Language Selection

English French German Italian Portuguese Spanish

Microsoft

Best Free and Open Source Alternatives to Microsoft Visual Studio

Filed under
Microsoft
Software

Microsoft Visual Studio is an integrated development environment. It is used to develop computer programs, as well as websites, web apps, web services and mobile apps.

Visual Studio is proprietary software and is not available for Linux. We recommend the best free and open source alternatives.

Read more

GitHub Copilot and open source laundering

Filed under
Microsoft
Legal

We have seen an explosion in machine learning in the past decade, alongside an explosion in the popularity of free software. At the same time as FOSS has come to dominate software and found its place in almost all new software products, machine learning has increased dramatically in sophistication, facilitating more natural interactions between humans and computers. However, despite their parallel rise in computing, these two domains remain philosophically distant.

Though some audaciously-named companies might suggest otherwise, the machine learning space has enjoyed almost none of the freedoms forwarded by the free and open source software movement. Much of the actual code related to machine learning is publicly available, and there are many public access research papers available for anyone to read. However, the key to machine learning is access to a high-quality dataset and heaps of computing power to process that data, and these two resources are still kept under lock and key by almost all participants in the space.1

The essential barrier to entry for machine learning projects is overcoming these two problems, which are often very costly to secure. A high-quality, well tagged data set generally requires thousands of hours of labor to produce,2 a task which can potentially cost millions of dollars. Any approach which lowers this figure is thus very desirable, even if the cost is making ethical compromises. With Amazon, it takes the form of gig economy exploitation. With GitHub, it takes the form of disregarding the terms of free software licenses. In the process, they built a tool which facilitates the large-scale laundering of free software into non-free software by their customers, who GitHub offers plausible deniability through an inscrutable algorithm.

Read more

Microsoft acknowledges that a Windows 11 update is causing serious connection issues

Filed under
Microsoft

June’s Patch Tuesday update releases for Windows 11 have once gain proved to be problematic. Microsoft has acknowledged a new known issue with the operating system following the installation of the KB5014697 update. The KB5014697 update was supposed to address a number of security flaws in Windows 11, but it also introduced connectivity issues for some users, Microsoft is currently investigating the problem which affects Windows 11’s Wi-Fi hotspot feature.

Read more

Proprietary Software Leftovers

Filed under
Microsoft
Security

Proprietary: Apple and Mcrosoft

Filed under
Microsoft
Mac
  • Shared Photo Library

    With iOS 16, it seems there will be options for family sharing, which sounds great now that we have five phones in our family snapping pictures and storing them in the cloud.

  • iPods are over

    The first iPod was announced in October 2001, and most people agree that it revolutionized the way we listen to music nowadays. By that time, there were other music players, but no manufacturer was able to bring together an easy way for us to buy music - with some decent quality - and offer a well designed product. Obviously, some audiophile may disagree with my “decent quality” statement, but it really was for the average user that didn’t want (or need) to go deeper in all technicality in this regard.

  • House Armed Services chair calls national security software, systems 'too vulnerable' [iophk: Windows TCO]

    “We’re talking about software systems that, you know, operate our missiles and our ships and everything, they just don’t, they are not as protected as they should be,” Smith said. “When it comes to cyber, protecting our systems, I think, is our greatest problem right now — even more so than our ability to exploit other people’s systems, though we certainly need to develop that capability as well.”

OSI and GNOME (and Microsoft Bribes)

Filed under
Microsoft
GNOME

Proprietary Software and Microsoft Holes

Filed under
Microsoft
Security

  • Calls to 'Stop the Deal' as US Military Contractor Moves to Buy NSO Group

    Digital rights advocates sounded the alarm on Tuesday following reports that U.S. military contractor L3Harris Tech plans to acquire NSO Group, a private Israeli firm widely condemned for selling surveillance technology to repressive governments across the globe.

    "The spyware peddled by NSO Group is unsafe in any hands."

  • Microsoft Patch Tuesday, June 2022 Edition

    Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that’s seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year.

  • Ransomware Group Debuts Searchable Victim Data

    Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. Today, however, the group began publishing individual victim websites on the public Internet, with the leaked data made available in an easily searchable form.

  • Internet Explorer's run finally comes to an end

    Microsoft released the first version of Internet Explorer in 1995, the antediluvian era of web surfing dominated by the first widely popular browser, Netscape Navigator. Its launch signaled the beginning of the end of Navigator: Microsoft went on to tie IE and its ubiquitous Windows operating system together so tightly that many people simply used it by default instead of Navigator.

    The Justice Department sued Microsoft in 1997, saying it violated an earlier consent decree by requiring computer makers to use its browser as a condition of using Windows. It eventually agreed to settle the antitrust battle in 2002 over its use of its Windows monopoly to squash competitors. It also tangled with European regulators who said that tying Internet Explorer to Windows gave it an unfair advantage over rivals such as Mozilla’s Firefox, Opera and Google’s Chrome.

Microsoft Has Loads of Unpatched and Actively-exploited Security Holes, Microsoft-sponsored Media Obsesses Over "Linux"

Filed under
Microsoft
Security
  • Microsoft Releases June 2022 Security Updates

    Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

    CISA encourages users and administrators to review Microsoft’s June 2022 Security Update Summary and Deployment Information and apply the necessary updates.

  • New botnet and cryptominer Panchan attacking Linux servers [Ed: This is not an issue with Linux itself, but this Microsoft-funded site wants to shift attention away from actively-exploited and unpatched Microsoft flaws; it also spreads FUD about Go for merely being used to develop some malware]

    Panchan is written in the Go programming language and utilizes Go’s concurrency features to maximize its spread and execute payloads.

  • This new Linux rootkit malware is already targeting victims [Ed: Again, this is not an issue with Linux itself; it's some malware that can sometimes be installed on Linux, but that helps distract from deliberate back doors in Windows]

Tenable boss accuses Microsoft of putting Azure customer safety at risk

Filed under
Microsoft
Security

Microsoft has been accused of a lack of transparency in its vulnerability practices, with the security outfit Tenable claiming these practices put the software giant's customers at risk.

Tenable chairman and chief executive Amit Yoran said in a blog post that his company had discovered two flaws, one of which it considered critical, in Microsoft's Azure platform, both in the Synapse Analytics part of Azure.

Synapse Analytics is used for machine learning, data aggregation and similar computational tasks.

One of these flaws was a privilege escalation flaw with the context of a Spark VM. The second allowed the poisoning of the hosts file on all nodes in a Spark pool.

Yoran wrote that Microsoft decided to silently patch the privilege escalation flaw, while downplaying the risk. "It was only after being told that we were going to go public, that their story changed… 89 days after the initial vulnerability notification… when they privately acknowledged the severity of the security issue. To date, Microsoft customers have not been notified," he added.

Read more

From Windows to Ubuntu and What Google Can Do to Boost the Sales of Chromebooks

Filed under
GNU
Linux
Google
Microsoft
  • Migrating From Windows to Ubuntu: The Ultimate Guide

    If you are a Windows user and still haven't made the switch to the latest version, you may want to consider migrating to Ubuntu, the popular Linux distribution from Canonical.

    Ubuntu has strong support from developers and a massive software repository. It's free, fast, and safe to use. Like many versions of Linux, it's easy to install on a wide range of hardware.

    If this sounds good to you, here's how you go about making the switch.

  • What Google Can Do to Boost the Sales of Chromebooks

    Google introduced Chromebooks back in 2011 as an alternative to traditional laptops. However, Chromebooks have only managed to capture 2.22 percent of the worldwide PC market in over a decade.

    These laptops by Google use Chrome OS as their default operating system, which is Linux-based. The OS has a great deal of potential and is extremely user-friendly. To be fair, if Google tweaks its strategies, these machines could potentially dominate the market.

Syndicate content

More in Tux Machines

today's leftovers

  • 3600 Games Now On The Steam Deck with Teardown, a Great Demolition Game as Verified

    Valve has provided more verification in the past few days vs usual for the Steam Deck. We are now more than 3600 games validated (3626 games to be precise at the time of publication) on the Steam Deck – in two categories...

  • The Steam Deck’s Super Power: Super Sleep

    The Steam Deck undeniably has some great features, but if it were a superhero its superpower might not be what you expect. No, it’s not the powerful processor or advanced options and software, but seemingly the complete opposite of that: the Steam Deck’s real power is its super sleep. First, a superpower needs to be reliable and without any big caveats. The Deck’s sleep ability is just that: every time it works quickly and flawlessly. It is a quick power button press away or in the Steam button’s power menu. In the middle of a game without a pause button (hi, Elden Ring)? No problem. Running low on battery or just need a moment to move the Deck without accidentally hitting the buttons? Or want to resume in that spare minute to get in a quick gaming fix? The Deck delivers every time. You can also set the Deck to go to sleep after some idle time, confident you won’t lose your game progress or battery life.

  • [Slackware] Chromium 103 (regular and ungoogled) available as Slackware package

    Apologies for the delay, I was out of town, but i have finally uploaded my new chromium 103 packages for Slackware 14.2 and newer. Their un-googled siblings are also available. Thanks as always to Eloston and his friends for updating the patch-set for ungoogled-chromium. Last week saw a Google Chromium update which addresses a series of vulnerabilities, which is nothing new of course, but in particular one security hole that has now been patched would allow remote attackers to take control of your computer and execute arbitrary code. See CVE-2022-2156. An update of your installed browser package seems in order.

  • I bought THIS LAPTOP: Tuxedo Stellaris 15 Gen 4 Review - Invidious [Ed: Nick from The Linux Experiment already got his channel banned before... for shilling laptops. Maybe he's not afraid of it happening again.]

Programming Leftovers

  • The Poisson distribution: From basic probability theory to regression models

    Brief introduction to the Poisson distribution for modeling count data using the distributions3 package. The distribution is illustrated using the number of goals scored at the 2018 FIFA World Cup, suitable for self-study or as a classroom exercise.

  • Webscraping in R with Rvest

    Web scraping has become an incredibly important tool in data science, as an easy way to generate new data. The main advantage is the automation of some pretty repetitive tasks. Web scrapping can also be a good way of keeping up with new data on a website, assuming it doesn’t have a big change in its HTML structure.

  • Clang Static Analyzer and the Z3 constraint solver | Frederic Cambus

    Notes on using the Z3 constraint solver with the Clang Static Analyzer As far as static analyzers are concerned, one of the most important point to consider is filtering out false positives as much as possible, in order for the reports to be actionable. This is an area on which Coverity did an excellent job, and likely a major reason why they got so popular within the open source community, despite being a closed-source product. LLVM has the LLVM_ENABLE_Z3_SOLVER build option, which allows building LLVM against the Z3 constraint solver.

  • Least Common Denominator APIs

    Often, our instinct is to build for optionality. What if we change databases? What if we change clouds? We target the Least Common Denominator (LCD) interface to avoid vendor lock-in and make sure our software is portable – after all, Optimization is Fragile. LCD interfaces look like targeting the S3 API, a generic PubSub implementation, or vanilla ANSI SQL. LCD interfaces are good enough most of the time, but when we need to run a specialized workload, sometimes they don't perform how we'd like. We could solve our problem quickly by narrowing the API – coupling it to a specific cloud or managed service, but that destroys our optionality. Here, you should probably fight your instinct to stick with the pure implementation and weigh the trade-offs – how many developer-hours and pain can you save by narrowing the interface? Optimization and optionality are inherent trade-offs. There's a way to architecture services to be efficient and generic but also practical.

  • Quantum computer programming for dummies

    For would-be quantum programmers scratching their heads over how to jump into the game as quantum computers proliferate and become publicly accessible, a new beginner’s guide provides a thorough introduction to quantum algorithms and their implementation on existing hardware. “Writing quantum algorithms is radically different from writing classical computing programs and requires some understanding of quantum principles and the mathematics behind them,” said Andrey Y. Lokhov, a scientist at Los Alamos National Laboratory and lead author of the recently published guide in ACM Transactions on Quantum Computing. “Our guide helps quantum programmers get started in the field, which is bound to grow as more and more quantum computers with more and more qubits become commonplace.”

  • Create new variables from existing variables in R

    Create new variables from existing variables in R?. To create new variables from existing variables, use the case when() function from the dplyr package in R.

  • Construct a Perfect Binary Tree with given Height

    Given an integer N, the task is to generate a perfect binary tree with height N such that each node has a value that is the same as its depth. Return the inorder traversal of the generated binary tree.

  • Announcing urllib3's bounty program

    We’ve recognized that one of the biggest challenges to shipping v2.0 is not having enough time to devote to contributions. Our bounty program is hoping to spur interest from the community in the urllib3 project and fairly pay contributors for their time and experience. The bounty program works by marking issues with bounty amounts we’re willing to pay for anyone to complete an issue. Don't worry if you're not an existing contributor — new contributors are welcome and encouraged!

  • Learning from Failure – Nitinol Fracture Mechanics in R | R-bloggers

    Despite our best efforts, nitinol implants fracture and fail. Sometimes we want them to fail (on the bench, to learn).

  • Every Sufficiently Advanced Configuration Language is Wrong

    Every sufficiently advanced configuration language is the wrong tool for the job. [...] The logical extreme is becoming more evident – advanced configuration in general-purpose programming languages. You can see this in the emergence of Typescript for Infrastructure-as-Code. For the most basic (and human 0x777) configuration needs, there will always be simple formats – YAML, JSON, INI, etc.).

  • Another Exercise In Encoding Reversing | Didier Stevens

    In this blog post, I will show how to decode a payload encoded in a variation of hexadecimal encoding, by performing statistical analysis and guessing some of the “plaintext”. I do have the decoder too now (a .NET assembly), but here I’m going to show how you can try to decode a payload like this without having the decoder.

  • Examples Of Encoding Reversing | Didier Stevens

    I recently created 2 blog posts with corresponding videos for the reversing of encodings. The first one is on the ISC diary: “Decoding Obfuscated BASE64 Statistically“. The payload is encoded with a variation of BASE64, and I show how to analyze the encoded payload to figure out how to decode it.

  • An Introduction to Python: A Language for the Ages – The New Stack

    For anyone just getting into software programming, one of your best friends will be Python. Why? Python is very simple to learn and easy to implement. Even better, what you can do with this language grows as you learn more. You can start with very simple text-based applications and migrate to GUI applications and much more. And because Python is supported by most major operating systems (Linux, macOS, and Windows), you can begin your journey, regardless of platform. Python includes support for features such as lists, tuples, functions, variables, JSON, and ranges. But where did Python come from and why is it still so important today? Let’s dig in and find out. To follow our series of introductory tutorials, start here.

  • How To Write Comments In Python

    The way you think is reflected in programming in order to convey the individual steps that you took to solve an issue utilizing a computer. Commenting your code helps clarify your thinking process, which in turn makes it easier for you and other people to comprehend the purpose of your code in the future. Because of this, you will have an easier time locating bugs, fixing them, enhancing the code at a later time, and reusing it in other applications as well. The act of commenting is essential to the completion of any and all tasks, regardless of how little, medium, or fairly enormous they may be. It should be considered standard procedure for software engineers since it is an important component of your workflow. Without comments, things have the potential to get quite complicated very quickly. In this post, we will cover the many techniques of commenting that Python offers, as well as how it may be utilized to automatically produce documentation for your code via the use of the so-called module-level docstrings.

Android Leftovers

PeaZip 8.7.0

PeaZip is an open source file and archive manager. It's freeware and free of charge for any use. PeaZip can extract most of archive formats both from Windows and Unix worlds, ranging from mainstream 7Z, RAR, TAR and ZIP to experimental ones like PAQ/LPAQ family, currently the most powerful compressor available. PeaZip provides fast, high compression ratio multi-format archiving - view file compression and decompression benchmarks for more information. PeaZip is localized in 29 languages and is capable of handling all most popular archive formats (180+ file types), supporting a wide array of advanced file and archive management features (search, bookmarks, thumbnail viewer, find duplicate files and compute hash/checksum value, convert archive files...), especially focused on security (strong encryption, two factor authentication, encrypted password manager, secure file deletion...). Read more