Language Selection

English French German Italian Portuguese Spanish


More Security Leftovers

Filed under

Security News

Filed under
  • Friday's security updates
  • World’s first hack-proof Wi-Fi router with open source firmware is here

    Turris Omnia WiFi Router, the world’s first hack-proof router with open source firmware launched yesterday at the CES Unveiled Show in Prague, Czech Republic.

  • Open-source hack-proof router aims to close cyber security gap

    Routers are the gateway of every home internet network. Yet, while many computers run antivirus software, little has been done thus far to protect routers against cyber threats. A new device, described as the world’s first hack-proof router, was launched on Thursday at the CES Unveiled Show in Prague.

    The main strength of the Turris Omnia router, a spin-out of a cyber security research project by Czech Republic’s domain administrator, is the fact that it automatically updates and patches vulnerabilities as they become known.

  • Adding a phone number to your Google account can make it LESS secure.

    Recently, account takeovers, email hacking, and targeted phishing attacks have been all over the news. Hacks of various politicians, allegedly carried out by Russian hackers, have yielded troves of data. Despite the supposed involvement of state-sponsored agents, some hacks were not reliant on complex zero-day attacks, but involved social engineering unsuspecting victims. These kinds of attacks are increasingly likely to be used against regular people. This recently happened to a friend of mine:

    Two weeks ago, an ex-colleague (actually, my officemate at Google way back in 2002) — let’s call him Bob — had his Google account compromised while on vacation in Hawaii. With his primary email account compromised, the attacker could have:

  • “Dirty COW”, the most dangerous Linux Bug for the last 9 years

    Red Hat, the leading open source software developer firm, has revealed that Linux Kernel has been infected with a serious bug for the past 9 years. The bug has been dubbed as Dirty Cow. It is deemed dangerous because through this bug, an attacker can get write access to read-only memory.

  • Serious Dirty COW bug leaves millions of Linux users vulnerable to attack
  • Rigging the Election

    When Dorothy discovers fraud in the land of Oz, she is told by the Wizard, "Don't look behind the curtain." But she does. In America, we demand truth and accountability in so many aspects of our daily lives, and yet somehow there's little public outcry for transparency within voting, the sacred cornerstone of our democracy. For the most part, we sleep soundly under the blanket of assurances from government officials. FBI Director James Comey even attempted a spin of irony recently, noting that our "clunky" voting process actually makes wholesale rigging more difficult. However, Comey misses the bigger picture.


    Hardly anyone uses the same computer from 12 years ago, yet large sections of the country currently vote on aging electronic systems which utilize proprietary software that cannot be publicly examined. Unverifiable technology remains deployed in 29 states – including Pennsylvania, Ohio, Florida – and other key battleground states, which may determine our next president. Races in these areas are not evidence based, and consequently, we cannot be certain ballots reflect voter intent. Bereft of such knowledge, how can we put faith in the legitimacy of our government?

  • Cyber attack: hackers 'weaponised' everyday devices with malware to mount assault

    The huge attack on global internet access, which blocked some of the world’s most popular websites, is believed to have been unleashed by hackers using common devices like webcams and digital recorders.

    Among the sites targeted on Friday were Twitter, Paypal and Spotify. All were customers of Dyn, an infrastructure company in New Hampshire in the US that acts as a switchboard for internet traffic.

    Outages were intermittent and varied by geography, but reportedly began in the eastern US before spreading to other parts of the country and Europe.

    Users complained they could not reach dozens of internet destinations, including Mashable, CNN, the New York Times, the Wall Street Journal, Yelp and some businesses hosted by Amazon.

  • Homeland Security Is ‘Investigating All Potential Causes’ of Internet Disruptions

    Cyber attacks targeting a little known internet infrastructure company, Dyn, disrupted access to dozens of websites on Friday, preventing some users from accessing PayPal, Twitter and Spotify.

    It was not immediately clear who was responsible for the outages that began in the Eastern United States, and then spread to other parts of the country and Western Europe.

    The outages were intermittent, making it difficult to identify all the victims. But technology news site Gizmodo named some five dozen sites that were affected by the attack. They included CNN, HBO Now, Mashable, the New York Times,, the Wall Street Journal and Yelp.

  • Blame the Internet of Things for Destroying the Internet Today

    A massive botnet of hacked Internet of Things devices has been implicated in the cyberattack that caused a significant internet outage on Friday.

    The botnet, which is powered by the malware known as Mirai, is in part responsible for the attack that intermittently knocked some popular websites offline, according to Level 3 Communications, one of the world’s largest internet backbone providers, and security firm Flashpoint.

    “We are seeing attacks coming from a number of different locations. We’re seeing attacks coming from an Internet of Things botnet that we identified called Mirai, also involved in this attack,” Dale Drew, chief security officer at Level 3 Communications, said on a livestream on Friday afternoon.

  • How to Understand Today’s Internet Outage in 4 Words

    A massive DDoS attack against a major DNS service likely using a botnet of IoT devices resulted in Internet issues across the eastern United States Friday, making it hard for many users to access their favorite sites.

    Phew. That’s a lot of acronyms.

  • IoT Can Never Be Fixed

    This title is a bit click baity, but it's true, not for the reason you think. Keep reading to see why.

    If you've ever been involved in keeping a software product updated, I mean from the development side of things, you know it's not a simple task. It's nearly impossible really. The biggest problem is that even after you've tested it to death and gone out of your way to ensure the update is as small as possible, things break. Something always breaks.

    If you're using a typical computer, when something breaks, you sit down in front of it, type away on the keyboard, and you fix the problem. More often than not you just roll back the update and things go back to the way they used to be.

  • Hacked Cameras, DVRs Powered Today’s Massive Internet Outage

    A massive and sustained Internet attack that has caused outages and network congestion today for a large number of Web sites was launched with the help of hacked “Internet of Things” (IoT) devices, such as CCTV video cameras and digital video recorders, new data suggests.

    Earlier today cyber criminals began training their attack cannons on Dyn, an Internet infrastructure company that provides critical technology services to some of the Internet’s top destinations. The attack began creating problems for Internet users reaching an array of sites, including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix.

  • How an army of vulnerable gadgets took down the web today

    At some point this morning, one of the US’s critical internet infrastructure players was hit with a staggering distributed denial of service (DDoS) attack that has taken out huge swaths of the web. Sites like Twitter, Netflix, Spotify, Reddit, and many others — all clients of a domain registration service provider called Dyn — have suffered crippling interruptions and, in some cases, blanket outages.

    Details are now emerging about the nature of the attack. It appears the cause is what’s known as a Mirai-based IoT botnet, according to security journalist Brian Krebs, who cited cyber-threat intelligence firm Flashpoint. Dyn’s chief strategy officer Kyle Owen, who spoke with reporters this afternoon, later confirmed Flashpoint’s claim, revealing that traffic to its servers was clogged with malicious requests from tens of millions of IP addresses in what the company is calling a "very sophisticated and complex attack."

  • Fixing the IoT isn't going to be easy

    A large part of the internet became inaccessible today after a botnet made up of IP cameras and digital video recorders was used to DoS a major DNS provider. This highlighted a bunch of things including how maybe having all your DNS handled by a single provider is not the best of plans, but in the long run there's no real amount of diversification that can fix this - malicious actors have control of a sufficiently large number of hosts that they could easily take out multiple providers simultaneously.

    To fix this properly we need to get rid of the compromised systems. The question is how. Many of these devices are sold by resellers who have no resources to handle any kind of recall. The manufacturer may not have any kind of legal presence in many of the countries where their products are sold. There's no way anybody can compel a recall, and even if they could it probably wouldn't help. If I've paid a contractor to install a security camera in my office, and if I get a notification that my camera is being used to take down Twitter, what do I do? Pay someone to come and take the camera down again, wait for a fixed one and pay to get that put up? That's probably not going to happen. As long as the device carries on working, many users are going to ignore any voluntary request.

  • Indiscreet Logs: Persistent Diffie-Hellman Backdoors in TLS

    Software implementations of discrete logarithm based cryptosystems over finite fields typically make the assumption that any domain parameters they are presented with are trustworthy, i.e., the parameters implement cyclic groups where the discrete logarithm problem is assumed to be hard. An informal and widespread justification for this seemingly exists that says validating parameters at run time is too computationally expensive relative to the perceived risk of a server sabotaging the privacy of its own connection. In this paper we explore this trust assumption and examine situations where it may not always be justified.

    We conducted an investigation of discrete logarithm domain parameters in use across the Internet and discovered evidence of a multitude of potentially backdoored moduli of unknown order in TLS and STARTTLS spanning numerous countries, organizations, and protocols. Although our disclosures resulted in a number of organizations taking down suspicious parameters, we argue the potential for TLS backdoors is systematic and will persist until either until better parameter hygiene is taken up by the community, or finite field based cryptography is eliminated altogether.

Security News

Filed under
  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]

    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks.

    The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub.

    The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems.

    Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits.

    Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.

  • DDOS Attack On Internet Infrastructure

    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable.

    This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.

  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]

    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.

  • Major DNS provider Dyn hit with DDoS attack

    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."

  • What We Know About Friday’s Massive East Coast Internet Outage

    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard.

    This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.

  • Either IoT will be secure or the internet will be crippled forever

    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.

  • IoT at the Network Edge

    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."

  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users

    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.

  • ​The Dirty Cow Linux bug: A silly name for a serious problem

    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."

  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE

    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks.

    Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

And More Security Leftovers

Filed under
  • The NyaDrop Trojan for Linux-running IoT Devices
  • Flaw resides in BTB helps bypass ASLR
  • Thoughts on the BTB Paper

    Though the attack might have some merits with regards to KASLR, the attack on ASLR is completely debunked. The authors of the paper didn't release any supporting code or steps for independent analysis and verification. The results, therefore, cannot be trusted until the authors fully open source their work and the work is validated by trusted and independent third parties.

  • Spreading the DDoS Disease and Selling the Cure

    Earlier this month a hacker released the source code for Mirai, a malware strain that was used to launch a historically large 620 Gbps denial-of-service attack against this site in September. That attack came in apparent retribution for a story here which directly preceded the arrest of two Israeli men for allegedly running an online attack for hire service called vDOS. Turns out, the site where the Mirai source code was leaked had some very interesting things in common with the place vDOS called home.

More Security News (and FUD)

Filed under

CVE-2016-5195 Patched

Filed under
  • Linux Kernels 4.8.3, 4.7.9 & 4.4.26 LTS Out to Patch "Dirty COW" Security Flaw

    Today, October 20, 2016, Linux kernel maintainer Greg Kroah-Hartman announced three new maintenance updates for the Linux 4.8, 4.7, and 4.4 LTS kernel series, patching a major security vulnerability.

    Known as "Dirty COW," the Linux kernel vulnerability documented at CVE-2016-5195 is, in fact, a nasty bug that could have allowed local users to write to any file they can read. The worst part is that the security flaw was present in various Linux kernel builds since at least the Linux 2.6.x series, which reached end of life in February this year.

  • Canonical Patches Ancient "Dirty COW" Kernel Bug in All Supported Ubuntu OSes

    As reported earlier, three new Linux kernel maintenance releases arrived for various Linux-based operating systems, patching a critical and ancient bug popularly known as "Dirty COW."

    We already told you that the kernel vulnerability could be used by a local attacker to run programs as an administrator, and it looks like it also affects all supported Ubuntu releases, including Ubuntu 16.10 (Yakkety Yak), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official or unofficial derivatives running the same kernel builds.

Security News

Filed under
  • Security advisories for Thursday
  • More information about Dirty COW (aka CVE-2016-5195)

    The security hole fixed in the stable kernels released today has been dubbed Dirty COW (CVE-2016-5195) by a site devoted to the kernel privilege escalation vulnerability. There is some indication that it is being exploited in the wild. Ars Technica has some additional information. The Red Hat bugzilla entry and advisory are worth looking at as well.

  • CVE-2016-5195

    My prior post showed my research from earlier in the year at the 2016 Linux Security Summit on kernel security flaw lifetimes. Now that CVE-2016-5195 is public, here are updated graphs and statistics. Due to their rarity, the Critical bug average has now jumped from 3.3 years to 5.2 years. There aren’t many, but, as I mentioned, they still exist, whether you know about them or not. CVE-2016-5195 was sitting on everyone’s machine when I gave my LSS talk, and there are still other flaws on all our Linux machines right now. (And, I should note, this problem is not unique to Linux.) Dealing with knowing that there are always going to be bugs present requires proactive kernel self-protection (to minimize the effects of possible flaws) and vendors dedicated to updating their devices regularly and quickly (to keep the exposure window minimized once a flaw is widely known).

  • “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

    While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

  • Linux users urged to protect against 'Dirty COW' security flaw

    Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW'.

    This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild.

    Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used.

    "The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," he said.

  • Hackers Hit U.S. Senate GOP Committee

    The national news media has been consumed of late with reports of Russian hackers breaking into networks of the Democratic National Committee. Lest the Republicans feel left out of all the excitement, a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC).


    Dataflow markets itself as an “offshore” hosting provider with presences in Belize and The Seychelles. Dataflow has long been advertised on Russian-language cybercrime forums as an offshore haven that offers so-called “bulletproof hosting,” a phrase used to describe hosting firms that court all manner of sites that most legitimate hosting firms shun, including those that knowingly host spam and phishing sites as well as malicious software.

    De Groot published a list of the sites currently present at Dataflow. The list speaks for itself as a collection of badness, including quite a number of Russian-language sites selling synthetic drugs and stolen credit card data.

    According to De Groot, other sites that were retrofitted with the malware included e-commerce sites for the shoe maker Converse as well as the automaker Audi, although he says those sites and the NRSC’s have been scrubbed of the malicious software since his report was published.

    But De Groot said the hackers behind this scheme are continuing to find new sites to compromise.

    “Last Monday my scans found about 5,900 hacked sites,” he said. “When I did another scan two days later, I found about 340 of those had been fixed, but that another 170 were newly compromised.”

  • Thoughts on the BTB Paper

    The Branch Target Buffer (BTB) whitepaper presents some interesting information. It details potential side-channel attacks by utilizing timing attacks against the branch prediction hardware present in Intel Haswell processors. The article does not mention Intel processors later than Haswell, such as Broadwell or Skylake.

    Side-channel attacks are always interesting and fun. Indeed, the authors have stumbled into areas that need more research. Their research can be applicable in certain circumstances.

    As a side-note, KASLR in general is rather weak and can be considered a waste of time[1]. The discussion why is outside the scope of this article.

Linux users urged to protect against 'Dirty COW' security flaw

Filed under
Red Hat

Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW'.

This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild.

Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used.

"The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," he said.

Read more

Also: New Debian Linux Kernel Update Addresses "Dirty COW" Bug, Three Security Issues

Why Security Distributions Use Debian

Filed under

What do distributions like Qube OS, Subgraph, Tails, and Whonix have in common? Besides an emphasis on security and privacy, all of them are Debian derivatives -- and, probably, this common origin is not accidental.

At first, this trend seems curious. After all, other distributions ranging from Slackware and Gentoo to Arch Linux all emphasize security and privacy in their selection of tools. In particular, Fedora's SE Linux can be so restrictive that some users would rather disable it than learn how to configure it. By contrast, while Debian carries many standard security and privacy tools, it has seldom emphasized them.

Similarly, Debian's main branch consists of only free and open source software, its contrib and non-free branches not being official parts of the distribution. With many security experts favoring the announcement of vulnerabilities and exploit code rather than relying on security through obscurity, the way that many pieces of proprietary software do, this transparency has obvious appeal.

Yet although the advantage of free software to security and privacy is that the code can be examined for backdoors and malware, this advantage is hardly unique to Debian. To one or degree another, it is shared by all Linux distributions.

Read more

More from Susan: Why Use Linux, Systemd Complications, Debian's Security

Syndicate content

More in Tux Machines

Leftovers: Software

  • i2pd 2.10 released
    i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client. I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses. I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers). I2P allows people from all around the world to communicate and share information without restrictions.
  • Pixeluvo Review | Photo Editor for Linux & Windows
    A review of Pixeluvo, a great photo editor available on Linux and Windows. Pixeluvo is not free or open source.
  • Blit, A Retrospective On My Largest Project Ever
    I’ve always been someone who’s liked art and programming. Especially combining the two. One of my favorite genres is pixel art, or sprites as they are also known. I’ve dabbled in making a few other art programs before, but nothing like this. Originally Blit supposed to be only a sprite animation tool that had a modern look and feel, but my ideas for it grew greater (*sigh* feature creep). There are many other sprinting tools out there like GrafX2, Aseprite, (and other 2D animation programs like TVPaint). I’m not saying that it’s wrong that they make their own GUI toolkit, but it feels kind of odd. I really wanted to bring these types of programs out of the days of the Amiga. After doing some initial research, I settled on using Qt.
  • An alert on the upcoming 7.51.0 release
    In two weeks time, on Wednesday November 2nd, we will release curl and libcurl 7.51.0 unless something earth shattering happens.
  • Desktop Gmail Client `WMail` 2.0.0 Stable Released
    WMail is a free, open source desktop client for Gmail and Google Inbox, available for Linux, Windows, and Mac.
  • SpaceView: Ubuntu File System Usage Indicator
  • FunYahoo++: New Yahoo Messenger Plugin For Pidgin / libpurple [PPA]
    Yahoo retired its old Messenger protocol in favor of a new one, breaking compatibility with third-party applications, such as Pidgin, Empathy, and so on. Eion Robb, the SkypeWeb and Hangouts developer, has created a replacement Yahoo prpl plugin, called FunYahoo++, that works with the new Yahoo Messenger protocol. Note that I tested the plugin with Pidgin, but it should work with other instant messaging applications that support libpurple, like BitlBee or Empathy.
  • GCC Lands Loop Splitting Optimization
    The latest GCC 7 development code has an optimization pass now for loop splitting.
  • GCC 7 To End Feature Development Next Month
    Friday's GCC 7 status report indicates the feature freeze is coming up in just a few weeks. Red Hat developer Jakub Jelinek wrote in the latest status report, "Trunk which will eventually become GCC 7 is still in Stage 1 but its end is near and we are planning to transition into Stage 3 starting Nov 13th end of day time zone of your choice. This means it is time to get things you want to have in GCC 7 finalized and reviewed. As usual there may be exceptions to late reviewed features but don't count on that. Likewise target specific features can sneak in during Stage 3 if maintainers ok them."
  • GNU Parallel 20161022 ('Matthew') released [stable]
    GNU Parallel 20161022 ('Matthew') [stable] has been released. It is available for download at: No new functionality was introduced so this is a good candidate for a stable release.
  • GNU Health 3.0.4 patchset released
    GNU Health 3.0.4 patchset has been released !
  • guile-ncurses 2.0 released
    I am pleased to announce the release of guile-ncurses 2.0 guile-ncurses is a library for the creation of text user interfaces in the GNU Guile dialect of the Scheme programming language. It is a wrapper to the ncurses TUI library. It contains some basic text display and keyboard and mouse input functionality, as well as a menu widget and a form widget. It also has lower level terminfo and termios functionality.
  • Unifont 9.0.03 Released
    Unifont 9.0.03 is released. The main changes are the addition of the Pikto and Tonal ConScript Unicode Registry scripts.
  • PATHspider 1.0.0 released!
    In today’s Internet we see an increasing deployment of middleboxes. While middleboxes provide in-network functionality that is necessary to keep networks manageable and economically viable, any packet mangling — whether essential for the needed functionality or accidental as an unwanted side effect — makes it more and more difficult to deploy new protocols or extensions of existing protocols. For the evolution of the protocol stack, it is important to know which network impairments exist and potentially need to be worked around. While classical network measurement tools are often focused on absolute performance values, PATHspider performs A/B testing between two different protocols or different protocol extensions to perform controlled experiments of protocol-dependent connectivity problems as well as differential treatment.
  • The Domain Name System

today's howtos

Leftovers: KDE

  • Happy 20th birthday, KDE!
    KDE turned twenty recently, which seems significant in a world that seems to change so fast. Yet somehow we stay relevant, and excited to continue to build a better future. Lydia asked recently on the KDE-Community list what we were most proud of.
  • SETI – Week of Information Technology
  • KDevelop for Windows available on Chocolatey now
    Which is already great in itself! But now it's also possible to install it via the super popular Windows package manager for Windows, Chocolatey.
  • colord-kde 0.5.0 released!
    Last official stable release was done more than 3 years ago, it was based on Qt/KDE 4 tech, after that a few fixes got in what would be 0.4.0 but as I needed to change my priorities it was never released. Thanks to Lukáš Tinkl it was ported to KF5, on his port he increased the version number to 0.5.0, still without a proper release distros rely on a git checkout.
  • Call for attendees Lakademy 2017
    As many of you know, since 2012 we organize the Lakademy, a sort of Latin American Akademy. The event brings together KDE Latin American contributors in hacking sessions to work on their projects, promo meetings to think KDE dissemination strategies in the region and other activities.
  • Plasma 5 Desktop on FreeBSD Branding
    The FreeBSD packages of KDE software — the KDE 4 desktop, and soon KDE Frameworks 5 and Plasma 5 Desktop and KDE Applications — have traditionally been shipped pretty much as delivered from the upstream source. We compile, we package, and there is very little customization we do as a “distro”. The KDE 4 packages came with a default wallpaper that was a smidgen different from the one shipped with several Linux distro’s. I think Ivan Cukic did that artwork originally. For Plasma 5 Desktop, we also wanted to do a tiny bit of branding — just the default wallpaper for new users, mind.
  • A bit on Tooling
    So on the weekend I also worked on updating Qt 5.6.1 to Qt 5.6.2 on FreeBSD, which involves using new and scary tools as well. Power tools, they can be really useful, or they can take off a finger if you’re not careful. In this case it was Phabricator, which is also used in KDE — but not everywhere in KDE. For FreeBSD, the tool is used to review updates to ports (the packaging instructions), so I did an update of Qt from 5.6.1 to 5.6.2 and we handled the review through FreeBSD’s Phab. The ports infrastructure is stored in SVN, so the review is relatively straightforward: update the ports-tree checkout, apply your changes, use arc to create or update a review request. I was amazed by how painless it was — somehow I’d been frightened. Using the tool once, properly, makes a big difference in self-confidence.
  • Krita 3.1 second beta.
    The Krita 3.1 beta come with a full features and fixes. The linux version to download your krita-3.0.91-x86_64.appimage.
  • Second Beta for Krita 3.1 Available
    We’re still fixing bugs like madmen… And working on some cool new features as well, but that’s for a later release. In any case, here is the second Krita 3.1 beta! Yes, you’re reading that correctly. Originally, we had planned to use 3.0.2 as the version for this release, but there is so much news in it that it merits a bigger version bump.


  • Consequences of the HACK CAMP 2016 FEDORA + GNOME
    I used to do install parties in order to promote the use of FEDORA and GNOME project since five years ago. As you can see more details in the Release Party FEDORA 17 for Fedora, and Linux Camp 2012, GNOME PERU 2013, GNOME PERU 2014...
  • GNOME Shell Making It Easy To Launch Apps/Games For Optimus / Dual GPU Systems
    With the GNOME 3.24 desktop that's currently in development the latest GNOME Shell code has support for easily letting the user launch an app on a dedicated GPU when applicable for handling NVIDIA Optimus use-cases of having integrated and discrete GPU laptops. When a dual-GPU system is detected, a menu item will be added to opt for "Launch using Dedicated Graphics Card", per this commit. The GNOME Shell change for supporting discrete GPUs was made and when the user opts to launch on the dedicated GPU, the DRI_PRIME=1 environment variable will automatically be set for that new program/game.