The Launch is System76's first mechanical keyboard, but it could be the last keyboard you need. With hot-swappable mechanical switches, legends that won't fade, a durable build, and a pair of detachable cables, this tenkeyless board can evolve with you.
It's also open source—from its chassis to its PCB and firmware—allowing for deeper tinkering. There are even some extra keycaps for when you want a new look. And in true System76 style, the board favors Linux users.
At $285, though, the Launch is a big investment, and many won't like how hard it is to press the keys. The clicky mechanical switches are so tactile that they'll tire some fingers out.
With Windows all keyboards are compatible but most are with Mac as well. If we talk about Linux/Unix then there are few which are compatible with it in which some functions might not work at all or work partially. These are mostly for Ubuntu, CentOS, Debian and even Kali Linux. We have tested the 6 best Mechanical and Programmable Keyboards available for Linux that are suitable for gaming and programming, with typing in mind.
[...]
Linux is the second most popular OS after Windows. There is a very large community that prefers it and uses it as their primary operating system. This is why we have put together a list of the 6 best Linux mechanical and programmable keyboards that are both great for gaming, developers and programmers. We have written this with compatibility in mind so there are wired and wireless choices available.
Cloud computing is here and it's here to stay but that shouldn't extend into the portable device space but canonical and vodafone think otherwise in a partnership to bring cloud smartphones
In this video, I am going to show an overview of Archman 2022.03 and some of the applications pre-installed.
In this video, we are looking at how to install Natron on Zorin OS 16.
I'm announcing the release of the 5.16.13 kernel.
All users of the 5.16 kernel series must upgrade.
The updated 5.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
thanks,
greg k-h
The PipeWire project has made major strides over the past few years, bringing shiny new features, and paving the way for new possibilities in the Linux multimedia scene. With 2021 seeing significant progress made on all fronts, let's take a moment to look back at what was accomplished, and what lies ahead for 2022.
Last year began with busywork on the Bluetooth€® front, with amazing volunteers testing and fixing things on PipeWire's Bluetooth€® plugin. Throughout the year, the plugin evolved to become perhaps one of the best - if not the best - open source Bluetooth€® audio stack implementations that I am aware of. Based on an extensible plugin architecture, Pipewire already supports all current audio profiles and codecs. It is also future proof, enabling it to be integrated with other stacks like ofono. It's a solid base for any Bluetooth€® audio use case.
Then, in April, Fedora 34 became the first Linux distribution to ship PipeWire as its default audio service. While PipeWire was there before as a video transport service to enable screen sharing on Wayland, the addition of the audio layer by default exposed all of PipeWire's incredible capabilities to a broader audience. This led to a significant number of improvements that were made to fix issues and improve the experience of several users.
In the meantime, at Collabora, we have been tirelessly working on getting WirePlumber ready to become the default session manager for PipeWire. With the 0.4.0 release that came out in June, WirePlumber introduced all those needed elements to achieve this goal. First and foremost, its Lua scripting engine made it possible to write most of the session management logic in a relatively simple scripting language. With the scripting engine available, it became so much easier for us to then sync all the policy logic with pipewire-media-session in order to replace PulseAudio. It also allowed us to maintain the embedded policy that Automotive Grade Linux uses with much more ease.
The Collabora blog looks at recent developments in the PipeWire media system and looks forward to what is yet to come
It’s called Relic of Life, and it’s totally free to download. Windows 10/11, Ubuntu, and Linux Flatpak versions are available on Basemark’s website. Relic of Life is meant for any device that utilizes ray-tracing and meets the system requirements (listed at the bottom of this article), including mobile devices to consoles, but if you’re grabbing the free version, you’ll most likely be doing so to test your PC gaming rig. Note that the free version requires you to be connected online and will automatically share your scores on Basemark’s Powerboard page — that’s the tradeoff for getting it at no cost.
In this tutorial, we will show you how to install Scrot on Ubuntu 20.04 LTS. For those of you who didn’t know, Scrot is an excellent command-line utility that allows users to take snapshots of the whole screen or a particular window. It supports multiple image formats (JPG, PNG, GIF, etc).
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Scrot screenshot tool on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Today we are looking at how to install SuperTux on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
In OpenStack's 2021 User Survey, the majority of respondents said they use Kubernetes as the container orchestration or Platform-as-a-Service (PaaS) tool to manage their OpenStack applications. Simply put, OpenStack and Kubernetes work together to benefit sysadmins, developers, and users alike.
It's one thing to say that users rely on these two technologies, but I wanted to know how. I've found several typical use cases.
In my previous article, I explained how to install and set up EGroupware on your own server. It also introduced the modules and external applications of the open source groupware solution. This article shows you how to take care of an existing installation and manage backups.
In this tutorial, we will show you how to install MySQL on CentOS 9 Stream. For those of you who didn’t know, MySQL is an open-source free relational database management system (RDBMS) released under GNU (General Public License). MySQL is used for data warehousing, e-commerce, and logging applications, but its more commonly used feature is a web database storage and management.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MySQL database on CentOS 9 Stream.
Jack Wallen shows you how to use this open-source ticketing system that can be a challenge to install.
Snort is a well-known open-source network intrusion detection and prevention system (IDS). Snort is very useful to monitor the package sent and received through a network interface. You can specify the network interface to monitor the traffic flow. Snort works on the basis of signature-based detection. Snort uses different types of rulesets to detect network intrusions such as community. Registered and subscription rules. Correctly installed and configured Snort can be very useful in detecting different kinds of attacks and threats like SMB probes, malware infections, compromised systems, etc. In this article, we will learn how to install and configure Snort on an Ubuntu 20.04 system.
In this tutorial, we will show you how to install Neovim on Ubuntu 20.04 LTS. For those of you who didn’t know, Neovim is a highly customizable, Vim-based text editor for Linux, as well as other platforms such as Microsoft Windows, and macOS. It is a hyperextensible text editor and seeks to maximize usability and extensibility, simplify maintenance and encourage contributions.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Neovim open-source code editor on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Vagrant is one of the useful automation software. It is a command line tool that is used by developers to build and manage their preferred virtual machines. It grants the developers a developing environment that works on many operating systems.
A hypervisor must be needed to provision virtual machines on top of it. In this article, we are going to install virtualbox to provide a hypervisor. We are going to install vagrant on Ubuntu 20.04 server.
Puppet is a centralized configuration management and automation tool. DevOps creates configuration management to deploy servers and applications, and all configuration for automation is stored on the central "Puppet Server". After that "Agent" nodes will pull a new configuration from the "Puppet Server" and apply the state as defined.
All connections between "Puppet Server" and "Agent" nodes are encrypted by default using SSL/TLS certificate. Puppet uses Domain Specific Language (DSL) to describe system configuration, and it's similar to Ruby syntax.
In this guide, you will install and configure the Puppet server and agent on the Debian 11 Bullseye. You'll install the Puppet server on the server hostname 'puppet-server' and the Puppet agent on the server with the hostname 'agent'. In the end, you'll be creating the first puppet manifests for installing the basic LEMP stack on the 'agent' node.
Using a monitoring tool gives you a great opportunity to increase the uptime and the reliability of your infrastructure. In fact, monitoring is essential for any organization. In my previous tutorial, I already mentioned the importance of monitoring and showed how to install Checkmk on a Linux server. Now, I am using a normal PC running on Windows 10 to run Checkmk in Docker and want to show you how you can run Checkmk on a normal computer. You do not need any monitoring or Linux experience. This tutorial is also suited for Windows users and gives you an easy introduction to the professional monitoring world.
This simple tutorial shows how to install the latest Sigil epub editor and keep it up-to-date in Ubuntu Linux via Flatpak package.
Since Sigil package in Ubuntu repositories is always old and no PPA now maintains the most recent packages, the Flatpak now can be the only easy way to get the epub editor in Debian/Ubuntu based Linux.
This is a short update to my previous guide on installing the Epic Games store on the Steam Deck using Proton, plus how to enable access to an SD Card.
My original guide was included in this article in a video, which has gone on to see a lot of people happy with it. It's now been used across PCGamer, Gamespot, CNET and no doubt others who decided to use it. CNET even ended up making their own video, which I had to poke them to actually credit me for — so that was fun (they now have).
Godot 3.4.3 was released less than 2 weeks ago, but a few significant regressions were found in that release, so we're fast-tracking the release of Godot 3.4.4 to solve those.
This Release Candidate adds a handful of fixes, including several regression fixes. Please make sure to test it on your projects and to report any issue, so that we can release 3.4.4 stable in the coming days.
Jump to the Downloads section.
As usual, you can try it live with the online version of the Godot editor updated for this release.
We're continuing on our fortnightly release schedule for alpha snapshots of Godot 4.0 - this time with 4.0 alpha 4. See past alpha releases for details (alpha 1, alpha 2, alpha 3).
Be aware that during the alpha stage the engine is still not feature-complete or stable. There will likely be breaking changes between this release and the first beta release. Only the beta will mark the so-called "feature freeze".
As such, we do not recommend porting existing projects to this and other upcoming alpha releases unless you are prepared to do it again to fix future incompatibilities. However, if you can port some existing projects and demos to the new version, that may provide a lot of useful information about critical issues still left to fix.
Most importantly: Make backups before opening any existing project in Godot 4.0 alpha builds. There is no easy way back once a project has been (partially) converted.
This year our project once again was accepted to the Google Summer of Code program.
In previous years, Google only allowed students to participate. This year, however, both students and non-students are welcome to join us and hack together. There are now two sets of tasks, for 175 hours and for 350 hours. Some of our tasks could be either of the two.
ScummVM is looking for applicants! A list of suggested projects can be found on this page, but we’re open to your own ideas too. Please make sure you provide the required information in your application before submitting.
It’s been just a few days and we have (almost) reached 1100 games working on the Steam Deck – the real number if 1099 at the time of writing but give it a few hours and we will cross the 1100 mark for sure.
Between 2022-03-01 and 2022-03-08 there were 29 New Steam games released with Native Linux clients. For reference, during the same time, there were 295 games released for Windows on Steam, so the Linux versions represent about 9.8 % of total released titles.
The Linux desktop Budgie 10.6 is out now, as the first release under the new Buddies Of Budgie organization and it's really looking good. This release brings a bunch of styling changes, as the team has been focusing a lot on the little things to make the experience smoother.
Are you a Sonic fan and love checking out fan games? What about a 3D game made with the Doom Legacy port of Doom? Sonic Robo Blast 2 is a quality addition to the collection that's quite unique. It's not just another 2D platformer like the classics, instead attempts to be a full 3D recreation.
You control movement with WASD and spacebar to jump, with camera being moved with either mouse or arrows. It's genuinely good and available free. As someone who grew up with Sonic, I appreciate this. Hopefully you will enjoy it too.
Tiling desktops are graphical environments in which windows open in a grid. They appeared early in Linux’s history and have always had a few followers, especially among developers. However, for the last two decades, tiling desktops were often ignored in the efforts to mimic Windows and macOS and to improve usability. However, in the last few years, tiling desktops have become more popular, most likely because modern computing power means that more users are working with more windows open. Today, users can choose from a variety of tiling desktops: Some have been around for years, and others are more recent.
The idea behind tiling desktops is to reduce clutter on the desktop and make windows easier to find. By contrast, the standard or stacking desktop becomes less orderly with each open window. Most stacking desktops open windows in the upper left corner or some other default location. As users search through windows, the unwanted ones tend to be dragged aside, destroying what little order existed. In fact, the clutter is so great that many stacking desktops have a Show Desktop icon or widget. Others, like Ubuntu’s discarded Unity desktop, encourage users to open only one window at a time. Tiling desktops, on the other hand, arrange windows in a grid, making them easy to find. Should the windows become too numerous and too small for comfortable browsing, users can use virtual workspaces to add another grid. You can remove windows from the grid to increase their size and temporarily stack them on top of the grid. Another advantage of tiling desktops is that they can be easily navigated from the keyboard, although many also support a mouse.
GNOME 42, currently in beta, will be released on March 23, 2022. Fedora 36 and Ubuntu 22.04 will include this release of the popular Linux desktop environment. We spin it up and see what’s new.
GNOME 40 brought a new workflow with horizontal theming and layouts. GNOME 41 built upon this new foundation by introducing the libadwaita shared library. This library provides the GNOME theming engine. It’s the software layer that gives GNOME the ability to use themes.
The toolkit used to develop the GNOME desktop and native GNOME programs is called GTK. At one time it was an initialism that stood for GIMP ToolKit, but now the name is simply GTK. Well-behaved GTK applications that follow the GNOME human interface guidelines will reference libadwaita for stylesheets and other theme-centric information.
GNOME 42 is released in a few weeks. I figured I’d whet your appetite by serving up a tasty sneak peek at the new features and key changes the update is set to bring.
And boy is there plenty to talk about!
GNOME 40 set a new direction for the course of free software’s most widely used desktop environment, a direction that GNOME 42 very much follows.
With the horizontal desktop layout now in place developers turned their attention to upgrading other parts of the desktop stack. GNOME 42 features a plethora of GTK4/libawaita app ports, intros a retooled screenshot experience, and makes several notable performance upticks.
GNOME 42‘s new Console and Text Editor apps are available to install in Ubuntu 22.04 LTS.
Don’t get too excited by that sentence, mind. Neither Console nor Text Editor have bagged themselves a spot on Ubuntu’s (increasingly engorged) .iso. But both tools are, along with a bevvy of other GTK4/libadwaita ports, available in the Ubuntu 22.04 repo.
All you have to do to try them out is run sudo apt install gnome-console gnome-text-editor (or take the scenic route by way of the Ubuntu Software app) and you’re away.
But are they actually any good?
Well, yes — but you have to keep in mind they aren’t designed to be power-user replacements.
Red Hat, the Raleigh-based open-source software company, said Tuesday it is halting all sales and services to companies in Russia and Belarus — a response to the Russian invasion of Ukraine that has put Red Hat employees in harm’s way.
I've heard from many of you in response to last week's announcement regarding the war in Ukraine, and I appreciate your feedback. First, let me be very clear -- we have suspended all business in Russia. In addition, I want to give you an update on a few of the efforts underway to support our colleagues in the region. IBMers' support for Ukrainian refugees in neighboring countries is truly inspiring. For example, a newly developed and deployed IBMer Resource Finder Map connects Ukrainian IBMers and IBM contractors fleeing their country with IBM colleagues in the immediate CEE region who can offer assistance, including lodging, transportation, food and supplies, for them and their families. It is heartening to see that hundreds of CEE employees have already signed on as volunteers in less than 24 hours.
Red Hat, the Raleigh-based open-source software company, said Tuesday it is halting all sales and services to companies in Russia and Belarus -- a response to the Russian invasion of Ukraine that has put Red Hat employees in harm's way.
The wave of companies cutting ties to the Russian government and companies now includes two top Linux and open-source powers: Red Hat and SUSE.
SUSE moved first. SUSE CEO Melissa Di Donato watched with deep despair at Russia's unwarranted invasion of Ukraine. On March 7th, Di Donato decided that SUSE would support humanitarian efforts to help refugees and victims of war. This is an especially challenging time for SUSE since many SUSE employees have Ukrainian family members.
Now, SUSE is "evaluating all of our business relationships in Russia and has suspended all direct sales in Russia." SUSE is also "observing all economic sanctions" and ready to comply with any additional sanctions.
In the meantime, in the States, Paul Cormier, Red Hat's president and CEO, went further. For Red Hat, with employees in both Ukraine and Russia, this wasn't easy.
In Red Hat Satellite 6.10, we introduced a new feature that enables the bulk conversion of multiple hosts to Red Hat Enterprise Linux (RHEL) using the Convert2RHEL utility. In this post, I will walk through the individual steps required to convert a CentOS Linux 7.9 host to Red Hat Enterprise Linux 7.9.
Automatic upgrades are available from Tails 4.19 or later to 4.28.
Geniatech’s 96Boards CE Extended form-factor “Ahaura” and “Akitio” SBCs run Linux on Renesas’ 1.2GHz, dual -A55 RZ/G2L and NPU-equipped RZ/V2L variant, respectively, and offer up to 8GB RAM and 128GB eMMC, 2x GbE, 3x USB, HDMI, and 4G LTE.
In Jan. 2021, Renesas announced a low-power RZ/G2L SoC for IoT, and later in the year introduced a pin-compatible and similarly Linux-driven, Cortex-A55 based RZ/V2L variant with a 1-TOPS NPU. Geniatech has now posted a product page for two almost identical 96Boards CE Extended SBCs that feature the SoCs: the Ahaura RS-G2L100 and Akitio RS-V2L100.
Geniatech “AHAURA” RS-G2L100 / “AKITIO” RS-V2L100 is a 96boards CE Extended v2.0-compliant development board based on respectively Renesas RZ/G2L and RZ/V2L Cortex-A55/M33 AI processor and coupled with a Renesas LTE Cat M1 modem.
Both RZ/G2L and RZ/V2L processors are basically the same, but the latter adds the “DRP-AI” (dynamically reconfigurable processor) AI accelerator for computer vision applications. The board also comes with up to 4GB RAM, two Gigabit Ethernet ports, a wireless WiFi and Bluetooth module, as well as Full HD HDMI video output, plus some USB ports, and the usual low-speed and high-speed expansion connectors from the 96Boards standard.
We’re proud to announce a new addition to the Arduino ecosystem, the Nicla Vision.
This is a brand new, ready-to-use, 2MP standalone camera that lets you analyze and process images on the edge for advanced machine vision and edge computing applications.
Now you can add image detection, facial recognition, automated optical inspection, vehicle plate reading, gesture recognition and more to your projects. Nicla Vision has a powerful dual processor and is packed with features that make an infinite number of applications possible in building and industrial automation, safety and security, and prototyping. Everything from business-savvy predictive maintenance (by detecting and analyzing surface wear, for example) to user-friendly smart kiosks that anyone can explore via intuitive gestures. All true to Nicla’s mission to provide a new range of easy-to-use, cost-effective and accessible tools to advanced users and enthusiasts alike.
DataStax has released a new open-source Kubernetes operator for Cassandra, the wide-column store distributed database about to work across multiple clusters for the first time.
K8ssandra is DataStax's open-source distribution of Apache Cassandra which is designed specifically for Kubernetes and supports stateful workloads. Released today, the update also supports multiple clusters.
The idea, DataStax says, is to allow users to deploy Cassandra-based applications that require high availability on Kubernetes, across multiple regions.
CrowdSec is a next-gen security tool. It’s open source and free. It locally blocks attacks based on both behavior and crowd-generated block lists, then calls on its community of sysadmins, devops & secops professionals to share back IPs detected as aggressive with other members of the CrowdSec community. It runs seamlessly on virtual machines, bare-metal servers, and containers, or it can be called directly from code via API. CrowdSec’s philosophy, culture and values mirror that of the Open Source Initiative, believing that if cybercriminals are collaborating to attack, then collaboration is also the best defense.
[...]
Having an open source approach brings us visibility, virality, new recruits, trust from our peers, and so much more. Scaling a network effect in cybersecurity with a tool like CrowdSec would just be impossible without open source. So for us, it’s natural to commit to giving back to the community, helping other projects, and supporting open source as broadly as we can.
By sponsoring the OSI, we want to advance its mission to protect open source software, boost development, and build bridges among various open source communities so they can organize open source cooperation. There are so many projects that are created and maintained on goodwill and spare time by great professionals who often are not paid or even recognized for what they do. OSI is an organization that works to protect those projects and those collaborators. There are many companies out there benefitting from open source that don’t give back. At CrowdSec we know that because of our involvement with OSI, even if we fail as a company, our good work will live on.
Version 98.0 of the Firefox browser is out. The big change this time is a new "optimized download flow" that is alleged to make the process of downloading files go much more smoothly. There are also some significant security fixes in this release.
Mozilla releases Firefox 98, a new major version of the browser. The most notable change is the new optimized download flow.
Firefox’s typical release period is four weeks (excluding urgent patch updates), which means a new version of Firefox is released every month. Following this release cycle, Firefox 98 is the third major browser update in 2022. Let’s cover some of the notable changes in this new version.
The Free Software Foundation (FSF), a Massachusetts 501(c)(3) charity with a worldwide mission to protect computer user freedom, seeks a motivated and talented Boston-based individual to be our full-time program manager.
Reporting to the executive director, the program manager co-leads our campaigns team. This position develops and promotes longer-term resources and advocacy programs related to increasing the use of free software and expanding and advancing the free software movement. The program manager plays a key role in external communications, fundraising, member engagement, and special events.
GNU Health 4.0.1 patchset has been released !
I've been working off and on mostly on squashing bugs and making these projects more robust. There were (and still are) a number of rough edges to smooth over. Things like making sure that the window and tab titles generally always match what is going on, giving the user more visual feedback about what is going on, and reporting errors. Ive added a spinner to the tab labels in Eva, which spins to indicate that a page is currently being loaded. No we set the title to "bookmarks" when viewing bookmark pages. And now when a page fails to load you get an error page instead, indicating the error.
PyFlow is an interactive Python development tool structured in open source graphs.
With PyFlow you can create code blocks in which you can edit and run Python code, you can move and resize blocks in an infinite 2D plane. Just link the blocks to highlight dependencies, Pyflow will automatically run your blocks in the correct order.
GNU grep is a great utility but it can only report a search target's line number. Suppose I search for the string "64" in this tab-separated "demo" table with grep's "-n" option...
The Rust Security Response WG was notified that the regex crate did not properly limit the complexity of the regular expressions (regex) it parses. An attacker could use this security issue to perform a denial of service, by sending a specially crafted regex to a service accepting untrusted regexes. No known vulnerability is present when parsing untrusted input with trusted regexes.
This issue has been assigned CVE-2022-24713. The severity of this vulnerability is "high" when the regex crate is used to parse untrusted regexes. Other uses of the regex crate are not affected by this vulnerability.
The Simple Network Management Protocol (SNMP) has been an integral part of monitoring network environments since its introduction in 1988. It has established itself as the de facto standard in network monitoring. Many manufacturers support the protocol and have implemented an SNMP agent on their network devices. These agents allow monitoring solutions to query various data, such as bandwidth, CPU load, network interfaces, etc., without installing an additional agent on network equipment.
Especially with the increasing number of devices on a network, a simple and established method such as SNMP sounds like a great help to include components in monitoring quickly. Unfortunately, SNMP has a few flaws. The first part of this article will explain how SNMP works, while the second part will drill deeper into the issues with SNMP and how to deal with them.
The protocol offers two methods to retrieve data from devices: polling and traps. With SNMP polling, a monitoring solution queries the data at user-specified time intervals from the SNMP agent. This active polling is used for status-based monitoring and is generally the recommended method. However, the disadvantage of SNMP polling is that the administrator does not notice if an event occurs between two queries, such as a brief change in the network interface status.
SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The affected product uses hard-coded credentials for its UltraVNC installation.
CISA has released an Industrial Controls Systems Advisory (ICSA), detailing vulnerabilities in PTC Axeda agent and Axeda Desktop Server. Successful exploitation of these vulnerabilities—collectively known as “Access:7”—could result in full system access, remote code execution, read/change configuration, file system read access, log information access, or a denial-of-service condition.
The Federal Bureau of Investigation (FBI) has releasedââ¬Â¯a Flash reportââ¬Â¯detailing indicators of compromise (IOCs) associated with ransomware attacks by RagnarLocker, a group of a ransomware actors targeting critical infrastructure sectors.
The DENT Project, an open source network operating system utilizing the Linux Kernel, Switchdev, and other Linux based projects, today announced DENT 2.0 is available for immediate download. The "Beeblebrox" release adds key features utilized by distributed enterprises in retail and remote facilities, providing a secure and scalable Linux-based Network Operating System (NOS) for disaggregated switches adaptable to edge deployment. DENT provides a smaller, more lightweight NOS for use at the small, remote edges of enterprise networks.
FINOS, the Fintech Open Source Foundation and financial sector arm of the Linux Foundation, and The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced its partnership with Fintech Week London. Their annual event, Open Source in Finance Forum (OSFF), will take place in London on 13 July, during Fintech Week London, which will run from 11 – 14 July.
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.
Free and open source software (FOSS) is a foundation of the modern global economy, and ensuring the security of FOSS is vital the future of nearly all industries, according to the recent Census II report investigating the use of open source.
Understanding the overall health, value, and security of FOSS is difficult “because it is produced in a decentralized and distributed manner. This distributed development approach makes it unclear how much FOSS, and precisely what FOSS projects, are most widely used,” the report states.
Apparently, the vulnerability in the Linux kernel has been around since version 5.8, which was released in August 2020. It’s tracked as CVE-2022-0847. It allows overwriting data in arbitrary read-only files, which means attackers can escalate privileges, giving them access they shouldn’t have. Once privileges are escalated, they can do all sorts of things on a system.
Creating an SSH key is just one of many actions an attacker can take when exploiting the vulnerability. One can hijack a SUID binary to create a root shell, and another can allow untrusted users to overwrite data in read-only files. These are severe attacks that could do all sorts of damage to a system.
“It’s about as severe as it gets for a local kernel vulnerability,” Brad Spengler, president of Open Source Security, wrote in an email to Ars Technica. “Just like Dirty Cow, there’s essentially no way to mitigate it, and it involves core Linux kernel functionality.”
A serious vulnerability has been found in recent builds of the Linux kernel, allowing any local user to gain root access on an unpatched device… which could include a number of Android phones running Linux kernel 5.8 or later.
We all know internet shutdowns violate human rights and destroy people’s lives and livelihoods. For women around the world, they also take away crucial opportunities and exacerbate the inequality and injustice they already suffer. As we mark International Women’s Day today, it’s clear activists are making strides in bridging gender inequalities and securing women’s voting rights, freedom of movement, reproductive rights, and freedom from gender-based violence and workplace discrimination. But we need far more progress to attain a world where people are truly equal. The use of internet and communications technology can help bridge these gaps, or deepen them. We witness this every time a government shuts down the internet.
