Language Selection

English French German Italian Portuguese Spanish

Linux

Linus Torvalds Explains How Linux Still Surprises and Motivates Him

Filed under
Linux

Linus Torvalds took to the stage in China for the first time Monday at LinuxCon + ContainerCon + CloudOpen China in Beijing. In front of a crowd of nearly 2,000, Torvalds spoke with VMware Head of Open Source Dirk Hohndel in one of their famous “fireside chats” about what motivates and surprises him and how aspiring open source developers can get started. Here are some highlights of their talk.

Read more

SparkyLinux 4.6 Released as First GNU/Linux Distro Based on Debian 9 "Stretch"

Filed under
Linux
Debian

The Polish developers behind the Debian-based SparkyLinux GNU/Linux distribution were proud to announce today the general availability of the final SparkyLinux 4.6 release codenamed Tyche.

Read more

Upcoming Events: Linux Foundation Open Source Summit North America and All Systems Go! 2017

Filed under
Linux
OSS
  • Session Lineup Announced for The Linux Foundation Open Source Summit North America

    The Linux Foundation Open Source Summit is the premier open source technical conference in North America, gathering 2,000 developers, operators and community leadership professionals to collaborate, share information and learn about the latest in open technologies, including Linux, containers, cloud computing and more.

  • All Systems Go! 2017 CfP Open

    All Systems Go! is an Open Source community conference focused on the projects and technologies at the foundation of modern Linux systems — specifically low-level user-space technologies. Its goal is to provide a friendly and collaborative gathering place for individuals and communities working to push these technologies forward.

Tizen News: Xender, TVs and More

Filed under
Linux

Security: Brutal Kangaroo Targets Windows, Linux Updates Available, Reproducible Builds, and Patching Stack Clash

Filed under
Linux
Microsoft
Security
  • Brutal Kangaroo

    Today, June 22nd 2017, WikiLeaks publishes documents from the Brutal Kangaroo project of the CIA. Brutal Kangaroo is a tool suite for Microsoft Windows that targets closed networks by air gap jumping using thumbdrives. Brutal Kangaroo components create a custom covert network within the target closed network and providing functionality for executing surveys, directory listings, and arbitrary executables.

    The documents describe how a CIA operation can infiltrate a closed network (or a single air-gapped computer) within an organization or enterprise without direct access. It first infects a Internet-connected computer within the organization (referred to as "primary host") and installs the BrutalKangaroo malware on it. When a user is using the primary host and inserts a USB stick into it, the thumbdrive itself is infected with a separate malware. If this thumbdrive is used to copy data between the closed network and the LAN/WAN, the user will sooner or later plug the USB disk into a computer on the closed network. By browsing the USB drive with Windows Explorer on such a protected computer, it also gets infected with exfiltration/survey malware. If multiple computers on the closed network are under CIA control, they form a covert network to coordinate tasks and data exchange. Although not explicitly stated in the documents, this method of compromising closed networks is very similar to how Stuxnet worked.

    The Brutal Kangaroo project consists of the following components: Drifting Deadline is the thumbdrive infection tool, Shattered Assurance is a server tool that handles automated infection of thumbdrives (as the primary mode of propagation for the Brutal Kangaroo suite), Broken Promise is the Brutal Kangaroo postprocessor (to evaluate collected information) and Shadow is the primary persistence mechanism (a stage 2 tool that is distributed across a closed network and acts as a covert command-and-control network; once multiple Shadow instances are installed and share drives, tasking and payloads can be sent back-and-forth).

  • Security updates for Wednesday
  • Reproducible Builds: week 112 in Stretch cycle
  • 5 things you need to know about Stack Clash to secure your shared Linux environment

    The vulnerability is present in Unix-based systems on i386 and amd64 architectures. Affected Linux distributions include Red Hat, Debian, Ubuntu, SUSE, CentOS and Gentoo. Solaris is owned by Oracle. FreeBSD, OpenBSD and NetBSD are also impacted. Qualys has been working with distributions and vendors since May to get the vulnerabilities fixed, and the updates are just beginning to be released. Administrators need to act promptly to update affected machines with the security updates.

Debian 9.0.1 Released

Filed under
GNU
Linux
Debian
  • New live images released (9.0.1)

    We found multiple issues in the live images released at the weekend. Since then, I've been working on fixes for the worst problems. I've just published a new set of images as 9.0.1.

  • Debian Re-Releases All Live Images of Debian GNU/Linux 9 "Stretch" Due to Bugs

    Debian developer and the team lead of "debian-cd" Steve McIntyre announced on the project's mailing list that he and his team worked hard during the past 72 hours or so to rebuild all the live images of the new Debian GNU/Linux 9 "Stretch" release.

    Launched this past weekend, Debian GNU/Linux 9 "Stretch" is now the most stable and advanced release of the acclaimed Linux-based operating system, shipping with tons of new features and updated technologies. The OS has been in development for the past two years.

Linux vs. Windows Server OS Comparison

Filed under
OS
Linux
Microsoft

A comparison between Linux and Windows while selecting the server operating system is like being in stalemate while playing the chess game where the outcome is unpredictable. Various versions of the Microsoft—from Windows—and the Linux-based operating systems are available in plenty today. But deciding the best option is a tougher task, rather, finding the right solution that fits the organizational requirements is easier.

Read more

Best Linux Distro: Linux Experts Rate Distros

Filed under
Linux

Looking over this list, I notice that innovative, security-based, and community-developed distributions. However, I am not consistent in these preferences, since I do not include perfectly good alternatives like openSUSE or Linux Mint.

Still, one thing a list like this makes clear is that the total number of distributions might be declining, but the diversity of Linux variants is as strong as ever. Even if you don't find any of these choices to your liking, dig around and you should find several distributions that you can live with.

Read more

Creating screencasts on Linux

Filed under
Linux

As this is a new blog on Fedora Planet, let me start off by introducing myself briefly. My name is Maxim Burgerhout, and I have been a Fedora contributor for quite some time. Truth be told though, I haven’t been able to spend much time maintaining my packages over the past couple of years. As a different way of giving back, I want to start sharing some experiences with open source software in a specific niche: screencast creation, and video editing.

Read more

Samsung Tizen 4.0 OS evolves as the IoT Ecosystem expands

Filed under
Linux

The 21st century is a period where connectivity is the main technological idea. People and “things”, as well as “things” and “things”, can connect easily without obstacles and this is the main plot of the IoT ecosystem, which is currently being expanded globally. The driving force of the IoT ecosystem is the operating system of devices and it is consistently evolving. Tizen is an open source, Linux-based Operating System (OS), that is compatible with numerous devices such as smartphones, wearable, smartwatches, TV and IVI devices.

Read more

Syndicate content

More in Tux Machines

GNOME 3.25.3 Released, GTK Development

  • GNOME 3.25.3 Now Available
    GNOME 3.25.3 is now available as the latest stepping stone towards September's release of GNOME 3.26.
  • GNOME 3.26 Desktop Environment Development Continues, New Milestone Is Out Now
    Matthias Clasen has informed the community via an email announcement that the third milestone of the upcoming GNOME 3.26 desktop environment is now ready for public testing. After a one day delay, GNOME 3.25.3 is now available, and it's the third development release of the upcoming GNOME 3.26 desktop environment that could be used by default in popular GNU/Linux distributions, such as the Ubuntu 17.10 (Artful Aardvark) or Fedora 27, both due for release later this year. It brings a bunch of updates and new features to several of its components and apps.
  • Eight years since first release and still no usable theme?
    Well, let me be frank. Ever since gtk-3.0 I've been skeptical of it, especially of the theming aspect. In gtk-2 we had (and still have) many themes ranging from trash to excellent, almost every kind of taste could have been satisfied. Not so in gtk-3. First issue is constant changes to theming API, meaning that despite there being hundreds of themes, only handful of them actually work right :( And among them, I still have yet to find one that would work on my fairly usual 15,6″ laptop screen with 1366×768 px resolution. Basicaly I have two issues.

Microsoft Dirty Tricks and Entryism

Security: Windows Causes Chaos, Routers With Back Doors, Patching of UNIX/Linux

  • Traffic lights in Australia hit by WannaCry ransomware [Ed: Well, who uses Microsoft Windows to manage traffic?!?!]

    Radio station 3aw reports that dozens of pole based traffic calming measures are infected and that this came as a surprise to the local minister and Road Safety Camera Commissioner when radio reporters told him about it.

  • Honda shuts down factory after finding NSA-derived Wcry in its networks
    The WCry ransomware worm has struck again, this time prompting Honda Company to halt production in one of its Japan-based factories after finding infections in a broad swath of its computer networks, according to media reports. The automaker shut down its Sayama plant northwest of Tokyo on Monday after finding that WCry had affected networks across Japan, North America, Europe, China, and other regions, Reuters reported Wednesday. Discovery of the infection came on Sunday, more than five weeks after the onset of the NSA-derived ransomware worm, which struck an estimated 727,000 computers in 90 countries. The mass outbreak was quickly contained through a major stroke of good luck. A security researcher largely acting out of curiosity registered a mysterious domain name contained in the WCry code that acted as a global kill switch that immediately halted the self-replicating attack.
  • GhostHook: CyberArk finds new way to attack Windows 10

    Researchers at CyberArk Labs have discovered a new way of gaining access to the innards of Windows 10 64-bit systems that can bypass existing safeguards, including the kernel patch protection known as PatchGuard that Microsoft developed to improve system security.

  • John McAfee claims 'every router in America has been compromised' by hackers and spies

    Technology pioneer John McAfee believes that every home internet router in America is wide open to cyberattacks by criminal hackers and intelligence agencies. He makes the claim speaking after revelations from WikiLeaks that the Central Intelligence Agency (CIA) targets the devices.

  • 'Stack Clash' Smashed Security Fix in Linux
    What's old is new again: an exploit protection mechanism for a known flaw in the Linux kernel has fallen to a new attack targeting an old problem.
  • Continuous defence against open source exploits
    Register for next month's expo for the public sector DevOps community to hear key speakers from the front line of public sector digital transformation and see the latest technologies at first hand. Andrew Martin, DevOps lead in a major government department, has been added to the line-up of speakers to talk about the importance of getting the approach to security right with open source software.
  • IoT goes nuclear: creating a ZigBee chain reaction [iophk: "use 6lowpan instead"]

    If plugging in an infected bulb is too much hassle, the authors also demonstrate how to take over bulbs by war-driving around in a car, or by war-flying a drone.

  • Passengers given a freight as IT glitch knocks out rail ticket machines

    The network of machines are operated by the individual franchises, but share a common infrastructure from German software company Scheidt and Bachmann.

OpenBSD Development News

  • OpenBSD now has Trapsleds to make life harder for ROPers
  • Historical: My first OpenBSD Hackathon

    I was a nobody. With some encouragement, enough liquid courage to override my imposter syndrome, and a few hours of mentoring, I'm now doing big projects. The next time you're sitting at a table with someone new to your field, ask yourself: how can you encourage them? You just might make the world better.

    Thank you Dale. And thank you Theo.

  • Finish the link-kit job
    We've had the linkkit components in the tree for a while, but it has taken nearly 20 rounds between rpe/tb/myself to get the last few bits finished. So that the link kit is cleanly used at reboot, but also fits in with the practices kernel developers follow.