Language Selection

English French German Italian Portuguese Spanish

Linux

Did Lilu Ransomware Really Infect Linux Servers

Filed under
Linux
Server
Security

Note that the domain name of this folder has been hidden from view making it impossible for us to verify if these files were actually on a Linux server. The article goes on to note that “Lilocked doesn't encrypt system files, but only a small subset of file extensions, such as HTML, JS, CSS, PHP, INI, and various image file formats. This means infected servers continue to run normally.”

This limitation raises the obvious question of whether the core of the Linux server itself has been compromised or whether merely applications connected to the core have been hacked. There are many very insecure website building applications such as Wordpress and many insecure web mail applications such as Exim that have been repeatedly hacked over the years. Both Wordpress and Exim have suffered from dozens of major security problems that have nothing to do with the security of the Linux operating system which is at the core of all Linux servers. All of the file formats mentioned in the article are files used on Wordpress websites and files that can be transmitted via Exim email programs.

[...]

So instead of 6000 websites on 6000 servers being infected, it looks more like 6000 files on less than 1000 websites were infected. And many of these websites could have been on the same server – meaning that perhaps only a couple dozen out of the worlds 10 million Linux servers had infected files – and none of the files were actually in the core of any Linux servers.

[...]

Many of these articles were exact copies of the Zdnet article. Thus far, not a single so-called “security expert” has bothered either to look into the evidence provided much less challenge or disagree with this silly claim.

Instead, make even more extreme claims, noting that there are millions of Linux servers running outdated, un-patched and insecure versions of Exim software. This is a fact. But given how many holes have been found in the Exim software, the problem is not with the Linux servers, it is with the Exim software. In my humble opinion, the design of Exim is not secure and the design of Postfix is more secure.

The solution to this Exim problem is to demand that Cpanel support support Postfix and to ask Debian to also switch from Exim to Postfix (something Ubuntu has already done for very obvious reasons). This is the benefit of the diversity of free open source software. If one program has problems, there is quite often a more secure alternative that can be installed with just the click of a button. This is a problem that has been going on for years. But it can be fixed in a matter of minutes.

Read more

Purism: A Privacy Based Computer Company

Filed under
GNU
Linux
Gadgets

It all started when Todd Weaver, Founder and CEO of Purism, realized Big Tech could not be trusted as moral guardians of his and his children’s data. The current paradigm of corporations data hoarding is, as Todd describes it, built on “a tech-stack of exploitation”–and not by accident, but by design. Companies such as Google and Microsoft–and especially Facebook–intentionally collect, store and share user data to whomever they see fit. In recent events, the California Consumer Privacy Act, which becomes effective on January 1, 2020, will make residents of California able to know what personal data is being collected about them, know whether their personal data is sold or disclosed and to whom, say no to the sale of personal data, access their personal data, request a business delete any personal data information about a consumer collected from that consumer and not be discriminated against for exercising their privacy rights. This sounds good, and it is, but not according to Big Tech. Big Tech such as Facebook hired a firm to run ads that said things like “Your next click could cost you $5! Say no to the California Consumer Privacy Act”. Big Tech does not care about privacy, they care about their bottom line. This is where Purism comes in.

Purism is a privacy focused company. Their devices, the Librem5, Librem13 and Librem15 run PureOS–a GNU/Linux distribution that puts privacy, security and freedom first, by design. It includes popular privacy-respecting software such as PureBrowser. The OS helps you “Surf the web safely without being tracked by advertisers or marketers” and allows you to easily encrypt your entire OS and data with your own encryption keys. This is huge, especially if you understand how much of your “private” data is actually being shared.

Read more

SDR dev kit builds on Zynq UltraScale+ RFSoC

Filed under
Linux
Hardware

Avnet has launched an “RFSoC Development Kit” that extends Xilinx’s eval kit for its Linux-powered, Zynq UltraScale+ RFSoC. The kit adds a Qorvo 2×2 Small Cell RF front-end for SDR prototyping and integrates MATLAB and Simulink.

Xilinx launched its 5G-focused Zynq UltraScale+ RFSoC variant of its Arm/FPGA hybrid Zynq UltraScale+ MPSoc last year and then announced a Gen3 update in early February. Avnet has now launched an extended version of the Linux-driven Xilinx Zynq UltraScale+ RFSoC ZCU111 Evaluation Kit that adds a Qorvo 2×2 Small Cell RF Front-end 1.8GHz Card and MATLAB support for software-defined radio (SDR) prototyping,

Read more

Also: SMARC 2.0 module runs Linux on i.MX8M Mini

PCLinuxOS 2019.09 updated installation media release

Filed under
GNU
Linux
PCLOS

The KDE versions both full and the minimalistic Darkstar contain kernel 5.2.15 plus a fully updated KDE Plasma desktop. Plasma desktop 5.16.5, Plasma Applications 19.08.1 and Plasma Frameworks 5.62.

The Mate Desktop was refreshed with kernel 5.2.15 and the applications and libraries were updated to their most recent stable versions from the previous release.

The Xfce Desktop was tweaked and now uses the Whisker menu by default. A login sound was added and the applications were updated along with some minor bug fixes.

In addition all ISOs now include the Nvidia 430.50 driver and will be used instead of the nouveau driver if your video card supports it. Hardware detection scripts were updated to provide better support for video cards that can use the Nvidia 430.50 driver. Pulseaudio has been updated to the stable 13.0 release. The Simple Update Notifier was reworked and now works for keeping you notified of system updates and the ability to update from the applet using apt-get. Small improvements were made to the Live media boot scripts. Vbox test media is also included on the installation media. This program allows you to quickly test an ISO on the fly or usbstick with various options without having to create a permanent VM in Virtualbox. Requires a valid Virtualbox installation. Thanks to the people involved for their contributions to this program.

Read more

OSGeoLive 13.0 Released, which Brings Some New Applications

Filed under
OS
GNU
Linux

Astrid Emde has announced the new release of OSGeoLive 13.0 on Sep 12, 2019.

This release has improved the Python experience a lot by adding an additional Python modules like Fiona, rasterio, cartopy, pandas, geopandas, mappyfile.

Also, added the following new applications MapCache, GeoExt, t-rex, actinia.

Many packages have been updated to the latest version.

[...]

It is featuring a large collection of open-source geospatial software and free world maps.

It provides bootable ISO-Images and Virtual Machines which allow users to try out fully-operational versions of popular Free Geospatial Software without the need to install a thing.

Read more

Getting GNOME 3.34 on Various GNU/Linux Distros

Filed under
GNU
Linux
GNOME

I like to list out popular GNU/Linux distros that already ship latest desktop environment. For GNOME 3.34 case, currently I found Desktop Live distros that include it built-in to be Ubuntu, Fedora, openSUSE. You can download them and immediately test GNOME. Other names worth mentioning but I don't present them here are Alpine GNU/Linux, Debian, and Mageia. I write this at 17 September so things might change by day later. By this article, I also want to introduce several special distros like GNOME:Next and a certain awesome community service like Repology for you. Enjoy GNOME 3.34!

Read more

Also: GNOME 3.34: Between Fedora Rawhide and openSUSE GNOME:Next

[CentOS-announce] Release for CentOS Linux 7 (1908) on the x86_64 Architecture

Filed under
Linux
Red Hat

Release for CentOS Linux 7 (1908) on the x86_64 Architecture

We are pleased to announce the general availability of CentOS Linux 7
(1908) for the x86_64 architecture. Effectively immediately, this
is the current release for CentOS Linux 7 and is tagged as 1908, derived
from Red Hat Enterprise Linux 7.7 Source Code.

As always, read through the Release Notes at :
http://wiki.centos.org/Manuals/ReleaseNotes/CentOS7 - these notes
contain important information about the release and details about some
of the content inside the release from the CentOS QA team. These notes
are updated constantly to include issues and incorporate feedback from
the users.

Read more

Also: CentOS 7.7 Released As The Last Stop Before CentOS 8.0

Devices with Linux: Sm@rtDock, BalenaOS/Raspberry Pi 4 and More

Filed under
Linux
Hardware
  • Sm@rtDock 15 Touch is a 15″ 2-in-1 Laptop Dock for Samsung DeX Devices and Smartphones with a USB-C Port

    We’ve already covered several laptop docks for smartphones such as NexDock 2. AFAICR, all those modes would come with a full laptop body with non-touch display and keyboard.

  • BalenaOS may be the First Fully Functional 64-bit OS for Raspberry Pi 4

    BalenaOS 64-Bit OS Balena just announced the release of a 64-bit OS for the Raspberry Pi 4, that latest release of the iconic SBC.

  • Compact Kaby Lake embedded PC supports Linux

    Axiomtek’s fanless, rugged “eBOX100-51R-FL” embedded PC runs Linux or Win 10 on a 7th Gen U-series CPU and offers a pair each of GbE, USB 3.0, USB 2.0, and serial ports plus a DP++ port and M.2 slots for WiFi and SATA.

    Axiomtek announced a compact (142 x 87 x 58mm) embedded computer equipped with a power-efficient Intel 7th Gen “Kaby Lake U-series processor. Axiomtek calls the rugged eBOX100-51R-FL “the smallest embedded system with Intel Core ULT processor onboard.” Indeed, we have yet to see a smaller U-series based embedded PC. The system joins the larger Kaby Lake-U based Axiomtek ICO500-518.

  • Intel launches fanless, Apollo Lake based NUC mini-PC and SBC

    Intel has posted specs for a previously tipped “NUC 8 Rugged” mini-PC and 3.5-inch baseboard. The fanless NUC runs Linux or Windows on an Apollo Lake Celeron with soldered 4GB RAM and 64GB eMMC, M.2 for NVMe, and dual HDMI ports.

    Most of Intel’s NUC (Next Unit of Computing) mini-PCs are fan-cooled models with Intel Core processors, such as last year’s 8th Gen “Coffee Lake” based Bean Canyon NUCs. Now, several vendors have opened pre-orders for as low as $248 for a fanless, 150 x 108 x 32mm Intel NUC 8 Rugged model aimed at embedded applications.

Linux 5.4 Developments Explained

Filed under
Linux
  • Linux 5.4 Adds Qualcomm Snapdragon 855, Supports Some Newer ARM Laptops

    The ARM SoC platform and driver changes landed on Monday during the first full day of the Linux 5.4 merge window. There is some exciting ARM hardware support improvements for this kernel while doing away with some older platforms.

  • Linux 5.4 Continues Sound Open Firmware, Improvements For AMD/NVIDIA HDMI Audio

    Linux 5.4 will sound better. Well, at least provide audio support on more hardware with this next kernel release thanks to the latest batch of open-source sound improvements.

  • Linux 5.4 Dropping Support For The Itanium IA64-Powered SGI Altix

    With Intel having ended the Itanium CPU family at the beginning of the year and much of the open-source/Linux software support for IA64 already having been on the decline for years, the Linux kernel is beginning to remove more IA64 bits. This comes following IA64 support being deprecated for GCC 10 and likely removed for the GCC 11 release in 2021. Once that IA64 support is gone from GCC, chances are the Linux kernel support for IA64 will be dropped entirely since there isn't any other compiler capable of building the Linux kernel and supporting IA64 as well as GCC.

  • Linux 5.4 Scheduler Changes Bring Better AMD EPYC Load Balancing, Other Optimizations

    The Linux 5.4 scheduler changes are fairly exciting on multiple fronts.

    One of the Linux 5.4 scheduler changes we have been looking forward to is improved EPYC load balancing and that work is indeed part of today's pull request. The better EPYC load balancing is a scheduler topology improvement to better deal with load balancing across NUMA nodes on EPYC 2P servers. I'll be running some benchmarks of this EPYC-specific scheduler change in the days ahead.

Funtoo Linux 1.4 Released

Filed under
GNU
Linux
Gentoo

Drobbins has announced the new release of Funtoo Linux 1.4 on Sep 11, 2019.

This release is based on a 21 June 2019 snapshot of Gentoo Linux with significant updates to key parts of the system, such as compiler and OpenGL subsystem.

This is the fourth release of the Funtoo Linux 1.x series, which may be the last update of this release, as the developer said he would start developing 2.0 a month later.

Read more

Syndicate content

More in Tux Machines

Android Leftovers

When Diverse Network ASICs Meet A Unifying Operating System

And it has also been a decade since switch upstart Arista Networks launched its Extensible Operating System, or EOS, which is derived from Linux. [...] The cross-platform nature of ArcOS, coupled with its ability to run in any function on the network, could turn out to be the key differentiator. A lot of these other NOSes were point solutions that could only be deployed in certain parts of the network, and that just creates animosity with the incumbent vendors that dominate the rest of the networking stack. Given the mission-critical nature of networking in the modern datacenter, it costs a great deal to qualify a new network operating system, and it can take a lot of time. If ArcOS can run across more platforms, qualify faster, and do more jobs in the network, then, says Garg, it has a good chance of shaking up switching and routing. “That totally changes the business conversation and the TCO advantages that we can bring to a customer across the entirety of their network.” Read more

Server: Kubernetes/OpenShift, OpenStack, and Red Hat's Ansible

  • 9 steps to awesome with Kubernetes/OpenShift presented by Burr Sutter

    Burr Sutter gave a terrific talk in India in July, where he laid out the terms, systems and processes needed to setup Kubernetes for developers. This is an introductory presentation, which may be useful for your larger community of Kubernetes users once you’ve already setup User Provisioned Infrastructure (UPI) in Red Hat OpenShift for them, though it does go into the deeper details of actually running the a cluster. To follow along, Burr created an accompanying GitHub repository, so you too can learn how to setup an awesome Kubernetes cluster in just 9 steps.

  • Weaveworks Named a Top Kubernetes Contributor

    But anyone who knows the history of Weaveworks might not be too surprised by this. Weaveworks has been a major champion of Kubernetes since the very beginning. It might not be too much of a coincidence that Weaveworks was incorporated only a few weeks after Kubernetes was open sourced, five years ago. In addition to this, the very first elected chair of the CNCF’s Technical Oversight Committee, responsible for technical leadership to the Cloud Native Foundation was also headed up by our CEO, Alexis Richardson(@monadic) (soon to be replaced by the awesome Liz Rice (@lizrice) of Aqua Security).

  • Improving trust in the cloud with OpenStack and AMD SEV

    This post contains an exciting announcement, but first I need to provide some context! Ever heard that joke “the cloud is just someone else’s computer”? Of course it’s a gross over-simplification, but there’s more than a grain of truth in it. And that raises the question: if your applications are running in someone else’s data-centre, how can you trust that they’re not being snooped upon, or worse, invasively tampered with?

  • Red Hat OpenStack Platform 15 Enhances Infrastructure Security and Cloud-Native Integration Across the Open Hybrid Cloud

    Red Hat, Inc., the world's leading provider of open source solutions, today announced the general availability of Red Hat OpenStack Platform 15, the latest version of its highly scalable and agile cloud Infrastructure-as-a-Service (IaaS) solution. Based on the OpenStack community’s "Stein" release, Red Hat OpenStack Platform 15 adds performance and cloud security enhancements and expands the platform’s ecosystem of supported hardware, helping IT organizations to more quickly and more securely support demanding production workloads. Given the role of Linux as the foundation for hybrid cloud, customers can also benefit from a more secure, flexible and intelligent Linux operating system underpinning their private cloud deployments with Red Hat Enterprise Linux 8.

  • Red Hat Ansible Automation Accelerates Past Major Adoption Milestone, Now Manages More Than Four Million Customer Systems Worldwide

    Red Hat, Inc., the world's leading provider of open source solutions, today announced that more than four million customer systems worldwide are now automated by Red Hat Ansible Automation. Customers, including Energy Market Company, Microsoft, Reserve Bank of New Zealand and Surescripts all use Red Hat Ansible Automation to automate and orchestrate their IT operations, helping to expand automation across IT stacks. According to a blog post by Chris Gardner with Forrester Research, who was the author of The Forrester Wave™: Infrastructure Automation Platforms, Q3 2019, "Infrastructure automation isn’t just on-premises or the cloud. It’s at the edge and everywhere in between."1 Since its launch in 2013, Red Hat Ansible Automation has provided a single tool to help organizations automate across IT operations and development, including infrastructure, networks, cloud, security and beyond.

Top 15+ Best Script Writing Software for Linux in 2019

Script writing software is designed to play a vital role for writers from different writing sectors. As a newbie, it may not be simple to use. But, after a certain period, it comes handy for creating scripts for films, novels, and television programs. Linux has to offer a bunch of tools for script writing for both beginners and professionals. There is a wide range of applications that are open source and free. Moreover, if you want to get some extra bit of advanced features, you may need to spend some bucks. Read more