09.08.21

Gemini version available ♊︎

Links 9/9/2021: GNOME 41 RC and GStreamer 1.18.5

Posted in News Roundup at 7:24 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • In Search of Linux Laptops? Check these 6 Places to Get Your Laptop in 2021

        Are you in search of Linux laptops? This article takes you through 6 different places that offer the best Linux laptops. So get prepared to choose your Linux laptop in 2021.

        [...]

        Slimbook is well known for its thin, rigid, and light durable laptops starting at a reasonable price of €930 (approx $1,075). These come with a nice screen, solid battery life, powerful CPU, and very good speakers.

        This brand is from Spain. Slimbook came ahead of its competitors launching the first KDE laptops.

        Slimbook brings laptops with a good variety of popular Linux distros, such as KDE Neon, Ubuntu, Ubuntu MATE, Linux Mint, Kubuntu. Additionally, their laptops have two Spanish Linux distros – Max and Lliurex. You can choose Windows OS as well with their laptops, but for that, additional costs are there.

        Slimbook offers desktop systems too. So, if you ever need desktops, check it here.

    • Server

    • Audiocasts/Shows

      • FLOSS Weekly 646: Atomic Jar and Testcontainers – Richard North

        Richard North was the dog that caught the bus when all of a sudden his open source project, Testcontainers, took off, and now has more than a million monthly downloads and developers using it at Netflix, Uber, Spotify, Google and other settings large and small. Doc Searls and Dan Lynch talk with Richard about how he caught the bus he ended up driving, how he set up Testcontainers.org, stood up Atomicjar.com as a running business backed by smart capital, and put learnings to use through a six-year journey that includes a worldwide pandemic that is changing development for everyone.

      • mintcast 369 – Cache Flushing

        1:49 The News
        27:48 Security Update
        32:18 Bi-Weekly Wanderings
        1:01:28 Announcements & Outro

        First up in the news Linux Mint is ready for the facelift, Snaps get an upgrade, Kernel 5.14 is out, and 5.15 is looking good, and Ubuntu gets a release date

        In security cache flushing and Bluetooth flaws

        Then in our Wanderings Joe pines a phone with plasma, Tony walks 500 miles, and I search for a keyboard

      • Steamy PostgreSQL Shower | Coder Radio 430

        We are coming in hot, literally. It’s a day of spicy takes.

    • Kernel Space

      • AMD Has An Important Suspend/Resume Fix With Linux 5.15 – Phoronix

        Since last year AMD has been working to get its s2idle / suspend-to-idle S0ix sleep state code in order for supporting this lowest power platform idle state on newer AMD laptops and there has also been other AMD suspend/resume improvements in recent times. Now with the Linux 5.15 kernel cycle is an important fix for the AMD s2idle code.

        Stemming from a user reporting incorrect resume from suspend with an HP ENVY X360, Linux 5.15 has a fix for it and other laptops facing a similar problem. The original issue was resuming from suspend would yield the power LED not working, some keys like brightness controls not working, and the cooling fan not spinning up even under load. Yeah, that’s quite a poor Linux laptop experience.

      • Amazon’s DAMON Merged Into Linux 5.15 For Data Access Monitoring Framework – Phoronix

        he DAMON kernel functionality developed by Amazon engineers has successfully landed in the Linux 5.15 tree.

        As part of the 147 patches herded into the kernel today by Andrew Morton, the most notable addition is the merging of the DAMON functionality.

      • Linux kernel 5.15: NTFS support gets a significant boost – TechRepublic

        The Linux kernel has included NTFS support for some time. However, up until now, working with NTFS filesystems on Linux has been a bit of a headache. One of the biggest issues with NTFS support in the Linux kernel to date has been fully functioning read/write support. The old captive NTFS driver hasn’t been maintained for quite a while, and the NTFS-3G driver from Tuxera is far too slow for acceptable use (especially for enterprise use cases). So, a new driver has been needed for some time.

    • Benchmarks

      • Ubuntu 21.10 Delivering Some Performance Gains On The Intel Core i9 11900K – Phoronix

        For those wondering how the upcoming Ubuntu 21.10 release is looking for Intel “Rocket Lake” owners, here are some Ubuntu 21.04 versus 21.10 development benchmarks across dozens of different tests.

        With last month running some early Ubuntu 21.10 benchmarks on AMD Ryzen 9 5950X, the focus this time around with the latest Ubuntu 21.10 development build as of testing was for any performance changes on the Intel Core i9 11900K front.

    • Applications

      • Apps for daily needs part 5: video editors

        Video editing has become a popular activity. People need video editors for various reasons, such as work, education, or just a hobby. There are also now many platforms for sharing video on the internet. Almost all social media and chat messengers provide features for sharing videos. This article will introduce some of the open source video editors that you can use on Fedora Linux. You may need to install the software mentioned. If you are unfamiliar with how to add software packages in Fedora Linux, see my earlier article Things to do after installing Fedora 34 Workstation. Here is a list of a few apps for daily needs in the video editors category.

      • GStreamer 1.18.5 stable bug fix release

        The GStreamer team is pleased to announce another bug fix release in the stable 1.18 release series of your favourite cross-platform multimedia framework!

        This release only contains bugfixes and important security fixes, and it should be safe to update from 1.18.x.

    • Instructionals/Technical

      • Linux ls Command List and Sort Files by Size

        A directory in a Linux system can hold from a few files to hundreds and thousands of files.

        You may need to sort the files by size, either in ascending or descending order. The reason for sorting files by size may vary. We may want to locate the largest to smallest files or vice versa.

        You can easily sort files using the ls command.

        In this tutorial, we’ll cover the various ways of sorting files by size using the ls command.

        In our examples we’ll sort files in the /var/cache/apt/archives directory.

      • Share files with your client using ProjectSend

        ProjectSend is an open-source self-host file sharing platform for companies, teams and communities.

        It is an ideal solution if you want to share files with your clients. Let’s say you are a designer who shares dozens of files with his clients every day, with ProjectSend you can do this effortlessly and without a hassle.

      • Discover your cluster logfiles – A journey into the past. | SUSE Communities

        Log files are very useful when it comes to situations where the root cause of an event has to be investigated. But analyzing logs does not only mean looking for errors in the system. There are also a lot of other informations in most of the log files. The pacemaker log file is a perfect example. Beside warnings and errors it includes also all cluster changes. The trick is to know which keywords you have to search for.

      • Set the order of task execution in Ansible with these two keywords | Enable Sysadmin

        Regular readers of Enable Sysadmin know that most of us are big fans of Ansible. We particularly like using Ansible roles to design reusable code effectively. A playbook follows a specific execution order when it runs, and there are several ways to control the order in which your tasks run. In this article, I’ll look at two particularly useful Ansible features, pre_tasks and post_tasks. I’ll walk you through some real (and simple) examples of how these features can add additional flexibility to your playbooks by executing tasks at different points during a playbook run.

      • Debug a web page error from the command line | Opensource.com

        Sometimes when managing a website, things can get messed up. You might remove some stale content and replace it with a redirect to other pages. Later, after making other changes, you find some web pages become entirely inaccessible. You might see an error in your browser that “The page isn’t redirecting properly” with a suggestion to check your cookies.

      • Try Fusion-360 by installing on Ubuntu 20.04 LTS Linux using Wine

        “Fusion 360” is a CAD / CAM program from Autodesk, which is known for 3D modeling software. Although it is a paid graphic design software, students and schoolchildren can download the professional program for Windows and Mac free of charge. With this professional tool, you can design mechanical components and master a wide variety of tasks in product design. You can render your drafts, create animations, and – thanks to cloud support – helps to work in collaboration.

      • How to install Clone Hero on a Chromebook

        Today we are looking at how to install Clone Hero on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

      • How to list all installed packages on OpenSUSE/SUSE Linux – nixCraft

        So you want to see a list of all packages installed on your SUSE Linux or OpenSUSE Linux system? Try these simple tips for listing all packages.

        We can easily search for packages matching any given search text/words under OpenSUSE or SUSE Enterprise Linux using the zypper command.

      • How To Find OpenSuse / SUSE Linux Version Using CLI – nixCraft

        How do I find out my Suse Linux / OpenSuse Linux / Suse Enterprise Linux server/desktop version using the command line options? What is the command to find out OpenSUSE Linux version?

        This page explains how to find SUSE or OpenSUSE Linux version using the cat command and other commands.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

      • GNOME Desktop/GTK

        • GNOME 41 Release Candidate Arrives With Many Improvements

          Ahead of the official GNOME 41 release later this month, the release candidate is now available to facilitate more testing.

          The GNOME 41 release candidate “41.rc” packages are now available for testing and GNOME developers have also put together a new “GNOME OS” release using these bleeding-edge packages to help in testing and for developers wanting to port extensions and other work around GNOME 41.

        • GNOME 41.RC is now available!

          Hi,

          GNOME 41.rc is now available. Remember this is the
          end of this development cycle; enjoy it as fast as you can, the final
          release is scheduled for this coming week!

          The corresponding flatpak runtimes have been published to Flathub.
          If you’d like to target the GNOME 41 platform, you can test your
          application against the 41beta branch of the Flathub Beta
          repository.

          An installer image (built from scratch using freedesktop-sdk 21.08 as a
          base) is also available for testing and porting extensions:

          https://os.gnome.org/download/41.rc/gnome_os_installer_41.rc.iso

          This is meant to be installed in a virtual machine with EFI support
          (such as the GNOME Boxes version available on Flathub). You can also
          try to install it on bare metal but be warned that hardware support is
          very limited (join #gnome-os channel at irc.gnome.org if you are interested).

          We remind you we are string frozen, no string changes may be made
          without confirmation from the l10n team (gnome-i18n@) and notification
          to both the release team and the GNOME Documentation Project
          (gnome-doc-list@).

          Hard code freeze is also in place, no source code changes can be made
          without approval from the release-team. Translation and documentation
          can continue.

          If you want to compile GNOME 41.rc, you can use the official
          BuildStream project snapshot. Thanks to BuildStream’s build
          sandbox, it should build reliably for you regardless of the
          dependencies on your host system:

          https://download.gnome.org/teams/releng/41.rc/gnome-41.rc.tar.xz

          The list of updated modules and changes is available here:

          https://download.gnome.org/core/41/41.rc/NEWS

          The source packages are available here:

          https://download.gnome.org/core/41/41.rc/sources/

    • Distributions

      • New Releases

        • Whonix 16 available, an anonymous Linux OS

          The release of the Whonix 16 distribution kit , aimed at providing guaranteed anonymity, security and protection of private information, took place. Whonix boot images are built to run under the control of the KVM hypervisor . Builds for VirtualBox and for use on the Qubes operating system are delayed (while Whonix 16 test builds continue to ship). The developments of the project are distributed under the GPLv3 license.

          The distribution is based on Debian GNU / Linux and uses Tor to ensure anonymity. A feature of Whonix is ​​the division of the distribution into two separately installed components – Whonix-Gateway with an implementation of a network gateway for anonymous communications and Whonix-Workstation with a desktop. Both components ship inside a single boot image. Access to the network from the Whonix-Workstation environment is made only through the Whonix-Gateway, which isolates the work environment from direct interaction with the outside world and allows only fictitious network addresses to be used. This approach protects the user from leaking the real IP address in the event of a hacked web browser or even exploiting a vulnerability that gives an attacker root access to the system.

          [...]

          If desired, the user can use only Whonix-Gateway and connect through it their usual systems, including Windows, which makes it possible to provide anonymous logoff for workstations already in use.

        • Kali Linux 2019.4 Release (Xfce, Gnome, GTK3, Kali-Undercover, Kali-Docs, KeX, PowerShell & Public Packaging)

          We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4, which is available immediately for download.

          [...]

          There are a ton of updates to go over for this release, but the most in your face item that everyone is going to notice first are the changes to the desktop environment and theme. So let’s cover that first.

      • IBM/Red Hat/Fedora

      • Debian Family

      • Canonical/Ubuntu Family

        • Canonical announces new Anbox Cloud Appliance on AWS Marketplace – TechRepublic

          Canonical, the publisher of the open source Ubuntu operating system, announced Wednesday the availability of the Anbox Cloud Appliance in AWS Marketplace. The appliance allows Android developers to go from prototype to production.

          The Anbox Cloud Appliance is a scaled down version of Canonical’s Anbox Cloud, which developers use for rapid prototyping and gives them access to a more extensive set of instance types, including support for Arm CPUs and NVIDIA GPUs than the appliance does.

    • Devices/Embedded

      • Tiny Gemini Lake mini-PC supports Linux

        XDO Tech has Kickstarter’ed a tiny, $149-and-up “Pantera PicoPC” mini-PC that runs Linux or Win 10/11 on a quad-core Gemini Lake CPU and offers up to 8GB LPDDR4, an SSD, 802.11ax/BT, HDMI, 3x USB 3.0, USB 2.0, and Type-C power with an optional battery.

        XDO Tech has gone to Kickstarter to successfully launch a fan-cooled, 69 x 69 x 53mm mini-PC equipped with a Gemini Lake Refresh — Intel’s Atom-class follow-on to Apollo Lake. The Pantera PicoPC starts at $149 for a Super Early Bird model with 4GB LPDDR4 and 64GB eMMC. There is also a $179 Super Early Bird with 8GB RAM and a 256GB M.2 SSD. Other 8GB RAM packages supply 512GB ($212) and 1TB ($250) SSDs. The campaign runs through Oct. 3 and shipments are expected in November.

      • Onyx Boox Note 3 Is A Powerful Android Ebook Reader

        Ebook readers have been on a steady rise in recent years, with people moving away from traditional book reading into the digitalized experience for many reasons: Saving budget & space, getting more comfort while reading for long hours and also unlocking access to better features than the normal reading process (E.g note taking, sharing, highlighting, PDF files access anywhere… etc).

        Amazon’s Kindle is the most famous e-reader by far, however, it is not alone. There have been many new competitors in the market with much better features for avid readers who would like to fully unlock the potential of their ebook reading experience.

        Today we’ll talk about the Onyx Boox Note 3 e-reader, which is powered by Android, as a possible e-reader that you can buy if you are from this niche. Although a bit far from our typical publishing line in FOSS Post, a small change in the mood is never harmful (Let alone that it is powered by Linux, so not that far actually).

      • Open Hardware/Modding

        • Custom Joystick Build Guide Should Point You In The Right Direction | Hackaday

          Over the last two years, [benkster] has been perfecting their ideal flight controller. Like many people, they started out with a keyboard and mouse and eventually moved on to a joystick. While a HOTAS (hands on throttle-and-stick — e.g. a yoke controller with inputs right there on the sides) might have been the next logical step, those things cost too much. Naturally, the answer is to build one, ideally for less money. Hey, it could happen.

        • Arduino Powered Heat Pump Controller Helps Warm Your Toes | Hackaday

          Heat pump heating technology is starting to pop up more and more lately, as the technology becomes cheaper and public awareness and acceptance improves. Touted as a greener residential heating system, they are rapidly gaining popularity, at least in part due to various government green policies and tax breaks.

          [Gonzho] has been busy the last few years working on his own Arduino Powered Open Source heat pump controller, and the project logs show some nice details of what it takes to start experimenting with heat pumps in general, if that’s your game. Or you could use this to give an old system a new lease of life with an Arduino brain transplant.

        • 25-key ESP32 Touch Matrix makes good use of ESP32’s touch sensor interface

          Besides the addition of Bluetooth, there are many differences between ESP8266 and ESP32 and one of the lesser-known interfaces may be ESP32’s touch sensor interface.

          India-based Electro Point’s ESP32 Touch Matrix makes good use of the touch sensor interface with 25 touch pads arranged in a 5×5 matrix creating a wireless keypad that could connect over WiFi or Bluetooth to a host.

      • Mobile Systems/Mobile Applications

        • Pining For A De-Googled Smartphone

          Last summer in the first swings of the global pandemic, sitting at home finally able to tackle some of my electronics projects now that I wasn’t wasting three hours a day commuting to a cubicle farm, I found myself ordering a new smartphone. Not the latest Samsung or Apple offering with their boring, predictable UIs, though. This was the Linux-only PinePhone, which lacks the standard Android interface plastered over an otherwise deeply hidden Linux kernel.

          As a bit of a digital privacy nut, the lack of Google software on this phone seemed intriguing as well, and although there were plenty of warnings that this was a phone still in its development stages it seemed like I might be able to overcome any obstacles and actually use the device for daily use. What followed, though, was a challenging year of poking, prodding, and tinkering before it got to the point where it can finally replace an average Android smartphone and its Google-based spyware with something that suits my privacy-centered requirements, even if I do admittedly have to sacrifice some functionality.

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Hacks.Mozilla.Org: Time for a review of Firefox 92

            Release time comes around so quickly! This month we have quite a few CSS updates, along with the new Object.hasOwn() static method for JavaScript.

          • Will Kahn-Greene: Mozilla: 10 years

            It’s been a long while since I wrote Mozilla: 1 year review. I hit my 10-year “Moziversary” as an employee on September 6th. I was hired in a “doubling” period of Mozilla, so there are a fair number of people who are hitting 10 year anniversaries right now. It’s interesting to see that even though we’re all at the same company, we had different journeys here.

            I started out as a Software Engineer or something like that. Then I was promoted to Senior Software Engineer and then Staff Software Engineer. Then last week, I was promoted to Senior Staff Software Engineer. My role at work over time has changed significantly. It was a weird path to get to where I am now, but that’s probably a topic for another post.

      • Programming/Development

        • Dirk Eddelbuettel: RcppSimdJson 0.1.6 on CRAN: New Upstream 1.0.0 !!

          The RcppSimdJson team is happy to share that a new version 0.1.6 arrived on CRAN earlier today. Its release coincides with release 1.0.0 of simdjson itself, which is included in this release too!

          RcppSimdJson wraps the fantastic and genuinely impressive simdjson library by Daniel Lemire and collaborators. Via very clever algorithmic engineering to obtain largely branch-free code, coupled with modern C++ and newer compiler instructions, it results in parsing gigabytes of JSON parsed per second which is quite mindboggling. The best-case performance is ‘faster than CPU speed’ as use of parallel SIMD instructions and careful branch avoidance can lead to less than one cpu cycle per byte parsed; see the video of the talk by Daniel Lemire at QCon (also voted best talk).

        • DevRel for Beginners: What to Know and How to Get Started

          Like many DevRel professionals, Ravi Lachhman began his tech career as a software engineer. He embraced an iterative, trial-and-error approach to development. He also found that he learned best by teaching others.

          “On projects, I would always elect to write documentation and convert to Agile, happy to give presentations and sprint demos,” Lachhman told The New Stack.

          That led to solutions architect and sales engineer positions, which eventually opened the door to his first evangelist role three years ago, a common job title in the DevRel field. Today, Lachhman manages a team of DevRels at Harness, a software-delivery platform company. (He’s hiring, by the way.)

        • The Dark Side Of Package Repositories: Ownership Drama And Malware

          At their core, package repositories sound like a dream: with a simple command one gains access to countless pieces of software, libraries and more to make using an operating system or developing software a snap. Yet the rather obvious flip side to this is that someone has to maintain all of these packages, and those who make use of the repository have to put their faith in that whatever their package manager fetches from the repository is what they intended to obtain.

          How ownership of a package in such a repository is managed depends on the specific software repository, with the especially well-known JavaScript repository NPM having suffered regular PR disasters on account of it playing things loose and fast with package ownership. Quite recently an auto-transfer of ownership feature of NPM was quietly taken out back and erased after Andrew Sampson had a run-in with it painfully backfiring.

          In short, who can tell when a package is truly ‘abandoned’, guarantee that a package is free from malware, and how does one begin to provide insurance against a package being pulled and half the internet collapsing along with it?

        • Commercial LTS Qt 5.15.6 Released

          We have released Qt 5.15.6 LTS for commercial license holders today. As a patch release, Qt 5.15.6 does not add any new functionality but provides bug fixes and other improvements.

        • Rust

          • Rustacean Principles

            As the web site says, Rust is a language empowering everyone to build reliable and efficient software. I think it’s precisely this feeling of empowerment that people love about Rust. As wycats put it recently to me, Rust makes it “feel like things are possible that otherwise feel out of reach”. But what exactly makes Rust feel that way? If we can describe it, then we can use that description to help us improve Rust, and to guide us as we design extensions to Rust.

            Besides the language itself, Rust is also an open-source community, one that prides itself on our ability to do collaborative design. But what do we do which makes us able to work well together? If we can describe that, then we can use those descriptions to help ourselves improve, and to instruct new people on how to better work within the community.

          • Ian Jackson: Wanted: Rust sync web framework

            Please recommend me a high-level Rust server-side web framework which is sync and does not plan to move to an async api.

        • Java

          • Build a Random Password Generator in Java

            Today, we will make a random password generator that makes passwords with random numbers and letters!

            In order to do this we are going to use ASCII. ASCII is a language in which every possible character is represented by a number. This standard ensures that computers can communicate to each other about characters properly.

            This is a more challenging project for beginners, but you certainly have the ability to do it as long as you are familiar with Java concepts such as conditionals, loops, functions, and random numbers.

            Watch the tutorial video to see how we code this game step-by-step and continue reading this post for more details.

  • Leftovers

    • Venice prepares to charge tourists, require booking

      From a control room inside the police headquarters in Venice, Big Brother is watching you.

      To combat tourist overcrowding, officials are tracking every person who sets foot in the lagoon city.

      Using 468 CCTV cameras, optical sensors and a mobile phone-tracing system, they can tell residents from visitors, Italians from foreigners, where people are coming from, where they are heading and how fast they are moving.

    • Hardware

    • Health/Nutrition

      • Vietnamese man jailed for 5 years for spreading coronavirus

        Vietnam jailed a man on Monday for five years for breaking strict COVID-19 quarantine rules and spreading the virus to others, state media reported.

        Le Van Tri, 28, was convicted of “spreading dangerous infectious diseases” at a one-day trial at the People’s Court of the southern province of Ca Mau, the state-run Vietnam News Agency (VNA) reported.

    • Integrity/Availability

      • Proprietary

        • TrueConf Introduces Linux-Based Video Collaboration Platform

          TrueConf, an award-winning video conferencing developer, announces the official release of TrueConf Server for Linux. This all-in-one UC platform will enable organizations with Linux-based infrastructure to deploy highly secure video conferencing networks using the ecosystem of TrueConf software and hardware solutions.

          The Linux version of TrueConf Server ensures the same security, quality, and feature set as its counterpart for Windows. With this cross-platform software solution, users can run unlimited UltraHD events with up to 1,000 participants at a time, from any location and device.

        • Pseudo-Open Source

          • Openwashing

            • Facebook Opens Up CacheLib As Their New Caching Engine – Phoronix

              Facebook last week formally announced CacheLib as their new open-source caching engine designed for web scale services and to make for effective non-volatile memory caching to offset the increasing costs of DRAM.

            • Not All Of The IBM POWER10 Firmware Is Currently Open-Source

              Power E1080 server as their first in a new family of servers based on the IBM POWER10 processor. Sadly though not all of the POWER10 firmware is open-source.

              While POWER9 was big for open-source fans with the formation of the OpenPOWER Foundation and Raptor Computing Systems designing POWER9-based systems that are fully open-source down to schematics and the motherboard firmware, the same can’t be currently said about POWER10.

              Raptor Computing Systems previously hinted that it might not be all rosy for POWER10 when it comes to open-source and at least for the initial rollout, it does appear to be that way.

        • Security

          • HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack

            A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of attacks.

          • Vulnerability Could Expose HAProxy to HTTP Request Smuggling Attack | eSecurityPlanet

            A critical vulnerability discovered in the open-source load balancer and proxy server HAProxy could enable bad actors to launch an HTTP Request Smuggling attack, which would let them bypass security controls and gain unauthorized access to sensitive data.

            Researchers with JFrog Security uncovered the vulnerability, CVE-2021-40346, during their regular searches for new and previously unknown vulnerabilities in popular open-source projects. HAProxy fits into that category.

          • Outdated Linux Versions, Misconfigurations Triggering Cloud Attacks: Report [Ed: This is not about Linux but software that runs on it; it's like blaming Photoshop holes on "Windows"]

            The “Linux Threat Report 2021 1H” from Trend Micro found that Linux cloud operating systems are heavily targeted for cyberattacks, with nearly 13 million detections in the first half of this year. As organizations expand their footprint in the cloud, correspondingly, they are exposed to the pervasive threats that exist in the Linux landscape.

            This latest threat report, released Aug. 23, provides an in-depth look at the Linux threat landscape. It discusses several pressing security issues that affect Linux running in the cloud.

          • Security Risks of Relying on a Single Smartphone

            Isracard used a single cell phone to communicate with credit card clients, and receive documents via WhatsApp. An employee stole the phone. He reformatted the SIM, which was oddly the best possible outcome, given the circumstances. Using the data to steal money would have been much worse.

          • ClamAV 0.104.0 introduces LTS program – itsfoss.net

            The developers have announced the project’s blog a new Long Term Support (LTS) program on as part of an update of their End-of-Life (EOL) policy. The LTS program begins retrospectively with the last major version, ClamAV 0.103. The new LTS policy extends the lifespan from 0.103 to September 2023. LTS editions are supported for a minimum of three years.

            Each LTS version is supported with critical patch versions and access to signature updates for the duration of the three-year support period. A new LTS feature release is presented approximately every two years. Non-LTS releases are supported with critical patch versions for at least four months from the original release date of the next feature release or until the release of the next feature release. For detailed information on the Long Term Support Program, see the LTS Announcement blog post and the LTS Policy in the online documentation.

          • Best File and Disk Encryption Tools For Linux

            Most of us are familiar with Microsoft Windows or macOS – these OSes dominate the personal computing space. But the OS that is taking over the world isn’t owned by Microsoft, Apple, or any tech company for that matter. In fact, the most popular OS in the world today isn’t owned by anyone. It’s the completely open-source Linux operating system.

            [...]

            GnuPG, also known as GPG, is a unique hybrid encryption tool that not only employs conventional symmetric-key cryptography but also uses public-key cryptography. This two-prong approach to encryption helps speed up the encryption process without compromising OS security.

            GnuPG is popular among journalists who use the tool to encrypt important documents and protect the identities of their sources.

          • Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

            Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

          • Zoho Releases Security Update for ADSelfService Plus | CISA

            Zoho has released a security update on a vulnerability (CVE-2021-40539) affecting ManageEngine ADSelfService Plus builds 6113 and below. CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine ADSelfService Plus is a self-service password management and single sign-on solution for Active Directory and cloud apps. Additionally, CISA strongly urges organizations ensure ADSelfService Plus is not directly accessible from the internet.

          • Privacy/Surveillance

            • This Contact Tracing Has A Major Exploit – Invidious

              I’ve uncovered a massive exploit in the contact tracing system used in South Australia and so far the SA Health has done absolutely nothing to fix it, I told them I’d publish this if it didn’t get fixed so here we go.

    • Civil Rights/Policing

      • U.S. condemns Russia’s detention of Crimean Tatar leader, 45 others

        The United States on Sunday strongly condemned what it said was Russia’s detention at the weekend of the deputy leader of the main representative body of Crimean Tatars and at least 45 other members of the ethnic group.

        A State Department statement said Nariman Dzhelyalov, deputy chairman of the Crimean Tatars’ Mejlis, was detained on Saturday by Russian occupation authorities in Crimea. It said at least 45 other Crimean Tatars had also been detained.

      • Bolsonaro’s Pro-Coup September 7 Rally Is Brazil’s January 6

        With his reelection prospects dimming, Bolsonaro’s supporters are ramping up their version of the pro-Trump rally that led to the Capitol riot.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Leave a Comment

You must be logged in to post a comment.

DecorWhat Else is New


  1. Links 18/9/2021: LibreOffice 8.0 Plans and Microsoftcosm Uses WSL to Badmouth 'Linux'

    Links for the day



  2. Links 18/9/2021: GIMP 2.10.28 Released and Azure Remains Back Doored

    Links for the day



  3. IRC Proceedings: Friday, September 17, 2021

    IRC logs for Friday, September 17, 2021



  4. Links 17/9/2021: Ubuntu 18.04.6 LTS, Manjaro 21.1.3, “2021 is the Year of Linux on the Desktop”

    Links for the day



  5. Links 17/9/2021: WSL Considered Harmful

    Links for the day



  6. [Meme] Microsoft Loves Linux Bug/Back Doors

    Microsoft is just cementing its status as little but an NSA stooge



  7. Lagrange Makes It Easier for Anybody to Use Gemini and Even Edit Pages (With GUI)

    Gemini protocol and/or Gemini space are easy for anyone to get started with or fully involved in (writing and creating, not just reading); today we take a look at the new version of Lagrange (it was first introduced here back in March and covered again in April), which I installed earlier today because it contains a lot of improvements, including the installation process (now it’s just a click-to-run AppImage)



  8. IBM is Imploding But It Uses Microsoft-Type Methods to Hide the Demise (Splits, Buybacks, and Rebranding Stunts)

    A combination of brain drain (exodus) and layoffs (a lack of budget combined with inability to retain talent or attract the necessary staff with sufficiently competitive salaries) dooms IBM; but the media won't be mentioning it, partly because a lot of it is still directly sponsored by IBM



  9. IRC Proceedings: Thursday, September 16, 2021

    IRC logs for Thursday, September 16, 2021



  10. [Meme] 70 Days of Non-Compliance

    António Campinos would rather fall on his sword than correct the errors or work to undo the damage caused by Team Battistelli, which is still at the EPO



  11. EPO “Board 28” Meeting: Imaginary Dialogue Between EPO President Campinos and the Chair of the Administrative Council, Josef Kratochvíl

    The EPO‘s chaotic state, which persists after Benoît Battistelli‘s departure, is a state of lawlessness and cover-up



  12. Links 16/9/2021: Linux Mint Has New Web Site, LibreOffice 7.2.1, KDE Plasma 5.23 Beta, and Sailfish OS Verla

    Links for the day



  13. If Git Can be Done Over the Command Line and E-mail, It Can Also be Done Over Gemini (Instead of Bloated Web Browsers)

    In order to keep Git lean and mean whilst at the same time enabling mouse (mousing and clicking) navigation we encourage people everywhere to explore gemini://



  14. Techrights Examines a Wide Array/Range of Gemini Clients/Browsers

    After spending many months examining an array of different types of software for Gemini (including but not limited to clients/browsers) we take stock of what exists, what's supported (it varies a bit), and which one might be suitable for use by geeks and non-geeks



  15. Links 16/9/2021: KStars 3.5.5 and Chafa 1.8

    Links for the day



  16. Trusting Microsoft With Security is a Clown Show

    A quick and spontaneous video about this morning's post regarding a major new revelation that reaffirms a longstanding trend; Microsoft conflates national security (back doors) with security



  17. IRC Proceedings: Wednesday, September 15, 2021

    IRC logs for Wednesday, September 15, 2021



  18. Microsoft Azure and Back/Bug Doors in GNU/Linux: Fool Me Once (Shame on You) / Fool Me Twice (Shame on Me)

    "Fool me once, shame on you; fool me twice, shame on me," goes the old saying...



  19. Deleted Post: “LibreOffice is Becoming Dominated by a Bunch of Corporates, and Has no Place for the Enthusiastic Amateur.”

    Chris Sherlock, an insider of LibreOffice, cautions about the direction of this very important and widely used project



  20. Links 16/9/2021: Unifont 14.0.01, LibreOffice on ODF 1.3, Mozilla Pushing Ads (Sponsored 'Firefox Suggest'), and Microsoft Pushes Proprietary Direct3D via Mesa

    Links for the day



  21. Links 15/9/2021: Another Azure Catastrophe and Darktable 3.6.1

    Links for the day



  22. Open Invention Network (OIN) Recognises a Risk Posed to Cryptocurrencies (Danger From Software Patents), But OIN Still Proposes the Wrong Solutions

    Square is joining OIN, but it's another example of banking/financial institutions choosing to coexist with software patents instead of putting an end to them



  23. IRC Proceedings: Tuesday, September 14, 2021

    IRC logs for Tuesday, September 14, 2021



  24. (Super)Free Software As a Right – The Manifesto

    "Software text has long been recognized as “speech”, and is covered under the very same copyright laws as conventional printed matter."



  25. Links 15/9/2021: Java 17 / JDK 17 Released and ExpressVPN Sold

    Links for the day



  26. Latest Public Talk (Over BigBlueButton) by Richard Stallman is Now Online

    This video has been released; it starts with an old talk and then proceeds to a new discussion (14 minutes from the start)



  27. Richard Stallman Is Not Surrendering His Free Speech

    The homepage of Dr. Stallman looked like this on Saturday, 20 years since the September 11 attacks in the US, noting that “[t]oday we commemorate the September 11 attacks, which killed President Allende of Chile and installed Pinochet’s murderous military dictatorship. More than 3,000 dissidents were killed or “disappeared” by the Pinochet regime. The USA operated a destabilization campaign in Chile, and the September 11, 1973, attacks were part of that campaign.”



  28. Twitter -- Like Google's YouTube -- is 'Hiding' Tweets From People Who Follow You

    So-called 'entertainment' platforms disguised as 'social' aren't the future of media; they need to be rejected



  29. How to Track the Development or Construction of the Techrights Web Site and Gemini Capsule

    Following some busy publication schedule (heavy lifting for weeks) we're stopping a bit or slowing down for the purpose of site (or capsule) 'construction'; here's a status update



  30. Links 14/9/2021: Libinput 1.19, Kali Linux 2021.3, and ExTiX Deepin 21.9

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts