Software (FOSS), he is more commonly known as the pioneer of ‘Copyleft’. “If you want to accomplish something in the world,” says his Wikiquote page, “idealism is not enough — you need to choose a method that works to achieve the goal. In other words, you need to be pragmatic.” RMS was among the first to call for a free online encyclopaedia. Wikipedia, no surprise, is governed by Creative Commons licensing.

Read more

Licensing resource series: Free GNU/Linux distributions & GNU Bucks

Filed under

When Richard Stallman set out to create the GNU Project, the goal was to create a fully free operating system. Over 33 years later, it is now possible for users to have a computer that runs only free software. But even if all the software is available, putting it all together yourself, or finding a distribution that comes with only free software, would be quite the task. That is why we provide a list of Free GNU/Linux distributions.

Each distro on the list is commited to only distributing free software. With many to choose from, you can find a distro that meets your needs while respecting your freedom.

But with so much software making up an entire operating system, how is it possible to make sure that nothing nasty sneaks into the distro? That's where you, and GNU Bucks come in.

Read more

LXLE: A Linux distro to give new life to old hardware

Filed under

I’ll bet that somewhere, perhaps at home and most likely at work, you’ve got some old hardware lying around. What to do with it? It still works but what’s it running? Windows XP? Vista? Windows 7 Starter or Home Basic?

Yep, you’re stuck on some old version of Windows but moving that machine up to a newer version of Windows could be tricky ‘cause one or more of those old graphics cards and printer drivers have probably have fallen out of the update cycle.

Even if those subsystems are still available, you’ll still have a problem as the newer OSs' are pretty much guaranteed to suck the life out of old processors with the result that performance and therefore usability will be marginal at best.

So, what to do? Before you start looking for a deal on a new machine and an e-waste disposal site, consider moving to Linux and, most specifically, consider migrating to LXLE, the LXDE eXtra Luxury Edition (though some people also claim it stands for Lubuntu Extra Life Extension).

Read more

Syndicate content

More in Tux Machines

Leftovers: KDE


  • 4 Useful Cinnamon Desktop Applets
    The Cinnamon desktop environment is incredibly popular, and for good reason. Out of the box it offers a clean, fast and well configured desktop experience. But that doesn’t mean that you can’t make it a little better with a few nifty extras. And that’s where Cinnamon Applets come in. Like Unity’s Indicator Applets and GNOME Extensions, Cinnamon Applets let you add additional functionality to your desktop quickly and easily.
  • GNOME Core Apps Hackfest
    The hackfest is aimed to raise the standard of the overall core experience in GNOME, this includes the core apps like Documents, Files, Music, Photos and Videos, etc. In particular, we want to identify missing features and sore points that needs to be addressed and the interaction between apps and the desktop. Making the core apps push beyond the limits of the framework and making them excellent will not only be helpful for the GNOME desktop experience, but also for 3rd party apps, where we will implement what they are missing and also serve as an example of what an app could be.
  • This Week in GTK+ – 21
    In this last week, the master branch of GTK+ has seen 335 commits, with 13631 lines added and 37699 lines removed.

Leftovers: OSS and Sharing

  • Puppet Unveils New Docker Build and Phased Deployments
    Puppet released a number of announcements today including the availability of Puppet Docker Image Build and a new version of Puppet Enterprise, which features phased deployments and situational awareness. In April, Puppet began helping people deploy and manage things like Docker, Kubernetes, Mesosphere, and CoreOS. Now the shift is helping people manage the services that are running on top of those environments.
  • 9 reasons not to install Nagios in your company
  • Top 5 Reasons to Love Kubernetes
    At LinuxCon Europe in Berlin I gave a talk about Kubernetes titled "Why I love Kubernetes? Top 10 reasons." The response was great, and several folks asked me to write a blog about it. So here it is, with the first five reasons in this article and the others to follow. As a quick introduction, Kubernetes is "an open-source system for automating deployment, scaling and management of containerized applications" often referred to as a container orchestrator.
  • Website-blocking attack used open-source software
    Mirai gained notoriety after the Krebs attack because of the bandwidth it was able to generate — a record at well over 600 gigabits a second, enough to send the English text of Wikipedia three times in two seconds. Two weeks later, the source code for Mirai was posted online for free.
  • Alibaba’s Blockchain Email Repository Gains Technology from Chinese Open Source Startup
    Onchain, an open-source blockchain based in Shanghai, will provide technology for Alibaba’s first blockchain supported email evidence repository. Onchain allows fast re-constructions for public, permissioned (consortium) or private blockchains and will eventually enable interoperability among these modes. Its consortium chain product, the Law Chain, will provide technology for Ali Cloud, Alibaba’s computing branch. Ali Cloud has integrated Onchain’s Antshares blockchain technology to provide an enterprise-grade email repository. Onchain provides the bottom-layer framework for Ali Cloud, including its open-source blockchain capabilities, to enable any company to customize its own enterprise-level blockchain.
  • Netflix on Firefox for Linux
    If you're a Firefox user and you're a little fed up with going to Google Chrome every time in order to watch Netflix on your Linux machine, the good news is since Firefox 49 landed, HTML5 DRM (through the Google Widevine CDM (Content Decryption Manager) plugin) is now supported. Services that use DRM for HTML5 media should now just work, such as Amazon Prime Video. Unfortunately, the Netflix crew haven't 'flicked a switch' yet behind the scenes for Firefox on Linux, meaning if you run Netflix in the Mozilla browser at the moment, you'll likely just come across the old Silverlight error page. But there is a workaround. For some reason, Netflix still expects Silverlight when it detects the user is running Firefox, despite the fact that the latest Firefox builds for Linux now support the HTML5 DRM plugin.
  • IBM Power Systems solution for EnterpriseDB Postgres Advanced Server
    The primary focus of this article is on the use, configuration, and optimization of PostgreSQL and EnterpriseDB Postgres Advanced Server running on the IBM® Power Systems™ servers featuring the new IBM POWER8® processor technology. Note: The Red Hat Enterprise Linux (RHEL) 7.2 operating system was used. The scope of this article is to provide information on how to build and set up of PostgreSQL database from open source and also install and configure EnterpriseDB Postgres Advanced Server on an IBM Power® server for better use. EnterpriseDB Postgres Advanced Server on IBM Power Systems running Linux® is based on the open source database, PostgreSQL, and is capable of handling a wide variety of high-transaction and heavy-reporting workloads.
  • Valgrind 3.12 Released With More Improvements For Memory Debugging/Checking
  • [Valgrind] Release 3.12.0 (20 October 2016)
  • Chain Launches Open Source Developer Platform [Ed: If it’s openwashing, then no doubt Microsoft is involved]
  • LLVM Still Looking At Migration To GitHub
    For the past number of months the LLVM project has been considering a move from their SVN-based development process to Git with a focus on GitHub. That effort continues moving forward.
  • Lumina Desktop 1.1 Released With File Manager Improvements
    Lumina is a lightweight Qt-based desktop environment for BSD and Linux. We show you what's new in its latest release, and how you can install it on Ubuntu.
  • Study: Administrations unaware of IT vendor lock-in
    Public policy makers in Sweden have limited insight on how IT project can lead to IT vendor lock-in, a study conducted for the Swedish Competition Authority shows. “An overwhelming majority of the IT projects conducted by schools and public sector organisations refer to specific software without considering lock-in and different possible negative consequences”, the authors conclude.
  • How open access content helps fuel growth in Indian-language Wikipedias
    Mobile Internet connectivity is growing rapidly in rural India, and because most Internet users are more comfortable in their native languages, websites producing content in Indian languages are going to drive this growth. In a country like India in which only a handful of journals are available in Indian languages, open access to research and educational resources is hugely important for populating content for the various Indian language Wikipedias.
  • Where to find the world's best programmers
    One source of data about programmers' skills is HackerRank, a company that poses programming challenges to a community of more than a million coders and also offers recruitment services to businesses. Using information about how successful coders from different countries are at solving problems across a wide range of domains (such as "algorithms" or "data structures" or specific languages such as C++ or Java), HackerRank's data suggests that, overall, the best developers come from China, followed closely by Russia. Alarmingly, and perhaps unexpectedly, the United States comes in at 28th place.

OSS in the Back End

  • AtScale Delivers Findings on BI-Plus-Hadoop
    Business intelligence is the dominant use-case for IT organizations implementing Hadoop, according to a report from the folks at AtScale. The benchmark study also shows which tools in the Haddop ecosystem are best for particular types of BI queries. As we've reported before, tools that demystify and function as useful front-ends and connectors for the open source Hadoop project are much in demand. AtScale, billed as “the first company to allow business users to do business intelligence on Hadoop,” focused its study on the strengths and weaknesses of the industry’s most popular analytical engines for Hadoop – Impala, SparkSQL, Hive and Presto.
  • Study Says OpenStack at Scale Can Produce Surprising Savings
    Revenues from OpenStack-based businesses are poised to grow by 35 percent a year to more than $5 billion by 2020, according to analysts at 451 Research. In its latest Cloud Price Index, 451 Research analyzes the costs associated with using various cloud options to determine when it becomes better value to use a self-managed private cloud instead of public or managed cloud services. The idea is to createa complex pricing model that takes into consideration the major factors impacting total cost of ownership (TCO), including salaries and workload requirements.The 451 study found that because of the prevalence of suitably qualified administrators, commercial private cloud offerings such as VMware and Microsoft currently offer a lower TCO when labor efficiency is below 400 virtual machines managed per engineer. But where labor efficiency is greater than this, OpenStack becomes more financially attractive. In fact, past this tipping point, all private cloud options are cheaper than both public cloud and managed private cloud options.
  • How OpenStack mentoring breaks down cultural barriers
    Victoria Martinez de la Cruz is no stranger to OpenStack's mentorship opportunities. It's how she got her own start in OpenStack, and now a few years later is helping to coordinate many of these opportunities herself. She is speaking on a panel on mentoring and internships later this week at OpenStack Summit in Barcelona, Spain. In this interview, we catch up with Victoria to learn more about the details of what it's like to be a part of an open source internship, as well as some helpful advice for people on both sides of the mentoring process.