Language Selection

English French German Italian Portuguese Spanish

Software

Applications/Software: Jailhouse, VirtualBox, Git-cinnabar, Rclone and Cod

Filed under
Software
  • Jailhouse 0.12 Hypervisor Adds Raspberry Pi 4 Support

    Siemens continues investing in Jailhouse as a Linux-based simplicity-minded partitioning hypervisor catering to bare metal appliances. Jailhouse 0.12 is out today as their first feature update since last summer and comes with numerous hardware support improvements and new features.

    Jailhouse 0.12 comes with better driver support as well as an experimental VirtIO transport model. Siemens developers are discussing with VirtIO and QEMU communities over a new shared memory device model and concurrently is pushing forward with more improvements of their own.

  • VirtualBox Shared Folder Driver Seeks Inclusion In Linux 5.6

    After being added to Linux 5.4 and then being ejected a week later when it was clear not enough testing took place, the VirtualBox Shared Folder "VBOXSF" driver is now trying to make it into Linux 5.6.

    Al Viro sent in the VBOXSF driver on Saturday though as of writing Linus Torvalds hasn't yet pulled it in. Since its dismissal from Linux 5.4, this VirtualBox driver has seen more testing and fixes.

    The driver is more than three thousand lines of code. As with the other VirtualBox drivers that have been mainlined to the Linux kernel in recent times, it's not Oracle engineers working on it but sadly other upstream developers seeking to improve the out-of-the-box Linux guest support for this virtualization platform.

  • Announcing git-cinnabar 0.5.4

    Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.

  • Cloud Storage Sync Program Rclone 1.51 Adds SugarSync And Memory Backends, Async Mount Reads

    The latest Rclone 1.51.0 release adds new memory and SugarSync backends, async mount reads which results in a 20% speedup, and much more.

    Rclone is a free and open source command line program for synchronizing files and folders to and from cloud storage services like Amazon Drive and S3, Google Drive / Photos and Cloud Storage, Dropbox, Nextcloud, Microsoft OneDrive, DigitalOcean Spaces, pCloud, Mega, Yandex Disk, and many others (with WebDAV and SFTP also supported). It's available for Linux, macOS, *BSD, Solaris and Windows.

    The tool features encryption, cache and union (similar to UnionFS) backends, a built-in experimental Web based GUI (added in version 1.49), multi-threaded downloads to local disk, it preserves timestamps on files, and it has partial sync support on a whole file basis. There are some third-party GUI programs that make managing Rclone easier, including Rclone Browser (updated fork) which runs on Linux, macOS and Windows.

  • Cod: New Command Line Autocomplete Daemon For Bash and Zsh That Detects --help Usage

    Cod is a new command line completion daemon written in Go for Bash and Zsh. The tool detects the usage of --help commands to generate autocompletion for commands that don't support it.

    Command-line completion (tab completion / autocompletion) is a common feature among command-line interpreters, in which the program automatically fills in partially typed commands when pressing the completion key, which is usually Tab. By using it, fewer keystrokes are required to access common commands, and it makes it easy to autocomplete commands / filenames with long or difficult to spell names.

    The elements that can be completed are not only commands and filenames, but also command arguments, and this is what Cod does. It parses the output of --help for a particular command, and based on that it generates autocompletion for Bash or Zsh shells. Some commands already support autocomplete for arguments (for example ls - type ls --fu and press Tab to autocomplete it to ls --full-time), but some don't and Cod can help in those cases.

12 Excellent Free Scorewriters – Compose, arrange, print, and publish music

Filed under
Software

A scorewriter (often known as notation software or music notation processor) is software used with a computer for creating, editing and printing sheet music.

For a musician to be able to read, understand, and play music, a composition needs to be in written form. A system of notation is essential for musicians to be able to play music as intended by the composer.

In the field of music composition, Sibelius and Finale are held in high esteem. These scorewriters are widely used by composers, songwriters, and arrangers for creating sheet music, including the score for an ensemble and parts for individual musicians. Unfortunately, both Sibelius and Finale are proprietary software. They are very expensive applications; the cheapest perpetual license for Sibelius sets you back hundreds of dollars. And neither application is available for Linux.

Fortunately, there is a wide range of open source scorewriters which are supported in Linux. This article recommends cost-effective alternatives to Sibelius and Finale. The software featured here is released under open source licenses, all are available to download at no charge, and generate music scores which are engraved with traditional layout rules.

Read more

Security and Proprietary Software

Filed under
Software
Security
  • Security updates for Thursday

    Security updates have been issued by CentOS (kernel-rt, qemu-kvm, spamassassin, and Xorg), Debian (ruby-rack-cors), Fedora (glibc), openSUSE (ImageMagick), Oracle (ipa, kernel, and qemu-kvm), SUSE (systemd), and Ubuntu (exiv2, mbedtls, and systemd).

  • Email politics, security, and why you got an empty newsletter

    Roskomnadzor, the Russian telecommunications regulator, is on the warpath against privacy focused European email service providers. Last week, it ordered Russian internet service providers to block ProtonMail and StartMail.

    [...]

    With a backup MX hosted on an unblocked domain, email servers located in Russia can still deliver emails. Delivery may take longer than normal as the sender’s email server will need to try the blocked servers first and then fall back to the backup MX. This is also good for redundancy in case of service interruptions at Mailbox.

    I already have a self-hosted email server used for the blog’s newsletter. I didn’t want to manage two email servers. Instead, I reconfigured the newsletter email service to also act as the backup mail server for my domains.

    While I was busy reconfiguring my domains and email server (it only took about ten minutes), news hit about a remote code execution vulnerability in OpenSMTPD. OpenSMTPD is the open-source email server software I’m using. I needed to double-check on something with my configuration and Bing helpfully put the news of the vulnerability at the top of the results.

  • Ragnarok Ransomware Targets Citrix ADC, Disables Windows Defender

    A new ransomware called Ragnarok has been detected being used in targeted attacks against unpatched Citrix ADC servers vulnerable to the CVE-2019-19781 exploit.

    Last week, FireEye released a report about new attacks exploiting the now patched Citrix ADC vulnerability to install the new Ragnarok Ransomware on vulnerable networks.

    When attackers can compromise a Citrix ADC device, various scripts would be downloaded and executed that scan for Windows computers vulnerable to the EternalBlue vulnerability.

    If detected, the scripts would attempt to exploit the Windows devices, and if successful, inject a DLL that downloads and installs the Ragnarok ransomware onto the exploited device.

  • TurboTax and Others Charged at Least 14 Million Americans for Tax Prep That Should Have Been Free, Audit Finds

    More than 14 million taxpayers paid for tax prep software last year that they could have gotten for free, according to a scathing audit released Wednesday by the Treasury Inspector General for Tax Administration. That amounts to roughly a billion dollars in revenue for TurboTax maker Intuit, H&R Block and other tax software companies, according to a ProPublica analysis of tax prep fees.

    The audit, which was launched following ProPublica’s reporting last year, explores why so few taxpayers use the Free File program, a public-private partnership between the IRS and companies such as Intuit and H&R Block. Among the reasons, the audit found: the confusing design and complexity of the program and persistently lax oversight by the IRS.

  • Sylabs is Pleased to Announce the Release of SingularityPRO 3.5

    Based on the open source 3.5.2 release, SingularityPRO will receive security and bug fixes for 3 years, making it an ideal solution for the business-driven needs of enterprise customers containerizing their compute workloads.

Software Releases: Choqok 1.7.0, Cockpit 212, BleachBit 3.2.0

Filed under
Software
  • Choqok 1.7.0

    Long time no see, Choqok users!

    First of all Choqok has a new and shiny website. Kudos to Carl Schwan for taking care of the theme!

    To me, version 1.7.0 was meant to be released more than one year ago, while I just released it today.

    The main reason of the delay (a part from lack of time) is because I wanted 1.7.0 to be bullet proof (spoiler: it’s not).

    I wanted Choqok 1.7.0 to have full Mastodon support, proper media attachments and a lot more.

    Let’s try to start somewhere. With this version I want to close a Choqok era and prepare us for the next one. Stay tuned!

  • Cockpit 212 and Cockpit-podman 13

    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 212.

  • BleachBit 3.2.0

    When your computer is getting full, BleachBit quickly frees disk space. When your information is only your business, BleachBit guards your privacy. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn't know was there.

    Designed for Linux and Windows systems, it wipes clean thousands of applications including Firefox, Internet Explorer, Adobe Flash, Google Chrome, Opera, Safari, and more. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.

RawTherapee 5.8 Released

Filed under
Software
OSS

  • RawTherapee v5.8

    Software should be installed through your distribution’s package manager.

    If RawTherapee 5.8 is not yet available in your package manager, you can use the AppImage:

    Download it.
    Make it executable: chmod u+x RawTherapee_5.8.AppImage
    Run it: ./RawTherapee_5.8.AppImage

  • RawTherapee 5.8 Released! How to Install it in Ubuntu 19.10

    RawTherapee 5.8, cross-platform raw photo processing system, was released a day ago. Here’s how to install it in Ubuntu 18.04, Ubuntu 19.10, Linux Mint 19.x.

  • RawTherapee v5.8 Can Recover Photo Detail ‘Lost to Lens Blur’

    Cross-platform open source RAW processing tool RawTherapee has a new release out — and if you’re a keen photographer, it sounds like an essential update.

    RawTherapee v5.8 is the latest stable version of the free photo editor, and the first to be released this year (2020). The update introduces support for CR3 data (on cameras that support it), plus improved handling for camera models, DCP dual-illuminated input profiles, and better memory usage.

    But the “big new feature” in this update is the addition of a new Capture Sharpening tool. This, RawTherapee developers say, helps ‘recover detail lost to lens blur’.

    “[Capture Sharpening] takes place right after demosaicing, and as it works in linear space it is not prone to haloing. Capture Sharpening in combination with Post-Resize Sharpening allows for detailed and crisp results,” the RawTherapee team say of the feature.

    RawTherapee is free, open source software available for Windows, macOS and Linux.

Security, Proprietary Software and Openwashing

Filed under
Software
Security
  • Security updates for Tuesday

    Security updates have been issued by Arch Linux (salt), CentOS (git), Debian (qtbase-opensource-src), Fedora (java-11-openjdk), Mageia (kernel and openjpeg2), openSUSE (mailman, python-reportlab, ucl, and upx), Oracle (git), Red Hat (container-tools:rhel8, go-toolset:rhel8, grub2, kernel, kernel-rt, php:7.2, and sudo), SUSE (crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client and python36), and Ubuntu (python-django).

  • PortSys heightens security for SSH network services with Total Access Control

    PortSys®, a global innovator in information security and Zero Trust Access control for the enterprise, today announced that Total Access Control™ (TAC) now offers protection for SSH network services.

  • PortSys heightens security for SSH network services with Total Access Control
  • Short Topix: U. S Gov't Once Again Requests iOS Back Door

    In a bold move that will end up protecting users everywhere for all platforms, Microsoft has taken control of 50 domains believed to be used by the North Korean hacking group commonly referred to as Thallium, according to a blog report on Microsoft's site.

    U.S. District Court documents were unsealed on December 27, 2019 that detail the steps that Microsoft has undertaken to disrupt cyberattacks originating from the Thallium hacking group. As a result, those 50 sites will no longer be able to be used to launch cyberattacks.

    The attacks were mostly "spear phishing" attacks. They would attempt to trick users into logging into a fake Microsoft security account to fill out information about their accounts, and into revealing their account credentials. By combining publicly available information gleaned from social media accounts, the Thallium group of hackers was able to make a rather believable case for the possibility of a user's account becoming compromised.

    They also employed techniques that might go undetected by the average non-tech savvy users, such as using an "r" and an "n" closely spaced to represent the first "m" in the "microsoft.com" website address.

  • Tech Problem With Mobile App Causes Iowa Caucus Chaos

    A new mobile app was supposed to help Democratic officials quickly gather information from some 1,700 caucus sites throughout Iowa. Instead, a “coding issue” within the app is being blamed for delays that left the results unknown the morning after the first-in-the nation presidential nominating contest.

  • What We Know About Shadow Inc. and the App That Delayed the 2020 Iowa Caucus Results

    Okay, so what happened? Basically, a company fittingly named Shadow Inc. (linked to another company called Acronym) designed an app for reporting caucus results at nearly 1,700 precincts. According to the Los Angeles Times, Shadow Inc. is not a costumed team of comic book supervillains, but a private tech firm started by people who worked on Hillary Clinton’s 2016 campaign. And, sources told the New York Times, the app used to report Iowa caucus results was hastily developed in just the last few months, with no testing at the statewide scale needed for last night.

    The app, by all accounts, was a failure, forcing those running individual caucuses to call a hotline for reporting results. According to Vox, many reported they were waiting indefinitely to do so. One official trying to report results was live on air on CNN when he finally got through, only to be promptly hung up on.

  • [Attackers] Target Hong Kong Universities With New Backdoor Variant

    Believed to have been active since at least 2009, the Winnti Group is operating under the same umbrella as Axiom, Barium, Group 72, Blackfly, and APT41, targeting the aviation, gaming, pharmaceuticals, technology, telecommunication, and software development sectors in industrial cyber-espionage campaigns.

    In October last year, ESET detailed two new backdoors employed by the [attackers], namely PortReuse and the Microsoft SQL-targeting skip-2.0.

    One month later, the security researchers discovered a new campaign run by the Chinese hackers, targeting two Hong Kong universities with a new variant of the ShadowPad backdoor, the group’s flagship tool.

  • Nevada Democratic Party abandons problematic app used in Iowa caucuses

    The Nevada Democratic Party said Tuesday that it will not use Shadow Inc., the maker of the app that caused reporting issues in the Iowa caucuses, to power its state caucuses later this month, despite already paying tens of thousands of dollars to the Democrat-affiliated technology company.

    In a statement, state Democratic Party Chairman William McCurdy II promised that Nevada's caucuses on February 22 will not be a repeat of Iowa's.

  • UBank releases open source accessibility kit on Github

    UBank has released an open source accessibility kit on Github in a move to help iOS app developers and contributors improve the accessibility for users that experience issues such as low vision, cognitive impairment, or neurological impairment.

    UBank digital banking chief product officer Peter O'Malley said making the accessibility kit openly available for the first time is part of the bank's mission of "making technology accessible to everyone".

    "There's nothing in the market. There's no easy tool that are available for developers or contributors to make sure their apps more accessible and so for us, we want to ensure technology is accessible and easy for people to use no matter who they are," he told ZDNet.

15 Notable Open Source Apps

Filed under
Software
OSS

Open source software is always in flux, and new projects are being born every day. Open Source principles are spreading beyond software to not only include code, but in some cases, code that is being used to write an open source book or to do open source science where anyone is welcome to participate. And, cross-platform or platform-independent apps that work on any operating system are becoming much more common than those designed for a particular OS. We like to shine a spotlight on those that seem particularly noteworthy, but there are plenty more that didn't get included. If you know of one, please make a note in the comments section below.

Read more

Software: Termshark, TLP, Nextcloud Hub and CopyQ

Filed under
Software
  • Interactive Wireshark-Based Terminal UI Termshark 2.1 Released With Conversations View, More

    Termshark, an interactive Wireshark-like terminal interface for TShark written in Go, was updated to version 2.1 (2.1.0 followed quickly by 2.1.1 to solve an issue) with new features like a conversation view for the most common conversation types, support for multiple live captures / interfaces on the command line, support for extcap interfaces by default, and more.

    Wireshark is a popular free and open source network protocol analyzer for Linux, macOS, BSD, Solaris and other Unix-like operating systems, and Microsoft Windows. Wireshark has a GUI, and for those wanting to use it from the command line there's TShark, a terminal oriented version of Wireshark for capturing and displaying packets. TShark doesn't have an interactive user interface though.

    This is where Termshark comes in. Termshark is an interactive terminal user interface (TUI) for TShark, inspired by the Wireshark user interface.

  • TLP 1.3 Linux Laptop Battery Extender Released

    After being in development for 8 months, TLP 1.3 was released with a new configuration scheme, tlp-stat improvements, and a workaround for laptops reporting incorrect AC or battery status, among others.

    TLP is an advanced power management tool for Linux. The tool comes with a default configuration optimized for battery saving, so it's very easy to use - just install TLP and you can forget about it. TLP is highly customizable though, so in case you want to change some of its settings you can do that too (this is done by editing the TLP configuration file).

    TLP auto-detects if your laptop runs on battery or AC and applies settings (changes the CPU frequency scaling and governor, sets the WiFi power saving mode, enables or disables integrated radio devices, sets the disk APM and disk spin down timeout, etc.) that optimize the laptop for performance (when on AC) or battery saving (when on battery). A list of features can be found on its website.

  • What Is Nextcloud Hub? Founder Frank Karlitschek Explains

    Nextcloud Hub is the first completely integrated on-premises content collaboration platform on the market, ready for a new generation of users who expect seamless online collaboration capabilities out of the box.

  • CopyQ Clipboard Manager 3.10 Released (How to Install)

    CopyQ clipboard editor released version 3.10.0 a day ago. Here’s how to install it in Ubuntu 16.04, Ubuntu 18.04, Ubuntu 19.10.

    CopyQ is a free open-source clipboard editor with editing and scripting features. It monitors system clipboard and saves its content in customized tabs. Saved clipboard can be later copied and pasted directly into any application.

Repology.org - A Package Search Engine for All GNU/Linux Users

Filed under
GNU
Linux
Software

Do you know Repology.org? It is a brilliant package search engine for all GNU/Linux distros. For us, we can find out software packages --in binary and source forms-- across various distros' repositories, even those which do not have package search facilities, and then quickly compare package version with versions available in another distros. In short, we using Ubuntu, Fedora, openSUSE and whatever distros can search for packages centrally here. For individual software developers, Repology is useful to discover which distros have not yet packaged your software, and to contact the maintainers quickly. For distro maintainers, of course it's useful to compare your repository against another distros' repositories. Repology can generate informative badge of package availability (see examples below) we can display onto any website that accept HTML code. This overview covers what Repology is with examples and how to use it for users across GNU/Linux distros in easy ways. I didn't find any other source on the net that covers it yet so I decided to write this article. I hope this helps you a lot in finding packages and researching more about GNU/Linux. Enjoy!

Read more

SimpleLogin: Open Source Solution to Protect Your Email Inbox From Spammers

Filed under
Server
Software
OSS

SimpleLogin is an open-source service to help you protect your email address by giving you a permanent alias email address.

Normally, you have to use your real email address to sign up for services that you want to use personally or for your business.

In the process, you’re sharing your email address – right? And, that potentially exposes your email address to spammers (depending on where you shared the information).

What if you can protect your real email address by providing an alias for it instead? No – I’m not talking about disposable email addresses like 10minutemail which could be useful for temporary sign-ups – even though they’ve been blocked by certain services.

Read more

Also: Google promises next week's cookie-crumbling Chrome 80 will only cause 'a very modest amount of breakage'

Syndicate content