Language Selection

English French German Italian Portuguese Spanish

Security

Linux Foundation for Spying and Security Leftovers

Filed under
Security

  • The Linux Basis Needs Open-Supply Tech to Tackle Future Pandemics [Ed: Surveillance]

    The Linux Basis, which helps open-source innovation in blockchain tech, launched the Linux Basis Public Well being Initiative (LFPHI) on the finish of July. The LFPHI’s purpose is to advertise using open supply by public well being authorities, which will be scrutinized by anybody, to combat not simply COVID-19 however future pandemics as effectively.

    Among the many seven core members of the LFPHI are Tencent, Cisco and IBM. The initiative is supporting two publicity notification initiatives, “COVID Shield” and “COVID Green,” with the intention of bettering interoperability throughout initiatives in several jurisdictions.

  • Facebook’s Long History of Open Source Investments Deepens with Platinum-level Linux Foundation Membership [Ed: The Linux Foundation is a voice for malicious surveillance companies that need openwashing]

    From its efforts to reshape computing through open source to its aggressive push to increase internet connectivity around the world, Facebook is a leader in open innovation. Perhaps more important today than ever, Facebook’s focus on democratizing access to technology enhances opportunity and scale for individuals and businesses alike. That’s why we’re so excited to announce the company is joining the Linux Foundation at the highest level.

    Facebook’s sponsorship of open innovation through the Linux Foundation will help support the largest shared technology investment in history with an estimated $16B in development costs of the world’s 100+ leading open source projects and supports those project communities through governance, events and education. The company is also already the lead contributor of many Linux Foundation-hosted projects, such as Presto, GraphQL, Osquery and ONNX. It has been an active participant in Linux kernel development, employing key developers and maintainers across major kernel subsystems.

  • Security updates for Thursday

    Security updates have been issued by Debian (linux-4.19, linux-latest-4.19, and openjdk-8) and Fedora (ark and hylafax+).

  • Google to Microsoft: Nice Windows 10 patch – but it's incomplete

    Google Project Zero (GPZ) is refusing to give Microsoft further extensions on disclosing a Windows 10 authentication bug because it says a patch Microsoft delivered in the August 2020 Patch Tuesday update is incomplete.

Kali Linux and Pentesting

Filed under
GNU
Linux
Security
  • Kali Linux USB Sticks

    The main aspiration of the Kali Linux bootable USB device is to serve the purpose of initiating live Kali Linux. Its essence is to provide the portability of Kali Linux, and you can carry it with you inside of your pocket. It assists in running your kali Linux in any system available near you, making kali Linux accessible to you at your accord. One of the main vantage that it provides is the customize feature. You are free to customize your very own operating system to carry it in the Kali Linux USB stick. The user just needs to follow the procedure to customize its OS image on the kali Linux USB stick. It is very system friendly, imposing no harm to the system you install it in. You just need to plug out the USB drive to get back to the original operating system of the host. Every model of kali Linux USB stick has a different chipset, making dongles compatible with the overall Kali Linux. It is rarely possible to get all features in a single USB stick as some are focused on size, while others are based on the reading/ writing cycles and speed. Here is the buying guide that can help you in selecting the best USB stick compatible with your system needs depending on its usage.

  • KALI LINUX DNS RECONNAISSANCE

    DNS Reconnaissance is an information-gathering part for a penetration testing. It is used where penetration testing is being performed. It can gather and collect all types of information on the records and target server. It does not affect any IP addresses; therefore, it is best to use for checking on or disclose the information of any network. This is only possible for those networks or organizations that do not check upon the DNS traffic. So, the types of enumeration that perform include zone transfers reverse lookups domain and host brute force standard record, enumeration, catch snooping, zoom working, and also Google Luca.

  • Metasploit in Kali Linux 2020

    The internet is full of lurkers with malicious intents who want to access networks and exploit their data while evading detection. It only makes sense to ensure a network’s security by measuring their vulnerabilities. Penetration testing or ethical hacking is how we test networks or servers for pregnable targets by pinpointing all possible breaches that a hacker might use to gain access, thus reducing security compromises. Penetration testing is often conducted through software applications, the most popular of which is Kali Linux, preferably with the Metasploit framework. Stick till the end to learn how to test a system by executing an attack with Kali Linux.

  • Post exploitation with Meterpreter

    This is an introduction to the Meterpreter payload plugin within Metasploit. In this short tutorial, we will discuss how to use it to apply post exploitation to a WINDOWS OS system once you’ve already breached it using the Eternalblue exploit. We will limit ourselves to accessing the windows system and exploring it, and all the things that we are going to do will focus on accessing information and user credentials.

    Introduction to Meterpreter

    Meterpreter is an attack payload in the Metasploit framework that lets the perpetrator control and navigate the victim computer through a command shell. It can prove to be a very versatile tool when it comes to penetration testing. It is a post-exploitation tool that is based on in-memory DLL injection, meaning it gets the injected DLL running by creating a new process that calls for the system to run the injected DLL. It can give you access to an invisible command shell on a victim machine, letting you run executables and profile networks.

    It was originally written for Metasploit 2.x and is upgraded for Metasploit 3.

  • Pen testing web applications with Metasploit’s “Wmap scanner”

    “Scanning” involves all methods and techniques for identifying live systems like networks or servers to uncover its operating system and architecture. These techniques are used to identify any vulnerable points in a network that can be exploited.

    This is a beginner’s tutorial on using the WMAP plugin incorporated in the Metasploit framework to scan for vulnerabilities in web applications. We will use the web application DVWA as a target to demonstrate the scanning process done using WAMP. DVWA is short for “damn vulnerable web application,” and the app is specially designed to used by cybersecurity novices to test and sharpen their penetration skills.

Security Leftovers

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Debian (firmware-nonfree, golang-github-seccomp-libseccomp-golang, and ruby-kramdown), Fedora (kernel, libmetalink, and nodejs), openSUSE (go1.13, perl-XML-Twig, and thunderbird), Oracle (kernel, libvncserver, and thunderbird), Red Hat (kernel-rt and python-paunch and openstack-tripleo-heat-templates), SUSE (dpdk, google-compute-engine, libX11, webkit2gtk3, xen, and xorg-x11-libX11), and Ubuntu (nss and samba).

  • Security updates for Wednesday

    Security updates have been issued by Debian (dovecot and roundcube), Fedora (python36), Gentoo (chromium), openSUSE (ark, firefox, go1.13, java-11-openjdk, libX11, wireshark, and xen), Red Hat (bind and kernel), SUSE (libreoffice and python36), and Ubuntu (dovecot and software-properties).

  • Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days
  • Nearly Every Android Phone Has Over 400 Vulnerabilities

    Many smartphones rely on third-party Digital Signal Processor (DSP) chips, which is basically a system on a chip. The system abilities include charging capabilities, such as “quick charge,” multimedia, audio features, image processing, and voice data.

  • Intel Publishes 18 New Security Advisories For 52 Vulnerabilities

    It is Intel's August 2020 disclosure day with 18 new advisories being issued for covering 52 vulnerabilities.

    Intel engineers uncovered around half of those 52 vulnerabilities internally while the rest were found by external security researchers.

GNOME 3.36.5 Desktop Update Released with Various Improvements and Bug Fixes

Filed under
GNOME
Security

Coming about a month after the release of the GNOME 3.36.4 update, GNOME 3.36.5 is here as the latest stable bugfix release for the GNOME 3.36 desktop environment series. As expected, the new update is packed with updated core components and apps to keep GNOME 3.36’s stability and reliability at the higher standards.

Highlights of the GNOME 3.36.5 update include Firefox Sync improvements for the Flatpak version of the Epiphany (GNOME Web) web browser, along with a fix for the way newly created tabs are ordered when closing new tabs, as well as a fix for a drag-and-drop crash in File Roller that occurred when cancelling the file overwrite process.

Read more

Security Leftovers

Filed under
Security
  • Security updates for Monday

    Security updates have been issued by Debian (pillow, ruby-kramdown, wpa, and xrdp), Fedora (ark and rpki-client), Gentoo (apache, ark, global, gthumb, and iproute2), openSUSE (chromium, grub2, java-11-openjdk, libX11, and opera), Red Hat (bind, chromium-browser, java-1.7.1-ibm, java-1.8.0-ibm, and libvncserver), SUSE (LibVNCServer, perl-XML-Twig, thunderbird, and xen), and Ubuntu (samba).

  • Have I Been Pwned to release code base to the open source community

    Members of the general public can submit their email addresses into the Have I Been Pwned search engine to find out if they have been "pwned," and if their emails have been linked to a data breach, each one and a summary of what happened is displayed -- as well as what information has been exposed.

    Since its launch in 2013, Hunt has poured more resources, including time and energy, into managing the search engine over time, expanding the service to include domain monitoring and breach alerts.

    At the heart, one main operator isn't enough to ensure future scalability or sustainability, and with this in mind, Hunt previously attempted to find a buyer to help expand his life's work.

    Unfortunately, the merger and/or acquisition process failed, and so Hunt has decided to pursue another alternative -- opening up the Have I Been Pwned code base to the open source community.

  • Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

    Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted application.
    According to cybersecurity researcher Mazin Ahmed, who presented his findings at DEF CON 2020 yesterday, the company also left a misconfigured development instance exposed that wasn't updated since September 2019, indicating the server could be susceptible to flaws that were left unpatched.

BIOS/UEFI Leftovers

Filed under
Linux
Security
  • BIOS Update Dell Latitude E6440 on Linux

    My BIOS was 4 years out of date. I thought it was time to update it. I went to the Dell Support page and noticed that they only had *.exe files available. I sighed and was initially frustrated because my initial supposition was that I was going to have to have a working copy of Windows to do the update. My last Dell Latitude, a D630, the BIOS updates required a lot of fiddling on my part. At the time, I would burn a special FreeDOS CD with the BIOS update EXE on it. I figured I would have to do the same with this computer. The good news is, that is not the case and it could be I am the last person to know this bit of information.

    [...]

    Due to my laziness and inhibition to use Windows caused me to avoid pursuing updating my BIOS. Dell, on newer systems (~2015 and later), have built in a service to perform these updates outside of the operating system and has removed or eliminated your excuses for keeping your system up to date and more secure.

    I am glad I took the time today to figure this out and do the proper thing in keeping my system updated.

  • Boothole GRUB2 bug breaks Secure Boot on Linux and Windows
  • Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers

    Operating system maintainers, computer manufacturers, security and virtualization software vendors have worked together over the past few months to coordinate a unified response to a vulnerability that allows attackers to bypass boot process integrity verification, one of the key security features of modern computers. The flaw is located in the GRUB2 Linux bootloader, but because of how Secure Boot is implemented, it can be used to compromise the booting process of Windows and other systems as well.

Security, Openwashing, Proprietary Software and Back Doors

Filed under
Security
  • Reproducible Builds in July 2020

    Welcome to the July 2020 report from the Reproducible Builds project.

    In these monthly reports, we round-up the things that we have been up to over the past month. As a brief refresher, the motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced from the original free software source code to the pre-compiled binaries we install on our systems. (If you’re interested in contributing to the project, please visit our main website.)

  • Have I Been Pwned — which tells you if passwords were breached — is going open source

    While not all password checkup tools actually use Hunt’s database (a just-announced LastPass feature calls on one hosted by Enzoic instead), many of them are apparently based on the same “k-Anonymity” API that Cloudflare engineering manager Junade Ali originally designed to support Have I Been Pwned’s tool.

  • Facebook’s new open-source Pysa security tool detects [cr]ackable code

    Pysa is designed exclusively to analyze code written in Python. That limits the scenarios where the tool can be applied, but it could be still useful for other companies because Python is the world’s second most widely used programming language as of earlier this year. It’s especially popular in artificial intelligence development and is also the language in which most of the code for Instagram is written.

    Facebook has applied Pysa to the Instagram code base to great effect. According to the company, the tool was responsible for spotting 44% of the server-side security issues that it detected in the photo sharing service during the first half of 2020. Some 49 of the flaws Pysa caught were determined to be “severe” vulnerabilities.

    Under the hood, the tool works by employing a technique known as static code analysis. It sifts through Facebook developers’ raw code files without the delay of running them to quickly generate security assessments.

  • [Cr]ackers can still steal wads of cash from ATMs. Here's the vulnerabilities that could let them in.

    “You’re literally trusting this machine to hold thousands of dollars, but it’s running [Windows operating system] CE 6.0? It is just a computer, on a network, running an older operating system,” Keown said, noting that the latest release for CE 6.0 was over a decade ago in 2009. “This is still a problem. Let’s focus some effort here and see if we can’t move the needle in the right direction.”

  • Canon Admits Ransomware Attack in Employee Note, Report

    The consumer-electronics giant has suffered partial outages across its U.S. website and internal systems reportedly, thanks to the Maze gang.

  • Windows, Gates and a firewall: Microsoft's delicate castle in China

    Microsoft arrived in China in 1992 and opened its largest research and development centre outside the United States. It now employs around 6,200 people in China.

  • All you need to hijack a Mac is an old Office document and a .zip file

    The exploit uses a rigged Office document, saved in an archaic format (.slk), to trick the target machine into allowing Office to activate macros without consent and without notifying the user.

    The attack then takes advantage of two further vulnerabilities in order to seize control of the machine. By including a dollar sign at the start of the filename, [an attacker] can break free of the restrictive Office sandbox, while compressing the file within a .zip folder bypasses macOS controls that prevent downloaded items from accessing user files.

  • Apple’s Chinese business could be devastated by Trump’s WeChat ban

    Apple has a significant Chinese customer base, and nearly all of its critical manufacturing and assembly partners are based there. Trump’s ban might not only force Apple to remove WeChat from its App Store — which would destroy Apple’s Chinese smartphone business — it could existentially change how Apple is able to build and sell new products in the future.

  • It's Time To Stop Talking and Take Action Against the Beasts that Want to Control Us

    I know I have not been active on this BLOG the past year. No reasons. Anyway, I'm back at it. This time, I have a specific focus on Big Tech. The way I see it, the root of the problem is not the tech companies themselves, it starts with the software we use. This includes Adobe, Intuit, Microsoft. I call them AIM. They are the worst offenders in there attempts to control the free world.

Security, Fear, Uncertainty, Doubt

Filed under
Security

Security Leftovers

Filed under
Security
  • How a Fake WordPress Plugin Can Kill Your Site

    A nulled plugin is a copy of a premium WordPress plugin that’s distributed illegally online. People who do this argue it’s OK to do so because WordPress and its derivative works (like plugins) are licensed under a General Public License (GPL). According to them, that makes it OK to copy and distribute plugins how they like.

    While that’s technically true, pirating premium plugins comes with a cost. Legitimate WordPress plugin developers lose money and, more importantly, it compromises the security and integrity of WordPress websites using these nulled plugins. When you hear of a WordPress site being hacked, it’s often because they’re using a nulled plugin.

  • Security updates for Friday

    Security updates have been issued by CentOS (firefox, java-1.8.0-openjdk, java-11-openjdk, libvncserver, postgresql-jdbc, and thunderbird), Debian (firejail and gupnp), Fedora (cutter-re, postgresql-jdbc, radare2, and webkit2gtk3), openSUSE (chromium, firefox, kernel, and python-rtslib-fb), Oracle (container-tools:ol8, kernel, and nss and nspr), Scientific Linux (thunderbird), and SUSE (firefox, kernel, postgresql10 and postgresql12, python-ipaddress, and xen).

  • Reproducible Builds (diffoscope): diffoscope 155 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 155. This version includes the following changes:

    [ Chris Lamb ]
    * Bump Python requirement from 3.6 to 3.7 - most distributions are either
      shipping3.5 or 3.7, so supporting 3.6 is not somewhat unnecessary and also
      more difficult to test locally.
    * Improvements to setup.py:
      - Apply the Black source code reformatter.
      - Add some URLs for the site of PyPI.org.
      - Update "author" and author email.
    * Explicitly support Python 3.8.
    
    [ Frazer Clews ]
    * Move away from the deprecated logger.warn method logger.warning.
    
    [ Mattia Rizzolo ]
    * Document ("classify") on PyPI that this project works with Python 3.8.
    

  • Open source tool Infection Monkey allows security pros to test their network like never before

    Guardicore unveiled new capabilities for Infection Monkey, its free, open source breach and attack simulation (BAS) tool that maps to the MITRE ATT&CK knowledge base and tests network adherence to the Forrester Zero Trust framework.

Security: Patches, L1TF/Foreshadow, PE Tree, IPFire and BootHole

Filed under
Security

  • Security updates for Thursday

    Security updates have been issued by Debian (clamav and json-c), Fedora (python2, python36, and python37), Red Hat (thunderbird), Scientific Linux (thunderbird), SUSE (java-11-openjdk, kernel, rubygem-actionview-4_2, wireshark, xen, and xrdp), and Ubuntu (openjdk-8 and ppp). 

  •        

  • Researchers Make More Discoveries Around L1TF/Foreshadow - It's Not Good

    Security researchers from Graz University of Technology and CISPA Helmholtz are out with their latest findings on CPU speculative execution vulnerabilities, namely taking another look at L1TF/Foreshadow. Their findings are bad news not only for Intel but potentially other CPU vendors as well.

    [...]

    The new vulnerability outlined in the paper is "Dereference Trap" for leaking registers from an SGX enclave in the presence of only a speculative register dereference. 

    The discovery of speculative dereferencing of a user-space register in the kernel as opposed to the prefetcher not only means that some mitigations may be inadequate, but they can improve the performance of the original attack and reportedly produce similar behavior on non-Intel CPUs. 

  • PE Tree: Free open source tool for reverse-engineering PE files

    PE Tree allows malware analysts to view Portable Executable (PE) files in a tree-view using pefile – a multi-platform Python module that parses and works with PE files – and PyQt5, a module that can be used to create graphical user interfaces.

    “PE Tree is developed in Python and supports the Windows, Linux and Mac operating systems. It can be installed and run as either a standalone application or an IDAPython plugin,” Tom Bonner, a threat researcher at BlackBerry, explained.

  •        

  • IPFire: A new location database for the Internet

    In the last couple of months, we, the IPFire development team, have launched a small side project: A new location database for the Internet. In this article, I would like to give you a brief background story on why and how it come to this...

    [...]

    Other applications would be threat prevention like we use it in IPFire. Connection attempts from certain countries can simply be blocked, or port forwardings can be limited to certain countries only.

    That is, however, not an exact science. The Internet changes constantly. IP address ranges are re-assigned from one party to another one, and often it can take some time until those location databases are all updated. Up to that point, you will see wrong information like the Google front page being shown in a wrong language. This might only be a bit of an inconvenience, but for a firewall, we need more recent and reliable data.

  •        

  • What to do about the BootHole vulnerability

    Late last month, security researchers discovered a major vulnerability in the software that controls how PCs boot their operating systems. This is one of those issues that sounds scarier than it is. Fixing it will be a major process, especially for Linux system administrators and corporate IT organizations with a mixture of different PC vintages and manufacturers. The problem has been named BootHole, and it could affect up to a billion computers.

Syndicate content

More in Tux Machines

Linux Foundation Broadens Relationship With Surveillance

  • Facebook joins The Linux Foundation as a platinum member

    Most web-based companies are built on Linux and open-source software. Two-billion member social network Facebook is no different. For years, Facebook has not only relied on open-source, it's been an active contributor to major open-source projects. These include the React JavaScript library; the Open Compute Project, which open sources data-center hardware; and Linux's cGroup2 container software. Now Facebook is joining The Linux Foundation membership at the Platinum level. [...] While Facebook has been criticized for how it deals with privacy and politics, it has impeccable open-source credentials. It was already the lead contributor of many Linux Foundation-hosted projects, such as Presto, GraphQL, Osquery, and ONNX. The company also employs many Linux kernel key developers and maintainers.

  • Amundsen Joins LF AI as New Incubation Project

    LF AI Foundation (LF AI), the organization building an ecosystem to sustain open source innovation in artificial intelligence (AI), machine learning (ML), and deep learning (DL), today is announcing Amundsen as its latest Incubation Project.

  • LF AI Accepts Amundsen as Incubation Project

    The Amundsen data discovery project has joined the LF AI as an incubation project. Amundsen is a data discovery and metadata engine aiming to improve the productivity of data analysts, data scientists and engineers by indexing data resources. “Think of it as Google search for data,” the LF AI announcement said.

Graphics: Mesa 20.2 RC2 and DXVK 1.7.1

  • mesa 20.2.0-rc2
    Hi list,
    
    Available today is mesa 20.2.0-rc2. This is the second release candidate for
    the 20.2 release. Currently our open to close ratio on blocking bugs is looking
    really good. This release is dominated by changes to radeonsi, radv, and aco,
    with a few additional changes sneaking in for freedreno, meson,  etnaviv,
    st/mesa, anv, and a few utility fixes.
    
    Dylan
    
    
  • Mesa 20.2-RC2 Released With Many Fixes For RadeonSI + RADV Drivers

    The second weekly release candidate of the forthcoming Mesa 20.2 is now available for testing. Mesa 20.2 is aiming for release around the end of August or early September depending upon how the bug situation plays out. This quarterly feature release to Mesa3D brings many new Vulkan extensions, the RADV driver using ACO by default, initial support for Navi 2 GPUs, initial support for Intel Rocket Lake and DG1, OpenGL 4.3 for LLVMpipe, and much more as outlined in last week's article.

  • DXVK 1.7.1 Released With Many Game Fixes For Direct3D Over Vulkan

    It's been nearly three months without a new DXVK release for mapping Direct3D 9/10/11 atop the Vulkan API while finally today there is a big feature release out. DXVK 1.7.1 was released a few minutes ago as the first update since May. While the version number isn't significant, this version does have many changes.

  • Direct3D to Vulkan translation layer DXVK 1.7.1 is out, lots of game fixes

    After a few months since 1.7 went out, DXVK 1.7.1 is now live to further improve Direct3D to Vulkan translation. This is the project that helps to power Proton, the compatibility layer for Steam Play. This release adds support for newer Vulkan extensions, fixes bugs and has new GPU driver requirements. On the driver side, the VK_EXT_transform_feedback extension is now required which has been supported in drivers on Linux since late 2018 / early 2019. Specifically you will need at least NVIDIA 415.22 and for AMD / Intel it looks like Mesa 19 covers both.

Devices/Embedded: Raspberry Pi and Android Devices

  • Indoor air quality HAT for Raspberry Pi boasts high-res TVOC sensor

    Avnet’s $49.95 “Renesas ZMOD4410 Indoor Air Quality HAT for Raspberry Pi” can be used to measure volatile organic compounds, humidity, and temperature, as well as estimate carbon dioxide levels. Avnet has launched a Renesas ZMOD4410 Indoor Air Quality HAT for Raspberry Pi (AES-RHSEN-ZM44-G) that joins other indoor air quality measurement add-ons for the Pi including Metriful’s $44.50 Sense module and Pimoroni’s $57 Enviro+ pHAT. The ZMOD4410 HAT lacks some of the extras of those boards, but appears to offer a higher quality total volatile organic compound (TVOC) sensor with its Renesas ZMOD4410, which offers resolution ranging from parts-per-billion to parts-per-million.

  • Tiny module and dev kit run RT Linux on STM32MP1

    Exor’s 25.4 x 25.4mm, extended temp “NanoSOM nS02” module runs real-time Linux and its XPlatform industrial IoT software on a soldered, 800MHz STM32MP157 with up to 1GB DDR3L and 32GB eMMC. An “OpenHMI nS02” dev kit with 5-inch touchscreen is optional. Italian embedded technology firm Exor Embedded has launched a NanoSOM nS02 module that runs real-time Linux on the new 800MHz version of ST’s dual-core, Cortex-A7 based STM32MP157. As with the recent, Apollo Lake based, FPGA-enabled GigaSOM GS01 module, Exor announced the product with Arrow, which will be distributing the module and an OpenHMI nS02 Development Kit (see farther below).

  • Zidoo Z10 Pro & Z9X Realtek RTD1619DR 4K Android Media Players Launched for $229 and up

    We previously wrote about some upcoming Realtek RTD1619 media players targeting the videophone and audiophile crowd, and expected them to launch very soon with models from Zidoo and Dune HD. Zidoo has now launched two models with the awaited Zidoo Z9X and a new, higher-end Zidoo Z10 Pro which can be purchased on Aliexpress for respectively $229 and $349 with free shipping.

  • Snapdragon 626 Powered Rugged Tablet Comes with NFC, RFID and Barcode Readers

    Estone Technology has launched another rugged tablet with UA-80 IP-67 waterproof rated, and MIL-STD-810G compliant rugged Android tablet powered by a Qualcomm Snapdragon 626 mobile platform driving an 8″ capacitive touchscreen display.

Python Programming

  • Announcing the new Jupyter Book

    Jupyter Book is an open source project for building beautiful, publication-quality books, websites, and documents from source material that contains computational content. With this post, we’re happy to announce that Jupyter Book has been re-written from the ground up, making it easier to install, faster to use, and able to create more complex publishing content in your books. It is now supported by the Executable Book Project, an open community that builds open source tools for interactive and executable documents in the Jupyter ecosystem and beyond.

  • Holdgraf: Announcing the new Jupyter Book

    On the Jupyter blog, Chris Holdgraf announces a rewrite of the Jupyter Book project. LWN looked at Jupyter and its interactive notebooks for Python and other languages back in 2018; Jupyter Book extends the notebook idea.

  • EuroPython 2020: Live Stream Recordings available

    We’re happy to announce the public availability of the live stream recordings from EuroPython 2020. They were already available to all conference attendees since the sprint days.

  • Learn Any Programming Language with This Learning Plan

    All it takes to master any programming language is the right learning plan. If you know anything about programming you should be aware that often you can’t tell whether what you are doing is wrong until it’s too late. That’s what makes programming a frustrating skill to master — long hours doing the wrong things. But hey, whether you want to make programming your full-time job or just a hobby, you can always make the learning curve less steep. The secret to getting it right with coding is this: have a learning plan! While the plan will not do the hard lifting for you, it will definitely provide the much-needed elbow grease to keep you grounded and focused as you learn programming.

  • Deploying Django to AWS ECS with Terraform

    In this tutorial, we'll look at how to deploy a Django app to AWS ECS with Terraform.

  • Matt Layman: Rendering Calendars - Building SaaS #68

    In this episode, I worked on rendering a calendar of important events in a school year. We built out the appropriate data structures, and I wrote some new model methods and added tests. On the last stream, I created a new model to track breaks in the school year. The app now shows the calendar for the school year, and I want to display the breaks on the calendar. Before digging too far into the code, I provided my thoughts about using Docker for development from a question that came from the chat.