Language Selection

English French German Italian Portuguese Spanish

Software

Proprietary Software Leftovers

Filed under
Software
  • GOWIN Semiconductor Adds Ubuntu Support to their GOWIN EDA FPGA Software for Improved Artificial Intelligence and IoT Development Toolchain Integration

    Traditional FPGAs have had a long history of development tool support for Windows and Red Hat, but in many cases lacked universal Linux support for other distributions such as Ubuntu. This has caused development burdens as Ubuntu has matured and become the most commonly supported operating system for Artificial Intelligence solution development. Neural network model development software such as Caffe, Tensorflow and Keras have found Ubuntu as the preferred operating system due to its open source support and scripting capabilities. As a result, having GOWIN’s FPGA EDA in the same operating system allows developers to seamlessly integrate FPGA synthesis, place and route and bitstream generation into their AI design and script work flows.

  • Kentucky official: Foreign actors, including Russians, North Koreans, target election system

    Previous attacks on election systems by foreign actors in the 2016 election focused on state-level systems, which have since beefed up security, though Dearing told legislators that "we’re now seeing those bad actors target the county level.”

  • New Workload Automation Platform Available on Linux and Windows Servers
  • War With Netflix and Disney Looms for India’s Top Local Streamer

    As global streaming giants Netflix Inc. and Walt Disney Co. spend millions of dollars to grab viewers in India, a country that could become their biggest overseas market, a homegrown rival is preparing to defend its turf.

    Zee5, the top domestic streaming platform set up by India’s biggest television broadcaster, is betting on local content to fend off big-spending rivals, Chief Executive Officer Tarun Katial said in an interview. The over-the-top, or OTT, service is playing to its advantage by adding more local-language shows and lower-price options to gain market share, he said.

  • DHS’s cyber wing responds to ransomware attack on pipeline operator [iophk: Windows TCO]

    The Department of Homeland Security’s cybersecurity agency recently responded to a ransomware attack on a natural gas compression facility that led the organization to shut down its operations for two days, the agency said Tuesday.

    The [attackers] were able to encrypt data on the organization’s IT and “operational technology” network, a broad term for a network that oversees industrial processes. No longer able to read data coming from across its enterprise, the facility shut down its various assets, including its pipelines, for two days.

  • Alert (AA20-049A): Ransomware Impacting Pipeline Operations [iophk: Windows TCO]

    CISA responded to a cyberattack affecting control and communication assets on the operational technology (OT) network of a natural gas compression facility. A cyber threat actor used a Spearphishing Link [T1192] to obtain initial access to the organization’s information technology (IT) network before pivoting to its OT network. The threat actor then deployed commodity ransomware to Encrypt Data for Impact [T1486] on both networks. Specific assets experiencing a Loss of Availability [T826] on the OT network included human machine interfaces (HMIs), data historians, and polling servers. Impacted assets were no longer able to read and aggregate real-time operational data reported from low-level OT devices, resulting in a partial Loss of View [T829] for human operators. The attack did not impact any programmable logic controllers (PLCs) and at no point did the victim lose control of operations. Although the victim’s emergency response plan did not specifically consider cyberattacks, the decision was made to implement a deliberate and controlled shutdown to operations. This lasted approximately two days, resulting in a Loss of Productivity and Revenue [T828], after which normal operations resumed. CISA is providing this Alert to help administrators and network defenders protect their organizations against this and similar ransomware attacks.

  • Chinese-linked [cracking] group using Windows backdoors to go after gambling industry targets

    A nation-state actor that has links with Chinese [attackers] is exploiting two new backdoors to run a cyber-espionage campaign against gambling entities in Southeast Asia, according to Trend Micro research.

    The new activity, which is also reportedly occurring in Europe and the Middle East, was first unearthed last year when cybersecurity consultancy Talent-Jump Technologies found a Microsoft Windows backdoor and contacted Trend Micro while conducting incident response for a company based in the Philippines.

Proprietary Software and Security

Filed under
Software
Security
  • TurboTax Is Still Tricking Customers With Tax Prep Ads That Misuse the Word “Free”

    On Dec. 30, the IRS announced it was revamping a long-standing agreement with the online tax preparation industry in which companies offer free filing to people with incomes below certain levels, a category that includes 70% of filers. The change in what’s known as the Free File program came in the wake of multiple ProPublica articles that revealed how the companies in the program steered customers eligible for free filing to their paid offerings. Under the updated agreement, the companies are now prohibited from hiding their Free File webpages from Google searches, and the IRS was allowed to create its own online tax-filing system.

    So far, it seems, the companies are abiding by their promise to make their Free File webpages visible in online searches. But the updated agreement appears to have a loophole: It doesn’t apply to advertising. Nothing in it, the agreement states, “limits or changes the rights” of participating companies to advertise “as if they were not participating in the Free File program.”

  • Ransomware Shuts Gas Compressor for 2 Days in Latest Attack [iophk: Windows TCO]

    It appears likely that the attacker explored the facility’s network to “identify critical assets” before executing the ransomware attack, according to Nathan Brubaker, a senior manager at the cybersecurity firm FireEye Inc. This tactic -- which has become increasingly popular among hackers -- makes it “possible for the attacker to disable security processes that would normally be enough to detect known ransomware indicators,” he said.

  • Twitter says Olympics, IOC accounts [cracked]

    Twitter (TWTR.N) said on Saturday that an official Twitter account of the Olympics and the International Olympic Committee’s (IOC) media Twitter account had been [cracked] and temporarily locked.

    The accounts were [cracked] through a third-party platform, a spokesperson for the social media platform said in an emailed statement, without giving further details.

  • Olympics, IOC accounts were [cracked], Twitter says

    The social media company Twitter on Saturday said that the official Twitter accounts for the Olympics as well as the International Olympic Committee (IOC) have both been [cracked] and temporarily locked.

  • Apple warns revenue will be lower than expected because of coronavirus impact

    In a rare investor update on Monday, Apple said the global effects of the coronavirus outbreak are having have a material impact on the company bottom line. The company does not expect to meet its own revenue guidance for the second quarter due to the impact of the virus, and warns that “worldwide iPhone supply will be temporarily constrained.” Store closures and reduced retail traffic in China are also expected to have a significant impact.

    All of Apple’s iPhone manufacturing partner sites have been reopened but are “ramping up more slowly than we had anticipated,” which means that fewer iPhones than expected will be manufactured. As a result, “[t]hese iPhone supply shortages will temporarily affect revenues worldwide,” says Apple.

  • We decided to leave AWS

    For past adventures, I mostly use third-party email delivery services like Postmark, SendGrid, SES, etc. Unfortunately their pricing models are based on the number of emails, which are not compatible with the unlimited forwards/sends that SimpleLogin offers. In addition, we want SimpleLogin to be easily self-hosted and its components fit on a single server. For these reasons, we decide to run our MTA (Mail Transfer Agent) on EC2 directly.

  • [Old] Kerberos (Sleepy: How does Kerberos work? – Theory

    The objective of this series of posts is to clarify how Kerberos works, more than just introduce the attacks. This due to the fact that in many occasions it is not clear why some techniques works or not. Having this knowledge allows to know when to use any of those attacks in a pentest.

    Therefore, after a long journey of diving into the documentation and several posts about the topic, we’ve tried to write in this post all the important details which an auditor should know in order to understand how take advantage of Kerberos protocol.

    In this first post only basic functionality will be discussed. In later posts it will see how perform the attacks and how the more complex aspects works, as delegation.

  • [Old] Kerberos (II): How to attack Kerberos?

    These attacks are sorted by the privileges needed to perform them, in ascending order. Thus, to perform the first attacks only connectivity with the DC (Domain Controller) is required, which is the KDC (Key Distribution Center) for the AD (Active Directory) network. Whereas, the last attack requires a user being a Domain Administrator or having similar privileges.

  • Kerberos (III): How does delegation work?

    In this article, we will focus on understand how the different kinds of delegation work, including some special cases. Additionally, some scenarios where it could be possible to take advantage of these mechanisms in order to leverage privilege escalation or set persistence in the domain will be introduced.

    Before starting with the explanations, I will assume that you already understand Kerberos’ basic concepts. However, if expressions like TGT, TGS, KDC or Golden ticket sound strange to you, you should definitely check the article “How does Kerberos works?” or any related Kerberos’ introduction.

Proprietary Software and Games for GNU/Linux

Filed under
GNU
Linux
Software

Komikku is a GTK Manga App for Linux

Filed under
Software

If you read a lot of manga and you use the Ubuntu desktop check out Komikku, a relatively new Manga reader app for Linux written in Python and GTK.

Now, usually when I highlight a GTK app on this blog you’d assume that I’m talking about a desktop app. But with GTK apps now running on mobile (like the Librem 5, for instance) a new breed of Linux software is emerging, built with mobile first use cases in mind.

And Komikku is one such app.

Alex, aka BabyWogue, aka the Linux YouTube guy who uses a robot voice and anime wallpaper in every video, recently shared a concise video overview of Komikku (it’s how I heard about it in the first place) and how it runs on …a desktop...

Read more

Also: BingWall is —Yes, a Bing Wallpaper App for Ubuntu

Rclone Browser (Fork) 1.8.0 Gets Proxy Support, Option To Create Public Link

Filed under
Software
Web

Rclone Browser (fork), a Qt5 GUI for Rclone, was updated to version 1.8.0, getting proxy support, an option to display the complete directory tree for a remote, and the ability to create a public link to easily share files, among others.

Rclone Browser is a cross-platform (Windows, macOS and Linux) Qt5 GUI for Rclone, a command line tool to synchronize (and mount) files from remote cloud storage services like Google Drive, OneDrive, Nextcloud, Dropbox, Amazon Drive and S3, Mega, and others.

This GUI can be used to simplify operations like copying a file from one cloud storage to another or to the local drive, mount cloud storages on your system with a click, and browsing the contents of various cloud storage remotes in a tabbed interface.

Read more

Getting started with OpenTaxSolver

Filed under
Software

OpenTaxSolver is an open source application for US taxpayers to calculate their state and federal income tax returns. Before I get into the software, I want to share some of the information I learned when researching this article. I spent about five hours a day for a week looking into open source options for doing your taxes, and I learned about a lot more than just tax software.

The Internal Revenue Service's (IRS's) Use of federal tax information (FTI) in open source software webpage offers a large amount of information, and it's especially relevant to anyone who may want to start their own open source tax software project.

Read more

Second Shortwave Beta

Filed under
Software
GNOME

Today I can finally announce the second Shortwave Beta release! I planned to release it earlier, but unfortunately the last few weeks were a bit busy for me.

Read more

Best Wallpaper Slideshow Apps for Linux

Filed under
Software

Many Linux users love to customize and personalize their desktop environment. Linux offers plenty of choices to customize almost every part of the desktop including automatic switching of desktop background at periodic intervals. This article will list some wallpaper slideshow apps that can find and apply desktop backgrounds automatically based on your interests.

Read more

Wine 5.2 release

Filed under
Software

The Wine development release 5.2 is now available.

What's new in this release (see below for details):
- More compatible codepage mapping tables.
- Support for using the null display driver as a real driver.
- Better UTF-8 support in the Resource and Message Compilers.
- Fixes for using ucrtbase as C runtime.
- Various bug fixes.

The source is available from the following locations...

Read more

Also: Wine 5.2 With Better Handling For The Null Display Driver, UTF-8 Support

The Wine 5.2 development release is out

Open Source Audio-Video: 8 Replacements for Expensive Applications

Filed under
Software

Open source audio-video software offers an alternative to paying for expensive proprietary software. And in many cases, the open source options are as good as or better than the comparable commercial, proprietary solutions. In fact, users site the top reasons why they use open source software as: the features, freedom from vendor lock-in and the quality of the solutions. Price and total cost of ownership weren't even on the list. In other words, people are using open source because the software is so good, and the fact that it is free is just a side benefit.

The list of audio-video software below includes a variety of open source software for home users and SMBs. All of these applications can replace commercial products that can carry high prices. Even if buyers choose to purchase support or other services for their open source software, the open source options are generally much more affordable than the comparable proprietary solutions.

Read more

Also: Record screencast or web cam video with VokoscreenNG an open source program for Windows and Linux

Syndicate content

More in Tux Machines

today's howtos

How to Modify Groups in Linux With groupmod Command

Learn how to modify group properties like group name and group ID with the groupmod command in Linux. Read more

today's leftovers

  • Hands-On Lab: Oracle Linux Disk Encryption Using Network Based Key Services

    Many Linux environments require data to be encrypted at rest but that can add administrative overhead to the boot process. Oracle Linux has supported disk encryption since version 5 but a feature was added in 7 update 4 to allow the automatic unlocking of devices based on external network services. Network Bound Disk Encryption (NBDE) uses a network based key service to validate a system is on a trusted network and unlock encrypted disks upon boot. By combining NBDE and a keyboard entered passphrase the system will unlock a disk automatically during boot but allow administrators to use a passphrase during maintenance operations. A new hands-on lab Oracle Linux Disk Encryption Using Network Based Key Services is now available for anyone to learn the concepts of Linux disk encryption. The lab begins with the creation of a encrypted block device dependent on a passphrase and continues to an example of network based keys to unlock the device. Oracle Linux 8 is used but the same tools are available on Oracle Linux 7. The base components involved include dm-crypt which allows arbitrary block devices to be encrypted, Linux Unified Key Setup (LUKS) a disk encryption standard and cryptsetup which is used to configure our disks. We continue to include Tang, a network service that provides cryptographic services over HTTP and Clevis, an encryption framework. Clevis can use keys provided by Tang as a passphrase to unlock LUKS volumes.

  • Mir 1.7.1 Released With X11 Support Promoted Out Of "Experimental" Phase

    Most significant with Mir 1.7.1 is the X11 support being improved to the point that it's no longer considered experimental for running traditional X11 software atop Wayland. Passing --enable-x11 now can be used for enabling the X11 support rather than the prior "x11-display-experimental" option. Mir 1.7.1 saw a lot of work to the XWayland and X11 window manage code, including a new display FD option.

  • SUSE Manager 4 Brings the Power of DevOps to Your Enterprise Linux Environment

    DevOps is an IT management philosophy that requires speed, efficiency and confidence. A DevOps environment is constantly evolving: Containers spin up, new applications appear, tools are tested and updates happen—all without stoppages or significant downtime.

  • Liquid Prep, a solution that helps farmers optimize water usage during droughts, is now open source

    When a prolonged absence of water in a region leads to drought conditions, the entire ecosystem suffers. Among those hardest hit are farmers, and the impact on their land can have ripple effects on the larger population. These larger problems can range from health issues or food security, while also creating conditions that increase the risk of wildfires and dust storms. Created by five technologists from the IBM offices in Ottawa, Ontario, Canada, Liquid Prep is a solution designed for low-literate farmers in developing countries whose success hinges on access to advanced agricultural advice. By leveraging the use of an intuitive mobile Android app, local soil sensors, and weather forecast information as well as an advanced agricultural decision platform hosted on IBM Cloud, farmers are better informed on how to use limited water supplies and increase their chances of growing healthy crops for their small plots of land.

  • Linux-ready SBCs and mini-PCs run Ryzen Embedded, including new 8-10W R1305G

    Sapphire unveiled NP-FP5 and BP-FP5 SBCs with Ryzen V1000 and R1000 SoCs plus a G-series board, and Simply NUC revealed Red Oak (NP-FP5) and Post Oak (BP-FP5) mini-PCs based on the Ryzen SBCs. The NP-FP5 and Red Oak support AMD’s new 8-10W R1305G. At Embedded World, Sapphire Technology announced a pair of 4 x 4-inch (101.6 x 101.6mm) SBCs that run Linux or Win 10 on AMD’s x86-based Ryzen Embedded V1000 and R1000 SoCs. The dual 4K display NP-FP5 and more feature-rich, triple 4K display BP-FP5 SBCs support the same V1000 and R1000 models. The lower-end NP-FP5 also supports the low-power, 8-10W TDP R1305G, which was announced today by AMD along with a 6W R1102G.

  • Mirantis co-founder launches FreedomFi to bring private LTE networks to enterprises

    Boris Renski, the co-founder of Mirantis, one of the earliest and best-funded players in the OpenStack space a few years ago (which then mostly pivoted to Kubernetes and DevOps), has left his role as CMO to focus his efforts on a new startup: FreedomFi. The new company brings together open-source hardware and software to give enterprises a new way to leverage the newly opened 3.5 GHz band for private LTE and — later — 5G IoT deployments.

  • WordPress 5.4 Beta 3

    WordPress 5.4 Beta 3 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. [...] WordPress 5.4 is slated for release on March 31st, 2020, and we need your help to get there. Thanks to the testing and feedback from everyone who tested beta 2 (and beta 1) over 24 tickets have been closed in the past week.

  • Luis Villa: Surviving 2020 on Twitter

    At some point in the past few years, I accepted that I’m going to have a baseline level of anger about the state of the world, and that I have to focus on what I can change and let go of what I can’t. (Twitter anger is the latter.) So what can I change? Where is my anger productive? I’ve found that doing things offline—for me, mostly giving money—really helps. In particular, giving to causes that seek systemic (usually, that means political/government) change like 350.org and local activist groups, and giving a lot, and regularly. This, frankly, makes it a lot easier for me to ignore anger online — each new tweet is not likely to make me be more angry, or give more, because I’m already basically giving what I can. Being confident about that really reduced my FOMO when I started filtering aggressively. I hear from non-parents/non-startup-founders that physical-world activism (door-knocking, phone banking, local gov meeting-attending, etc.) can be great in this way too but sadly I can’t confirm :( (I also want to acknowledge that, in the current state of the world, ‘letting go’ gets harder the less privilege you have. I have no great response to that, except to say that I empathize and am trying to fight for you where and how I can.)

  • Why Source Code Scanning Tools are Essential to Open Source Compliance [Ed: This promotes proprietary software of Microsoft 'proxies', along with FUD, to make proprietary software sales]

    There are many scanning tools and vendors to choose from. For example, Black Duck, WhiteSource, and FOSSA are well-known vendors that offer scanning tools on a subscription basis. FOSSology is an open source scanning tool maintained by the Linux Foundation, but it doesn’t come with a pre-populated library of open source code or software repository, which you would need to build on your own.

  • Google and Microsoft are scaring consumers over Edge extensions, and for what?

    Simply trying to install a Chrome extension via the Chrome Web Store actually requires navigating through several warnings, from both Google and Microsoft, about where to go to install an extension. The confusion and frustration this no doubt creates with users reflects poorly on both sides.

today's howtos