In this video tutorial, I show several different methods for renaming files on Linux, including how to do more advanced things like bulk renaming, pattern substitutions, and changing lowercase to uppercase and vice versa.
What does Jon "maddog" Hall—a man with 15,000 FLOSS-related t-shirts have to say? Lots about everything free, open and otherwise, in a conversation that occasionally turns to an argument between maddog, Simon Phipps, and host Doc Searls.
In this video, I am going to show how to install KaOS 2022.02.
In this video, we are looking at how to install Notepadqq on Zorin OS 16.
Discord is a chat room plain and simple and that's all it needs to be but a lot of new projects are trying to make it something that it isn't, trying to make a forum, a wiki, an issue tracker and more it's not good at this job and turns into a black hole for information
Tilix, the popular tiling terminal emulator, released v1.9.5 with a few new features and some bug-fixes.
Tilix is a GTK+3 terminal emulator supports for splitting app window horizontally or vertically. It supports drag and drop re-arranging terminals, quake mode, custom hyperlinks, as well as many other features.
After a year of development, it finally announced the new 1.9.5 with only a few new features due to lack of maintainers.
The goal of this post is to help you find the answer to the following question: am I ready for the CKA exam?
The purpose of the Certified Kubernetes Administrator (CKA) program is to provide assurance that CKAs have the skills, knowledge, and competency to perform the responsibilities of Kubernetes administrators.
In this tutorial, we will show you how to install Angular CLI on Fedora 35. For those of you who didn’t know, AngularJS is a JavaScript framework that is used to develop web apps. It has MVC (Model-View-Controller) architecture. Angular CLI is used in Angular projects to automate tasks rather than perform them manually. Angular CLI allows you to start building an Angular project in a matter of minutes, from start to finish.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Angular CLI on a Fedora 35.
A Zabbix agent is a program that runs on a remote machine that needs to be monitored through the Zabbix server. The agent collects the data on the remote server and send back to Zabbix server when requested. Zabbix agent must be installed on all the remote systems that need to be monitor through the Zabbix server.
Xfce is an alternative to GNOME or KDE and a pretty colorful and well-configurable desktop environment. Learn the commands to install XFCE desktop on Debian 11 Bullseye Linux.
Xfce is designed to run easily on slightly less powerful computers, mainly because of the somewhat lower system requirements. This lightweight desktop environment is very easy to use with the mouse and can be used to run all GNOME and KDE programs. Friends of Compiz can use Xfce too.
Ubuntu has been available with Xfce as the desktop environment in its official version – Xubuntu. However, since it is no longer a “pure” Xfce (various GNOME components have been integrated to increase comfort). Nevertheless – if you are a Debian Linux user with a command-line interface or graphical user interface with Gnome or any other, still we can install XFCE directly using the official Debian package source repository.
Have you ever wanted to stream Spotify’s music and podcasts without distracting banners and pushy recommendations? With a tool called Spotify TUI, you can control your Spotify stream in your computer’s terminal. We’ll show you how to set it up.
Jami (formerly GNU Ring, SFLphone) is a SIP-compatible distributed peer-to-peer softphone and SIP-based instant messenger for Linux, Microsoft Windows, OS X, iOS, and Android. Jami was developed and maintained by the Canadian company Savoir-faire Linux, and with the help of a global community of users and contributors, Jami positions itself as a potential free Skype replacement.
Jami is free and open-source software released under the GNU GPL-3.0-or-later. In November 2016, it became part of the GNU Project.
Flask is a small, lightweight, and micro web framework written in Python. It allows you to develop web applications easily without any tools or libraries. This web application may be a blog, wiki page, web pages, web-based calendar application, or a commercial website. It is simple, easy to use, easy to learn, and beginner-friendly because it does not require any dependencies.
In this tutorial, we will show you how to deploy the Flask application with Gunicorn and Nginx on Ubuntu 20.04.
Video downloads are fun until they become unplayable. So, here’s the list of the best video converters to help your downloads stay relevant everywhere.
Video conversion is not the best thing you want to do with a video, but it becomes unavoidable sometimes.
For instance, you can only upload videos in selected formats on YouTube, Facebook, etc. Similarly, media players don’t play every other format in which you download or create videos.
This article is about using secure coding patterns and correcting vulnerable code. Applications need third-party libraries to provide common facilities for repetitive tasks like logging, parsing, … When a developer uses an opensource library, he must understand that his code inherits also possible security issues. For this reason, opensource libraries must be audited for risks to avoid problems like log4shell vulnerability.
0 A.D. is a free and open source historical RTS that's been in development for a long time. Each release is impressive and it sounds like the next release is going to look pretty shiny.
[...]
This next update won't only be good for those with powerful computers though, there's also new options for weaker systems too. You will be able to actually decrease the texture quality, something most other modern 3D games also allow.
Are you ready to dive into a new world? Beyond Sunset looks absolutely awesome and now you've got a chance to check it out, as a demo has been put up recently. Now, there's even a Linux build of the demo too! I am truly loving this huge resurgence of modern-made low-fi experiences like this. More please.
"SUNSET CITY, CALIFORNIA - 20XX: You've been awakened from cryostasis. Your name, your identity, your memories… All lost in the confusing fog of hypersleep. Not only a stranger in a strange place, you begin to manifest powerful abilities. Lightning-fast reactions. Innate combat skills. Near-supernatural agility. You’re not like everyone else.
Love your strategy games and a bit of Sid Meier? You're in luck as Humble Bundle have something new up giving you plenty of the Civilization series. Some of the titles come with native Linux support but it's probable most will just work with Proton now too.
Today we are looking at how to install texture packs in Minetest on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!
Please take note that Minetest must be already installed on your Chromebook, and needed to be launched at least once.
We are pleased to announce that Plasma 5.24.2 is now available in our backports PPA for Kubuntu 21.10 (Impish Indri).
The release announcement detailing the new features and improvements in Plasma 5.24.2 can be found here.
I must confess, I do love creating video and audio content. I’ve recorded thousands of videos over the years, hundreds of podcast episodes, ebooks and much more. I’ve experimented with different applications for different purposes. Eventually, I arrived at a collection of tools that best fit my needs. Some of those tools are open-source, while others are not. For example, I use Audacity for audio and Final Cut Pro X for video. Why do I not opt to go with an open-source video editor? Mostly because none of them have either reached a level of reliability or they don’t offer the features I need to create pro-level content.
Starting with upcoming Core Update 164, the firewall options page will feature a new checkbox: Drop packets from and to hostile networks. For basic protection of our users and their networks, it will be enabled by default on new installations, staying disabled on existing IPFire systems (but we recommend to turn it on there as well).
Improving network protection for the masses
Although we always preach IPFire is not meant to be installed and then forgotten, we believe this is what happens to a decent amount of installations out there: They are set up once, perhaps being configured in a basic manner, and do not receive any attention afterwards. Resources are scarce, so why bother touching a running system?
Of course, we neither endorse such a modus operandi, nor can we shed the load from our users to define and enforce a proper security policy (including firewall rules and IPS settings, just to name a few ingredients) on their networks.
On the other hand, there are some shady areas of the internet, and virtually everyone in the security community knows about them. A subset of them is so dangerous that you don't even want to process any IP connection from or to them, no matter what.
After 18 months of development and testing effort, TrueNAS SCALE is now released as a newest addition to the TruNASs family of storage software.
First off, let me start with what is TrueNAS SCALE. TrueNAS SCALE is built on the same foundational software and middleware as TrueNAS CORE, which is probably the best known, the world’s most widely deployed, and powerful free and open-source storage software out there.
TrueNAS SCALE is the first release of TrueNAS on Linux. It is Debian-based as opposed to the original which ran on FreeBSD, and that greatly increases the available tools to a user that wants better control and additional features over their networked storage devices.
We realized that, apart from the blog post presenting our D-Installer project, we have not reported any YaST activity during 2022 here in our blog. Since we are in the Beta phase of the development of SUSE Linux Enterprise 15-SP4 (which will also be the base for openSUSE Leap 15.4) we are quite focused on helping to diagnose and fix the problems found by the intensive and extensive tests done by SUSE QA department, partners and customers. We know that’s not the part of our job our audience wants to read about… and to be honest is not the part we enjoy writing about either.
Fortunately, two months after our latest regular report, we have some interesting more bits to share.
This article covers the fundamental tasks necessary to configure the firewalld service quickly. I'll assume you already appreciate the importance of a firewall and have a general understanding of how firewalls protect servers and workstations.
IBM WebSphere Hybrid Edition is a bundle of IBM runtimes for enterprise and cloud-native Java workloads. WebSphere Hybrid Edition enables developers to flexibly deploy both WebSphere traditional runtimes and Liberty runtimes (including the open-source Open Liberty framework), depending on their needs while optimizing the use of WebSphere Network Deployment, WebSphere Application Server, and Liberty Core license entitlements.
WebSphere Application Server traditional is a trusted application server for Java EE applications. Liberty is a fast, lightweight, and modular framework for cloud-native Java applications and microservices that are optimized for cloud and Kubernetes and supporting a wide spectrum of Java APIs, including the latest Eclipse MicroProfile and Jakarta EE API.
Each year around this time people ask, "what’s the big trend?" or "what’s the new technology we should be watching?" But the truth is, immediately adopting the "next big thing" isn’t the best strategy for CIOs, trivializing the longevity and impact of IT in an organization. Some technology persists for decades if not longer, and the decisions IT leaders make today can affect their organizations’ nimbleness and market response down the road, whether it’s in two years or 20. As new infrastructure is being built out, you can’t just leave behind existing systems and tools. That’s not practical or sustainable. So how do you maintain existing systems that are critical to your operations while still keeping pace with a rapidly evolving IT world?
While digital transformation is widely known to be impacting organizations that deal primarily with information and data—financial services, telecommunications, retail, etc.—it is also driving significant change in the world of manufacturing. This evolution towards computerizing and transforming manufacturing systems has been dubbed "Industry 4.0."
But, what is Industry 4.0? What technologies are making it possible? And what are the benefits and challenges it brings as operational technology (OT) environments transform?
2022 is in full swing and we wanted to take a moment to pause and celebrate some of our recent accolades. Our latest batch of awards includes recognition in categories ranging from Red Hat’s diverse and inclusive workplace culture, our talented individuals who make Red Hat so special, and the depth and experience of our business portfolio.
Kristech announced a “Pigeon RB700” DIN-rail automation controller that runs Linux on the Raspberry Pi CM4 with GbE and 10/100 LAN, 3x or more serial, 8x DI, CAN, 1-wire, and optional HDMI, ADC, UPS, and dual M.2.
Back in 2016, we covered the launch of the original Pigeon RB100 automation controller, which was built around the flagship, ARM11 based Raspberry Pi Compute Module. Since then, Kristech has upgraded the RB100 with a Raspberry Pi Compute Module 3 in its Pigeon RB100-CM3 and released more advanced CM3 based systems with the Pigeon RB300-CM3 and RB350-CM3. The company has now launched a Pigeon RB700 system built around the Raspberry Pi CM4.
Last week I received (finally) my Fairphone 4, supplied with a de-googled operating system, which I had ordered from the E Foundation’s shop in December. (I’m am very hard on hardware and my venerable Fairphone 2 is really on its last legs.)
I expect to have full control over the software on any computing device I own which is as complicated, capable, and therefore, hazardous, as a mobile phone. Unfortunately the Eos image (they prefer to spell it “/e/ os”, srsly!) doesn’t come with a way to get root without taking fairly serious measures including unlocking the bootloader. Unlocking the bootloader wouldn’t be desirable for me but I can’t live without root. So.
I started with these helpful instructions: https://forum.xda-developers.com/t/fairphone-4-root.4376421/
I found the whole process a bit of a trial, and I thought I would write down what I did. But, it’s not straightforward, at least for someone like me who only has a dim understanding of all this Android stuff. Unfortunately, due to the number of missteps and restarts, what I actually did is not really a sensible procedure.
Axiomtek’s 3.5-inch “CAPA55R” SBC runs Linux or Win 10 on an 11th Gen U-series CPU and provides triple display support, GbE, 2.5GbE, SATA, USB 3.2 Gen2, and 3x M.2 slots.
Axiomtek, which is one of the more prolific manufacturers of Intel based embedded systems, has not done much with Intel’s 11th Gen Tiger Lake processors aside from its DSP511 signage player. The company has now launched a 3.5-inch form factor CAPA55R SBC that runs Linux or Win 10 on Tiger Lake-UP3 (Tiger Lake-U) processors. The SBC is aimed at IoT applications such as industrial control, machine vision, self-service terminal, digital signage, and medical imaging.
Necessity might be the mother of all invention, but we often find that inventions around here are just as often driven by expensive off-the-shelf parts and a lack of willingness to spend top dollar for them. More often than not, we find people building their own tools or parts as if these high prices are a challenge instead of simply shrugging and ordering them from a supplier. The latest in those accepting the challenge of building their own parts is [Advanced Tinkering] who needed a specialty pressure gauge for a vacuum chamber.
In this specific case, the sensor itself is not too highly priced but the controller for it was the deal-breaker, so with a trusty Arduino in hand a custom gauge was fashioned once the sensor was acquired.
The aphorism that “they don’t build them like they used to” is especially true of the consumer electronics industry. Most manufacturers today design their product to last only a few years — or with outright planned obsolescence. But mid-century stereo consoles were a different story and resembled high-end furniture that would last. Sherman Banks has a Penncrest stereo console from that era, but its electronics were failing. So he used an Arduino to modernize the unit while retaining the vintage appearance.
This particular console had an AM/stereo FM radio receiver and a built-in phonograph turntable. Unfortunately, the aging electronic components were unreliable and lacked good sound quality. The console itself, however, was in fantastic shape. So Banks wanted to keep it looking as original as possible, but with modern electronics and all of the features they offer. He replaced the radio with a Denon DRA-800H stereo receiver that offered inputs for a turntable and SiriusXM receiver, as well as Bluetooth streaming and Ethernet connections. He also replaced the turntable with a new Denon DP-29F.
I do realize that there's a consistency problem and maintenance cost to my tweaks. After all, I cannot possibly account for every little change in the Firefox UI ever, and there might be tiny glitches occurring now and then. But then, these will be minor, and I will have quick fixes for them, whereas using a browser with sub-optimal looks all the time is a no-go. It's not a fun situation, but even so, Firefox is still the best browser around, and you should be using it, for practical and philosophical reasons, hipsterology notwithstanding.
Anyway, if you are a nerd, because let's face it, otherwise you wouldn't be here, and you like your things to be neat, clean, legible, ergonomic, and efficient, then you will have changed the Firefox UI looks in versions 91 and beyond. You might even be possibly using some of my tweaks. If so, you have a fresh round of polish, in case you encounter some small niggles with Firefox 97. There you go. Take care, and see you soon.
The Documentation Team is happy to announce the immediate availability of the Getting Started Guide 7.3, only days after the release of the LibreOffice Community 7.3.
What are UNO commands, and why would you need them? If you want to add some feature to the LibreOffice UI, you may need to add or modify a UNO command, so it would be help much to learn more about these commands, and in general, the dispatch framework. So, stay tuned!
Software Freedom Conservancy announces a Committee On AI-Assisted Programming and Copyleft to develop recommendations and plans for a Free and Open Source Software (FOSS) community response to the use of machine learning tools for code generation and authorship. The ethics and morality of machine learning models, which are regularly being applied to many problems, are a serious concern to policy makers. This Committee will focus on the specific issue of AI-assisted programming using models trained with FOSS, such as we've seen with GitHub's Copilot product. Microsoft, through their GitHub subsidiary, argues, without evidence, that use of Copilot (which has been trained with a large body of FOSS) is “fair use” of that FOSS, and that all output of Copilot is solely copyrighted by its users. This conclusion focuses on the legal details of issues rather than ethics and morality, and Microsoft and GitHub have refused to provide backing evidence. This Committee will focus on the ethics and morality of their position, and consider the proper policy positions for the FOSS community and copyleft activists in the advent of AI-assisted programming.
This tutorial explains how to develop a shared library in the C programming language and how to generate its build environment with CMake.
To understand all of these, we need to learn about a function called getaddrinfo which is responsible for doing DNS lookups.
There are a bunch of surprising-to-me things about getaddrinfo, and once I learned about them, it explained a bunch of the confusing DNS behaviour I’d seen in the past.
I recently learned about the Zephyr Project which is a rather neat embedded OS for devices too small to run Linux.
This led me to wondering if I could adapt arduino-copilot to target Zephyr, and so be able to program any of the 350+ boards it supports using Haskell.
At the same time I had an opportunity to give a talk at the Houston Functional Programmers group. On February 1st I decided to give that talk, about arduino-copilot.
One might wonder why then, with those upgraded skills, I didn’t seize the opportunity to make a new website for GTG or other open-source projects that could benefit from fancier marketing.
The short answer is, even if my tooling and technique have improved, it’s still a metric crapton of work. It might seem easy (“Use Hugo!”, “Just slap a couple of pages together!”, etc.) but there’s much more to building a website than just the technical design and coding (or integration) aspects. This article provides you with an idea of the amount of time it takes to plan, write, design and build a “reasonably simple” website with a dozen pages or so.
I’ve been working on some linting projects at $work and one thing I’m working on is finding unused variables in our codebase. This can be pretty important in a larger codebase. When you find variables which have not been used, you may find yourself asking, “why is this here?” and you may not easily get an answer. Eliminating unused variables can be good for the performance of the code, but also good for everyone else on your team. So, we want to make sure we can remove old bits of unused code and also prevent new cases.
One tool we have used for this is Test::Vars. It has some limitations (like it needs to be in a file with a package declaration) and it has some bugs, but it does find some unused variables as well.
While Star Trek’s transporter is hard to imagine — perfect matter movement across vast distances with no equipment on one end — it may not be the most far-fetched piece of tech on the Enterprise. While there are several contenders, I strongly suspect the universal translator is the most unlikely MacGuffin. After all, how would you decipher a totally unknown language in real-time? Of course, no one wants to watch 30 episodes of TV about how we finally figured out what Klingons call clouds, so pretty much every science fiction movie has some hand-waving explanation for speaking the viewer’s language. Farscape had microbes, some aliens have telepathy that works with alien brains of any kind, and still others study English from afar for decades off camera. Babelfish anyone?
Most of us probably have some vivid memories of high school or college chemistry lab, where the principles of the science were demonstrated, and where we all got at least a little practice in experimental methods. Measuring, diluting, precipitating, titrating, all generally conducted under safe conditions using stuff that wasn’t likely to blow up or burn.
But dropwise additions and reaction volumes measured in milliliters are not the stuff upon which to build a global economy that feeds, clothes, and provides for eight billion people. For chemistry to go beyond the lab, it needs to be scaled up, often to a point that’s hard to conceptualize. Big chemistry and big engineering go hand in hand, delivering processes that transform the simplest, most abundant substances into the things that, for better or worse, make life possible.
To get a better idea of how big chemistry does that, we’re going to take a look at one simple molecule that we’ve probably all used at one time or another: the common artificial flavoring wintergreen. It’s an innocuous ingredient in a wide range of foods and medicines, but the infrastructure required to make it and all its precursors is a snapshot of just how important big chemistry really is.
We have to confess that we occasionally send friends a link to “let me Google that for you” when they ask us something that they could have easily found online. Naturally, if someone asked us how big the moon is, we’d ask Google or another search engine. But not [Prof Matt Strassler]. He’d tell you to figure it out yourself and he would then show you how to do it.
This isn’t a new question. People have been wondering about the moon since the dawn of human civilization. The ancient Greeks not only asked the question, but they worked out a pretty good answer. They knew approximately how big the Earth was and they knew the moon was far away because it is seen over a very wide area. They also knew the sun was even further away because the moon sometimes blocks the sun’s light in an eclipse. Using complex geometry and proto-trigonometry they were able to work out an approximate size of the moon. [Matt’s] method is similar but easier and relies on the moon occluding distant stars and planets.
[Matt] explains that a distant sphere illuminated by a distant light source will cast a shadow on a plane about the size of the sphere. What’s more, is that anyone on the plane in the shadow who can’t see the light source must be in the shadow, which allows you to measure the shadow, and that gives an approximation of the sphere’s size. For this to work, the light source needs to be at least ten times further away from the plane than the sphere is. The further away the light source is, the lower the error in the final number.
Of course, it is no secret that light can exert pressure. That’s how solar sails work and some scientists have used it to work with aerosols and the like. But this appears to be the first time light lifted a large item against gravity. The team claims that their tests showed that a sunlight-powered flying vehicle might carry up to ten milligrams of payload. That doesn’t sound like much, but it’s impressive and the paper mentions that since the lift is not from aerodynamic forces, there might be applications in flying at very high altitudes.
We’re all used to personal computers as the norm, be they mobile, laptop, or desktop. But of course, in the early days, computers were large single-purpose machines used to crunch even bigger numbers. Go back even further in time, and the computers are humans operating fancy electromechanical calculators at high speeds, or, simply using pencils or chalk.
Before the personal computer arrived, people had to share time on mainframe machines to do their computing. Imagine having to go down to the library every time you wanted to look something up on the Internet. Wouldn’t you much rather do it at home on your own machine? Of course you would.
Coin cells are useful things that allow us to run small electronic devices off a tiny power source. However, they don’t have a lot of capacity, and they can run out pretty quickly if you’re hitting them hard when developing a project. Thankfully, [bobricius] has just the tool to help.
The device is simple – it’s a PCB sized just so to fit into a slot for a CR2016 or CR2032 coin cell. The standard board fits a CR2016 slot thanks to the thickness of the PCB, and a shim PCB can be used to allow the device to be used in a CR2032-sized slot instead.
Whether it’s an engine swap in an old car or pulling a hard drive out of an old computer, we often find ourselves transplanting bits from one piece of hardware to another. [Emily Velasco] recently attempted this with a pair of CRTs, and came away with great success.
The donor was an old 1980s fishing sounder, which came complete with a rather fetching monochrome amber CRT display. [Emily]’s goal was to transplant this into the body of a early 2000s portable television. The displays were of a similar size and shape, though the Toshiba CRT from the 80s used a lot more glass in its construction.
The tube socket in the TV used to hook up the display matched the old CRT perfectly, so there were no hassles there. A bit of soldering was all that was needed to hook up the yoke, and [Emily] was ready to test. Amazingly, it powered up cleanly, displaying rolling amber static as you’d expect, given that analog television stations have been off the air for some time now.
Who can say ‘no’ to a free TV, even if it’s broken? This was the situation [Andrew Menadue] ended up in last year when he was offered an LG 39LE4900 LCD TV. As [Andrew] describes in the blog post along with videos (see first part embedded after the break), this particular television had been taken to a television repair shop previously after the HDMI inputs stopped working, but due to a lack of replacement parts the owner had to make due with the analog inputs still working. That is, until those stopped working as well.
The nice thing about these TVs is that they are very modular inside, as [Andrew] also discovered to his delight. In addition to the LG controller board, an inverter board and the power supply board, this TV also contained a TCON PCB. After some initial unsuccessful swapping of the parts with EBay replacements, nothing was (surprisingly) working, but it did turn out that the TCON and inverter boards are made and sold by AUO (major Taiwanese display manufacturer), along with the display itself.
Depending on what you build, you may or may not run into a lot of inductors. If you need small value coils, it is easy to make good-looking coils, and [JohnAudioTech] shows you how. Of course, doing the winding itself isn’t that hard, but you do need to know how to estimate the number of turns you need and how to validate the coil by measurement.
[John] uses a variety of techniques to estimate and measure his coils ranging from math to using an oscilloscope. He even uses an old-fashioned nomogram from a Radio Shack databook circa 1972.
In fact, we get the idea that [John] really misses Radio Shack. In addition to the book, we noted guest appearances from a Radio Shack calculator and a caliper. We were a bit surprised that he didn’t use a Radio Shack pen as a coil form.
Doorbells are among those everyday objects that started out simple but picked up an immense amount of complexity over the years. What began as a mechanism to bang two pieces of metal together evolved into all kinds of wired and wireless electric bells, finally culminating in today’s smart doorbells that beam a live video feed to their owners even if they’re half a world away.
But sometimes, less is more. [Low tech obsession] built a doorbell out of spare components that doesn’t require Internet connectivity or even a power supply. But it’s not a purely mechanical device either: the visitor turns a knob mounted on a stepper motor, generating pulses of alternating current. These pulses are then fed into the voice coil of an old hard drive, causing its arm to vibrate and strike a bell, mounted where the platters used to be.
It's not entirely clear right now how the malware is dropped onto victims' machines and run, though in one case, said ESET, an organization's Active Directory server was probably compromised to distribute the wiper through the network via a group policy object.
Pangu Lab has identified what it claims is a sophisticated backdoor that was used by the NSA to subvert highly targeted Linux systems around the world for more than a decade.
The China-based computer-security outfit says it first spotted the backdoor code, or advanced persistent threat (APT), in 2013 when conducting a forensic investigation on a host in "a key domestic department" – presumably a Chinese company or government agency.
A team of researchers from China’s Pangu Lab on Wednesday published a 50-page report detailing a piece of Linux malware allegedly used against many targets by the threat actor known as the Equation Group, which has been linked to the U.S. National Security Agency (NSA).
It’s not uncommon for cybersecurity companies in the United States to publish reports detailing the tools and activities of threat actors linked to the Chinese government, and now a group of Chinese researchers have released a report detailing a piece of malware tied to the U.S. government.
Pangu Lab is a research project of Pangu Team, which is best known for its iPhone jailbreaks. An iOS exploit earned them $300,000 last year at a major Chinese hacking contest.
As Russia begins its invasion of Ukrainian territories and Western governments continue to warn about the potential or Russian cyberattacks in response to sanctions, U.S. and UK agencies have detailed what they claim is another malware tool used by Russian APT hacking group Sandworm.
The United Kingdom’s National Cyber Security Centre, CISA, the National Security Agency, and the Federal Bureau of Investigation have released a joint Cybersecurity Advisory (CSA) reporting that the malicious cyber actor known as Sandworm or Voodoo Bear is using new malware, referred to as Cyclops Blink. Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office routers and network-attached storage devices.
Security updates have been issued by Debian (expat), Fedora (php and vim), Mageia (cpanminus, expat, htmldoc, nodejs, polkit, util-linux, and varnish), Red Hat (389-ds-base, curl, kernel, kernel-rt, openldap, python-pillow, rpm, sysstat, and unbound), Scientific Linux (389-ds-base, kernel, openldap, and python-pillow), and Ubuntu (cyrus-sasl2, linux-oem-5.14, and php7.0).
Linux kernel support for the 32-bit ARM architecture was contributed in the late 90s, when there was little corporate involvement in Linux development, and most contributors were students or hobbyists, tinkering with development boards, often without much in the way of documentation.
Ard Biesheuvel writes about 32-bit Arm systems on the Google Security Blog, with a focus on why these processors are still in use and what is being done to increase their security at the kernel level.
Qualys Research Team discovered multiple vulnerabilities in the snap-confine function on Linux operating systems. The most important of which can be exploited to escalate privilege to gain root privileges.
Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu.
The Qualys Research Team confirmed the vulnerability. Then it engaged in responsible vulnerability disclosure and coordinated with both vendor and open-source distributions in announcing this newly discovered flaw.
Snap is a software packaging and deployment system used in Linux distributions. Its packages make it easy to install applications with all their dependencies included to run on all major Linux distributions.
Snap has become reasonably widespread in the Linux world with a number of major vendors distributing packages using it. While any exploit that can give root access is problematic, being a local exploit reduces the risk somewhat, noted Mike Parkin, engineer at Vulcan Cyber.
Public Knowledge has the pleasure of hosting a multifaceted program focused on training and developing the next generation of tech policy experts and public interest advocates that reflects the diversity of voices and experiences in our society.
Our monthly Career Breakfast Series is designed for students & recent graduates to learn about tech policy and public interest work, careers, and its community.
When I migrated my home connection to FTTP I kept the same 80M/20M profile I’d had on FTTC. I didn’t have a pressing need for faster, and I saved money because I was no longer paying for the phone line portion. I wanted more, but at the time I think the only option was for a 160M/30M profile instead and I didn’t need it and it wasn’t enough better to convince me.
Time passed and BT rolled out their GigE (really 900M) download option. And again, I didn’t need it, but I wanted it. My provider, Aquiss, initially didn’t offer this (I think they had up to 330M download options available by this point). So I stayed on 80M/20M. And the only time I really wanted it to be faster was when pushing off-site backups to rsync.net.
Of course, we’ve had the pandemic, and that’s involved 2 adults working from home with plenty of video calls throughout the day. The 80M/20M connection has proved rock solid for this, so again, I didn’t feel an upgrade was justified. We got a 4K capable TV last year and while the bandwidth usage for 4K streaming is noticeably higher, again the connection can handle it no problem.
Ancillary copyright is a huge threat to people’s ability to freely share information on the internet, and it’s currently a concern in the Journalism Competition & Preservation Act. Check out this infographic slideshow to see why it’s a problem and what we can do to stop it. Then, read PublicKnowledge.org/JCPACopyright for a deeper look.